We began this series by describing network configuration management as “hours of boredom punctuated by moments of terror” -- meaning that manually configuring hundreds or even thousands of routers and switches can be sheer boredom. But make a single mistake and that boredom suddenly turns into frantic search to find out what went wrong! But what’s even potentially worse is having to own the mistake. Which brings us to the reasons for this series. You can turn disaster into opportunity by showing your peers how to avoid these all-to-common problems. Which is why we introduced five best practices and why discusses the first of these last week.
How Standardization Can Help
Today we’ll look at practice #2 which deals with standardizing your configurations. The reason why you want to standardize your configurations is because you want to improve uniformity which reduces potential error. To achieve this objective, here a three ideas you can start with.
The first recommendation looks at how you remotely access your devices and standardize those methods which include the device login information, communication protocol and IP service ports. By standardizing how you remotely access devices you can accomplish the following:
- Make sure all devices are accessed using a secure communication protocol
- Make sure all devices are not using vendor supplied ID’s and passwords and that all passwords are strong and conform to your security policy
- Make sure all account ID’s and passwords are synchronized and easily and routinely updated
The second and third recommendations calls for using script-based templates to standardize and automate complex configuration changes. Using templates is an excellent way to reduce error because you can spend time developing and testing the template and then consistently applying it to a number of network devices. You can use templates to perform routine tasks like changing VLAN memberships by port, configure device interfaces and enable a variety services like IPSLA, NetFlow and more. In addition to building a template, you can also schedule their execution to perform ongoing changes. By using templates you are able to improve configuration management in the following ways:
- Reduce hundreds of command statements into a single script that can be tested and consistently applied error-free to as many devices as required
- Perform repetitive tasks with consistency
To summarize, when you standardize your management of device configurations you introduce uniformity which is key when working with hundreds or thousands of devices and hundreds of unique configuration commands per device. This standardization will help drive down human error and result in more network up-time.
Next post, we will look at practice #3 which deals with ways to protect your device configurations from harmful changes. In the meantime, have you taken the opportunity to play with the interactive online NCM demo? Try it here. You can also download a 30-day trial that is fully-functional and start implementing these recommendations right now.
You can also find and read other posts in this 7-part series here