Real-Time configuration change Detection in Network devices

Unauthorized configuration changes wreak havoc on business continuity and this is why detecting and tracking changes becomes a crucial task for network admins. Although changes can be tracked manually, it tends to be time - consuming and often leads to missing out configurations of critical network devices while tracking. 
To resolve this,  Network Configuration Manager offers real-time configuration change detection. Using Real-Time change detection, the admin can track and detect changes in real-time which helps him gain complete control over all the devices in his networking environment.

How real-time change detection works

Real-time change detection can be carried out by enabling change detection in network devices. Here is how real-time change detection works in Network Configuration Manager:

  • When an admin, operator or user logs in and out of a network device, the device generates a syslog message.
  • These syslog messages will be sent to the built-in syslog server in NCM which looks out for the 'log out' message.
  • Upon receiving a log out message, NCM triggers the configuration backup of that network device. This is because whenever someone logs out of a device, there is a possibility that person has made a change in the config file of that device.
  • This backed up configuration file is then compared to the latest configuration version of that device in NCM and is checked for any new changes.
  • If any change is detected, the backed up configuration file is encrypted and stored in NCM's database.
  • If no change is detected, the backed up file is discarded.

Real-time change notifications for Network devices

While managing configurations, it is not physically possible for the administrator to check every configuration to see if a change is made. In that case, when an undesirable change is made to devices, he will not receive a notification on that change. To make it easier for the users Network Configuration Manager provides an option to receive notifications in real-time via: 
 
Email : Here, you can specify the recipient's mail ID to which you want the notifications to be sent. You can provide more than one email address along with the subject and content of the notification. This will help you identify the notifications based on the subject line real quick.
 
SNMP traps : You can provide the Hostname/IP address of the devices you want the notifications for and enable SNMP traps for those devices. When any change is made i those devices, SNMP alerts will be sent immediately.
 
Syslog messages: Here, you can provide the IP addresses of network devices to receive notifications. When a change is made in those devices, the syslog server triggers syslog messages.
 
Trouble tickets: Network Configuration Manager sends notifications in the form of trouble tickets to the operator in charge of a particular device or a device group
 
In vulnerable devices such as core routers or firewalls, you can roll back to a previous version or the baseline version if you detect undesirable changes.
 

Change Management-Email notification

Change Management-SNMP Trap

Change Management-Syslog message notification

Change Management-Trouble ticket

 
 

Benefits of Real-Time change detection in network configurations

Proactive Change Management: Real-time change detection helps the administrator detect changes immediately. It also gives a detailed report about who made the change, whether it's an authorized change or not and what exactly the change was. This helps the admin gain a better visibility into his network and helps him manage the network efficiently.
 
Revert unwanted changes: Real-time change tracking gives the administration the leverage to revert unwanted changes in critical devices before it affects the functioning of that network device. As soon as a change is detected, the admin can right away decide if the change is necessary or not. This helps to avoid the occurence of a possible network outage and reduces down-time in network devices.
 
Color-coded change differentiation: When a change is detected, the admin can view what the changes are using the diff-view. Using diff view, the administrator can view the configuration lines which are deleted, added and modified with color variation. This helps the admin to identify the changes in huge configuration files quickly.
 
Reports on configuration changes: Configuration change reports assists the admin in auditing changes in a better way by providing date, time and other details of a change. 
You can apply filters and view reports on a particular device or a device group. For example: If you want to view changes made in a cisco device group, you can apply filters and view the change report on cisco devices alone. Network Configuration Manager also enables users to export reports in a PDF format thereby enabling users to analyze reports during their convenient time.
 

Change management

Colour coded changes-diff view

Report on configuration changes

 
 
 
Thus, real-time change detection simplifies configuration change management and helps users gain full control over their network devices.