Best practices for configuration change management

Nowadays, it has become practically impossible to handle the change management process manually. This is mainly because of the growing size and complexity of most network environments. What you need is a tool that supports automated change management for your network, but many network automation tools provide only a basic set of functions to work with. The limitations of these tools can cause them to become a bane to your organization, rather than a boon.

The right network automation tool needs to provide every advanced functionality and best practice pertaining to current trends in the network change management environment. These requirements include:

  1. Role-based access control
  2. Configuration change tracking
  3. Configuration versioning and labelling
  4. Side-by-side configuration comparison
  5. Automatic roll-back to versions

With these functionalities, you can manage any changes made to your network environment in the best way possible.

1. Role-based access control (RBAC)

When performing change management, both unauthorized changes and unnecessary changes can wreak havoc to your network environment and cause disasters.

For example, consider an organization that has quite a few operators and admins. If any of the operators make an unnecessary change to a configuration, then there's a possibility of the whole network infrastructure collapsing due to a faulty config change. In this scenario, the admins will have to take up the task of reviewing and approving each change, which would require RBAC to prevent operators from accessing change controls.

RBAC is a best practice for managing a network environment because it ensures that all the changes in the environment go through an approval process first.

2. Tracking changes in real time for quick resolution

Each change made in your network should be kept under constant eye to determine whether configurations are being effectively managed. However, it'd be too tedious to manually watch every device in a network environment to see whether any changes are made. Instead, you're better off using a real-time change detection feature to receive instant notifications whenever a change is made to any device in your network environment, even if you're not physically present.

Admins need live or real-time tracking in order to quickly identify the root causes of downtime, saving precious minutes during resolution.

3. Labelling of changed configuration versions

It is always important to label configurations of devices in your network environment so that you can easily differentiate between the latest version and the baseline version.

For example, because most users cannot remember every configuration to a device, they'll find it useful to set labels so they can quickly select and access particular configurations. Once labelled, identifying a device's baseline or running version becomes easy. This is especially useful for when unexpected downtime occurs because it means valuable time isn't spent searching for the appropriate version needed to bring the network back up.

4. Comparing versions of configurations for any minute changes

Checking every configuration line-by-line to see if any minute changes have been made is difficult enough, but once you start adding multiple devices it becomes practically impossible. That's why you need to be able to easily compare versions to know which lines are changed or added.

Whenever a configuration issue pops up, the unstable configuration can be compared side-by-side against a stable one to help you locate the issue. With this feature, you can always have a clear picture of the configuration changes happening on your network devices.

5. Rolling back to previous versions immediately after the current version becomes problematic

When it comes to network availability, there's some organizations where every second of uptime is precious. When unexpected downtime occurs, time can't be wasted checking configurations to determine which configuration is faulty. In these cases, organizations need to be able to instantly or automatically rollback to their previous version, especially if that configuration is applied in a huge network environment.

Network Configuration Manager: your all-in-one network automation tool

Network Configuration Manager is a multi-vendor network automation tool that is NCCM based. It is developed in such a way that it supports the latest functionalities and best practices.

Some of the best features of Network Configuration Manager include:

  1. Advanced backup of configurations
  2. Configuration change management
  3. Automation via Configlets
  4. Industry-grade compliance
  5. Firmware vulnerability management

Now, let us take a look at how configuration change management in Network Configuration Manager supports all the best practices mentioned above.

1. Role-based access control (RBAC)

Once an admin registers their authority in Network Configuration Manager, they can assign specific roles or scopes (such as operators and admins) and also assign specific devices to specific people in their network environment. Only the roles and devices assigned by admins will be accessible to operators. Any changes operators make to their assigned devices will trigger an immediate notification to be sent to the admin, prompting them to accept or reject the change. Once rejected or accepted, a notification is received by the operator immediately.

2. Real-time change notifications

With Network Configuration Manager's real-time change notification feature, you can receive alerts whenever any changes are made to configurations. Choose to receive notifications via email, SNMP trap, Syslog, or ticket.

3. Configuration version labelling

In Network Configuration Manager, you can label configurations according to your needs, as well as upload those labelled configurations. This helps you to quickly locate the baseline version or a stable current version. Additionally, you can create your own labels and associate them with configurations.

4. Comparisons with Diff View

Network Configuration Manager provides a feature called Diff View that lets you perform side-by-side comparison of two configurations (which can be two configurations of the same devices or two different devices). This feature comes in handy if a user wants to know about all the changes that were made recently to a device, letting them accept or revert those changes in minutes.

5. Automatic rollback

Network Configuration Manager has a built-in rollback feature, allowing you to rollback to a previous stable version or baseline version automatically. Whenever an undesirable change is detected, it automatically nullifies the change and rolls back to the previous stable version or baseline version (which ever you have chosen for it to default to).

Download Network Configuration Manager now and start enjoying our 30-day free trial.

To receive a personalized quote, click here.

For more information about all of its features, you can also explore our free online demo.