Network Configuration Manager provides an integrated solution for complete change and configuration management for devices from multiple hardware vendors. At present, Network Configuration Manager supports device models from more than 22 device vendors including Cisco, HP, Nortel, Juniper, Force10, 3Com, D-link, Foundry, Dell, Aruba, Extreme, ADTRAN, Enterasys, Huawei, Blue Coat, Proxim, NetScreen, NETGEAR, FortiNet, ALAXALA, Brocade, Radware, DAX, H3C, Yamaha, Vanguard, Allied Telesis
Device Configuration Management starts with the addition of your devices to the NCCM solution. Networks typically have hundreds, even thousands of devices. It would be a labor-intensive task to add each device manually. Network Configuration Manager provides discovery option to scan your network and automatically add SNMP-enabled devices in bulk in a single click. Discovery option enables you to deploy Network Configuration Manager in minutes thereby saving your valuable time.
Network Configuration Manager retrieves configurations from devices whenever there occurs a configuration change. Configurations are versioned and stored in the database making configuration management easier. Network Configuration Manager provides the option to quickly compare any two configuration versions of same device or different devices. The configuration difference is depicted side-by-side showing the changed lines in blue, added lines in green and deleted lines in red.
Network Configuration Manager stores device configurations in encrypted form in the PostgreSQL database bundled with the product ensuring security. Besides, there is also provision for SSH communication between Network Configuration Manager and devices. Network Configuration Manager serves as a secure, centralized repository of device configurations. Administrators/users get access to configurations based on their roles and access restrictions.
The list of devices added to Network Configuration Manager are presented in the form of an informative inventory in the GUI. In a single shot, you can view serial numbers, interface details, chassis details, port configurations, IP Addresses and hardware properties of the devices.
Network Configuration Manager offers provision for labeling trusted configuration version of each device as ‘Baseline version’ to enable administrators to rollback configurations to the baseline version in the event of a network outage. Baseline version can be considered as the best working configuration version.
Periodic backup of device configurations is one of the most basic requirements of administrators. When enterprises have large number of devices, administrators find it difficult to manually carry out the backup operation. Network Configuration Manager provides option for creating scheduled tasks to carry out various configuration operations such as configuration backup, upload, checking compliance etc.
Network Configuration Manager deals with the sensitive configuration files of devices and in a multi-member work environment, it becomes necessary to restrict access to sensitive information. Fine-grained access restrictions are critical for the secure usage of the product. Network Configuration Manager provides role-based access control to achieve this. Users with different roles having different levels of permissions can be created.
Uploading configuration changes to devices is an important task and requires due care and in-depth knowledge of configuration syntax. Faulty configuration changes could leave security holes. Hence, the security policy of many enterprises require certain types of changes carried out by certain levels of users to be reserved for review and approval by top administrators prior to the deployment of the changes. Network Configuration Manager has an in-built configuration approval mechanism.
Upgrading firmware, uploading/downloading of OS images are among the commonest operations performed by the administrators. Network Configuration Manager helps automate these tasks through the use of advanced script execution feature, which helps in executing a series of inter-connected commands on a device in command line. Apart from firmware upgrade, advanced scripts help in automating tasks such as configuring banner messages, resetting the passwords of devices etc.,All these tasks can be performed on demand or can be scheduled for execution automatically at any future point of time.
Unauthorized configuration changes often wreak havoc to the business continuity and hence detecting changes is a crucial task. Network Configuration Manager monitors the managed devices continuously and detects configuration changes on real-time by listening to the syslog messages generated by the devices. The real-time change detection enables you to have better control over your network.
Once a configuration change in a device is detected, it is important that alerts are sent to those responsible for change management. In case, there occurs a network problem, this will help in finding out if the change done caused the problem. Apart from receiving alerts, you can define rules to manage the changes automatically. For example, you can set a rule to rollback the changes to the previous version or to the baseline version.
When a network outage occurs due to a faulty configuration change, administrators give top priority to get the network up and running again at the quickest possible time. Administrators can rollback the configuration to the Baseline version in no time and get the network running.
With increasing security threats to mission-critical network resources and serious legal consequences of information mis-management, enterprises everywhere are required not just to follow standard practices, internal security policies, stringent Government regulations and industrial guidelines, but also demonstrate that the policies are enforced and network devices remain compliant to the policies defined. Network Configuration Manager helps administrators to define and enforce standards. Network Configuration Manager will scan the configuration for compliance to the rules/ policy defined and report violations. Reports on policy compliance and violations are generated.
Network Configuration Manager has provision for examining configurations for compliance on demand and automatically at regular intervals. Comprehensive compliance reports are generated. Detailed information on the devices that are compliant and the non-complaint are generated. In addition, in the case of violation, remediation tips are also provided.
Network Configuration Manager provides a high level of automation for all time-consuming and labor-intensive tasks. Quite often administrators wish to apply same set of changes to multiple devices – for example, applying a security patch. Network Configuration Manager provides templates & scripts to carry out these tasks.
Network Configuration Manager provides utilities and tools to execute various commands on the devices and display the output. For example, to view the Access Lists or VLANs of a device, administrators will have to just click a button in the GUI instead of manually connecting to the device in the command line interface.
In enterprises having a large number of devices, there will be requirements to do a quick search for a particular device in the inventory. Sometimes, the configuration database needs to be searched for specific words, strings, phrases or a combination of these in device configuration files. Network Configuration Manager comes with a powerful search mechanism to facilitate these.
However robust the application may be, there should always be provision for a reliable disaster recovery mechanism. Network Configuration Manager provides option for taking backup of entire database and also offers scripts to do a quich disaster recovery.
Enterprises generally rely on external identity stores such as Windows Active Directory or LDAP directory for maintaining user information and authentication. Network Configuration Manager can be easily integrated with the identity stores for importing users/user groups as such from them. Also, the authentication service provided by the external identity stores can be used, disabling the local authentication provided Network Configuration Manager. There is also provision for leveraging third-party authentication like RADIUS.
Network Configuration Manager provides the ‘Switch Port Mapper’ tool that helps network administrators identify the list of devices connected to each port of the managed switch. This eliminates the need for manually tracing the network cables.
All actions performed by the Network Configuration Manager users are properly recorded as audit trails. Information on ‘who’ changed ‘what’ and ‘when’ can be easily deciphered. This will ensure accountability for actions in the organization.
Network Configuration Manager presents the information on the entire network configuration management process in the enterprise in the form of comprehensive, informative reports. The status and summaries of different activities such as device configuration details, changes in configuration, network inventory, conflict between startup and running configuration, device audit details, user activity, policy compliance details etc are provided in easy-to-understand formats, assisting the network administrators to make well-informed decisions on device configuration.