Enterprise Network Management solutions tend to focus on monitoring devices, servers and applications for performance issues and faults. With today's expanding networks we need to "manage" as opposed to "monitor" your network.

These are different concepts, and the distinction is important. While monitoring is primarily concerned with the ongoing surveillance of the network for problems (think alarms that result in a service desk incident) – Network Management is the processes, procedures, and policies that govern access to devices and change of the devices.

NCCM which stands for Network Configuration and Change Management is the "third leg" of IT management solution which includes the traditional Performance and Fault Management. The role of NCCM is to ensure there are policies and procedures in place that ensure proper governance of what happens to all the devices on the network.

These are 5 key areas of NCCM that need to be addressed

1. Network Discovery - What do I have on my network?

large networks are constantly changing, keeping up with that change manually is all but impossible. An automated discovery engine is needed to discover all the network elements with the regarded IP and IT infrastructure, recording key hardware and software information including part numbers and serial numbers. Once discovered you need to understand the physical and logical relationships between the discovered elements

2. Do I even know when a change has been made to a device?

Automatic detection of changes to device configurations as they happen is critical. The latest configuration files should be stored and all previous configurations version should be historically versioned in a database regardless of how the change was made; e.g. console cable, telnet, ssh, http etc.

With every change recorded as it happens, the time taken to identify, analyse and rectify infrastructure configuration faults is greatly reduced as the operator is immediately given the answers to the key questions: who changed what, how and when?

Configuration files can be compared with historical versions to see what changes have occurred to a device over time, highlighting configuration items that were added, removed or altered.

3. Do I have accurate backups of all my critical device configurations?

Faulty configuration changes have been shown to account for around 75% of network outages, open security breaches and compliance failures. Relying on a manual process to manage your network configuration increases the risk of something going wrong.

So best practice is to always have a roll-back contingency. Before making any configuration changes making a copy of the current configuration is critical.

The importance of this process being managed correctly cannot be overlooked. Faulty configuration changes can cause network outages, security breaches and compliance failures.

4. Do all of my devices meet my corporate compliance policies?

Many organisations have internal configuration and security policies as well as external regulations and directives they have to adhere to. Using a manual processes it can take months to evaluate every device and to rectify any configuration issues. Of course, as soon as this manual process ends it has to restart!

The requirement for a flexible configuration policy engine allowing device configurations to be compared to a set of policies to identify devices that are in violation. As soon as configuration changes are detected they are immediately analysed for violations.

Configuration policies bring together a set of devices and applies a set of rules. These rules can be based on simple text strings to find items present or missing in configuration files; powerful configuration snippets with 'section' matching and regular expression searching; or advanced scripting languages.

Uniquely, the same rule can be created for different vendor hardware using the same identifier meaning an organisation can create a single corporate policy within Infosim StableNet® NCCM to reflect all hardware vendor equipment simplifying reports into a single view.

5. What am I doing about device lifecycle management?

End of Life or Service can introduce vulnerabilities to the network. End-of-Life and End-of-Service announcements are issued on a nearly daily basis and these announcements cover not only hardware platforms but also sub-components such as modules and software operating systems.

The solution should be have the ability to check against all these parts using the rich device information collected and can report accordingly allowing for financial and hardware refresh planning and risk assessment analysis.

By identifying devices that are no longer sold or covered by manufacturer service agreements or at the end of their operating life allows to plan for future replacements in line with corporate standards.

InfoSim StabeNet Is a comprehensive solution on a unified code for Configuration, Performance and Fault Management, using an ultra scalable architecture. It can give End-to-End awareness delivers automated dependencies, Root-Cause and delivers massive automation benefits. For NCCM can address these 5 issues

• Advanced discovery ensures every manageable device is in the inventory
• Perform full device backup including all configuration files
• Can detect changes even when made directly to a device via a console cable or remote console session such as Telnet
• Assists greatly with this regulatory requirement by automatically checking for compliance to the rules defined. Reports on policy compliance and violations are available out-of-the-box