SYNOPSIS

Network administrators are responsible for critical business infrastructure. Their time is often divided between maintaining existing services, monitoring operations, planning future deployments and addressing the all too common "unexpected" problems. One way for network managers to keep their focus on high value business operations is to automate critical operations such as configuration management. In The Essentials Series: Streamlining Configuration Management, readers will learn about the difficulties that arise when device configurations are inadequately managed, the need for automated discovery of network assets, and the benefits of policy driven, automated configuration management. Readers will also learn how automation can help achieve compliance, detect policy violations, and improve the time and cost of deploying new assets.

CHAPTER PREVIEWS

Article 1: Challenges to Configuration Management

Network administrators are responsible for critical business infrastructure. Their time is often divided between maintaining existing services, monitoring operations, planning future deployments, and addressing the all too common "unexpected" problems. One way for network managers to keep their focus on high-value business operations is to automate critical operations such as configuration management. Automation can help achieve compliance, detect policy violations, and improve the time and cost of deploying new assets.

Challenges to configuration management arise in large networks with complex architectures. In addition, business drivers that lead to infrastructure changes compound the difficulty of tracking configurations and ensuring they are up to date. Network and systems administrators must address these challenges through specific operations, such as discovering assets, patching and updating, and planning future use and redeployment.

Article 2: How Configuration Management Tools Address the Challenges of Configuration Management

Systems administrators live a varied life. One minute they might be troubleshooting a drive failure on a server, and the next they may be installing software on a desktop. Not all tasks on the systems administrator's "To Do" list are equally important nor do they all warrant the time that they may require. In that case, it's time to consider automation.

Configuration Management Lends Itself to Automation

Consider assessments that are not so easy to undertake, such as determining how to reallocate servers and how many new servers to acquire based on past and current utilization rates. Capacity planning tasks such as this require judgment informed by experience and knowledge about future plans-an ideal task to give to a systems administrator.

Configuration management, in contrast, is a set of tasks that lends itself to automation. The process involves executing relatively well-defined assessments and, based on those assessments, possibly altering the state of the configuration of a device. In this case, executing "well-defined assessments" entails evaluating a relatively small number of criteria (for example, What operating system-OS-is running? What versions of applications are installed? Did a vulnerability scan identify any serious issues?)

The first step in a configuration management process is to understand what assets you need to configure and maintain. If systems administrators had to manually visit every office to catalog every device and collect information about installed applications (down to minor version levels), they would be hard pressed to get other work done, at least not without augmenting the number of systems administrators on staff. Manually tracking assets is especially problematic in cases where there are frequent changes that warrant more frequent updates to the asset inventory. For most businesses that have grown beyond a small number of employees, the prospect of desk-side visits to collect information on assets is impractical. The tedious and inefficient manual process of tracking assets can be replaced by applications that can query OSs to collect information about a devices configuration or use multi-platform network management protocols to acquire other asset information.

Article 3: Improving Compliance While Managing Increasingly Complex Infrastructure

IT infrastructure is increasingly complex and dynamic. Physical characteristics of networks do not necessarily reflect the logical organization of network as it once did. There was a time when a set of servers would be physically on a subnet and could be managed as a logical unit, often dedicated to a single department. That subnet would house everything a department needed for its operations, from servers and desktops to storage arrays to tape backups. If you understood the physical layout of a network, you understood the logical design as well, which in turn meant you had a pretty good understanding of the business operations.

Network technology has developed to drive more efficiency out of infrastructure. This goal is partly accomplished by improving the speed at which operations happen thanks to advances like 10 gigabit Ethernet (10 GE). It's also the result of the removal of constraints on how we map physical organization to logical organization. For example, a department may be better served by creating a virtual local area network (VLAN) that uses resources located in multiple locations. Another example is virtualization. Both servers and storage can be virtualized to allow for more efficient use of infrastructure. The combination of improved device performance and the elimination of constraints on how we deploy and utilize hardware is fundamental to improvements in IT efficiency. This combination is also the root cause of so many administrative headaches.