Mr. Management: Slow Train to Config Management

Despite all the progress vendors have made in other areas of network management, such as fault and performance, configuration management hasn't progressed all that much in the last 10 years. For many IT managers, that's been reason enough to stick to buying a single vendor's equipment and attempt to use whatever proprietary management that vendor offers. But without a third party to turn to, we'd have little leverage to keep an infrastructure vendor from painting us into a single-company corner.

Reliability Matters

Leverage, though, is secondary. The lack of a single point from which to manage configuration means having to ensure manually network policies and the services that rely on them. This raises costs and reduces reliability--the real price of fractured configuration management.

It's ironic that network management application vendors have expended so much energy attempting to back into network topology to improve root-cause analysis. Their discovery algorithms search MIBs and protocols to determine how devices are connected, but if they could easily read the configuration of each device, the results would be much more reliable.

About StandardsThe command-line interface is the default standard for configuration, the preferred method for network operators and developers. It's ASCII, it's readable and it's scriptable. In a sideways move toward standardization, some vendors have touted how similar their CLIs are to Cisco's--practical, but hardly an improvement. After 10 minutes with an Extreme or Juniper CLI, it's clear that these two vendors are on the logic train, while those emulating Cisco's CLI are hoping for a free ride.

However, CLI syntax, even logical syntax, is more easily mastered when there are only limited variations. When I don't quite remember the right syntax to configure a device, asking colleagues will give me a response variance of 1.5 times the number of colleagues. The Cisco CLI train doesn't seem like such a bad ride from that perspective, does it?

There have been halfhearted attempts by Juniper and the IETF to standardize CLI and XML interfaces for configuration, but so far none has succeeded.

Hope for SNMP

The ubiquity and consistency of SNMP are the primary ingredients for improving performance and fault management. But weak security, and last year's SNMP exploits, have further raised the FUD factor.Still, there's hope: The SNMP Configuration Working Group has nearly completed its work to leverage SNMP as a configuration mechanism, which means there'd be a standardized way to configure VLANs across multiple vendors' equipment--a critical step toward making networks the utilities we want them to be.

It took network hardware and management vendors only 10 years from the time SNMP was ratified to create the current variety of performance- and fault-management products. Let's hope it won't be 2013 before I can write in these pages about the configuration-management product I just tested that successfully configured all my network equipment, including my Cisco 7400.

Post a comment or question on this story.

-- Bruce Boardman, [email protected]