Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Network Device Configuration Management Products: Page 9 of 27

Events displayed in SingleView are configurable, and all event types didn't have to be on, or even logged. We controlled notification and enabling of events from within the administrative menu. In fact, NA System can track users when they log on to a network device. Users can be denied access to a device through a proxy logon, a capability shared by all the products. NA System takes it a step further, parsing the user name from a syslog message and/or adding the user to the system automatically, thus at least attempting to ensure attribution of externally made configuration updates.

Policy management ideally lets IT maintain the state and security of network devices. NA System does both. By creating rules that we then applied to groups of devices, we ensured that rule compliance or violations were reported. And we could return to a previous configuration version if necessary.

In both NA System and DeviceAuthority, rules and the devices to which those rules apply are the basis for policies. Setting a policy was easier in NA System than in DeviceAuthority thanks to Opsware's rule-creation wizard, though the way DeviceAuthority separated the rules from the polices made rule reuse simpler.

NA System uses regular expressions to match configuration text in policy rules. For example, we wanted to check for consistent SNMP community strings. We reviewed each SNMP configuration for public strings as well as our desired string.

Reporting in NA System is impressive: We found everything from a network-health overview to compliance hand-holding to more inventory and system status reporting than you can stick with a shake. This is helpful when auditing a network for the correct OS versions to support BGP or VoIP, for example. We especially liked the unique network-status report--this graphical view gave us a quick heads up when things went awry. An overview pie chart summarizes risk percentages, split among low, moderate and high risk. A score reflecting best-practice health info summarizes configuration status as OK or in violation; trouble areas include Policy and Software Versions. For example, NA Systems includes CERT advisories about OS versions; we could choose whether to designate our OSs as compliant versions. If an OS that wasn't defined by us as compliant showed up on the network, we got a heads up via a compliance report. Other handy reports include unsynchronized running and startup configurations, device-access failures and configuration changes in the past 24 hours. These are broken down by the specific occurrences or devices that led to violations. We liked the way this report sorted by device groupings so we could zero in on the health of our little corner.