Compare Configurations for Routers and Switches
Use a config-to-config diff view to identify configuration diffs
Sometimes, configuration changes are only made to the in-memory config. However, if the device loses power, these changes are lost. It’s important to also save permanent configuration changes to the startup configuration. When you use network configuration management to compare NVRAM (running) with startup (saved) configs, you can identify any unsaved changes.
SolarWinds® Network Configuration Manager (NCM) is designed to support various config compare methods for viewing config diffs. You could contrast two diff configs on separate nodes or two diff versions of the same config file on the same node. Exclude specific lines and blocks to avoid flagging inconsequential changes.
Comparing different versions of the same config with NCM can help you more easily spot config changes and comparing configs on different nodes can help ensure they match. You can also run config compare tasks in multi-vendor environments to compare configurations between different vendors.
Automate config compare monitoring
Config modification monitoring and alerting through NCM enables you to accurately know when and how a config is changed. NCM could also show you reports of config comparisons to enable proper corrective action. NCM is built to use automation tools to test config changes, simplifying the process of correcting or updating device configs.
NCM can also help automatically identify potential network vulnerabilities for Cisco IOS, Cisco ASA, Cisco Nexus, and Juniper by importing NIST firmware vulnerability warning and correlating this data with currently managed nodes. If there’s a match, NCM displays information about the vulnerability and number of affected nodes on the Config Summary page.
Provide in-depth config insights
You can gain access to config monitoring metrics, review interface config changes, and backup plus restore config files on NCM. This can help you manage configuration comparison and improve overall performance.
NCM is designed to support search, filter, and other identification methods for auditing access control lists. This gives you complete control over your configuration compare and config insights, enabling you to use NCM configuration comparison tool to optimize network performance.
Access config compare historical metrics for reference
Sometimes device configurations are changed without notice or authorization. These out-of-process changes can cause network problems. When you use Network Configuration Manager to compare device configurations against a baseline or prior version of the configuration, you can quickly identify where specific changes were made to quickly and confidently reverse any unwanted changes.
NCM is designed to automatically organize config comparisons by device and version, allowing you to easily find desired config archives. You could also organize devices into personal preferred groupings for further control.
NCM enables you to enact quick recovery from config failures, plus reduce errors and downtime when adding or replacing a faulty device. Backup operations through NCM could further aid recovery missions, and NCM could automate backups for consistent config backlog data.
Help demonstrate compliance with policies and standards
To make devices more secure, they’re often configured according to risk prevention controls. For example, do all devices have strong passwords? Are only trusted devices allowed to access the network? Network Configuration Manager helps you quickly and reliably determine whether network devices are using these required controls using config compare to compare each config to a custom policy file. Network Configuration Manager can determine whether any controls are missing or have been improperly implemented. If a problem is found, Network Configuration Manager will highlight it, allowing for quick remediation.
Get More on Config Compare
What is config compare?
Config compare can help you maintain optimal configurations across your environments by allowing you to more easily view side-by-side comparisons of configuration files or configuration and policy files to identify changes, missing requirements, and other issues.
Why is configuration comparison important?
Comparing configs can help you identify and fix failed config files and unauthorized config changes. By comparing configs to policy files, you can also help show compliance with security policies. Some Cisco config compare tools can also help you automatically identify potential firmware vulnerabilities with Cisco IOS, ASA, Nexus, and Juniper devices and can guide you in upgrading firmware, when necessary.
Configuration comparison can also aid the diagnosis of network issues stemming from config modifications. Config diff monitoring can help you troubleshoot these issues by enabling you to better understand whether changes to configs may have contributed to switch or router performance problems. A configuration comparison tool can help reduce network downtime with the ability to quickly find and revert to a previous backed-up configuration.
What does a config compare tool do?
With a config compare tool, you can improve overall config management using insights from configuration comparisons to quickly identify config discrepancies, who made config changes, what changes were made, fix unauthorized or failed changes, and check against security policies to yield more reliable device configuration files.
Using a config comparison tool, you can more easily compare the running configuration of a Cisco router or other device with the startup configuration to more easily identify if any changes have not been saved. You can also compare device configs to baseline configurations to identify where specific changes were made without notice or authorization to quickly reverse unwanted changes. Using config compare, you can also more easily troubleshoot network issues caused by configuration changes. A config compare tool can also help inform your security compliance efforts by identifying whether required controls are in use, missing, or improperly implemented by comparing configuration files against policy files.
How does config compare work in Network Configuration Manager?
Network Configuration Manager is designed to find and review differences between baselines and configs to automatically gather config compare metrics. Using NCM, you can simply select which configurations to compare from the Configuration Management page, such as comparing two configs or two versions of the same config, to identify config differences and use this information to quickly implement config changes more easily.
Leveraging NCM jobs, you can also schedule operations to automate many management tasks for devices and config files, such as generating a config change report to compare the most recent config file to a baseline, last downloaded config of the selected type, or a config from a specific date or date range.
You can also integrate NCM with additional networking modules through the Orion® Platform, which is built to provide performance visibility across systems, storage, and virtualizations in a single web console.
How to identify configuration changes using SolarWinds NCM
The diff view in SolarWinds NCM is designed to help you compare two config files to each other. These could be different versions of the same config, separate configs on different devices, or comparing the current config to a baseline.
Config-to-config diff views can enable you to compare configurations on different nodes to ensure they match and quickly identify configuration changes. NCM also enables you to review differences between baselines and configs by locating mismatches. Using the diff viewer, you can more easily find devices whose configs do not match the baseline, and click on baseline names with error statuses—such as mismatched baselines, no configs, no baseline set, empty, or other error— to review the differences. You could also manually run a comparison and enable or disable comparisons to a baseline.
You could also exclude certain config content from configuration comparison in NCM. Excluding specific data from NCM config compare can help speed up config compare processes and allow you to view config compare metrics more easily by excluding:
- Empty lines
- Lines that do not represent substantive changes, such as a Last Updated line
- Expected differences, such as the hostname value
- Blocks of text that do not represent substantive changes, such as the certificate section of the config
What is config compare?
Config compare can help you maintain optimal configurations across your environments by allowing you to more easily view side-by-side comparisons of configuration files or configuration and policy files to identify changes, missing requirements, and other issues.
"Once we build the router using the standard config, I can see when an engineer makes a change, and then I can identify if that’s an issue and use Network Configuration Manager to autocorrect it."
Jeremy Singleton
Network Manager
FMC Technologies
Use config compare to optimize router and switch configuration file management
Network Configuration Manager
- Make sure changes made to running configs are saved
- Quickly identify and fix unauthorized or failed config changes
- See config-to-config and baseline-to-config diff views
Starts at $1,894
NCM, an Orion module, is built on the SolarWinds Platform