Network Automation Tools for Config, Change Management, and Compliance
Use a network automation tool to streamline change management
Track changes with network automation software
Facilitate compliance auditing through network automation
Leverage network automation to back up configurations
Support multi-vendor network devices using network automation features
NCM supports seamless integration and interoperability between network devices from a variety of providers, including Cisco, Palo Alto Networks, Cisco Nexus, Juniper, HP, Dell, Brocade, F5, Aruba, Ruckus, and more. Network Configuration Manager offers customizable network automation solutions and a centralized, user-friendly interface, making it easier for admins to oversee multiple devices and identify pain points to help maintain a healthy network environment.
Get More on Network Automation Tools
What is network automation and how does it work?
Many of the hardware and software devices on your network, including switches, routers, and modems, must be configured, managed, launched, and monitored. Though you can do many of these tasks manually, automating them can streamline your operations and boost your network’s efficiency.
Network automation tools have become increasingly popular in recent years due to the ever-evolving digital landscape. Today’s IT departments must manage growing workforces of in-house and remote employees and the myriad of network devices they need to perform their jobs effectively. In most cases, the more a network grows, the more complex it becomes. Network automation can help users save hours previously spent on manually conducting repetitive tasks for each device. Device configuration updates no longer need to be done individually; with a network automation system in place, changes can often be addressed in bulk.
Automation begins with the device discovery process, during which a network automation system automatically discovers and imports all devices on your network. This allows the software to populate your network inventory with critical device details like IP addresses. Housing device details in a single, centralized location help users conduct several critical tasks.
With robust network automation tools, users can design change templates, create standardized configurations, and leverage workflows capable of automating updates across hundreds or thousands of devices on their network. Storing all critical device details in one location can also facilitate automated change tracking. Users can receive alerts as soon as changes are made, allowing them to resolve problems within minutes.
Why is network automation important?
There’s a reason why thousands of organizations across the world rely on network automation: it works. Here are a few reasons network automation plays such a vital role in today’s IT landscape:
- Boost productivity: Without network automation, users can find themselves manually tackling every network configuration and update for the devices on their network. Automating these tasks allows users to reclaim much-needed time in their days and focus on other, more pressing issues.
- Reduce downtime: Your employees rely on a secure and consistent connection for their day-to-day responsibilities. Network automation software is designed to simplify many configuration processes, including regular backups, to ward off configuration errors and keep network uptime high.
- Stay compliant: Network automation software is built to provide robust vulnerability scanning and immediate remediation features to help users adhere to security policies. They also provide comprehensive compliance assessments and reports to demonstrate compliance with many security standards, including DISA STIG, NIST FISMA, HIPAA, PCI DSS, and more.
How do you automate network configuration changes and backups using NCM?
To automatically set specific network processes for configuration changes and backups, you’ll have to use either scripts or configuration change templates, depending on the types of tasks and expertise level involved:
- Scripts allow for easy and simple configuration changes. They involve text documents that outline instructions in a language comprehensible to the programs that run and execute them, usually a command-line interface (CLI). Users must know how to navigate a CLI to establish and change configurations as needed. Common tasks that leverage scripts include downloading and uploading configuration files, uploading iOS images, updating login banners, and updating access control lists (ACLs).
- Config change templates help you create more detailed and sophisticated parameters. They harness a programming language to fine-tune specific config routines, allowing users to change VLAN memberships by device port, enable IP SLA for Cisco and Juniper devices, and more. By default, NCM offers config change templates to choose from based on desired goals.
To edit a configuration using NCM, you must either manually execute a script against an endpoint or choose an appropriate config change template. For backups, NCM comes with a Nightly Config Backup job, which automatically downloads all config files from all devices daily. This is a default feature that can be tweaked to fit your backup demands. In addition, the Nightly Config Backup job also downloads the Running and Startup configs from all devices, continuously saves all configs even when they haven’t changed, and logs job results.
NCM gives you the option of changing these settings, but it’s advised to use a copy of the backup job, as all changes are irreversible. To do so on NCM:
- Go to My Dashboards > Network Configuration > Jobs.
- Click Nightly Config Backup Job.
- Select Duplicate Job.
- Input a unique name for easy identification.
- Specify when the job will run. You can select the Basic option for a straightforward start and end time, or select Advanced to add particular criteria and exceptions.
- Choose an email notification option of your preference.
- Choose the types of configurations to download and backup preferences for each type.
- Review all settings and click Finish.
- Disable the original job by going to Jobs List > Nightly Config Backup default job > Disable.
How do automated reporting and alerting help network management and troubleshooting?
Within network automation solutions, reports provide a run-down of key metrics for analyzing the health and performance of your network. They can offer detailed information about the current state of the network or they can show historical data. Reports are useful because they can be run on an ad hoc basis when needed, or scheduled ahead of time to make it easier to perform system checks regularly. In NCM, predefined reports range from auditing and polling results to security, inventory, and network entity updates, for comprehensive performance and activity insights.
Alerts notify you when sudden changes or anomalies arise so that you can mitigate errors before downtime occurs, disrupting operations. Since network outages can arise from issues with network configuration changes, it’s important to monitor and log these changes as they’re made and limit the users that implement these changes. NCM houses a large library of predefined alerts for a wide variety of applications, such as node dysfunction, overwhelming network traffic, sweeping config changes, device discovery, and more.
How do you automate tasks using NCM command scripts and jobs?
Scripts can be leveraged to automate processes that would take too long for a user to devote time to address manually. A single script can handle automated tasks across several devices if its global, node, transfer, command, and time variables are properly set.
Setting automation scripts with NCM is as easy and quick as navigating to My Dashboards > Network Configuration > Configuration Management > Script Management > Add New Script. Once there, simply input the necessary script information, click Save, and select the nodes you would like the script to be executed against.
Jobs can be executed on a schedule using NCM. Job setting requires specific roles and privileges, which you’ll have to assign using NCM’s Configuration Management Approval feature. There are also several node limitations you’ll have to keep in mind when implementing particular roles and privileges, as not all users can view or edit jobs.
What are NCM’s automated job types?
Network Configuration Manager provides the following automated job types for improved convenience and efficiency:
- Execute command script on devices: Runs scripts on selected devices.
- Upload changes to devices: Uploads edited config files to selected endpoints.
- Export configs: Generates backup copies of config files through exporting.
- Perform routine database and archive maintenance: Cleans up outdated and unused data and tasks from the NCM platform.
- Update inventory: Maintains accurate inventory information for selected nodes.
- Generate a config change report: Compares recently downloaded config files to either a baseline config, the previous config, or a config file within a specified date range.
- Generate a policy report: Scans and analyzes for policy violations and records findings for user review.
- Purge old configs from database: Eliminates outdated configs to mitigate network outages and maintain efficiency.
- Download configs from devices: Imports config files from selected devices.
- Reboot selected devices: Jump starts selected nodes.
What are NCM’s licensing models?
Licensing within Network Configuration Manager depends on the number of nodes being managed within its platform. There are seven different types of licenses within NCM:
- DL50: License for up to 50 devices.
- DL100: License for up to 100 devices.
- DL200: License for up to 200 devices.
- DL500: License for up to 500 devices.
- DL1000: License for up to 1000 devices.
- DL3000: License for up to 3000 devices.
- DLX: License for unlimited devices.
What is network automation and how does it work?
Many of the hardware and software devices on your network, including switches, routers, and modems, must be configured, managed, launched, and monitored. Though you can do many of these tasks manually, automating them can streamline your operations and boost your network’s efficiency.
Network automation tools have become increasingly popular in recent years due to the ever-evolving digital landscape. Today’s IT departments must manage growing workforces of in-house and remote employees and the myriad of network devices they need to perform their jobs effectively. In most cases, the more a network grows, the more complex it becomes. Network automation can help users save hours previously spent on manually conducting repetitive tasks for each device. Device configuration updates no longer need to be done individually; with a network automation system in place, changes can often be addressed in bulk.
Automation begins with the device discovery process, during which a network automation system automatically discovers and imports all devices on your network. This allows the software to populate your network inventory with critical device details like IP addresses. Housing device details in a single, centralized location help users conduct several critical tasks.
With robust network automation tools, users can design change templates, create standardized configurations, and leverage workflows capable of automating updates across hundreds or thousands of devices on their network. Storing all critical device details in one location can also facilitate automated change tracking. Users can receive alerts as soon as changes are made, allowing them to resolve problems within minutes.
"All of our configs get backed up every night. You can compare changes made to configs and easily see who made them. You can push out changes through NCM. What's not to like about it!"
Jason Green
Network Administrator
ALS
Optimize your operations with a powerful network automation tool
Network Configuration Manager
- Reduce configuration errors using standardized device configuration and deployment automation.
- Improve network reliability through change monitoring, alerting, configuration backups, and rollbacks.
- Enhance security with IOS vulnerability scanning and NIST FISMA, DISA STIG, and DSS PCI compliance assessments.