In order to achieve compliance across your modern network, it’s important to understand what it is first. To put it simply, network compliance is the adherence to the network standards set by your organization. These standards usually fall into one or more of the following three categories:
Security
Reliability
Performance
Now that we’re clear on what network teams are striving to achieve, let’s talk about what it takes to actually be able to achieve it. When it comes to modern network compliance, there are three things that matter most:
- The ability to create and enforce a Golden Configuration across CLI network devices, cloud network elements and controller/application APIs.
- The ability to automate the remediation of compliance issues found.
- The ability to validate changes to devices before they are made.
Let’s take a closer look at each.
Create & Enforce Golden Configurations
The network standard set by an organization is also referred to as the Golden Configuration. Traditional NCCM tools do not make it easy, it is even sometimes impossible, for teams to build flexible and modular Golden Configurations that can be applied to multiple devices across multiple domains. Many network teams end up with nearly as many “Golden Configuration” files as they have network devices, which defeats the purpose of a Golden Configuration. Traditional solutions also typically do not include a way to support network solutions that use APIs, like cloud networking.
Network teams need a modern solution that makes it easy to not only create Golden Configurations, but enforce them across CLI network devices, cloud network elements and controller/application APIs.
Automated Remediation
So what happens if something falls out of its defined Golden Configuration? Organizations must be able to quickly and easily remediate whatever this issue is. The first step to remediation is understanding which devices and services are outside of compliance. Network teams must then correct the configurations of these network devices and services for them to become compliant again.
Given the high number of network devices and services that would need to be manually configured, it’s important to understand that a flexible process of automating these changes are necessary. In some cases with certain configuration changes, it may be acceptable for an automation to automatically remediate. In other cases, certain changes may require human oversight, or the need to make changes during a maintenance window. The key is to enable network teams the ability to create the automations with the appropriate logic to address remediation efficiently. Otherwise, it will only create another backlog of work for the team.
Change Validation
One of the most valuable components of modern network configuration is the ability to validate a change to before it’s even made. This can easily mitigate a potential error before it’s pushed.
Network teams can help ensure the network stays in compliance by using validation techniques, which provide feedback on a proposed change to a device, to determine whether the proposed change violates any Golden Configuration policy before it’s applied. Because changes have not actually been applied to a network device or service, this takes a proactive approach to compliance. By shifting from today’s reactive method that traditional solutions take, teams that take a modern approach of implementing validation into the process of network changes can ensure their network stay in compliance.
How Itential Supports Modern Network Compliance
Itential’s Configuration Manager was purpose-built to help organizations ensure their networks are always in compliance, with the capabilities tailored to support each of these components that matter most. With Itential, network teams can:
- Quickly create Golden Configuration templates for both CLI network devices and cloud-based services that use APIs for management.
- Run compliance reports for devices and services on the network, and automatically remediate the configuration of any device that is not compliant.
- Validate proposed configuration changes to the network to ensure, before they are even applied, that the changes will not break the compliance standard.
To learn more about Itential’s approach to modern network configuration and compliance check here or take a deeper dive into these three things that matter most in our recent on-demand webinar, “Modern Network Compliance: What It Is & How to Achieve It.” See the full modern network compliance webinar series here.
Rich Martin
Director of Technical Marketing ‐ Itential
Rich Martin is the Director of Technical Marketing at Itential. Previously, Rich has worked at several networking vendors as a both a Pre-Sales Systems Engineer and Systems Engineering Manager but started his career with a background in software development and Linux. He has a passion for automation in the networking domain, and at Itential he helps networking teams to get started quickly and move forward successfully on their network automation journey.
