7.3 Perform Configuration Management (CM) (provisioning, baselining, automation)
The Baseline Configuration shows us the way that a device is normally configured. We can compare the baseline configuration against the current configuration to determine whether any changes have been made. We might have a different baseline for each point in time.
When we want to make a change to the configuration, we are making the change against the baseline. People who are responsible for approving the change compare it against the baseline to see what will be affected. The change may affect only one device or all the devices. When it affects all the devices, then we might be creating a new baseline.
As discussed earlier, we must obtain a change from the Change Control Board or Committee before making any change.
Once we have a configuration baseline, we can automate the configuration of any new device through a template
- We obtain the new device
- We add the new device to our asset management database
- We determine the type of device
- We pull up a baseline configuration based on the type of device
- We “fill in the blanks” in the baseline configuration template. For example, the device’s hostname, IP address, gateway, etc.
- We deploy the configuration onto the new device
- We verify that the configuration has been deployed onto the device
- We record the configuration in our asset management tool
- We deploy the device
There are many ways to automatically deploy a configuration. The method depends on the type of device. They include
- Cisco DNA for network equipment
- Chef, Puppet, and Ansible for network equipment
- Microsoft SCCM for Windows-based computers
- Mobile Device Management for mobile devices
Automating the deployment of a configuration is good because it allows us to keep track of the configuration on each device. It also reduces the likelihood of mistakes associated with manually configuring each device.