Figure 6.17 shows a checklist you can use to evaluate this functionality.
Figure 6.17: A tool evaluation checklist for the problem tracking functionality.
Compliance and Enforcement
I've hinted at this category of functionality elsewhere in this chapter, but it's important enough to
be considered independent of other feature sets. The basic idea is that any process is only
effective if it's followed, and the very best configuration management tools can't stop someone
from logging on to a device manually and making changes outside the scope of configuration
management. In fact, instead of trying to prevent that from happening, you should assume it will
happen, and act accordingly by providing policing functionality to catch these changes and deal
with them appropriately.
Contribution to the Configuration Management Process
An important function of any process is to recognize and deal with external-process activity,
such as manual changes to a device's configuration. Today's network management technologies
make this possible in almost any environment, but you must have the right tools in order to make
it happen. It's not sufficient to simply perform an automated scan of device configurations on a
periodic basis; you need real-time monitoring that can catch changes before they have the
opportunity to create major problems on your network. Ideally, you also need the ability to
quickly undo those changes by rolling back to the last authorized configuration. The areas
highlighted in Figure 6.18 illustrate where this functionality falls in the configuration
The basic idea is that any process is only effective if it's followed, and the very best configuration management tools can't stop someone from logging on to a device manually and making changes outside the scope of configuration management.