What is Configuration Management?

Introduction

Configuration management

Configuration monitoring

Firmware update management

Permissions and access

Licensing

Remote and transport protocols

Configuration administration and configuration tasks

Introduction:

The Entuity Configuration Management module adds configuration management, configuration monitoring and firmware update management functions to Entuity.

Configuration management:

Section: Configuration management tasks and scripts

Configuration management allows you to configure devices and ports on your network by running scripts on those target devices, if the appropriate CLI credential sets have been established. Configuration Management requires a valid license and is activated through configure.

It uses a combination of the Entuity information database, an Expect API and Groovy scripts to enable you to specify configuration tasks, for example to set a port to "admin down", or change a device community string.

Configuration monitoring:

Section: Configuration monitoring

Through configuration monitoring, you can undertake the following:

• retrieve and archive device configuration files, automating the process of backing up start up and running configurations.
• alert to changes in device configuration files.
• alert to changes to firmware versions and the automatic retrieval of device configuration.
• warn of unsaved changes in device configuration files.
• enable detailed comparison of device configuration files.
• identify trivial changes in device configuration files to be excluded when identifying differences between files.
• check device configuration files for best practice.
• access devices using Telnet and SSH.
• transport device configurations using FTP, TFTP, SCP and RCP protocols.
• integrate with Entuity's permissions system.
• track configuration performance through the Entuity UI.
• integrate with Entuity reports.
• view archived configuration files.
• manage device configuration from the command line and through the Entuity RESTful API.

You can monitor configuration (e.g. backups or changes) through configuration events and incidents, the Configuration Monitor dashboard, and configuration monitor reports. You can also edit configuration monitor settings.

Firmware update management functionality:

Section: Firmware update management

Entuity enables you to update, upload and backup firmware images across Cisco IOS network devices.

Permissions and access:

To use configuration management and monitoring, and firmware update management, you must either be an Administrator or have the following tool permissions:

• Configuration Management Administration - access to configuration management functionality.
• Configuration Monitor Administration - access to editing configuration monitor settings, and annotating and favoriting device configurations. This allows you to:
  • list of devices to monitor.
  • frequency of monitoring.
  • number of files to archive.
  • matching patterns and policy patterns.

  A user with this permission also automatically has access to the functionality enabled by the Configuration Monitor View Config, Configuration Monitor Check Config, and Configuration Monitor Download Config permissions (see below).

  • • Retrieved configuration details are associated with their device, so access permissions are granted based on that View membership.
    • Current and archived files are saved to the Entuity server. Access to folders outside of Entuity are controlled by the operating system permissions.

    Note, if you are using Entuity v19.0 P03 and earlier, this allows you access to all configuration monitor functionality.

• Configuration Monitor View Config - access to viewing and comparing configuration file changes for a device.
• Configuration Monitor Check Config - access to checking and retrieving configuration files for a device.
• Configuration Monitor Download Config - access to downloading either the running or startup configuration for a device.
• Configuration Management Firmware - access to adding firmware to repository, starting and stopping firmware updates, and editing firmware update schedules.

[There is also the Hide Configuration Tasks context menu permission - this enables you to hide the top-level 'Configuration Management' option from the context menu. This is useful if you have not enabled any other configuration management permissions for the user group, which would result in the 'Configuration Management' context menu option opening to an empty list.]

Licensing:

Configuration Management functionality is licensed as per the Entuity license model, and is enabled on a per-device basis. For further help and information on licensing in Entuity, please see this article.

Remote and transport protocols:

Entuity can use Telnet and Secure Shell (SSHv1 and SSHv2) to access devices for monitoring their configuration. All required executables are included in the package and preinstalled in the appropriate location. No additional installation steps are required to use either Telnet or SSH.

Entuity can use FTP, TFTP, SCP and RCP servers for the retrieval of configuration files. For configuration retireval to work, the specified transfer server type must be running on the Entuity server.

Configuration administration and configuration tasks:

Configuration administration is managed through the Configuration Management page. This is accessible by clicking Main Menu > Administration > Configuration Management.

Entuity uses a combination of the Entuity information database, an Expect API and Groovy scripts to allow you to specify configuration tasks. A configuration task contains all the instructions required to complete the designated configuration management or monitor task. For further help and information on configuration management tasks, please see this article.