See correction at end of review
Managing 50 network devices can be a challenge; managing 5,000 is nigh impossible, and many networks today exceed even that
figure. If all the devices are from a single vendor, the job becomes somewhat simpler, but how many network managers have
that luxury? In most large network environments, heterogeneous hardware is the rule, and simple tasks such as changing SNMP
strings, implementing and verifying best-practice guidelines, and managing configuration changes across the enterprise become
enormous headaches.
Many network administrators rely on custom tools -- perhaps a collection of Perl scripts -- to manage devices en masse. Although
this may be appropriate for some enterprises, others are clamoring for a better mousetrap. Three companies are looking to
provide that very thing.
Rendition Networks' TrueControl 3.0, AlterPoint's DeviceAuthority Suite 2.0, and Tripwire’s TND (Tripwire for Network Devices)
3.0 all aim to be the network device management tool of choice. All three offer centralized management of heterogeneous network
devices, supporting network devices from multiple vendors.
This is no easy feat. The management tools for different vendors vary wildly. From Cisco-style command-line interfaces to
Web-based configuration tools, every vendor has its own view of how a device should be managed. Making a tool that brings
all these disparate configuration paradigms together is a challenge.
Tripwire for Network Devices
TND follows similar rules to Tripwire’s system-configuration control offerings. The overriding concept is configuration baselining.
When a device is added to the inventory, its current configuration is downloaded and marked as a baseline configuration. Administrators
add devices manually or by building and importing a CSV (Comma Separated Value) or XML file.
By polling devices and receiving SNMP traps, TND detects configuration changes and takes the appropriate action. You can configure
TND to send notifications of changes to administrators by e-mail, pager, or console, and you can have it restore the baseline
configuration to the device when a change is noted, all but preventing unauthorized changes to a device. TND's device compatibility
is limited compared to the other offerings, but it accurately inventoried all the devices in the lab with the exception of
a Dell PowerConnect 3300 switch.
After you have determined a baseline configuration, TND lays out subsequent deviations from that baseline for further inspection
by administrators. TND focuses on making it easy to restore a device to its baseline status rather than having to step back
through configuration changes, although this is also possible. Furthermore, TND doesn’t offer many features found in DeviceAuthority
and TrueControl, such as the ability to script configuration changes and to generate detailed reports. You must resort to
database queries to display data on changes to network devices.
The Web-based interface is somewhat foreboding and is frequently tedious when adding devices and configuring rules and actions.
Interface compatibility isn’t an issue; TND worked without problems with Internet Explorer 6, Mozilla, and Safari. From this
interface, devices can be grouped and linked from group to group, allowing you to organize them by make, model, vendor, and
so on. One drawback: You can't view more than one group at a time; expanding one collapses another. On the plus side, when
digging into a device’s change history, you can highlight differences between the baseline and current configuration in a
side-by-side view.
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
