Configuration Drift Management

Purpose

Automatically detects and reports deviations between device configurations and approved corporate standards ("golden configs").

Process

  • Device configurations are segmented by feature (SNMP, SSH, logging, etc.)
  • Each segment is compared against approved standards
  • Identifies two types of drift:
    1. Unauthorized configurations (need removal)
    2. Missing configurations (need addition)

Example

Given golden standard: ntp server 1.1.1.1

Device1: No NTP config

Fix: + ntp server 1.1.1.1

Device2: Has ntp server 2.2.2.2

Fix:

- ntp server 2.2.2.2
+ ntp server 1.1.1.1
Configuration Drift by Category Configuration Drift Overall

*Note: Production data has been obfuscated to protect confidential information