Are you confident that all of your device’s firmware and configurations are up to date? Managing network configurations can be a pain. To make life easier, we’ve reviewed six of the best network configuration management tools you can start using today.
No matter what size organization you manage, having firm control over your network configuration is critical to keeping your environment secure, and your settings consistent. Rather than manually checking every device, you can save hours of time by utilizing a network configuration management tool.
Here is our list of the best network configuration management tools:
- SolarWinds Network Configuration Manager (FREE TRIAL) Best all-around configuration manager for MSPs and most IT departments. SolarWinds blends intuitive reporting with its signature automation to take the hassle out of configuration management.
- ManageEngine Network Configuration Manager – Features automation, compliance management, and easy to use config restore points.
- Device 42 – The best choice for data centers and large enterprise networks. Features data center specific tools.
- WeConfig – A solid and free option to back up and restore configurations and firmware.
- TrueSight Network Automation – Leverages out of the box automation to help discover compliance issues and deploy best practices.
- Net LineDancer – Compatible with Linux, Windows, and CentOS. It can manage up to 200,000 devices.
The best network configuration management tools
Whether you’re looking for more consistency, or need to keep to date firmware, having a network configuration management tool becomes essential as your network continues to grow.
SolarWinds Network Configuration Manager (NCM) offers industry-leading network configuration management by integrating with hundreds of different devices and making management simple through an intuitive dashboard. From ten devices to ten thousand, you’ll have full control over any changes that need to be made.
Through the automation dashboard, you can automate administrative tasks across all of your dashboards. Whether that be firmware updates, firewall rules, or VLAN changes, it can all be applied to all of your devices automatically through a set schedule.
If you find yourself holding your breath during firmware updates, (NCM) gives you peace of mind through configuration backups every time a change is made. Recovering to a previous configuration is as easy as selecting your device, and choosing a date from the drop-down menu.
Under the Configs tab, you can see a side by side comparison to your last known good backup, and compare it to your current settings. This ensures you always have a record of what was done, and what configurations you can restore to with confidence.
If you work with a team, setting up real-time change detection can help alert you any time a configuration is updated. This helps keep you in the loop to ensure that nothing is being changed when it shouldn’t be and that necessary maintenance is actually getting done when you schedule it.
To help avoid any accidents and ensure configurations are correct, you can enable configuration reviews that require you or another administrator to review and sign off on certain updates and changes. Under the Security tab, you can review different users, restrict their access, and even get an audit log view of any changes they have made.
The more devices you manage, the tougher it is to ensure you’re within compliance across every device. It was nice to see that the Network Configuration Manager came with numerous scans you could run across all of your devices.
These out of the box reports can test your devices for policy violations and best practices. The reports not only give you a breakdown of what was found, but also have an entire section dedicated to remediation, and usually offer scripts you can launch to fix the change automatically.
In the Network Configuration Manager, templates are a powerful way to make updating your devices a seamless process, but you may find yourself with a device that doesn’t already have a template. If that’s the case, SolarWinds has a community of over 250,000 people who share and upload their scripts, configurations, and settings.
Since Network Configuration Manager is built on the Orion platform, it can easily integrate with Network Performance Monitor and Netflow Traffic Analyzer. This integration can enhance your configuration management and provide proactive monitoring to help reduce downtime and gain insight into how your devices communicate with your network.
SolarWinds Network Configuration Manager is available for both on-premises and cloud-based deployment. You can test out NCM today with a free 30-day trial.
Similar to SolarWinds, ManageEngine also provides a suite of tools that help deploy networking configurations, as well as analyzer performance and monitor applications. ManageEngine starts by backing up all of your configuration changes before doing an automated sweep of your work to look for policy violations, security issues, and improvements based on best practices.
You’ll get similar levels of control over your user accounts through auditing and action logging. These logs provide details as to what a specific user has changed and when that change was made. If you feel certain actions could indicate an account is acting maliciously, you can set up a script to automatically suspend accounts that behave in a certain manner.
ManageEngine’s Network Configuration Manager is compatible with both Linux and Windows. If you want to test it out yourself, there is a free version that allows you to add two devices. This is a pretty limited test environment and doesn’t give you the best opportunity to test all of its features. Alternatively, you can download a free 30-day trial.
Device42 is a network configuration manager more suited towards large MSPs or data centers. In addition to configuration management, Device42 can also provide asset tracking and data center infrastructure management.
When compared to SolarWinds and ManageEngine, Device42 is not as intuitive or easy to set up. With that being said if you do run a data center you’ll enjoy features such as Data Room Layouts, Rack Diagrams, and Hardware Inventory Management.
The rack diagrams allow you to virtually recreate your environment to allow remote technicians the ability to ‘see’ the datacenter without having to be on site. This design removes the need for lengthy spreadsheets or complicated notes.
The data center Room Layouts feature gives you similar visibility and gives you at-a-glance availability of your equipment. While most of this won’t apply to most MSPs, it’s good to see Device42 has the tools to help simplify data center network configuration management.
Device42 is available for both cloud and on-premises environments. You can test out Device42 for a full 30 days.
WeConfig is a free Windows-based configuration tool developed by Westermo. Initially, this tool was only designed to support other Westermo devices, but because it relies on the SNMP system, it can be used with other devices from other manufacturers.
Like most tools, WeConfig goes out and scans the network for any devices it can find, and then compiles those devices into its database. Once this scan is complete, you’ll be able to view your networked device through a simple dashboard.
This viewing arrangement allows you to click and drag elements into their desired spots, and then lock them so they cannot be moved or deleted. Note: WeConfig does not automatically scan the network, so anytime a new device is added you must rescan for it to be logged in the system.
Managing configurations is relatively simple. You can view any changes recently made on any device and easily push out firmware updates and changes through the dashboard. WeConfig doesn’t offer much automation when compared to SolarWinds, so you’ll find yourself making changes manually rather than scripting them out.
While WeConfig is a simple and free solution, you might find it’s lack of alerting and customization a bit frustrating. WeConfig is also more suited for small networks since it lacks the ability to accommodate teams or other authentication capabilities.
Formerly known as BladeLogic, TrueSight Network Automation provides network configuration with an emphasis on automation.
On deployment the software will start scanning and logging all devices it can find. During this time you can also set the tool to scan for compliance policies. There are a number of pre-configured policies that come out of the box with this tool. These reports help you check for NIST, PCI, CIS, SOX, DISA, SCAP, and HIPPA compliance.
If there are any integrity issues found during the scan, you can allow the tool to automatically force specific changes across your network to meet compliance standards. Personally, I would want to be able to review these changes first, but it does save you a lot of time if you would have had to do this manually.
Configuration changes can be pushed out and retracted in bulk; this includes firmware as well. Truesight does have the ability to have multiple logins and user security controls making this a viable option for anyone looking for a tool that supports a team environment.
Lastly, TrueSight Automation has an integration called TrueSight Vulnerability Management. This additional tool will scan for security threats and risks in your network and stop them. This tool utilizes the NIST National Vulnerability Database to constantly monitor your network configuration for threats and vulnerabilities.
TrueSight Network Automation is available for both Windows and Linux. At this time it does not appear there are any free trials for either Network Automation or Vulnerability Management. For more information, you can contact its sales team on its official website.
Netline LineDancer, commonly referred to as NetLD has all the standard features you’d need in a network configuration management tool packed into a simplistic interface. While NetLD isn’t as well suited to manage larger clients, it does have the ability to service up to 200,000 nodes and up to 1,000 SmartBridge servers.
On the first scan, NetLD will find all compatible devices, log them, and automatically take a snapshot of their configuration settings. You can implement configuration changes in bulk fairly easily across your network. While the interface on NetLD isn’t as good as SolarWinds Network Configuration Manager, it still gets the job done.
In addition to managing configurations, NetlLD has the ability to run a full hardware inventory audit. This includes a full breakdown of components such as power supplies, serial numbers, and even fan tray assemblies. This is a great addition to configuration manager especially if you’re looking to cycle out old hardware or finding replacement parts for hardware failures.
The reporting features keep you or your team up to speed on changes made across configurations whether that be to your firewall, switches, or VLAN. While this tool can assist in the day to day of configuration management it lacks some of the team features that SolarWinds or ManageEngine provides. NetLD lacks access controls and some of the automated features found in other tools, making this better suited for smaller networks.
NetLD is compatible with Linux, Windows, and CentOS. It has flexible per node pricing for both its on-premises and cloud-based products. NetLD is available for a 30-day trial that can support up to 100 devices during that time.
Choosing a Network Configuration Management
No matter what size network you manage, having a solid grasp on your configuration and patching is mission-critical. Which tool will work best for you? Well, that depends on your size, needs, and environment.
For most medium-sized service providers and IT departments, SolarWinds Network Configuration Manager will cover all of your needs with no unnecessary fluff or features. SolarWinds’ combined flexibility, features, and strong community make it an easy winner in our eyes.
For large enterprise environments and data centers, Device42 will likely be a good fit. Its datacenter specific tools tailor it specifically for larger complex networks.
Lastly, if you just run a small budget-strapped business, or have a home network you’d like to manage more efficiently, WeConfig is an excellent free option.
So how do you currently manage your firmware updates and configuration changes? Do you use a software app, or do it all by hand? Let us know in the comments below.