Making ACI Configurations Consistent
I’m sure I’ll step on a few toes with this entry, but it’ll paint a very clear picture you can relate to and give you something to reflect on when you think about your network device inventory.
As consultants, we move around between clients a fair amount and see a lot of new technology, but there’s always some network technologies and device platforms we see repeatedly. There’s a mix of well-done implementations, ones you’d rather just wipe clean and start over, and everything in between.
Network monitoring and management tools are one of them. They’ve become the Swiss army knife of applications as vendors try to compete in a marketplace where clients have high expectations for network management, monitoring, and reporting capabilities. This is also where it gets ugly. Setting it up properly and making it a project planning line item when you do network moves/adds/changes can become a career specialty.
Let’s talk about network device inventory. At support contract renewal time, this is something that usually bites you from behind, kind of like the neighbors’ seemingly friendly dog who wags his tail in front of you but isn’t so nice when you turn your back. Luckily, this doesn’t happen every year like your support contract renewal.
Network inventory is comparable to a handful of areas we deal with in our everyday lives:
So, let’s see how this compares to your network inventory.
Your network inventory has changed over the past few years; reflecting those changes in your network monitoring tools somehow escapes project planning. This latest round of changes included a new set of SNMP community strings, so together with the community string changes that went along with the network device upgrades over the last five years, you now have a fistful of community strings on your network devices. Some devices have even “fallen off the shelf and rolled under the sofa,” so to speak, so that device information isn’t visible anymore. Out of sight, out of mind. Since you’ve lost those from your active network device inventory, they got removed from the support contract because the contract list didn’t reconcile with your inventory reports. The flip side of this is that you have no accurate account of network devices so you just authorize the vendor (homeowners’ insurance company) to renew whatever is on the device list in your support contract, and you’re paying for support on network devices you can’t account for.
The stuff in your home changes pretty much the same way. You replaced the sleeper sofa and boom box sitting on the coffee table with a new leather sectional and a home theater system. When you look at the line items I referred to above, line item No. 1 starts to feed line item No. 2. The sofa and boom box went out to the garage or the basement. Meanwhile, the shelf full of $70 Xbox or PlayStation 2 games remain on the shelf in the living room when you could have taken them to Game Stop and traded them in five years ago — just like the top-of-rack datacenter switches you replaced in anticipation of them going end-of-support the year after they were retired.
So now we get to the good deals. Maybe they were two-for-one, you overestimated the build of materials, or the budget had to be depleted by the end of the year and the money needed to be spent. Line item three often feeds line item two as well. I’ve been in the position of going through a junk closet and discovering a long-forgotten new closet access switch still in the box. It could be either a nice surprise or a barn find.
You’ll typically find these things along with the juicer you bought for the detox program you never started, the coffee machine that requires a water line that never got installed, Christmas dinnerware you bought in April at a yard sale from someone who also forgot they had it, and those new wall sconces that just never made it out of the box because you meant to pick up wall anchors so you could hang them.
Accounting for things like this is something we do for our clients all the time, and it’s never quick or pretty, but as long as we know what we’re looking for, we can get you through it.
Additional challenges we run across are:
Ask about our Craftsmen Assurance program. The inventory topic would be just one component of managing your network under Craftsmen Assurance — but an important one that would establish the foundation for providing you with the core Craftsmen Assurance services.
We can cover it all, network infrastructure, unified communication, virtualization, and more. We can’t help you with the garage clutter, though.
Making ACI Configurations Consistent
Six Tips to Help with Your Next Configuration Audit
Does Security Belong Near Endpoints?
Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.