Networks and network-related technologies are constantly evolving as networks become more complicated, bigger, and increasingly sophisticated. The cloud, software-defined networking, and the Internet of Things (IoT) all contribute to the speed of this growth. In this landscape of rapidly advancing technology, businesses must find ways to adapt to and manage the configurations of their many connected devices.
Just as networks must keep pace with wider market evolution, so do the network management tools supporting them. Considering the range of options, it can be hard to determine the most appropriate tool for the needs of your business.
In this guide, we’ll run through the basics of network configuration and what to look for in a configuration management solution before getting into my reviews of the best tools—both paid and free. Of the 11 products on the list, SolarWinds® Network Configuration Manager offers the widest scope of functionality and the most intuitive and sophisticated user experience. As a one-stop-shop for all your network configuration management requirements, it offers unmatchable value. And if you need a solution for a small business network, I recommend trying Kiwi CatTools®.
What Is Network Configuration Management?
Network configuration refers to the initial process of defining a network’s operation, flow, and controls—essentially maintaining and arranging the information associated with all your network’s components. Network configuration management, then, is the ongoing process of overseeing the setup and maintenance of all network devices, as well as the software and firmware installed on them. It encompasses the discovery of devices, the monitoring of device configuration and status, and the maintenance of inventory.
At the core of this process is the network configuration management database. When something goes wrong and the network needs repair, changes, or upgrading, the network admin will look to the database for the necessary information, so they can make an informed choice as to the best course of action. The database stores the IP address and location of every hardware device, in addition to data pertaining to programs, versions, updates, and default settings.
It’s critically important for enterprises to have a robust network configuration management system. A network configuration manager enables admins to stay on top of any changes made to device settings, and how those changes might impact the overall security of the network—certain changes could threaten your users’ privacy or create a weak point in your network. In addition, the firmware installed on devices has the potential to make them vulnerable to attack. Network configuration management software track all the firmware on your devices and issue updates.
What to Look For in a Network Configuration Manager
Automating the management of your network configuration will reduce time spent on repetitive yet necessary tasks, coordinate changes throughout the network, and help ensure your network runs at peak performance. A good network configuration manager will minimize configuration errors and optimize the security of your network. It should be able to carry out the following key tasks:
- Set a baseline for configuration
- Roll back changes to earlier configurations
- Archive the details of network configuration changes
- Distribute updates to firmware
- Create backups of configuration snapshots
In addition, you can choose to look for network configuration tools with the ability to:
- Distribute configuration updates in bulk
- Undertake compliance audits
- Manage firmware patches
Best Network Configuration Management Tools
When it comes to automating the management of your configurations, a huge array of tools and programs are on the market. Some are paid, while others are free and open-source, and choosing among them isn’t simple by any means. A paid solution doesn’t necessarily offer good value, and a free solution isn’t necessarily functional.
I’ve reviewed the leading network configuration tools and compiled this guide to help you choose the right one for your business. I’ve included free as well as paid premium tools, to suit the full range of budgets. However, the free tools available tend to be designed for small network rather than large business or enterprise use.
SolarWinds Network Configuration Manager (NCM) is a feature-heavy, intelligent, and market-leading program. Since NCM is built on the SolarWinds Orion® Platform, the tool can be used alongside other SolarWinds tools like Network Performance Monitor to provide deep insights across a network. The level of compatibility and scope covered by this all-in-one view is designed to give users the opportunity to adopt a complete suite of high-quality tools built to address every aspect of their IT administrative requirements.
In addition to its compatibility with other SolarWinds products, which I consider a big advantage, NCM is compatible with a range of equipment. It can interact with multiple device brands and manage multi-vendor systems. Another aspect I appreciate is the ease and speed of the installation process. During installation, NCM conducts a system scan to automatically identify all your network devices, logging snapshots of their current configurations. Having this log can be useful for future reference if, for example, you want to restore an earlier configuration.
NCM boasts impressive features specific to Cisco equipment. During audit sweeps, for instance, the tool integrates checks with the Cisco National Vulnerability Database and provides you with alerts for any security shortfalls, so they can be eradicated with an update, a patch, or an adjustment to the settings of a device. Other Cisco enhancements include insight into device settings for Cisco Adaptive Security Appliances, as well as management and audit utilities for access control lists.
NCM also serves as switch configuration management software, allowing you to make wide-scale, routine configuration changes across targeted devices, regardless of command syntax or vendor. Moreover, the tool’s standardized configurations save time when it comes to troubleshooting or auditing.
- Automated network configuration tasks, reducing the need to take equipment offline or work through the night when device settings need to be changed
- Audit module for demonstrating security standards compliance
- Ability to identify and roll back unauthorized config changes
- Indexed, searchable database of configurations for every device
- Notifications tied to the lifecycle of a device
- Access control via the dashboard, allowing admins to determine which users have access to which information
These are just some of the key NCM features (learn more about additional NCM features here) that determined its top ranking on my list of the best network configuration management software. There’s a lot to like about it. To get a feel for its many features, take advantage of the 30-day free trial during which the tool is fully functional.
Built to support small business networks at an affordable price, SolarWinds Kiwi® CatTools can benefit companies looking for a network configuration management solution to help automate backups, perform bulk configuration changes to multiple devices simultaneously, and quickly revert or roll back to good configurations to minimize service interruptions caused by bad configs.
Kiwi CatTools helps simplify monitoring network changes by providing real-time alerts on unauthorized devices and security risks. You can also compare current device configurations with the most recent backup and compare running and startup configurations to more easily analyze config differences, with native multi-vendor support for IPv4 and IPv6 devices, including popular vendors like Cisco, F5, Juniper, and many more.
Kiwi CatTools can also provide basic configuration change reports related to port, MAC, ARP, version details, and more that can be generated in HTML and text file formats with the ability to email reports directly to key stakeholders.
- Schedule automated backups
- Perform bulk config changes
- Easily roll back network configurations
- Compare and analyze changes to config files
- Automatically generate reports
- Built-in TFTP server
Kiwi CatTools is licensed on the number of computers it’s installed on, starting at US$811 per install. A 14-day free trial is also available.
Like SolarWinds, ManageEngine provides a suite of tools for IT service monitoring, which can be integrated to create a unified management and monitoring system. ManageEngine Network Configuration Manager supports multi-vendor environments and can manage a whole host of configurations, including routers, firewalls, and switches. Overall, my favorite thing about it is the dashboard, which offers a range of visualization approaches.
- Automated configuration backup of all network devices
- Constant sweep of devices, to identify unauthorized changes to settings
- Reports on variances between configurations on similar devices
- Updatable configuration backups, allowing standard settings to be applied to new devices
- Bulk application of configurations
- Logging functionalities, recording users’ changes to settings
- Automatic account suspension if a user account is compromised
- Multiple visualization devices for viewing data
- Polls for patches and updates
A free version of ManageEngine Network Configuration Manager is available, but it’s limited to two devices.
Device42 is particularly well suited for use in data centers. It boasts a range of infrastructure management modules, which cover not only configuration management but also IP address management, data center infrastructure management, and IT asset management. It’s available as either a cloud-based service or an on-premises installation. However, it’s not particularly sophisticated in comparison to the higher-ranking tools.
- Inventory/logging of equipment
- Backups of device configurations
- Continuous network sweeps
- Logging of all device settings and firmware versions
- Agentless auto-discovery to keep configs up to date
- Robust visualizations to facilitate decision making
The pricing model is subscription-based, and three plans are available. The cheapest plan, unfortunately, doesn’t feature the configuration management module.
ConfiBack (short for Configuration Backup) ranks here on account of its value: although it’s a free tool, it offers some impressive utilities. It’s not as sophisticated as many of the other programs on this list but is a solid choice if you’re looking for a network configuration manager without a price tag.
- Scheduled backup processes
- Results saved to text file
- Open-source programming
As a free network configuration tool—compatible with Windows, Linux, and Mac OS—ConfiBack is not particularly well suited to business use. It doesn’t include user authentication procedures and lacks a patch manager module. However, for those who have low network management requirements and are open to combing through programming code, this open-source offering might be for you.
TrueSight Automation for Networks, previously called BladeLogic Network Automation, is a new and improved configuration tool from BMC Software. While it doesn’t have a particularly dynamic display, it’s highly functional. It ships with pre-written policies to certify compliance with a wide range of integrity requirements for systems. These include NIST, PCI, CIS, HIPAA, and more.
- Automated system scan, device logging, compliance checking, and device settings adjustment
- Configuration backup with continuous scanning and alerting on any changes
- Manual and automatic restoration of standard configurations
- Coordination with NIST National Vulnerability Database to stay on top of potential security weaknesses
TrueSight is compatible with Windows Server, Red Hat Enterprise Linux, and Ubuntu. No free trial is available for this product.
rConfig is a free network configuration management tool compatible with CentOS and Red Hat Enterprise Linux.
- Detects all network devices and can be instructed to copy the configurations of each into files
- Scheduled configurations
- Actions can be performed on all devices, on specific devices, or on device categories
- Policies can be set, and the Configuration Compliance Manager can be used to check all configs comply
The code for rConfig is available for public access, which means you can comb through it yourself and adopt it as you please. Unfortunately, this tool doesn’t have user authentication utilities, which makes it suitable only for use on small networks.
Net LineDancer, or NetLD, is a network and device config tool with all the basic utilities necessary for configuration management.
- Automatic logging of all devices, with snapshots of configurations
- Configuration sweeps identify any alterations to each device
- On-demand configuration comparisons
- Ability to reload stored configuration files in bulk, individually, and by device type
The dashboard and general visualization of information in Net LineDancer can be cluttered, and the tool lacks access control features and patch management utilities. Overall, it’s best suited to small networks.
WeConfig, a free tool by Westermo, is a great configuration manager, but is only designed for Westermo devices. However, because it runs on the SNMP system—which is universal—WeConfig can be used with equipment by other manufacturers. This tool supports Windows environments.
- Compiles network map and logs all devices in the WeConfig database
- Network map can be manually reorganized, for preferred approach to visualization
- Layout of network map can be locked, to prevent elements from being reorganized or misplaced
- Analysis view features graphs on network equipment operation
- Device configs can be deleted or edited from the configuration manager
Although WeConfig is effective as a basic network monitor, it doesn’t provide alerts, and the dashboard is not customizable. Furthermore, it does not come with user authentication capabilities. For these reasons, it’s suited only for use with small networks.
RANCID stands for “Really Awesome New Cisco config Differ.” Yes, really. This network configuration management tool is free and backed by a community of experts who have been driving its continuous growth and development for many years. And while there are no native web interfaces or GUIs, there are several guides written by experienced users about configuring RANCID.
RANCID functions as a backup tool, an audit tool, and a blame allocation utility. It enables users to stay on top of configuration changes for equipment from vendors including Cisco, HP, and Juniper. For a free tool, it’s surprisingly feature-heavy.
- Automated retrieval of configurations, which are archived
- Data stored in a version control system
- Ability to track version changes in the operating system
- Ability to run traditional filtering commands on configs (e.g., sed, grep)
- Ability to parallelize configurations on large operations
CBackup is a free, open-source tool for backing up network equipment configurations. It can be used across multiple platforms and devices, and it benefits from being constantly updated by the community behind it. Support for new devices is regularly added and distributed by the CBackup content delivery system.
Although the tool is well designed, it doesn’t have the capabilities of a paid solution, and as such isn’t suited for business needs.
- Version control for tracking changes through Git functionality, which supports diff and plain-text configurations history
- Ability to set up discovery and backup policies
- Customizable hardware support
- Customizations regularly shared by the community
- No-cost distribution of device support and policies
Implementing a Network Configuration Management Tool
Managing the settings of connected devices is an important step in securing your network. By implementing a network configuration manager, businesses can automate the process of keeping firmware and software patched and up to date. In this guide, I’ve provided overviews of the best network device management tools, including free open-source and paid solutions, to help you find the right one for your organization. As you sort through your options, you will need to consider the requirements of your operating system, the size of your network, and the limitations of your budget.
The free network configuration tools on the market are suited mainly to small networks and non-business use. Of these free open-source tools, ConfiBack comes out on top, with an impressive suite of utilities. And if you operate a data center and have low-level requirements, Device42 might be a good choice.
For organizations with the budget for a sophisticated, comprehensive tool, you can’t beat SolarWinds Network Configuration Manager. SolarWinds has a history of producing market-leading solutions, so you can invest in the tool with confidence, knowing it’s a top-quality program. NCM balances sophistication with ease of use, provides a clean dashboard with dynamic visualizations, and takes an intuitive and intelligent approach to network configuration management. It can easily integrate with other SolarWinds products and is available as a free trial, so you can test out its capabilities before you commit.
*Pricing as of November 4, 2020