4-2
Cisco Prime Network 4.0 User Guide
OL-29343-01
Chapter 4 Device Configurations and Software Images
What is Change and Configuration Management?
Configuration Management
Configuration Management enables you to control and track changes that are made to a device
configuration. It uses a change management feature to det ect o ngoi ng ch ange s to devices in two ways:
When doing periodic archiving of device configurations. If CM detects a change in a configura tion
file, it will get the new version of the file from the device and copy it to the archive.
When a configuration change notification is received from a device. This is called event-triggered
archiving. You can configure CM to copy a new version of a configuration file to the archive
whenever a change is detected, or to queue the changes and then copy the files to the archive
according to a schedule.
By default, neither of these methods are enabled. You can configure them from the Configuration
Management Settings page (see Configuration Management Setup Tasks, page 4-5).
Change Logs provide information on the changes made to devices in t h e ne twork, so rte d by the ir tim e
stamp. The Configuration Management Settings page controls how long these logs are saved. CM saves
messages that can be used for debugging in
PRIME_NETWORK_HOME/XMP_Platform/logs/ConfigArchive.log.
Note All configuration management operations are performed only on devices with Communicatio n State as
Reachable and Investigation State as Operational, Partially Discovered, or Currently Unsynchronized.
For a Cisco IOS device with SNMPv3 configuration, configuration management operations can be
performed only if the device is configured with write permission for CISCO-C ONFIG-COPY-MIB MIB
group.
Compliance Audit (and Configuration Audit)
Compliance Audit ensures that existing device configurations comply to your deployment’s policies.
Using Compliance Audit, you can create policies that can contain multiple rules, and policies can be
grouped together to create a policy profile which can be run on a set of devices, called audit of devices .
There is no limit on the number of policies, profiles, rules, and conditions that you can crea te using
Compliance Audit. It can scale up to 35,000 devices.
When a device is detected to be not confirming to a determined policy, Compliance Manager calls it a
violation. Subsequently, if available, it also recommends a fix, as configured by the administrator. The
violation details are saved in DB Schema for your reference later.
Compliance Audit replaces Configuration Audit (although Configuration Audit is still available.)
Image Management
Image Management provides tools for performing rapid, reliable software upgrades an d auto mate the
steps associated with upgrade planning and monitoring. This to pic provides an overview of both features
and an introduction to the Change and Configuration Management dashboard. Cisco IOS and Cisco IOS
XR software images are stored in the Prime Network image repository, to which y ou can add ne w images
by importing them from Cisco.com, from existing devices, from a local file system, or from an external
image repository. Software images in the repository are stored in binary format. Before an image is
distributed, NEIM performs an upgrade analysis to ensure that the network element is compatible with
the image; after an image is distributed, the images are applied immediately. For Cisco IOS XR devices,
you can add individual packages, deactivate packages, test changes before committing them, commit
changes, and roll packages back to stored ro ll b ac k p oi nts . Th e im a ge re po sit o ry is lo cat e d in th e Ci sco
Prime database. NEIM saves messages that can be used for debugging in
PRIME_NETWORK_HOME/XMP_Platform/logs/NEIM.log.