In an industry already loaded with jargon, it's easy to feel overwhelmed. If you've never heard of Configuration and Change Management (CCM), you might be wondering: Is it the same as run-of-the-mill change management? Is it a combination of the dual concepts of change management and configuration management? A new, third thing entirely? Our guide will help you navigate these troubled waters with ease. By the time you’re done reading, you’ll be able to understand why this process is so important, and how to leverage it properly.
Configuration and change management (CCM) is a bipartite process, meaning that it’s made up of both change management and configuration management. As such, deploying it will mean understanding both separately, and how they work in tandem.
Let’s take a look at how both concepts can help you keep things in perfect order. First, it’s time to tackle configuration management.
Configuration Management explained
Configuration management refers to a management procedure for all of the configurable components or resources required to run a software application. The idea behind this process is to ensure that a stable baseline or standard environment exists for these components. The more stable things are, then —most likely—the better, and more predictably, your software will run.
Some key configuration management principles are:
Knowing what configurable items are, and labeling them accordingly. Configuration items can be networks, servers, and computer resources in general. Once you know what they are, you can assign unique labels or numbers to each of them.
Making sure configuration items are protected. Meaning, they’re stored somewhere you can monitor them 24/7 and keep them safe from any cyberattacks or intrusions.
Maintaining your baseline. A huge part of configuration management is establishing a proper baseline, or a “normal” state of affairs that it’s desirable to stay at, or close to. If anything goes awry, then this is the state that you will ideally want to return to. Every release, though, requires its own records, including a detailed changelog. The records are meant to include the locations of every configurable item, proposed changes, and change owners (those who are held accountable for that change).
Auditing and configuration verification. This is where you have to check every configuration item regularly to ensure that they’re stable and acting the way they’re supposed to.
Who is supposed to do what, now? This is the fun part where everyone in the team gets to choose what they do; from auditing, change approval, or reporting, every part of the configuration management process needs to be accounted for. The important part is that everyone sticks to what they’re supposed to do after the team chooses their tasks.
Companies use IT Asset Management (ITAM) tools such as InvGate Asset Management for Configuration Management, as it keeps the current configuration of items as a record for audit, tracking, and trend analysis.
Change Management explained
Change management, in turn, helps manage the changes that are made to the configurable items in an environment or system.
We have a Definitive Guide to Change Management that you might find helpful. But for our purposes here, let's break up the process of change management down into the following parts:
- What do we need to change? There’s a thorough evaluation of all of the changeable items, including what changes are necessary in the first place, and when and how to implement said change.
- How the change request is going to affect other things. The system has a baseline state, and that change may affect it. This part comes in when you need to assess the breadth and possible impact of the proposed change.
- Time to put in a change request. After you positively assess the impact of the coming change, it’s time for the stakeholders to put their money where their mouths are and make a change request.
- Determine an appropriate change strategy. Once the changes are finally approved by stakeholders, they (or the change advisory board) develop a strategy for change implementation. This also includes accurate timeframes and keeping everything in sync with proper configuration management guidelines.
- Change execution. It sounds a bit like a superpower. And it kind of is, because when everything is ready to go, it’s time to finally put the new change or changes into action. And, if everything goes according to plan, then this new state becomes the baseline from now on.
Companies use InvGate Service Management for Change Management thanks to its easy to use and set up system of approvals, task coordination, planning, documentation and work management (plus the ability to put sub-tasks in one part of a workflow and then copy them to a later step). Watch this video to learn how:
What are Change Management and Configuration Management good for?
As it turns out, a lot. For one, they help keep your servers running optimally and consistently. They can also help out in a major way with general process efficiency, considering that most of the processes are automated, as opposed to manual.
Another positive aspect of change management and configuration management —when applied correctly— is that you can scale up your infrastructure without scaling your staff. How does this happen? Precisely because of ITSM automation.
Another area where automation can come in very handy is error reduction. As we know, even on their best days, humans are error-prone. When you automate a process thoroughly, though, it tends to be less subject to mistakes than when humans do it. Why? Because you’ve optimized it through trial-and-error and repeated deployments until you’ve reached peak efficiency. And that’s why, through intelligent process automation, you can delegate that part of your workflow to it with a greater degree of confidence.
As always, you can count on a higher degree of optimization to be a cost-cutting measure. While it may not be immediately evident, change management and configuration management can help you save up if your server requires downtime. The costs of staffing for server repair services can go up dramatically, especially if the repair or reset needs to be done manually. ITSM automation will nip this in the bud.
But change and configuration management are only as good as the tools you use to make them happen. In order to implement change control, you need the highest order of change and configuration management tools.
Let’s take a look at the following section.
Change and Configuration Management Tools — What do you need?
A thorough level of change control requires the right tools for the job. Automation, in and of itself, may sound like a great idea, but it needs to be implemented intelligently. And intelligence is not all about constantly applying brainpower, but finding the right tools to delegate that brainpower to. Then, you can free up your best minds to do what they do best. And that is playing Jenga in the office cafeteria. Or, jokes aside, focusing on the important tasks only humans can do.
Let’s take a look at what you need to look for in a management tool. That way, we’ll take any possible errors out of the equation from the get-go, leading you to make informed choices.
1. Differentiated views for comparison
Something you don’t want to do is sift through lengthy configuration files to find the information you’re looking for. Couple that with the fact that you’re going to be looking through a multiplicity of network devices and that’s a big “nope” right there.
Your management tool, then, needs to have differentiated (Diff) views. This will allow you to view configuration files side-by-side. Diff views also typically color-code changes so you can spot them more easily. Another big win for this type of view is that you get to see the change owner and whether the change was part of a manual, scheduled, or automated process. This makes everything easier to trace, track, and understand.
2. Aid your process with real-time notifications
What you want to avoid as a network administrator is to not knowing when changes are in effect. Thus, what you need in a good configuration management tool is the ability to notify the admin at every turn. These small steps are logged in a Syslog file for easier access. Then, they’re stored in the tool’s built-in Syslog server.
When a network admin receives this message, they’re easily able to compare the configuration with the most recent device backup. If they notice any unauthorized change, they’re able to go back to the latest backup without delay.
It’s also important to note how the tool handles notifications. Email, SNMP traps, trouble tickets, and Syslog messages are some of the most frequent ways that your management tool will let you know what’s up. Of course, this should be easily configurable in case you need to pay special attention to specific change triggers. In fact, when it comes to mission-critical triggers, you can even enable automatic rollbacks so you don’t have to cry over spilled milk later.
3. Understanding who needs access and when (RBAC)
It’s probably a no-brainer to say that you’re very likely dealing with a multi-user environment. This makes it even more important to have role-based access to change features. The network admin, and only them, has the capability to authorize and assign roles in the system.
As a result, each user has a device or range of devices that they can access depending on their role’s sphere of influence. Then, each user has a limited degree of power based on this. Each user can backup and sync configurations, but only after running them by the system administrator. They, in turn, can leave comments, approve, or reject each change.
4. Tools with configuration versioning and storage
A change and configuration management tool will allow you to deploy automated, manual, or scheduled backups. Whenever something triggers a backup, the tool will instantly compare with the most recent configuration backup. If it detects any changes, it versions and stores the configuration. On the other hand, if it doesn’t detect any changes between the two, then it discards the configuration backup.
What does this do, overall? It creates a version history that you can use to compare configurations and play a game of spot-the-difference. This is more useful than you think, especially when things don’t go as planned!
5. “Rollback, rollback, rollback!”
You might have caught yourself screaming this out in the case of a system-wide disaster. We’ve been there, and practically every IT professional has at one point or another. It goes without saying that, as a system admin, the more power you have to roll things back quickly, the easier it is to recover from near-fatal errors.
Instantly rolling back the device or set of devices to the latest stable configuration is usually the solution to most problems. Your management tool needs to easily help you set up a baseline configuration and work from there. If things go sideways, that’s where you’ll be rolling back to — a safety net, so to speak.
Other considerations
Now that we’ve gone over things in detail, it’s easier to find the difference between configuration management and change management, and where the lines cross. The former is about the items themselves and the state of the system; the latter is about managing the changes that affect both.
And, in addition to what we said above, there are other things you need to consider for the ideal management tool.
- Is it flexible? Being compatible with the tools in your toolkit, and future tools as well — of course, if your tool is not updated frequently (or sometimes on-demand), that’s a big no-no.
- Is it robust? Or, in other words, it needs to be able to not crack under the pressure of all the tasks you’re going to entrust it with. And, it’s also understood that it needs to scale as your organization does. This also ties into the previous point nicely.
- Is it cost-effective? Sure, some million-buck change management tools are absolutely worth it. But are they really worth what you’re paying when you have comparable options that are more accessible? While open-source tools are frequently a good solution, it takes a wealth of management and knowledge to be able to use them accurately. This, of course, will also depend on the complexity of your organization’s IT framework. The bigger it is, the more likely you’ll need a professional tool working for you.
InvGate Service Management and InvGate Asset Management are two of the most robust, flexible, and cost-effective solutions you can find for configuration management and change management. They integrate seamlessly with each other, arming you with everything you need on both the change management and configuration management side.
The idea, then, is to be able to create stable environments for your IT framework to run on, but also to be able to securely and intelligently deploy change. With the right tools on hand and armed with these recommendations, there’s no reason not to succeed.