Compliance & Remediation
  • 22 Sep 2023
  • Dark
    Light
  • PDF

Compliance & Remediation

  • Dark
    Light
  • PDF

Article summary

Golden Configuration, a tool included in the Configuration Manager application, is used by automation engineers to build and test sets of hierarchical rules against which device configurations are verified. It provides a rich set of features for performing text-based comparisons that can identify when a textual configuration block:

  • Is missing from a device configuration.
  • Should be removed from a device configuration.
  • Should be modified and reapplied to a device configuration.

While the tool can be used to perform basic compliance remediation, this is not its intended purpose in production environments. Its compliance capability works only on the principle of generalized text analysis. As such, it does not have any knowledge of the device it is operating against or the semantics of that device's command-line interface. In addition, compliance remediations that run in this manner are executed in serial. If you are running remediations against multiple devices, they will be applied to one device at a time.

In order to achieve more complex, device-specific outcomes, such as using device-specific variables, checking for rogue configurations, and performing remediation at scale, Itential recommends developing automation workflows. In particular, performing auto-remediation at scale is beyond the flexibility and performance capabilities of Golden Configuration.

Itential provides several tools to assist developers in creating workflows for such scenarios, including:

  • Jinja2 templates for configuration generation.
  • TextFSM templating for configuration extraction.
  • JSON Schema Transformations (JSTs) for performing data manipulation inside a workflow.

Itential also provides white papers and best practice guides for powerful features such as Itential Automation Gateway extensible device support.

When combined with workflows, templating, extensible devices, and JSTs, the Golden Configuration compliance and remediation capabilities can ease the process of analyzing and correcting your device configurations.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.