Historically, IP Service Providers have assured their customers that service-level obligations have been met by intensively monitoring the network for fault and performance issues. Such real-time network management typically involves hardware fault monitoring, which can identify, for example, hardware events such as a card pulled from a network device. In addition, certain performance parameters are monitored on network devices and links, which can identify potential network degradations. While such fault and performance monitoring is well embedded in Service Provider processes and detects many service problems, a whole category of equivalently important network events that can lead to service-impacting situation most often goes fully unnoticed and unmanaged: manual configuration changes.
In IP and Ethernet networks especially, a significant number of service problems are caused by uncontrolled manual configuration changes, performed by one of the many operators who have access to the equipment in the network, or sometimes by customers themselves in the case of customer premise equipment. In some situations, a manual configuration results in a service outage or a performance degradation. Some manual configurations may introduce security risks or other types of network and service vulnerabilities. For example, an operator might delete a customer routing table from an IP Virtual Private Network (VPN) service from a device configuration, which would create a service outage for one or many customer sites using this service. As another example, the operator might inappropriately change an IP “quality of service” configuration, which would directly affect service performance. These types of service-impacting configuration changes generally happen “silently” and go undetected until a customer complains, and which often directly affect the service-level obligations of a Service Provider.
Communication Service Providers (CSP) such as, for example, IP Service Providers, have dealt with uncontrolled configuration changes by trying to limit the operators' direct access to the network. However, it is difficult to limit operator access in highly distributed networks like IP and Ethernet networks, where service configurations are very complex and operators are accustomed to working directly with network devices. Controlled automated service provisioning helps a great deal in this area, but still many operators will go through the back-door, i.e. log directly in to a device and make manual configuration changes. Real-time monitoring of general configuration changes on a per-device basis has not been widely used in a service assurance capacity. This is due, at least in part, to the fact that such monitoring of all configuration changes generates an overwhelming amount of data, the vast majority of which will not ultimately affect service.