The approaches described in this section could be pursued, but are not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Compliance management refers to processes implemented in information technology (IT) organizations to determine whether computing devices of an enterprise conform to policies defined by the enterprise. Varying approaches have been used in an attempt to apply compliance management to internetworking devices such as routers, switches and other network infrastructure. In some approaches, network configuration and change management (NCCM) application programs are configured to listen for a notification of a configuration change, or to poll a device periodically to determine whether a configuration change has occurred. If a change is detected, then the NCCM application fetches a copy of the current running configuration from the device, stores an archival copy, applies enterprise policies, and determines whether the running configuration complies with the policies or other standards.
If violations are found, then an administrator can be alerted. However, this approach is reactive in nature and cannot prevent users or systems from applying non-compliant configurations to the devices. By the time a policy violation is found, damage may have been done.