A computer network is composed many interconnected devices executing concurrently. Often, each device has a broad range of configuration options. While a broad range of configuration options increases the flexibility of the devices, it also brings the opportunity to misconfigure the devices. A misconfigured device can undermine the efficiency of a network, negatively affect the business goals of an enterprise operating the network or render the network susceptible to a network attack.
In the past, network administrators have attempted to limit the misconfiguration of devices by writing sets of policies for each device in the network, and then utilize a network management system to control configuration of the network. However, a network administrator could intentionally or inadvertently defeat these policies by directly accessing a device in the network and altering the configuration of the device. In other cases, an administrator may rely on particular features offered by individual device to limit the configuration that may be applied to that device. However, device-specific features of the individual device are disconnected from the higher-level configuration goals for overall network. Moreover, network administrators would have to write these policies at a low, device-specific level so that policies can be applied to the individual device. This is especially burdensome for writing business policies that may employ numerous higher-level concepts. Thus, there is often a disconnect between high-level network management systems and control enforced at the individual devices.