
On 2/2/2010 11:33 AM, Jared Mauch wrote:
We have solved 98% of this with standard configurations and templates.
To deviate from this requires management approval/exception approval after an evaluation of the business risks.
Automation of config building is not too hard, and certainly things like peer-groups (cisco) and regular groups (juniper) make it easier.
Those things and some of the others that have been mentioned will go a very long way to prevent the second occurrence. Only training, adequate (number and quality) staff, and a quality-above-all-all-else culture have a prayer of preventing the first occurrence. (For sure, lots of the second-occurrence-preventers may be part of that quality first culture.) -- "Government big enough to supply everything you need is big enough to take everything you have." Remember: The Ark was built by amateurs, the Titanic by professionals. Requiescas in pace o email Ex turpi causa non oritur actio Eppure si rinfresca ICBM Targeting Information: http://tinyurl.com/4sqczs http://tinyurl.com/7tp8ml