Page Three

By Cameron Sturdevant  |  Posted 2005-04-04 Print this article Print

The most important of the many changes in DeviceAuthority Suite 3.5 is its focus on helping IT managers drive the guesswork out of configuration management. So, although DeviceAuthority Update now includes more than 700 hardware, software and configuration attributes, we were more interested in the added configuration syntax checking.

For the first time, DeviceAuthority Suite 3.5 can perform a validity check on Cisco IOS (Internetworking Operating System) syntax strings. Because Ciscos router IOS is quite structured—each configuration command has a strict set of acceptable choices—we wonder why DeviceAuthority didnt gain this capability sooner.

Aside from adding intelligence to the basic product, AlterPoint is clearly trying to move DeviceAuthority Suite into position for network managers at very large enterprises. This version of the suite runs on Solaris 9.0, while previous versions ran only on Windows and Linux.

DeviceAuthority Suite can now integrate with several widely implemented authentication systems that use TACACS+ (Terminal Access Controller Access Control System), RADIUS and Ciscos CiscoSecure Access Control System. Our tests showed that with an ordinary amount of effort, we could carefully control access to the product using already-issued user names and passwords.

These enterprise-class modifications to DeviceAuthority Suite should factor heavily into network managers evaluation decisions. The new support for Solaris and remote authentication support complement DeviceAuthority Suites ability to run on Oracle Corp.s databases, Microsoft Corp.s SQL Server and MySQL ABs databases.

This means Opsware Inc.s Network Automation System (formerly Rendition Networks TrueControl), as well as Voyences and Intelliden Corp.s namesake network configuration management offerings, is no longer the only game in town. This is especially true for midsize organizations that make many configuration changes, as when acquiring other companies.

DeviceAuthority server, the hub of the suite, is where we spent most of our testing time. While network managers will likely spend more time with the DeviceAuthority Audit module, we spent most of our time on DeviceAuthority Server because we integrated other support products, including Hewlett-Packard Co.s OpenView Network Node Manager and EMC Corp.s Smarts InCharge real-time network systems management software.

DeviceAuthority Suite 3.5 can integrate with a long list of complementary network management tools, including IBMs Tivoli NetView, BMC Corp.s Remedy ARS and a veritable whos who of network management products from Computer Associates International Inc., Mercury Interactive Corp., Concord Communications Inc. and Micromuse Inc.

Some competitive offerings have much greater integration with one or more of the products listed above, and IT managers should factor product alliances into any buying decision. We ultimately had a good experience using DeviceAuthority Suite 3.5 with the other network management tools, but it took (not unexpectedly) a large amount of time to iron out all the wrinkles.

This gave us a chance to work with the technical support staff at AlterPoint, and our experience was favorable. The technicians we cold-called were knowledgeable and invariably answered the telephone by the third ring.

The DeviceAuthority Audit module is where most day-to-day operations happen. The module comes with a slew of useful reports, and new in this version is a report tailored for the Sarbanes-Oxley Act. (It appears that threatening to incarcerate executives really did have an effect on reporting.)

We liked the script- generation tool that automatically captures command-line interactions. IT managers should consider using this feature to transfer expert knowledge from senior network managers to the operations team. We could create scripts, which were then stored in a central repository that was accessible by authorized users. These scripts could be used to redeploy changes or as a model that others could use to make new scripts.

The DeviceAuthority Update governs the actual configuration change process. This is where the aforementioned syntax checking happens. The actions of this component should be the focus of senior network managers because this is where automated policy remediation (approved configurations redeployed to devices that are found to be out of compliance) and software image and patch management functions are stored and processed.

All the components are neatly managed in a rather complex interface. Even after we were comfortable with the product, we returned to the product manual to find the best way to perform several deployment tasks.

Next page: Evaluation Shortlist: Related Products.

Cameron Sturdevant Cameron Sturdevant has been with the Labs since 1997, and before that paid his IT management dues at a software publishing firm working with several Fortune 100 companies. Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility, with a focus on Android in the enterprise. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his reviews and analysis are grounded in real-world concern. Cameron is a regular speaker at Ziff-Davis Enterprise online and face-to-face events. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel