It’s normal to not hear about configuration management (CM) during the evening news or read about our profession in your local newspaper. Vendors don’t tend to make iPhone-type announcements about their newest product offerings in CM. However, that doesn’t mean things are not progressing in our field, as this news roundup will detail.
Consider the latest release of Tripwire’s Configuration Compliance Manager (CCM) tool, which can now audit patch management processes. The company bills itself as “the only security configuration management company that can offer both agent-based and agentless capabilities.”
I would venture to say most CM folks don’t have patch management on their radar, or if they do, they might assume that their configuration management database (CMDB) would suffice to manage patching, along with other tools. I think Tripwire CCM takes it to the next level and broadens our field of CM by recognizing that proper configurations of patching are as important as which release went into production from a software side.
Over at The Register, David Norfolk of Bloor Research International reminds us that maybe we don’t know everything about CM. He looks at some common misconceptions, including the following: Only managers care about CM; CM is more than a tool you buy; and auto populating your CMDB may not be the best idea.
Norfolk then covers some do's and don’ts of CM implementations. While some of this is obvious to the seasoned pro, I think those newer to CM will find this article extremely helpful.
In other CM-related news, the Information Systems Audit and Control Association (ISACA), the same folks who created COBIT, just released its new guide for configuration management. While we don’t have time to go into all of the changes, COBIT is a framework that helps companies implement governance within their IT groups.
This guide will help CM groups across an organization become more cohesive, and it will help further our cause for organizations that use COBIT as their framework.
Two articles from Yale University last week go over two topics of particular interests to CM practitioners. The first covers the importance of IT governance, and the second addresses the growth of the CMDB at Yale, as the university attempts to populate its CMDB throughout its campus. The first article details the efforts at Yale to implement IT governance, and the author lists the groups and their meeting minutes, which may be very helpful in your own CM efforts.
While the second article is shorter, it solidifies David Norfolk’s idea of not auto-populating your CMDB, as the university asked users to fill out an Excel spreadsheet that will be used to manually populate its CMDB.
While CM never makes national TV news, we still have relevant stories about our field being published regularly.
What news concerning CM have you heard about recently?
Joe Townsend has been in the configuration management field for twelve years. He has worked for CNA Life Insurance, RCA, Boeing, UPS, and in state government. Joe has primarily worked with Serena tools, including PVCS Version Manager, Tracker, TeamTrack (Mashups), and Dimensions. He is an administrator for WebFocus and supports Eclipse users.