Network Configuration Manager

Basic Information

SolarWinds Network Configuration Manager (NCM) is a comprehensive solution designed for streamlining and automating network configuration management. It operates on the SolarWinds Platform, integrating with other SolarWinds products to provide a unified view of network health.

• Model: SolarWinds Network Configuration Manager (NCM)
• Version: Latest stable version is NCM 2024.2.1, a service release providing bug and security fixes for NCM 2024.2.
• Release Date: NCM 2024.2.1 was released on July 24, 2024. NCM 2024.2 was released on June 4, 2024.
• Minimum Requirements: Requirements are shared with the underlying SolarWinds Platform and scale with the number of managed nodes.
• Supported Operating Systems: Windows Server. Specific versions align with the SolarWinds Platform 2024.x requirements.
• Latest Stable Version: NCM 2024.2.1.
• End of Support Date:
  • NCM 2023.4: End-of-Engineering (EoE) November 20, 2025; End-of-Life (EoL) November 20, 2026.
  • NCM 2023.3: End-of-Engineering (EoE) November 20, 2025; End-of-Life (EoL) November 20, 2026.
  • NCM 2023.2: End-of-Engineering (EoE) July 10, 2025; End-of-Life (EoL) July 10, 2026.
  • NCM 2023.1: End-of-Engineering (EoE) March 13, 2025; End-of-Life (EoL) March 13, 2026.
  • End-of-Life dates for NCM 2024.x versions are not yet publicly announced but typically follow a similar lifecycle.
• End of Life Date: See End of Support Date.
• Auto-update Expiration Date: Not explicitly specified; updates are typically part of the subscription and maintenance agreement.
• License Type: Subscription-based, licensed per number of managed nodes. Available tiers include up to 50, 100, 200, 500, 1000, 3000 devices, and an unlimited device license (DLX).
• Deployment Model: On-premises, or in cloud environments such as Amazon Web Services (AWS) and Microsoft Azure, utilizing cloud-native SQL database services.

Technical Requirements

SolarWinds NCM runs on the SolarWinds Platform and shares its server, database, and browser requirements. These requirements vary based on the number of nodes managed, the frequency of configuration downloads, and the retention period for configurations.

• RAM: Minimum requirements depend on the number of nodes. Increasing RAM is recommended for scalability issues.
• Processor: Minimum CPU requirements depend on the number of nodes. Increasing CPU speed is recommended for scalability issues.
• Storage: Sufficient storage for the database and configuration files. The database should ideally reside on a separate, physical drive if installed on a virtual machine.
• Display: Standard display resolution for web console access.
• Ports:
  • SSH/SCP: Port 22 (bidirectional, default for NCM config transfers).
  • Telnet: Port 23 (outbound, default for NCM config transfers).
  • SMTP: Port 25 (outbound, for email notifications), Port 465 (for SSL/TLS encryption).
  • TFTP: Port 69 (inbound, TFTP server listens).
  • HTTP: Port 80 (inbound, for SolarWinds Web Console, not recommended).
  • HTTPS: Port 443 (inbound, recommended for secure web console connections).
  • Net. TCP Port Sharing: Port 17777 (for SolarWinds NCM Information Service).
  • Other ports for SolarWinds Platform module traffic and internal communication (e.g., 4369, 5672, 25672).
• Operating System: Windows Server (specific versions as supported by the SolarWinds Platform 2024.x). Installation on Windows Server 2012 R2 Essentials or Windows Server Core is not supported. Administrator permissions are required.
• Database: Microsoft SQL Server (Express, Standard, or Enterprise editions) with the latest service pack. Amazon RDS and Azure SQL Database are supported. A separate server for the database is strongly recommended. Supports UTF-8 character set.

Analysis of Technical Requirements: SolarWinds NCM's technical requirements are primarily dictated by the underlying SolarWinds Platform, emphasizing scalability based on the managed network's size. The architecture supports distributed deployments with additional polling engines to handle large numbers of devices. A dedicated database server is crucial for performance and stability. The software requires a Windows Server environment and relies on standard network protocols (SSH, Telnet, TFTP, HTTPS) for device communication. Security best practices recommend deploying NCM on a non-internet-facing server.

Support & Compatibility

SolarWinds NCM offers broad compatibility with multi-vendor network environments and integrates seamlessly within the SolarWinds ecosystem.

• Latest Version: NCM 2024.2.1.
• OS Support: Windows Server, consistent with the SolarWinds Platform.
• End of Support Date: End-of-Life dates for recent versions (2023.x) extend into 2026. Newer versions (2024.x) will have their EoL dates announced following a similar lifecycle.
• Localization: The database supports storing characters in the UTF-8 character set, indicating multi-language data handling capabilities.
• Available Drivers: NCM supports any CLI-capable device that uses SSH or Telnet. It has native support for a wide range of devices from vendors such as Cisco (IOS, IOS XE, IOS XR, ASA, Nexus), Juniper, HP, Dell, Brocade, Palo Alto, and Lenovo. Custom device templates can be created for unsupported devices.

Analysis of Overall Support & Compatibility Status: SolarWinds NCM demonstrates strong compatibility with diverse network hardware, a critical aspect for enterprise asset management. Its reliance on standard protocols like SSH and Telnet ensures broad device support. The ability to create custom device templates further extends its reach to less common or proprietary equipment. Integration with the broader SolarWinds Platform provides a cohesive management experience. Ongoing support is tied to subscription licenses, with clear End-of-Life policies for different versions. User feedback indicates that while core vendor support is robust, there is a desire for expanded support for non-CLI devices and more third-party integrations.

Security Status

SolarWinds NCM incorporates several security features to manage and protect network device configurations, though, like any complex software, it has had documented vulnerabilities.

• Security Features:
  • Automated configuration backup and real-time change detection.
  • Compliance auditing against federal regulations (NIST, FISMA, DISA STIG) and corporate standards (SOX, HIPAA, CISP).
  • Vulnerability assessment by detecting potential vulnerabilities in managed nodes using data from the National Vulnerability Database (NVD) and Common Vulnerabilities and Exposures (CVE) for Cisco ASA/IOS, Juniper, Palo Alto, and Cisco Nexus devices.
  • Automated remediation options for compliance violations and vulnerabilities.
  • Secure communication via SSH, SCP, and HTTPS (recommended over HTTP).
  • Support for SSL/TLS encryption for SMTP email notifications.
  • Centralized delegated administration and access control.
• Known Vulnerabilities:
  • NCM 2023.3.1 and previous versions were susceptible to directory traversal remote code execution (CVE-2023-33226, CVE-2023-33227) and a sensitive information disclosure vulnerability (CVE-2023-33228).
  • The SolarWinds Platform (on which NCM runs) 2023.3.1 and prior versions were susceptible to an insecure job execution mechanism (CVE-2023-40061) and an incomplete list of disallowed inputs remote code execution (CVE-2023-40062).
  • Other vulnerabilities affecting the broader SolarWinds Platform include stored cross-site scripting (XSS), information disclosure through error messages, server-side request forgery (SSRF), broken access control, directory traversal, and local privilege escalation (LPE).
• Blacklist Status: Not applicable to the software product itself.
• Certifications: SolarWinds follows the NIST Cybersecurity Framework.
• Encryption Support: SSH, SCP, HTTPS (Port 443), and SSL/TLS for SMTP.
• Authentication Methods: Integrates with Active Directory (AD) groups for user authentication and role-based access control.
• General Recommendations: SolarWinds strongly recommends installing the SolarWinds Platform on a server that is neither public nor internet-facing. Adherence to secure configuration practices for the SolarWinds Platform is crucial. Regular updates and patching are essential to mitigate known vulnerabilities.

Analysis on the Overall Security Rating: SolarWinds NCM provides robust built-in security features for network configuration management, including automated compliance checks, vulnerability assessments, and secure communication protocols. The product's ability to identify and help remediate vulnerabilities in network devices is a significant strength. However, the history of vulnerabilities, particularly those affecting the underlying SolarWinds Platform, underscores the importance of diligent patching and adherence to SolarWinds' secure deployment guidelines. The use of strong authentication and access control mechanisms, coupled with network segmentation, is vital for maintaining a secure environment.

Performance & Benchmarks

SolarWinds NCM is designed for scalability and performance in managing large and complex network infrastructures.

• Benchmark Scores: Specific, publicly available benchmark scores are not provided.
• Real-world Performance Metrics:
  • Scalability: A standalone deployment with one main server and two additional polling engines can manage up to 30,000 nodes (10,000 nodes per engine).
  • Each NCM instance can support up to 100 Additional Polling Engines (APEs), with each APE capable of supporting approximately 10,000 devices.
  • Factors affecting scalability include server CPU speed, RAM, number of simultaneous transfers, frequency of jobs, and node polling intervals.
• Power Consumption: As software, power consumption is dependent on the underlying server hardware and infrastructure. No specific software-related power consumption metrics are available.
• Carbon Footprint: Not directly applicable to the software. The carbon footprint is determined by the hardware infrastructure and data center efficiency where NCM is deployed.
• Comparison with Similar Assets: NCM is praised for its automation capabilities in configuration backup and security vulnerability detection, enhancing network reliability. It offers strong configuration compliance features and comprehensive monitoring. Users highlight its ease of use, user-friendly reporting, and seamless integration with other SolarWinds products. Areas for improvement include more flexible custom reporting, better integration with non-CLI devices, and broader support for non-Windows operating systems.

Analysis of Overall Performance Status: SolarWinds NCM is a high-performing solution capable of managing extensive multi-vendor networks. Its architecture, built on the SolarWinds Platform, allows for significant scalability through additional polling engines, accommodating tens of thousands of network devices. While specific benchmark numbers are not published, the documented scalability metrics demonstrate its capacity for enterprise-level deployments. Real-world feedback emphasizes its efficiency in automating tasks, reducing manual effort, and improving network availability. Performance is directly influenced by the underlying hardware resources allocated to the SolarWinds Platform server and database.

User Reviews & Feedback

User reviews and feedback for SolarWinds Network Configuration Manager generally highlight its effectiveness in automating network configuration tasks and ensuring compliance.

• Strengths:
  • Ease of Use: Many users find the installation, configuration, and daily use to be straightforward and intuitive.
  • Automation: Highly valued for automating configuration backups, firmware upgrades, and pushing changes across numerous devices, saving significant time and reducing errors.
  • Compliance and Security: Excellent for demonstrating security compliance, performing vulnerability scanning, and generating reports for standards like NIST, FISMA, DISA STIG, SOX, HIPAA, and CISP.
  • Disaster Recovery: Crucial for disaster recovery strategies by storing current configurations and enabling quick restoration of device settings.
  • Integration: Seamlessly integrates with other SolarWinds products, providing a unified management experience.
  • Reporting: Users appreciate the user-friendly interface for generating various reports, including configuration change reports and inventory.
• Weaknesses:
  • Reporting Flexibility: Some users desire more flexibility and customization options for creating custom reports and improving data accuracy.
  • Software Reliability: Occasional issues with false positives and processing errors during tasks have been reported.
  • Device Support: A need for expanded support for non-CLI devices and broader vendor coverage beyond the primary ones (e.g., Cisco) for certain features.
  • Operating System Compatibility: Desire for support for non-Windows operating systems.
  • Customer Support Response Times: While tier-three support is knowledgeable, response times for urgent issues can sometimes be slow.
• Recommended Use Cases:
  • Centralized management of network device configurations (routers, switches, firewalls).
  • Tracking and auditing configuration changes.
  • Ensuring network devices comply with internal policies and external regulations.
  • Automating routine network tasks such as configuration backups and firmware upgrades.
  • Vulnerability assessment and remediation for network devices.
  • Facilitating quick recovery from configuration errors or device failures.

Summary

SolarWinds Network Configuration Manager (NCM) is a robust and highly scalable enterprise asset management solution for network devices. It excels in automating critical tasks such as configuration backup, change detection, and firmware upgrades across multi-vendor environments, significantly reducing manual effort and improving operational efficiency. Its strong compliance auditing capabilities, with support for various regulatory standards, and integrated vulnerability assessment features are key strengths, enabling organizations to maintain a secure and compliant network posture.

The product's ease of installation, user-friendly reporting, and seamless integration with the broader SolarWinds Platform contribute to a cohesive management experience. NCM's architecture supports extensive scalability, capable of managing tens of thousands of network nodes through additional polling engines, making it suitable for large and complex infrastructures.

However, user feedback indicates areas for improvement, including a desire for more flexible and customizable reporting options, enhanced support for non-CLI devices, and broader operating system compatibility beyond Windows Server. Occasional software reliability issues, such as false positives, have also been noted. The history of vulnerabilities, particularly within the underlying SolarWinds Platform, highlights the critical need for continuous patching and adherence to secure deployment practices.

Overall, SolarWinds NCM is a valuable tool for organizations seeking to centralize and automate network configuration management, enhance security, and ensure compliance. Its strengths in automation, compliance, and scalability make it a strong contender for enterprise network teams. Prospective users should prioritize regular updates, implement SolarWinds' secure configuration recommendations, and consider their specific needs regarding reporting customization and device compatibility.

The information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.