nanog mailing list archives
Re: Mitigating human error in the SP
From: Steven Bellovin <smb () cs columbia edu>
Date: Tue, 2 Feb 2010 21:44:25 -0500
On Feb 2, 2010, at 8:36 PM, Suresh Ramasubramanian wrote:
Never said it was, and never said foolproof either. Minimizing the chance of error is what I'm after - and ssh'ing in + hand typing configs isn't the way to go. Use a known good template to provision stuff - and automatically deploy it, and the chances of human error go down quite a lot. Getting it down to zero defect from there is another kettle of fish altogether - a much more expensive with dev / test, staging and production environments, documented change processes, maintenance windows etc.
Yup. Or use a database and a template-driven compiler. See "Configuration management and security", IEEE Journal on Selected Areas in Communications, 27(3):268-274, April 2009, by myself and Randy Bush, http://www.cs.columbia.edu/~smb/papers/config-jsac.pdf (the system described is Randy's work, from many years ago). --Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- Mitigating human error in the SP Chadwick Sorrell (Feb 01)
- Re: Mitigating human error in the SP Suresh Ramasubramanian (Feb 01)
- Re: Mitigating human error in the SP Dobbins, Roland (Feb 01)
- RE: Mitigating human error in the SP Stefan Fouant (Feb 01)
- Re: Mitigating human error in the SP Ross Vandegrift (Feb 03)
- Re: Mitigating human error in the SP Christopher Morrow (Feb 03)
- Re: Mitigating human error in the SP Michael Dillon (Feb 03)
- Re: Mitigating human error in the SP David Hiers (Feb 03)
- Re: Mitigating human error in the SP Michael Dillon (Feb 02)
- Re: Mitigating human error in the SP Suresh Ramasubramanian (Feb 02)
- Re: Mitigating human error in the SP Steven Bellovin (Feb 02)
- Re: Mitigating human error in the SP Brian Raaen (Feb 03)
- Re: Mitigating human error in the SP Suresh Ramasubramanian (Feb 01)
- Re: Mitigating human error in the SP Suresh Ramasubramanian (Feb 01)
- Re: Mitigating human error in the SP Paul Corrao (Feb 02)
- Re: Mitigating human error in the SP Chadwick Sorrell (Feb 02)
- Re: Mitigating human error in the SP Michael Dillon (Feb 02)
- Re: Mitigating human error in the SP David Hiers (Feb 02)