Configuration management - the \u201cC\u201d in \u201cFCAPS\u201d (fault, configuration, accounting, performance and security) - has been much neglected, largely left to in-house improvisation and element-centric products, most of which are far from robust. On the other hand, configuration management is, like security, a pervasive service that directly affects many other management disciplines.Configuration management directly supports change management, service provisioning, performance, availability, security, and capacity planning and infrastructure optimization. EMA estimates that more than 60% of performance and availability problems are due to configuration issues, the majority of which are induced through human error.So wouldn\u2019t it be a good thing to have products that can begin to automate configuration control - documenting changes, providing effective access control, enabling more efficient and complete disaster recovery, and helping IT and service providers to optimize infrastructure and troubleshoot problems? In my view, the answer is a resounding \u201cyes.\u201dThere is a new crop of vendors targeting this area, including Alterpoint, Goldwire, Intelliden, Rendition, TripWire and Voyence, among others. Vendors with broader management software, such as Aprisma and Opnet, should also be included.Opnet\u2019s NetDoctor, the focus of this column, is distinctive in its rich capabilities for policy, design and optimization. While most competitors are focused on a combination of change management, auditing, security and access control, NetDoctor capitalizes on Opnet\u2019s broader portfolio for modeling, design, simulation and real-time assurance in context with detailed insight into infrastructure requirements.NetDoctor does not yet automate a large number of configuration changes across a network - something that is pretty standard for most other products. But it is a superior analytic tool, more suited to network engineers than to most network operators, and comes at a price point somewhat higher than other, control-oriented systems that generally don\u2019t \u201cunderstand\u201d configuration changes in infrastructure context.With Opnet\u2019s IT Guru or SP Guru - which manage networked infrastructure (including application behavior, with Opnet\u2019s Application Characterization Environment) - NetDoctor can provide insights into a broad range of issues. It can anticipate potential trouble spots, prevent problems before they occur, and help optimize networked resources. When it identifies problems, it recommends actions. Opnet and its users have had fairly dramatic success in identifying problems that would have remained undetected before NetDoctor was on the scene.For instance, NetDoctor can help solve problems based simply on knowing what you\u2019ve got. It can tell you how many different versions of IOS you have - so you can evaluate how many should you have based on best practices. Are the route maps referenced for use on a router actually defined on that router? Can you dispense, with, say extra copies of EIGRP that you didn\u2019t even know you had? With Flow Analysis from Opnet, it\u2019s easy to ascertain where there are duplicate routes, or isolate potential link failures with \u201creachability analysis.\u201dPolicies can also be scripted into existing templates and built-in intelligence to automate best-practice configuration control, or to step up to environment-specific requirements - for instance, preventing one IP address range from communicating with another because of business policies. (In some respects, NetDoctor\u2019s functionality is somewhat reminiscent of Cisco\u2019s Netsys, but with multivendor capabilities and more systemic design.)NetDoctor\u2019s benefits can make your network engineers and your operations team look very good - and save you money in planning and service assurance. Is it industrial-strength and ready for prime time? Well, yes - it is currently in use by Central Command in Iraq. And as the product gets better scalability, better support for authentication servers such as RADIUS and SecurID, and more automated capabilities for enabling massive configuration changes across a network, it will become an even better value.NetDoctor prices at $60,000 in a typical configuration with IT Guru and a MultiVendor Import module to build network models. With the addition of VNE Server for more automated, real-time insights into operational performance, the price becomes $98,000 plus maintenance.