I have been tasked with compiling a list of possible network equipment changes at a data center. The task includes tagging which changes need change control and which don't. Does anyone know of a "best practices" list that I can start from?
The methods for doing change control at this data center are well established. The list would be of specific configuration items that should or should not be included in the change control process, of example;
static route entries
switch port assignments
firewall rule additions/changes
etc.
the configuration files(if they are text based) are best candidates for revision control. have a repository with the images you install (switches, routers etc.)
keep a journal of changes as well - this will give a clear idea on what is changed the most frequent and you can take from there.
take a look at this video - describes how facebook does it from dev to prod.
http://www.youtube.com/watch?v=T-Xr_PJdNmQlink text
I'm no data centre expert, but my gut feeling about this is:
You need change control for everything that has a potential to have a significant impact on more than one customer.
While changes specific to a single customer can be left up to them to control if it is their request.
Significant impact would include anything that has one or more of the following effects:
I'm sure there are potentially many other reasons, but these are the key ones that come to mind.