Lifecycle, EOL, EOS, Decommissioning, and Configuration Management
Key Takeaways
- Lifecycle management tracks assets from planning and procurement through deployment, operation, support renewal, replacement, and disposal.
- EOL and EOS dates affect patch availability, vendor support, replacement planning, risk acceptance, and budget timing.
- Decommissioning should remove network paths, credentials, DNS records, IPAM entries, monitoring objects, backups, and sensitive data.
- Configuration management preserves intended state, tracks versions, supports rollback, and reduces unauthorized drift.
- Configuration backups should be protected, tested, and tied to change records because they may contain sensitive network details.
Network assets need governance across their full life. A device that is installed, forgotten, and left unsupported can become a reliability, security, and compliance risk.
Asset Lifecycle
| Stage | Operational focus |
|---|---|
| Plan | Requirements, standards, budget, capacity, support model |
| Procure | Approved vendor, licensing, support contract, lead time |
| Deploy | Baseline configuration, documentation, monitoring, acceptance testing |
| Operate | Patching, backups, change control, performance review |
| Renew or replace | Support status, capacity, risk, cost, compatibility |
| Decommission | Remove service, wipe data, update records, dispose properly |
Lifecycle planning reduces surprises. If a firewall reaches support expiration next month, waiting until it fails may leave the organization without patches, replacement hardware, or vendor help.
EOL and EOS
Vendors use different terms, but Network+ scenarios often focus on the operational effect.
| Term | Meaning | Operational risk |
|---|---|---|
| EOL | End of life, product is being retired from the vendor portfolio | Replacement planning is required |
| EOS | End of support or end of sale, depending on vendor context | Patches, TAC support, or new purchases may become unavailable |
| Maintenance expiration | Support contract ends | Hardware replacement or vendor escalation may be delayed |
| Software support end | Firmware or OS updates stop | Vulnerabilities may remain unpatched |
Teams should track these dates in inventory and review them during budget planning. Unsupported devices may require replacement, compensating controls, or formal risk acceptance.
Decommissioning
Decommissioning is more than powering off hardware. A complete process prevents abandoned paths, stale records, and exposed data.
| Step | Example |
|---|---|
| Confirm ownership and dependency | Verify the device or service is no longer needed |
| Remove traffic paths | Disable ports, routes, firewall rules, VPNs, NAT, and DNS records |
| Remove access | Delete local accounts, API tokens, SNMP communities, and certificates |
| Preserve required records | Keep change tickets, diagrams, and audit evidence as policy requires |
| Sanitize data | Wipe storage, clear configs, remove secrets, or destroy media |
| Update systems | IPAM, asset inventory, monitoring, logging, backup, and support contracts |
| Dispose or repurpose | Follow environmental, legal, and organizational requirements |
Configuration Management
Configuration management keeps the network aligned with approved intent. It includes configuration templates, version control, automated backups, comparison tools, and drift detection.
| Practice | Why it matters |
|---|---|
| Golden configuration | Establishes approved settings for a device class |
| Version control | Shows who changed what and when |
| Configuration backup | Supports recovery after hardware failure or bad changes |
| Drift detection | Finds unauthorized or accidental differences |
| Rollback plan | Restores known good state when a change fails |
Configuration files may include sensitive information such as SNMP communities, pre-shared keys, local usernames, TACACS or RADIUS details, IP addressing, and management paths. Store backups securely and restrict access.
Practical Scenario
A wireless controller is approaching end of support. A good lifecycle plan identifies affected AP models, licensing, support expiration, replacement compatibility, migration steps, maintenance windows, configuration backups, rollback options, documentation updates, and decommissioning tasks for the old controller.
Common Exam Traps
| Trap | Better exam reasoning |
|---|---|
| "EOL is only a purchasing issue." | EOL and EOS affect patching, support, risk, and operations. |
| "Decommissioning means unplugging the device." | Records, access, configs, routes, DNS, IPAM, and data must also be handled. |
| "Configuration backups can be public because they are text." | They may expose topology and secrets and need protection. |
| "Manual changes do not need version history." | Configuration management depends on traceability and rollback. |
Quick Drill
Pick the best action:
- Device support expires next quarter: plan replacement or risk treatment.
- Retired VPN gateway still has DNS and firewall entries: complete decommissioning cleanup.
- New switch config differs from approved template: investigate configuration drift.
- Router fails and must be rebuilt quickly: restore from protected configuration backup.
- Prove when a route was changed: version history and change record.
A retired firewall was powered off, but its DNS records, IPAM entries, VPN account, and monitoring object still exist. What process was incomplete?
Which practices support configuration management? Choose two.
Select all that apply
Why should EOL and EOS dates be tracked in asset inventory?