Zero Touch Provisioning

[Trevor Chandler]

Is Zero Touch Provisioning a concept that's covered on any of the CompTIA
cert exams?

While I'm here, I welcome commentary that elevates the community's
understanding of Zero Touch Provisioning!

 

[Rick Butler]

I don't think I've ever really seen ZTP covered in any depth in CompTIA, beyond a cursory mention. Light Touch and Zero Touch deployment strategy would be more OS specific. Ansible would also be a player in that space, but again, I've only seen it mentioned in CySA and CASP and not to any meaningful specificity.

Where would you expect to see it?

/r

 

[Michael Schmitz]

I think Ansible is mentioned in A+ for Infrastructure as Code.

Zero Touch is getting a User Device up and running in your Company Enviroment.
While Ansible is more Automation also for Network Devices..

edited.

 

[Rick Butler]

Ansible can be used for system deployment as well. I was reading an article yesterday, even, on a user who was having some minor issues with PXE when trying to kick off an Ansible playbook to automate CentOS on Baremetal, which implies Light Touch or even Zero Touch (providing a solution for the PXE, triggering the playbook on another machine or something?)

I've also used Ansible plays to trigger Windows Update on various computers. It's quite versatile.

 

[Michael Schmitz]

Ansible can be used for system deployment as well. I was reading an article yesterday, even, on a user who was having some minor issues with PXE when trying to kick off an Ansible playbook to automate CentOS on Baremetal, which implies Light Touch or even Zero Touch (providing a solution for the PXE, triggering the playbook on another machine or something?)

I've also used Ansible plays to trigger Windows Update on various computers. It's quite versatile.

Sure, you can do everything. Is it the best way or smartes way? I am not sure. But for Windows, i still believe, there are better ways.
but that depends on your ressources.

 

[Rick Butler]

The conversation wasn't really about what is "best" or "smartest" Ansible is just another tool in the toolbox. I know organizations that love doing all their management through Ansible. I happen to love it.

Building Windows in Zero/Lite Touch is pretty tricky, even with Windows tools like the Deployment Toolkit. SMS/SCCM works well, if you're a bigger organization. Smaller orgs - not worth the build/maintenance time. These days, Windows Autopilot is pretty nifty if you're 100% native into MSFT Azure and Entra (just have P2 licensing for the greatest effect).

Updates are always a headache on Windows unless you start relying on 3rd party management tools (which carry their own, per-device, licensing fees).

In the end, as we well know, there is no solution that is "better" than another for every application.

But that's all apart from the OPs original question of CompTIA supporting ZeroTouch topics in their curriculum, which I don't think they do, apart from a simple mention.

/r

 

[Trevor Chandler]

I don't think I've ever really seen ZTP covered in any depth in CompTIA, beyond a cursory mention. Light Touch and Zero Touch deployment strategy would be more OS specific. Ansible would also be a player in that space, but again, I've only seen it mentioned in CySA and CASP and not to any meaningful specificity.

Where would you expect to see it?

/r

Mr. Butler, I'm not sure if I'm qualified to say where I would expect to see it. I know to defer that level of thinking to award winners like yourself!!!

Although I'm not sure where the best fit is, I must say that I'm surprised that it was mentioned
in both CySA and CASP. Both of those seem out of place to me!

 

[Rick Butler]

Bah...award winner... it's just a piece of glass, mate. I get to do this and hang with good people...even you, Mr. Chandler. Just don't skip out on the CIN'er dinner next year, okay?

I'm not sure where Zero Touch content would even go in the CompTIA stack, beyond the causal mention. But as this thread showed, there are different approaches to Zero Touch, depending on an environment - which could become very hard to maintain a level of neutrality...yeah?