A network engineer is automating the configuration of a new branch office router. The engineer needs a protocol that uses a YANG data model, supports both configuration and operational state retrieval, and operates over SSH for secure transport. Which protocol should the engineer use?
NETCONF uses YANG data models, supports both configuration and operational state retrieval, and operates over SSH for secure transport. It is the ideal choice for automating network device configuration in a secure manner.
Why this answer
NETCONF (Network Configuration Protocol) is the correct choice because it uses YANG data models for configuration and operational state retrieval, and it operates over SSH (RFC 6242) for secure transport. Unlike SNMP, NETCONF provides transactional configuration changes and separates configuration from operational state data, making it ideal for automated router configuration.
Exam trap
Cisco often tests the distinction between NETCONF and RESTCONF, where the trap is that both use YANG, but candidates forget that NETCONF specifically requires SSH transport, while RESTCONF uses HTTP/HTTPS, making NETCONF the only correct answer when the question specifies 'operates over SSH'.