For a modern organization to meet its business goals it’s essential to have a reliable, high-performing network. But as networks get more complex and heterogeneous (frequently consisting of both on-premise and cloud environments), they are becoming more difficult to manage and operate, requiring skills and resources which are inherently limited in availability.
Regular and necessary workflows performed by network engineers can quickly become overwhelming and even prohibitive due to the time it would take to execute at scale. And when these workflows continue to be manually executed, extended problem resolution timelines result since the volume of service tickets continues to climb. And these problems that need to be addressed can range from the mundane to the mission critical — in some extreme cases shutting down key business services entirely during resolution.
The Growth of No-Code Network Automation
As these challenges get harder to address by human-powered efforts alone, organizations are turning to no-code network automation solutions to transform their core workflows, including troubleshooting, change management and prevention, for more efficient and effective network operations. This not only reduces the burden on network engineers (and improves network performance) but extends the capability of performing certain network discovery and troubleshooting tasks to other members of the IT team. In effect, no-code network automation makes the detailed knowledge of the network and the operational experience of subject matter experts accessible to anyone. And when developer teams look for the means to leverage the value of a no-code network automation platform, they quickly realize that the entire platform can be treated as a callable subsystem or object, essentially adding real-time network awareness as well as precision intent-based network automation to their ongoing NetDev projects.
It all starts with the ability to describe any network in extreme detail and in real time. To do so, all the device information, topology, traffic flow and desired application-specific behaviors based on the needs of the business must first be captured. And curiously, once created, these behaviors can be replicated across the network because there is a tremendous amount of similarity in function types, even if the model numbers of specific devices vary from location to location. Once this description is captured and replicated, these behavior intents become the foundation for scalable network automation which can be executed tirelessly by the machine. By automating commonplace and repeatable operations, it becomes markedly easier to manage network operations at scale. And through automation, design compliance and adherence to best practices and established policies is assured.
NetBrain provides this type of comprehensive no-code network automation platform which can be leveraged by network operators, engineers and even tapped by software developers involved in much larger projects.
The Five Objectives of Network Automation
The most impactful network intents which we’ve seen tend to fall into five broad operational categories.
- Outage prevention — Study after study has found that the vast majority of network outages and security breaches are the result of human error. With network automation, it’s now possible to continuously verify the operational status and capacity of network services before minor issues turn into production outages. Automation allows organizations to preemptively fix configuration drift, failover failures and performance degradation and even identify potential security issues.
- Problem diagnosis — Troubleshooting network problems is often a difficult, time consuming, manual job. But there are relatively few problem types that make up the majority of reported problems, so the challenge is creating a suitable best practice and then applying it at scale. Senior network engineers will know how to solve most if not all of these issues – so capturing that knowledge and making it widely accessible via automation allows lower-level engineers to resolve them more quickly and without escalation, reducing mean time to resolution and even cutting down on the number of trouble tickets submitted to IT.
- Application performance — In today’s enterprise environments applications can be hosted in the cloud or in data centers and accessed by users across wide area networks (WANs), with limited visibility into application flows. That makes it difficult to isolate the causes of application performance issues. Network automation can provide a continuous end-to-end view of all application traffic flows and supporting infrastructure to ensure that they meet designated application delivery KPIs.
- Network security — Most cybersecurity incidents are the result of configuration errors such as open ports, insecure management consoles or devices that are improperly exposed to the Internet. And with the proliferation of mobile and remote devices, the attack surface for most organizations has increased dramatically. Network automation is the best opportunity to define, verify and enforce security and configuration policies at scale. For example, one might automate a test to ensure backup firewalls configuration always matches the primary machine.
- Protective change management — Networks are in a constant state of change. And while traditional change management processes abound, they do so unaware of any application impacts that may arise due to that change. So while device-level change management can be executed properly, the applications that use that infrastructure may begin to fail. Intent-based network automation enables the detection of problems with service delivery each time any device-level change operation is performed. Network automation makes it possible to verify that all business applications in use will continue to be delivered as designed.
Network automation is the modern and yet untapped approach to effective network operations. Due to scale and complexity, it is ineffective to apply manual processes any longer, and even more impractical to hire and retain the amount of resources required to respond to service issues when they occur, as well as proactively look for minor issues that will impact production services over time.
By making it easier to codify what the network is supposed to do, how it should perform and capturing all of the acquired knowledge to maintain it, network automation will dramatically increase service delivery, reliability and security, while reducing tickets and decreasing the time necessary to resolve problems. And when a network automation platform is leveraged as a functional action-oriented resource for larger NetDev projects (through API integration), the difficulty in maintaining any complex multi-vendor and multi-cloud infrastructure is greatly reduced.
Song Pang is the SVP of Engineering at hybrid network automation and visibility company NetBrain, responsible for Pre-Sales, Professional Services, Technical Support and Customer Success. He has been at NetBrain for almost ten years in a variety of customer support and engineering roles and formerly was an analyst at Stroud International. Pang has a B.S. in Electrical and Computer Engineering from Cornell University. Founded in 2004, NetBrain is the market leader for NetOps automation, providing network engineers with dynamic visibility across their hybrid networks and low-code/no-code automation for key tasks across IT workflows.