Welcome!

@DevOpsSummit Authors: Liz McMillan, Yeshim Deniz, Zakia Bouachraoui, Pat Romanski, Elizabeth White

Related Topics: @CloudExpo, SDN Journal, @DevOpsSummit

@CloudExpo: Blog Post

Intent-Based Networking: How Close Are We (and Should You Prepare)? | @CloudExpo #ML #SDN #Cloud

Intent-based networking will be the technology that allows network administrators to take advantage of SDN across delivery chain

Intent-Based Networking: How Close Are We (and Should You Prepare)?

Over the last several months, intent-based networking (IBNS) has gained momentum as a newly viable technology that aims to further automate traditional network management. Although IBNS has existed for a few years now as a general concept, it was more buzz than reality until Cisco® launched its first IBNS software package earlier this year.

What is intent-based networking?
Traditionally, network administrators manually translate business policies into network device configurations, a time-intensive and error-prone activity that contributes to rising OpEx. But as digital transformation initiatives continue to reshape the way organizations approach their business and IT strategy, it's becoming more difficult to stay on top of policy and configuration changes by hand.

Enter intent-based networking, which has the potential to significantly transform how we think about enterprise network management. Fundamentally, intent-based networking allows network administrators to define a desired state of the network - what they want it to do - and have that network dynamically monitor for and respond to changing network conditions with automated network orchestration.

IBNS includes all the key tenets of software-defined networking with the addition of observability, autonomous execution access, control policy, and a critical layer of machine-learning capabilities that allow automatic decision-making based on the analysis of observed network behavior. This helps to ensure the security and performance of services along those network paths, and helps bring SDN to the enterprise level.

For example, if a portion of an organization's network is down, an intent-based network could process the change and re-route network traffic accordingly. Alternatively, IBNS platforms can help evaluate the safety of connected devices, whether IoT or BYOD-driven, by monitoring their behavior over time to ultimately decide whether it should be allowed to remain on the network.

This type of dynamic, automated response reduces human involvement, streamlines overall network management, and removes the daily drudgery of routine network changes. It's especially useful for helping to ensure optimal performance for services that compete for resources. Network administrators can think critically about which services should be prioritized and program IBNS platforms to optimize service delivery based on the best benefit for the business.

Where are we now, and should you prepare?
The concept of intent-based networking is certainly not new, but until recently there haven't been too many platforms available to enable it. While IBNS technology is designed to remain hardware-agnostic, Cisco - a vendor with significant clout - is arguably the current leader in the space. The company recently announced a new IBNS-tailored platform that will help drive industry standards around this technology.

Ultimately, IBNS builds upon the foundation of software-defined networking, robust automation, and orchestration policies, so you can consider these elements your gateway to IBNS (which likely won't be considered mainstream for several years). If you're already looking for SDN solutions, you're probably also already part of a progressive, dev-focused organization with resources dedicated to experimenting with new technology. This organization may even want to test IBNS sooner rather than later. That said, if a company cannot dedicate teams to focus on learning and understanding its intricacies and how to make it work reliably, SDN will not be a good fit. Implementing IBNS will add another layer of complexity that shouldn't be overlooked.

In the meantime, as with any new technology, intent-based networking will require a commitment to re-education and certification. Cisco Live! offers plenty of opportunities to familiarize yourself not only with the technology, but also gives you the opportunity to hear attendees' expert opinions on the future of its adoption and implementation. All of this can help you better prepare for the fundamental shift in network management that IBNS promises to deliver.

Working with IBNS: Best Practices
Integrating IBNS may not be in your network's immediate future, but there are still elements of its management requirements that you should be aware of and prepared for:

  • Monitoring as a discipline. One of the best, but perhaps most underestimated ways to maintain an effective network is to implement a comprehensive monitoring strategy. It is no different with IBNS. As with any new technology, some devices will be compatible and some won't. But ultimately, you need to implement a level of network monitoring that forces a deeper understanding of the entire delivery chain. With respect to IBNS, a broken service delivery chain can't be controlled end-to-end, which invalidates your intent-based strategy.

In terms of data collection and observability, machine learning is only as effective as the breadth of its observability of the network. Often, security-related activities are happening beyond the network's edge that should ideally be driving significant actions on the data center side. Imagine a potential hacker probing the very edge of your organization's security strategy. Those breach attempts indicate how the threat will move horizontally within the firewall, but if the service delivery chain is interrupted, these actions can be overlooked. The new VMware® AppDefense is an example of a tailored version of intent-based technology that can address these concerns.

  • Think differently. At a high level, implementing and operating IBNS necessitates a transformative approach to how you think about and work with your systems and networks. As a technology underpinned by machine learning, rather than simply programming configuration code, you need to approach programming as educating your systems to learn fundamental human patterns and better understand anomalies. This is particularly important for your security posture. Rather than thinking about the 2,342 policies that need to be configured to secure your network, think of the bigger picture. What are the primary business concerns and risks? How does that map to technology risks? What system compromises or customer data leaks would hurt your business enough to influence the type of security policy you develop? Keep this new paradigm in the back of your mind as you continue to develop your programming skills.
  • Prepare to code. Beyond working with intelligent systems, in general, as networks become increasingly automated, the ability to program and script code has become a necessary skill. IBNS technology will demand no less. If you don't learn to code, you risk being out of a job. If you cannot write code, you won't be able to write a security policy that works with intent-based services. Hands-on training through vendor initiatives like Cisco DevNet, which grows in popularity each year, learning Python® 101 or teaching yourself policy creation in Cisco's DNA platform will go a long way toward being prepared to introduce IBNS to your organization's network.

Final Thoughts
Intent-based networking, and the tools needed to correctly implement it, will be the technology that allows network administrators to take advantage of SDN across the delivery chain. Until now, it's been a limited span of control (or limited human resources) that requires a manual approach to managing policy. Because SDN is fundamentally moving the industry in the right direction, but remains generally too difficult to efficiently leverage manually, intent-based may finally make SDN a mainstream technology by going that last, extra mile.

More Stories By Patrick Hubbard

Patrick Hubbard is a head geek and senior technical product marketing manager at SolarWinds, with 20 years of technical expertise and IT customer perspective. His networking management experience includes work with campus, data center, high availability and disaster recovery, and storage networks, and with VoIP, telepresence and VDI in both Fortune 500 companies and startups in the high tech, transportation, financial services and telecom industries.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@DevOpsSummit Stories
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions need to be truly scalable. Far from it. There are at least six major pain points that companies experience when they try to deploy and run Kubernetes in their complex environments. In this presentation, the speaker will detail these pain points and explain how cloud can address them.
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations might slip up with the wrong focus, how to manage change and risk in all three areas, what is possible and what is not, where to start, and especially how new structures, processes, and technologies can help drive a new DevOps culture.
When building large, cloud-based applications that operate at a high scale, it's important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. "Fly two mistakes high" is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed how this same philosophy can be applied to highly scaled applications, and can dramatically increase your resilience to failure.
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more than 24 years of IT Operations experience with a focus on highly-scalable architectures.
CI/CD is conceptually straightforward, yet often technically intricate to implement since it requires time and opportunities to develop intimate understanding on not only DevOps processes and operations, but likely product integrations with multiple platforms. This session intends to bridge the gap by offering an intense learning experience while witnessing the processes and operations to build from zero to a simple, yet functional CI/CD pipeline integrated with Jenkins, Github, Docker and Azure.