Intent-based networking technologies today
Cisco made a big splash earlier this year when it revealed its vision for the future of networking: an intent-based networking system that allows users to specify what they want the network to do and management software that automatically orchestrates it.
Since Cisco’s announcement, intent-based networking (IBN) has caught the networking industry’s attention and has seemingly become the buzzword-du-jour. Some see it as a logical evolution of advanced network automation. Others believe it is a fundamental shift in how enterprises use machine learning to autonomously manage networks. Meanwhile, all types of vendors, from stalwarts of the industry to myriad start-ups are jumping on to the IBN bandwagon.
Analysts who track this market say it is nascent. Cisco says it has some IBN functionality in its Nexus line of switches and will roll out intent features in its Catalyst line. Many vendors, particularly start-ups, offer parts of an IBN system.
“Make sure you understand what the vendor means when they say they offer intent based networking,” recommends IDC data centre networking analyst Brad Casemore. “Interrogate them a bit, find out what they’re proposing, whether its applicable to your environment, how it will integrate in your environment and whether your staff can pick it up and run with it.”
What is intent-based networking?
Research firm Gartner has defined intent-based networking systems as having four components:
- -Translation and validation: This refers to the ability of an IBN to translate what a network administrator wants the network to look like into actions the software takes to enforce those policies.
- -Automated implementation: IBNs automatically create the desired state that has been requested by the network administrator.
- -Awareness of state: A key component to an IBN is its ability to have a deep understanding of the state of the network and everything happening inside it.
- -Dynamic optimisation and remediation: IBN adapts to changes in the network to maintain the desired state of the network.
Here is a list of some of the different ways end users can begin using intent-based networking systems today.
Cisco’s dual approach
Cisco is integrating intent-based networking functionality into two of its product lines: Both the campus Catalyst switch line and the data centre Nexus products. The announcement just before Cisco live was all about new Catalyst 9000 switches that when combined with new functionality in the company’s Digital Network Architecture (DNA) management platform will allow users to create an IBN that includes policy creation, provisioning and verification. Cisco says some of this functionality will be available this fall, and other features will be available later this year or next year.
Cisco also has an IBN strategy for its popular Nexus data-centre switches. Cisco’s director of product management Mike Cohen says when customers combine Cisco’s Application Centric Infrastructure (ACI) — its flagship software defined networking product — with its Tetration network analytics and visibility platform, then they get IBN functionality. He says ACI is fundamentally a way for users to automate the orchestration of their network.
“It allows users to describe the security policies, the connectivity policies your apps need, and that’s what it will automate across the network,” he says.
Tetration, the advanced network analytics product, can be used with ACI to monitor the network. “Tetration is really good at learning and discovering the application intent,” Cohen says, adding that the analytics system uses sensors placed throughout the network to capture packet-level information about workloads running on the network. “ACI lets you identify the policies you want, Tetration can figure out the intent, based on observing the behavior pattern of the network.”
Juniper jumps on IBN
Some Cisco competitors are jumping in on the intent-based networking market, too. Juniper’s CTO of engineering Kireeti Kompella argues that the company’s open source Contrail software defined networking controller has IBN-like functionality.
“The ability to express what you want at a high level, and then have automation implement that policy, that takes a huge burden off the operator,” he says.
While that may not be a full-fledged IBN system, he argues that it meets most of the definitions of an IBN as defined by Gartner. Juniper markets Contrail as working across any network hardware and OS models.
IBN focused start-ups
Even before Cisco’s entrance into the IBN market, some start-ups were already talking about the idea of allowing users to specify their intent and having a software platform orchestrate it.
Apstra, a start-up founded in 2014 that released its first product in July of 2016, claims to be one of the original IBN companies that was developing this functionality before Cisco’s announcement. Apstra CEO and Founder Mansour Karam likens the emergence of IBN to a self-driving car: The self-driving car looks just like any other car, but it’s equipped with state of the art sensors and automation technology that offer the driver an autonomous experience.
“We’ve built a layer of software, an OS for your network,” Karam explains. “It runs and operates the network in an intent-driven way. It delivers on the autonomous experience.”
The company has developed the Apstra Operating System (AOS), which controls and orchestrates network resources. Apstra also has a distributed data system that monitors the current state of the network and analyses changes that are being implemented in it. AOS is hardware-agnostic, meaning it’s an overlay software that can run on any hardware vendor’s products or on white-box switches. AOS can design templates for what the network should look like, build blueprints for how that vision should be implemented, then control the resource and device management to deploy the configuration. As it does so AOS gathers telemetry data to perform real-time analytics about the state of the network and to detect anomalies that are inconsistent with the desired network policies.
Model and verify the network
There is another set of start-ups that offer important components of an IBN system. David Erickson, co-founder and CEO at Forward Networks says he breaks the IBN market into two categories. One is the creation and enforcement of network configurations, which instantiate the desired policy on the network. He says this is primarily for net-new, so-called “greenfield” deployments of IBN, and companies like Apstra and Cisco are working on this.
The other side of the IBN coin, he says, is modelling the network to understand how the network is operating and how changes will impact it.
Forward Networks, which was founded in 2013 and has received multiple rounds of venture financing, creates a software copy of a customer’s network. Using this copy, customers can test a potential change to the network before implementing it. They can verify that changes have been made and roll back changes that cause a problem. This can be done to existing networks, allowing customers to get a taste of IBN functionality without a full-fledged IBN deployment., he says.
Veriflow is another company that creates a predictive model of the network and analyses all possible traffic flows through the network. “It’s like a Google Maps for your network,” says CEO James Brear. This allows users to verify and ensure that their business intent is being met in their network, and the company markets its products as helping to prevent outages and vulnerabilities.
“Verification is a critical part of the picture,” Veriflow co-founder and CTO Brighten Godfrey says. “It may be the most important part because in a sense, if you automate without verification, then you’re increasing your risk by taking actions faster than you know what is happening in your environment.”
Both Forward Networks and Veriflow, though, do not claim to offer all the components of an IBN; namely they do not yet offer an orchestration software that will implement intent-driven network policies.
IDG News Service