Intent-based networking comes to the data centre
1 February 2018 | 0
When the Cisco unveiled its intent-based network system (IBNS) solution at its “Network. Intuitive.” Event last year, that version focused on bringing the concept of a “self-driving” network to the enterprise campus and was dependent on customers having the new Catalyst 9000 switches. Cisco’s solution works as a closed-loop system where the data from the network is collected and then analysed to turn intent into commands that can be orchestrated.
To accomplish that, Cisco’s IBNS requires two components: translation to capture intent, translate it into policy, and check integrity, and activation to orchestrate the policies and configure the systems.
The new third leg, assurance (which constantly verifies configurations), looks for insights and takes corrective action. While this is being rolled out as part of the data centre IBNS release, it is likely assurance will also be part of the campus solutions too. This is the component that turns an automated system into an autonomous one.
However, the data centre is where assurance is badly needed. It is the place that has all the big enterprise applications, private clouds and company data. Campus outages are certainly no fun, but the stakes are so much higher in the data centre. Because of the importance of the data centre, when things go awry, network professionals often find themselves in firefighting mode. Changes are made on the fly and not documented, and configurations are often out of compliance, which can lead to bigger problems in the future, such as an inability to fully understand if the current state of the network meets the intent of the policies.
Cisco’s new Network Assurance Engine (CNAE) will ensure that the infrastructure actually does what the business needs it to do. In the case of the data centre, the intent encompasses data centre operations, including configurations, routing, security, virtual machines, audits and meeting compliance.
CNAE adds value to business
Despite the rather unimaginative name, Network Assurance Engine can provide significant value to business through the following ways:
- Predicting the impact of changes. Changes can be tested before they are committed to, enabling operations teams to have a higher degree of confidence in the changes that are made. According to ZK Research, human error is still the largest of component of downtime, and Network Assurance Engine will catch those before they are implemented. This will lead to accelerated migrations and greater change agility.
- Proactive verification of network-wide behaviour. Network Assurance Engine constantly analyses the end-to-end network and will see problems before users start calling, keeping network operations out of firefighting mode. This can reduce or even eliminate unplanned network downtime.
- Assure network security policy and compliance. Maintaining security policies in a constantly changing environment is nearly impossible to do if the network is managed manually. Network Assurance Engine can continuously monitor the network and will instantly see when something is out of compliance. Additionally, it provides a fast and easy way to prove that the data centre is within the company’s or industry’s mandated policies.
CNAE is one of the most advanced technical solutions Cisco has ever built. It collects a massive amount of data, including policies and the state of everything, and then creates a mathematical model of the entire environment, including underlays, overlays and virtualisation layers. Cisco then applies machine learning-based analysis to the models to do the validation, error checking and provide remediation steps.
Running a data centre is hard, but it is made even harder because the operations teams always have to react to outages. Cisco’s Network Assurance Engine should alleviate much of the pressure IT feels today by offloading many of the mundane tasks, enabling IT to focus on things that are more strategic to the organisation.
IDG News Service