Intent-based networks: the new frontier of network administration

The evolution of configuration management software has drastically reduced repetitive and time-consuming network administration tasks. Script management software eliminates the need to manually update scripts in command line mode (CLI) and eliminates the need to manually update devices one by one.

These products eliminate many routine and error-prone tasks, but they only automate manual processes. Administrators must always determine the network resources that applications need, and then configure the network to support these applications.

“Intent based networking” solutions introduce a new change by streamlining network configuration management tools. Now, instead of spending time on configuration management details, network managers can focus on business requirements, applications, and services.

Prior to intent-based management, administrators needed to determine all common scenario settings in network configuration management tools, as in the following cases:

Details of a computer with attached network cables inside a data center

Provide multiple user groups with access to sometimes different and sometimes common sets of resources, while maintaining isolation between data flows;

Deliver different levels of service for each group.

There are multiple ways to ensure separation and to meet SLAs : separate virtual LANs, separate subnets, VPNs, or separate link routing can all meet the requirement. objective of the policy. With intent-based management, network managers no longer need to invest time to determine the right approach and then configure all detailed parameters.

Instead, the network determines whether the policy can be respected, as well as the most effective ways to implement it. And it generates the configuration parameters needed to implement the appropriate service.

Once configured, an “Intent based Networking” network continually monitors operations to ensure that the intent of the administrator is respected. If the conditions on the network change – for example, if the chosen option no longer meets the requirements of the defined policy or if a different option would be more efficient – the software reconfigures the network without requesting the intervention of the manager.

An emerging offer

Several vendors have introduced intent-based systems or enhancements to their existing products, including Cisco, Jupiter Networks, Huawei, Apstra, Forward Networks and Veriflow Systems.

Cisco announced improvements to its digital network architecture (DNA). Network administrators specify policies through the DNA Center component. The automation software then creates the specific directives needed to configure the network to execute these policies.

Software components are responsible for continually monitoring the network to ensure that policies are always followed. Otherwise, the software reconfigures the network to restore proper operation. The software uses machine learning based on accumulated observations to determine if there is a more efficient approach. If yes, the software reconfigures the network. The first switches to support Cisco’s “Intent Based Networking” initiative are the Catalyst 9000 series campus switches .

Juniper Networks is developing E2, an SDN controller based on its existing SDN controller, Contrail . E2 will add intent-based capabilities and, like Contrail, will be maintained as an open source project and will not necessarily require Juniper hardware.

Huawei unveiled last June its “Intent Driven Networking” approach for campus networks under the name CloudCampus. The latter is based on a new version of its CampusInsight solution and on new generation equipment such as the S7530-HI and S6720-HI series Ethernet switches or X-Gen Wi-Fi access points.

Apstra announced its Apstra operating system (AOS) to significantly reduce the cost of configuring and managing a multi-vendor network. Network managers specify a policy, and AOS relies on a set of templates to implement this policy.

The choice of model is based on the current state of the network. The AOS then uses a guideline-based template to configure the network. Managers can customize the templates as needed.

Several models are used to specify a strategy. Top-level models can describe a policy visible to the end user, such as an application SLA. Top-level models call lower-level models to specify the details of the multiple requirements required to satisfy the higher-level policy.

Forward Networks offers products that verify the proper functioning of intention-based networks. Forward’s Essential software collects and organizes network data, while the “Enterprise” version creates a mathematical model of network status and uses it to check network performance.

Veriflow software collects detailed information about the status of each device in the network and uses a patented formal verification technique to ensure that the specified policies are followed.

The first users tempted by these solutions must ask themselves difficult questions: will the software based on the intention generate correct configurations in all the cases? Will administrators have enough knowledge about network configuration to find and solve problems if something goes wrong? Can network administrators change configurations without a corresponding vendor patch being made to the automation software? Finally, if the software determines a more efficient mode of operation, will managers be able to understand the reason and will they understand it?

Like many network technologies before it, “Intent Based Networking” will need to be refined before being widely adopted. Network administrators must be prepared to thoroughly test products before considering putting them into production in their networks.

Leave a Reply

Your email address will not be published. Required fields are marked *