What is Network Automation?

Automation is a technology or tool that enables a particular task or series of functions to process without human intervention. To consider a process automated it must meet the following criteria:

1. A source of power to perform a function
2. Controls to provide feedback
3. Machine programming

What is Network Automation?

When applied to Networking, automation refers specifically to completing tasks revolving around networking devices, such as firewalls, switches routers, and switches. The functions automated for these devices include the validation of configuration settings, cluster availability, and enabling or disabling features to deploying new services without human intervention. Network Automation is broken down into a scale of separate actions based on complexity and the level of risk involved. For example, running  scripts for validating configuration settings contains a relative amount low risk and a low level of complexity. Conversely, automatically implementing changes to your network configurations can be highly sophisticated and involves a high level of risk.

Starting with Network Automation

If you are a business in an industry where your network needs to be up and running, nearly all times of the day, automating configuration changes to your firewalls could result in downtime if the automation scripts are using the incorrect commands or logic. As a result, when starting out with Network Automation, we suggest automating tasks that have a low level of complexity and expanding your automation from that. For example, if there is a process that takes a certain number of steps, and you can quickly automate a fraction of the process, then the section that is automated can become the foundation to build off of, to reduce the risk of automating tasks with higher levels of complexity.

A Day in the Life of a Network Engineer

We interviewed a Network Engineer to run through their typical day at work, the obstacles they must overcome on a daily basis, and the solutions they use to make their lives a little bit easier. The full video can be found here. Below is a short summary of the interview.

In the morning, they start by sifting through alerts and reports that have accumulated the prior night. Having Indeni provide valuable alerts is extremely helpful in this process, as when I receive a notification from Indeni, I know its an important issue. They also sift through the alerts of other systems which tend to send out white noise more often than not. After that, their team hosts a scrum meetings, and go through the developments on the different teams (Network and Security teams). After the meeting, the teams go into their large scale projects, where they spend a couple of hours working with the rest of the team. After the noon break, the team goes back to work on more standard items such as answering questions from users. Automating responses to users for questions such as “Is this SPAM?” is a large goal for them.

Starting at around 2:00 in the afternoon, they start to work on maintenance and troubleshooting. If there’s an issue that is not notified by Indeni and I don’t have a solution ready, I’m able to go onto Indeni Crowd and post a question that provides valuable feedback from other users, and typically end up with a solid solution/answer. Questions that receive traction turn into a ticker for Indeni Knowledge Experts (IKEs) where the issue is evaluated whether or not it becomes a new feature request.

Automated Decision Making

Forms of Network Automation have decision-making capabilities, wherein in a given scenario we’ll refer to as scenario A, the automated task will have a different output than in scenario B. In  the field of networking there are many reasons to have decision-making capabilities in your automated processes are limitless. The main reasons include:

1. Error detection and troubleshooting
2. Performance Monitoring
3. Device Interactions
4. Process Optimization

What is the history of Network Automation?

The first practical use of automation revolving modern technology outside of switching machines used to transfer phone calls is the local area network.

For the last decade the server industry has leveraged automation to increase the productivity of their teams. DevOps has become the industry standard for how Server Operations meets business needs (source: State of DevOps 2018 by Puppet Labs). While server operations teams were automating server tasks, security and network teams we’re managing devices, such as firewalls, largely one by one. Network admins used CLI to configure devices, and “automate” tasks with TCL scripts, manually checking the health of a device with each command run.

Why weren’t the same DevOps technologies applied to network and security devices? One major hurdle to apply these languages to network and security devices is that the operating systems are not standardized. For example they are proprietary vendor-built operating systems are based on known operating systems like Linux, but the commands and ways to extract data and interact with the operating systems vary. This prohibits the server automation platforms from being able to support network and security devices, and each language has a high learning curve for non-developer IT professionals.

Without proper experience using CLI commands for that device, a well meaning administrator could cause unintended consequences. A simple example of this is leaving Debug mode enabled after manually completely health checks via CLI. With this setting enabled network resource utilization spikes, and could cause an outage over time.

With the growth of cloud based offerings and availability of public APIs from network and security vendors, NetOps and SecOps can finally start to scale their operations. Gone are the days of hand-typing commands into network devices one by one. You can ensure your network is operating as intended from installation through the entire device life cycle by expressing the actions you’d like to take as code.

What are the benefits of network automation? 

With IT becoming increasingly complex and needing complete and constant connectivity it is difficult to see how a business can succeed without reliable network automation software. Many benefits can be attributed to effective network automation systems, the most important one being efficiency followed closely by cost. Let us have a look at these benefits, and others, in detail:

  1. Keeping down the costs is fundamental to the success of any business and having an open network automation platform will both increase efficiency and also reduce costs.  The elimination of manual tasks provides for faster and more efficient work completion.
  2. Human error reduction – by reducing the need for human intervention there is an immediate reduction in network errors meaning your business runs more smoothly and more efficiently.
  3. Ongoing  analysis – due to the accumulation of data from multiple sources, and the frequency in which changes in the network occur, a broader picture can be seen allowing more detailed network analysis, giving insight into performance of end-user facing services, stability of infrastructure  and security. 

Features of Indeni network automation

As we covered earlier, in order for a business’ network to be efficiently automated it needs three components

  1. A constant input of what and how to carry out a function.
  2. Controls for activating changes and incorporating feedback 

The Indeni network automation tool supports all the digital technologies within your business. This leaves your IT team free to focus their expertise in other aspects of their field that will help grow your business.  

Below are some of the features that you will find as part of the Indeni network automation tools:

  • Grow capacity – CLI commands are automatically run without the need for keyboards
  • Ensure high availability – if there are inconsistent configurations, they will be picked up through 24/7 monitoring
  • Capture historical data – data – both performance and configuration – is gathered from firewalls, routers and web proxy vendors. 
  • Advanced monitoring – where data is not collected through SNMP based tools, Indeni will access and analyze data and increase visibility.
  • Perform health checks – the Indeni features used for network automate will constantly assess device health by monitoring 24/7. 
  • Quick and efficient troubleshooting getting to the root of the problem.

This list is not exhaustive.  Indeni gathers and analyzes performance and configuration data.  If a problem is detected you are informed but not only, you are given the means to resolve the issue.  The Indeni platform provides consistent, enterprise quality content 24/7 through:

  1. Crowd-sourced IT learning
  2. Ongoing complex issues detection and triage
  3. Real-time IT performance notification

Indeni connects to existing systems and integrates with network automation tools, configuration management, emailing and ticketing systems to carry out advanced network monitoring functions.

What is the future of network automation?

There is an unavoidable trend in the move towards automation in every aspect of life, including within the workplace. The idea of automation, however, is not always met with enthusiasm by everyone, as it brings with it uncertainty and change.  Change is always scary, especially when job security is at risk. Many IT operators want to resist the move to automation because they fear that their positions will be made redundant or that they do not have skills that can be used elsewhere. On the other hand, many forward-thinking people embrace the idea of automation as a means to take tasks off their plate, by staying up to date and prepared for the change,  even looking forward to re-training or expanding their role. 

Overloaded systems still relying on manual configuration (resulting in manual errors) are the reason many organizations are looking to solutions, such as Indeni, to help manage and monitor devices.  

The Indeni solution for your ever-evolving company offers advanced learning technology, the globally-sourced network security  automation platform offers a unique database for network infrastructure. You have access to a base of automation scripts across maintenance, high network visibility, security, compliance, vendor practices and more.  

The future of network automation signifies creativity and movement.  That means that where networks once upon a time were static, expensive, complex, we now know that we have the ability to adapt them, be more creative and provide for demanding companies who expect their network systems to do more for them, providing maximum value, and who want to squeeze the last resource out of them. Automation will force IT to be creative and fluid, adapting to the demands of its users.    Networking will have to keep up with the trends and needs of customers. The Indeni platform , and team behind it, provide an innovative solution to network automation. The team behind the product have all the characteristics needed for future network automation: experienced , agile , innovative:  give us a call today and we will guide you through your choices. Our expert team are only a phone call away to validate your company’s network configuration that will launch you into the next chapter in your company’s future!

Choosing the right Network Automation Platform

The most important aspect of deciding what network automation platform is right for your business is identifying what problems currently exist from either a network perspective or a efficiency perspective. An important thing to note, is understanding the scale of your network. For example, if you have a limited number of devices in your network or a solution from a vendor such as CheckPoint, and have the engineers certified in that solution,  working within the CLI (Command Line Interface) should suffice for your business needs. However, CLI has scaling limitations, especially when introducing a larger number of devices. Keep in mind, when you introduce new vendors into your network environment, the knowledge of your engineers is required to double considering every device has its on language; increasing the difficulty of retaining all of the commands for each solution. Here’s a list of challenges many customers run into with CLI:

• Users do not have the knowledge of the commands to run via CLI
• Users do not have the time to login to devices manually to check system health
• They are not able to collect data quickly in troubleshooting situations to prove or disprove the networking devices are to blame for the performance issues or outages

When reaching this threshold of CLI capabilities, its important to start looking elsewhere for automation solutions.

The next step it to identify the tasks that are eating the most amount of time for your IT team.

Based on the previous criteria, identify which automation platforms integrate with your vendor. While in-house solutions have their benefits, one of the setbacks in when there are large changes required to be made in the solution which require a large amount of testing, in addition to having to retrain new employees with a product that is not universally IT operations-ready. Here’s a guide that explains the different types of network automation.

Once you have a set list of network automation platforms selected, identify which aspects of your processes you will be automating. Subsequently, the IT team should implement an audit on the network and place ensure that network devices align to performance and configuration best practices. It is important to understand that with automation, there is always more to do and that continuously improving the integration of your automated processes to impact more aspects of your business.

In today’s multi-vendor networks, the largest obstacle in the way of efficiency is complexity. The increasing flow of information and data is too overwhelmingly large to be managed through humans alone. For IT teams to have a network functioning properly, they must automate their processes in addition to needing orchestration. While the implementation phase may leave some setbacks on your team and network, the future return on investment is exponential.

Indeni is the source of network and security knowledge for IT. Through our open development process in our community, certified IT professional express health checks and network validation tasks as code. Indeni’s Knowledge language is based on AWK, a familiar language for many non-dev IT professionals, that was built for text processing. Indeni code is tested, refined and published through the Indeni Automation Platform to our customers around the globe. This continuously refreshed, out of the box knowledge enables leading organizations such as Visa, Blue Cross Blue Shield and Government entities to ensure their networks are highly available, and meet operational excellence standards.  If you’re ready to start your journey to automation, download Indeni.

BlueCat acquires Indeni to boost its industry-leading DNS, DHCP and IP address management platform to help customers proactively assess network health and prevent outages.