August 6, 2022

How is automated network configuration and management evolving?

Traditionally, network configuration was a manual task of typing command line interface instructions. Automated network configuration aims to simplify these tasks.

Intent-Based Networking (IBN) products give network engineers the ability to describe high-level computing goals, and the system automatically translates those goals into network metrics. While this is a laudable goal, most IT groups only design a network occasionally. Much of IT’s time is spent on routine operational tasks, such as updating existing settings, testing new settings before widespread deployment, or rolling back erroneous changes. What tools can help automate these tasks?

Although IBN systems can facilitate operational tasks, many network engineers may not be ready for these new services. However, conventional vendor-provided tools, such as Cisco Prime Network Change and Configuration Management, can manage current configurations and archive old configurations to enable restoration of previous settings and facilitate auditing and regulatory compliance.

For multi-vendor environments, you can use multiple vendor-provided tools or the DevOps style of template-based scripts written for configuration management systems, such as Ansible, Chef, or Puppet. For example, Junos OS by Juniper supports all these systems, but you need to learn these scripting languages.

Automated network configuration merges with verification

Network testing is a complex task, but a new generation of network verification tools can help you. Although not yet common, these tools provide the ability to model a network’s intent and automatically verify that live network configurations meet those objectives, such as whether ACLs deny correctly access certain subnets from specified IP prefixes.

Startups and established vendors provide these types of network verification tools.

Eventually, the combination of automation tools could help with design, implementation, and testing to deliver an end-to-end service. However, we don’t have to wait for all of these tools to become mature and widely available. Using them today can help – compared to error-prone manual methods.

This was last published in March 2019

Deepen network management and monitoring

Source link