The What
Network Automation, as the name implies, is the process of automating networking tasks such as the configuration, management, testing, deployment, and operations of physical and virtual devices within a network.[1]
Historically, networking tasks have been performed manually. In fact the ‘Gartner - 2019 Strategic Roadmap for Networking’ states,
Approximately 70% of data center networking tasks are performed manually, which increases time, cost and likelihood of errors, and reduces flexibility.
However this statistic is changing; more than 60% of data center networking operational activities will be automated by 2023.[2] But why the sudden change? This change can be aligned to 3 major trends within the industry:
- More efficient and flexible data representation formats (such as JSON and YAML) have gained mass adoption.
- Vendors are incorporating automation features into their platforms (such as NetConf/RestConf/Yang),
- The increase and maturity of tools and projects in the open source ecosystem (such as Ansible, Nornir, Napalm, Netmiko, Batfish).
The Why
But why do we need network automation? I mean, do we really need it?
Typically there is a big misconception that the goal of network automation is purely to reduce network configuration deployment time. Although there can be no argument that this is a key outcome to network automation, this is only just the beginning to what network automation has to offer. Below shows some of the key wins that network automation can offer.
- Compliance and validation: Automating the validation and compliance of the network has previously been time-consuming, and prone to human error. By automating compliance and validation your network infrastructure security stance can be greatly improved.
- Automation of repetitive tasks: This can come in different forms, such as updating a database or even CSV file for new devices that are being deployed to the network, assigning VLANs and/or IP addresses, updating the description of multiple interfaces on multiple devices, or getting a report of UP/DOWN links out of a set of devices.
- Standardisation: A good side-effect of automated processes on the network is the promotion of standardisation. You can mandate device and service configurations, reducing snowflakes in your network. This reduces the potential for networking issues due to incorrect config changes and also makes the network easier to troubleshoot.
- Reduce human error: This dovetails into the compliance and validation point mentioned earlier; when you have tools/scripts that help you at the verification level, network configuration changes are far safer to deploy and human error is reduced.
- Collaboration and integration: Network automation links multiple parts of network administration together with the help of software tools already used in the sysadmin world. ChatOps systems like Slack/Mattermost/Microsoft Teams can make a team aware of configuration changes happening in a Git repository and changes being executed by an Ansible playbook or python script. Technologies like Splunk/Elastic integrated to Opsgenie/Pagerduty/Victor Ops can alert you of events and logs on your network..
- Improved monitoring and correlation: With streaming telemetry or standard monitoring techniques network activity can be correlated with logs and events from multiple systems (routers, switches, firewalls, load balancers, proxies, etc.) to answer questions like:
- How many users are using a public API endpoint? From what geographic location is traffic hitting our API services?
- These servers are reporting high CPU usage and the amount of network sockets open is much higher than before, is the traffic from internal services? If it’s traversing our firewall, where is it from and is it legitimate traffic?
- There was a fibre cut, can I correlate the links flapping/going down against the amount traffic coming to service X?
- Intent-Based Networking: Although a broad term, network automation is key in achieving intent-based networking. You need awareness of automated implementations and deployments in order to reach the desired network state, and this is based on translation of command output and protocol status that describe the end state of the network.
In summary, network automation provides 3 major benefits:
- Reduce human error when network changes are made.
- Reduce the time required to perform network changes.
- Reduce the human resource cycles required to perform network changes.
References
"What is Network Automation - Juniper Networks." https://www.juniper.net/us/en/products-services/what-is/network-automation/. Accessed 19 Jan. 2020. ↩︎
"Gartner Report: 2019 Strategic Roadmap for Networking." https://go.apstra.com/white-paper-gartner-2019-strategic-roadmap-for-networking. Accessed 20 Jan. 2020. ↩︎