Many companies today tout network automation capabilities in their hardware and software. Network automation means tasks are performed automatically. At the simplest level, it automates what used to be typed manually into command line interfaces (CLIs).
Some people equate network automation with scripting, but it’s a lot more. It can start with script-level automation, progress to intelligent network control, and at the highest level, translate network administrators' intent via policy.
Here are some different types of network automation:
Script-driven automation: Administrators (often DevOps staff) write scripts that automate changing the network devices’ configuration settings. RESTful APIs, Yang, Netconf, even traditional CLI-scraping or SNMP may be used. The scripts may be written in Python, Puppet, Chef, or other languages. The intelligence resides in the scripts. Many network operating systems support APIs, such as Arista EOS (eAPI), Cisco NX-OS (Python API), Cumulus Linux and Juniper Junos (PyEz micro framework).
Automatic configuration and provisioning: Automation capabilities such as provisioning are embedded into the network systems’ architecture. Many are considered standard features today, but often started their lives as automation features.
A basic example is DHCP since you don’t allocate static IP addresses for client devices. It's so fundamental that we don’t think of it as automation, but has become so useful we can’t think of deploying client devices without it. A more modern example for infrastructure networking systems is Brocade’s Zero Touch Provisioning for switch image and configuration downloads since it makes configuring switches a lot easier.
Automatic operation and management: Automation assists with day-to-day operations, such as reacting to events and reconfiguring device settings. There are too many items in this category to list here, but whatever takes manual tasks out of the “examine and react” loop qualifies. An example: Software-defined or hybrid-WAN systems that automatically steer traffic between MPLS WANs and Internet links if one goes down. (Examples of this growing area are Cisco iWAN, CloudGenix, Talari, Viptela, VeloCloud, to name a few).
Network security systems such as intrusion detection and prevention systems also can fall into this category, since they act as automated network sensors with appropriate corrective actions, such as blocking connections.
High-level orchestration: Integrating an SDN controller with other parts of the infrastructure enables orchestration of virtual machines, networks and storage in a coordinated manner. SDN has many definitions, but at the core level, separation of the data plane from the control plane enables the provisioning and configuration of these elements. Depending on the system capabilities, this may lead to app-driven networks. This means is that it’s possible to load apps that implement networking features into the network controller and those capabilities are rolled out to the network.
Before SDN, IT groups needed to deploy new firmware, or perhaps even new hardware to deploy new features. With SDN, decision-making behavior can be delegated to an app. For example, HP has an SDN App store to program OpenFlow-based networking devices. OpenDaylight, an open source SDN system, accommodates apps that plug into the system, which makes it extensible.
Policy-based networking: This is also called declarative-intent SDN, which means you describe what you want performed in the network, and the system has the smarts to figure out how to implement it. This is an advanced form of automation since it enables those who are not in the networking team, such as application owners, to define how they want the network to behave. Examples include Cisco’s Application Centric Networking (ACI) and Nuage Networks VSP. In the open source community, some examples are Group-Based Policy (GBP) and Network Intent Composition.
In my next blog, I will write about the benefits network automation offers IT organizations.