Intent-based networking (IBN), a form of network administration that uses machine learning and deep analytics to automate network management and maintenance, is rapidly gaining popularity, yet much confusion remains about its application and potential benefits. "IBN systems take a business intent as input and automatically identify a desired state of the network to meet the business intent, and then allocate network resources to create the desired state and enforce corresponding network policies," explained Yan Huang, an assistant professor of business technologies at Carnegie Mellon University's Tepper School of Business.
IBN systems also dynamically monitor and maintain the state of the network. "Machine learning and optimization tools are used to find the best way to achieve the desired network state, and automatically implement corrective actions when needed," Huang said. "As a result, compared with the traditional rigid and manual approach, IBN can reduce the complexity of network management and maintenance, improve the agility of the network, enhance network performance, and minimize the risk of errors and failures."
IBN's most touted advantage is its ability to provide an operational abstraction of an enterprise's overall network infrastructure. "Getting full visibility allows you to easily map and translate the high-level Intent into lower-level CLI-based network constructs," explained Fabrizio Maccioni, technical marketing director at network management software provider Forward Networks and a former software engineer for Cisco Systems. "This [ability] enables a smooth transition from a hard to manage CLI-based imperative approach to a more manageable intent-based declarative approach," he said. "In many cases, a prior network infrastructure's configuration, policies, and design can be detrimental to this process—and interfere in new network automations,” Maccioni warned.
Although a powerful and highly useful technology, IBN isn't an appropriate match for all enterprises. Huang noted IBN is most suitable for "organizations that face fast-growing network scale and complexity [issues] and require high network performance and security."
Jeremy Wirtz, a senior technical engineer for IT services and support company Guardian Computer, observed that IBN can be particularly useful for enterprises that require stronger network security, must meet network compliance standards, or that need to free network administrators to focus on other tasks. "IBN can handle a number of tedious manual tasks, such as network configuration and verification, as well as search and remediation," he said. Wirtz added that the approach can also open the door to faster troubleshooting and remediation, as well as enhanced analytics and predictions. "Given these significant benefits, IBN is an excellent way to make organizations more proactive about their networking, improve their internal processes, and reduce human error."
Huang suggested that the best way to get started with IBN is with pilot deployments targeting small-scale, well-defined use cases. "This will provide an understanding of the methodology underlying the technology and demonstrate the value and impact of IBN," she stated. "Then the organization can decide whether and how to expand it to the rest of the network."
The ideal way to get started with IBN is with a completely new network infrastructure since a greenfield deployment allows the technology to be installed with no pre-requisites. Yet most organizations planning to deploy IBN have to deal with existing network infrastructures, Maccioni observed. "For brownfield deployments, having full visibility of the network infrastructure beforehand is absolutely key to the success of implementing an IBN solution," he said.
Wirtz, meanwhile, stressed the importance of network testing and verification. "You’ll need machine learning software that's able to effectively analyze your network and its behaviors, as well as identify potential vulnerabilities ... that violate your defined policies or intent," he said. The IBN system should also be able to support search and remediation, compliance reviews, and network documentation updates. "If possible, an IBN system that can offer proactive network changes to achieve better outcomes in the future is especially beneficial," Wirtz added.
Maccioni urged new adopters not to get carried away by IBN's automation capability. "More often than not, organizations are laser-focused on automating the configuration component of IBN," he observed. While IBN automation is very powerful, it can also be very dangerous when proper safeguards aren't observed. "It’s like driving a Ferrari at full speed with the wheels of a vintage car," Maccioni warned. "Testing and verification are essential for a successful IBN solution since they allow network teams to validate the IBN before it’s pushed to the production environment."
A final observation
While many IBN experts believe that selecting the right tools is the biggest decision facing new adopters, there's actually an even greater issue that needs to be addressed. "I strongly believe that the most difficult component is … the cultural shift," Maccioni said. "This is where practices like DevOps can help in breaking silos between [allowing] organizations to come together and build effective CI/CD workflows based on IBN."