Avatar

Network Management is dull.  No excuses.  Monitoring and interacting with the devices that move data from one location to another is a thankless undertaking that most of us building networks leave to an afterthought.  Part of that is the complexity associated with managing networks.  There are at least a dozen common methods for interacting with devices in the network including SNMP, CLI, AAA, Syslog, Netflow, and fancy XML/HTTP interfaces.  So much variety breeds complexity so we tend to set our goals pretty low for interactivity with the network.

What if we had one common mechanism for interacting with the network?  Different devices running different software would all speak a common language to the applications managing and monitoring them.  Now what if that language was something the programmers writing those applications understood implicitly like an API library they could compile directly into their program?  That would make interacting with the network as simple as making a procedure call within the application.  That’s exactly what onePK – or the “one Platform Kit” – accomplishes.

OnePK is a set of APIs that allow programmers to make direct function calls within their application that result in extremely rich interactions with the network.  Programmers can do some pretty fancy stuff like changing routes in the network, making policy decisions about who has access to what information, enforcing security or QoS rules, and interacting directly with packets flowing through the network.  In the end however, onePK is basically a very fancy set of Lego blocks.  There are some impressive blocks in the set, but they really don’t build anything interesting until they get into the hands of the builder, in this case an application programmer.

For the last several months onePK has been in early field trials (EFT).  That means some of these experts have had a chance to play with the blocks and let their imagination run wild.  The applications they’ve been coming up with are impressive.  Much of these ideas are things we would never have imagined before releasing the API into the wild.  Here are some of the more interesting applications that have been created by API users that really blew us away:

  1. Video Quality Monitoring – IT departments everywhere are rolling out video in one form or another.  It’s a simple word, video, but it takes lots of different forms when it hits the network.  Is this a Skype video chat or a 3-screen Telepresence?  What about video multicast of the board meeting or the YouTube videos employees watch at their desk?  This application uses the deep packet inspection capabilities within the router to determine what video is passing through the network and what the end user experience for someone sitting in a remote office is for that video.  Without placing any specialized equipment in the remote branch, IT staff get an indication for the video quality remote users are observing.
  2. Custom Security Protocol – Lots of our customers do things with their network they don’t want us, or anyone else, to know about.  Most of the time these are government or military agencies with a very good reason for doing non-standard things.  With onePK, it’s possible to request a packet stream matching a set of requirements be spanned from the network.  The application can then do whatever secret packet manipulation, such as custom encryption algorithms, it needs to do before sending the packet stream back into the network.  Pretty flexible, and pretty powerful custom interactions with the network.
  3. Application Performance Monitoring – With the application recognition and reporting capabilities in Cisco devices today (see Application Visibility and Control), it is now possible to discover lots of detail, including performance characteristics, about the thousands of different applications traveling across your network.  What if an application could work with the network to uncover all the applications in use, then automatically determine the typical performance requirements for that application and even snoop in on or quarantine unknown applications?  That’s all possible with onePK now that business or security rules can be automated through applications interacting with the network.
  4. Dynamic QoS – One of the difficult problems in the broadband aggregation world is matching up the upstream and downstream QoS on both ends of a DSL or other broadband connection.  This application takes the guesswork out of that configuration and can even adapt when things like the DSL modem train rate changes due to things like interference.  The application detects the upstream and downstream bandwidth at the hub and spoke. It then automatically configures the correct QoS profile at each end of the connection.  That’s something that takes an army of highly trained installation technicians without onePK.
  5. Business Based Routing – Networks are great at moving packets around the network in the most efficient way possible.  Traditionally that means taking the highest bandwidth or least congested route.  However, there’s a business layer above the network that guides many of the decisions we make.  This application dynamically changes the route packets take through the network based on real-time business information.  Information such as operating costs, latency requirements and operating hours can be used to take the most cost-effective route through the network.

OnePK is ushering in a new wave of Software Defined Networks (SDN) in which applications simply ride on top of the network without any interaction.  Applications using onePK can now be written to tightly integrate with the underlying network adapting and using the intelligence that lives there.  These examples are just the tip of the iceberg.  As more application programmers get their hands on the onePK APIs, expect to see more exciting applications that interact with the network in ways we can’t even imagine today.