This blog is one in a series focusing on aspects of Cisco DNA and intent-based networking: #IntentBasedNetworking
You’ve probably read a hundred articles, blogs or documents about network automation. Given its promised benefit, it’s little wonder. Unfortunately, automation claims have become so ubiquitous and nebulous that the term is rapidly approaching buzzword critical mass. Maybe that’s why Gartner says that 70 percent of enterprises find network automation challenging.
That’s a shame. Because real automation—I mean automation that looks at the entire network through a more holistic lens—can be a real boon for network users and administrators. In fact, I’d say it’s essential. Networks are just too big, too complex and too important to be left to manual processes.
So, what then should automation look like? What makes automation truly comprehensive and effective? It’s not just automation of a few processes here and there. Rather it’s automation that encompasses the entire network, helps you streamline key management tasks, and helps you shift from rote step-by-step processes to more strategic intent-based networking.
To deliver this level of effectiveness, network automation needs to address five key capabilities:
- Visibility
- Intent
- Deployment
- Management
- Extensibility
Let’s unpack this.
Visibility
You can’t manage what you can’t see. Automation should give you end-to-end visibility into all the devices on your network. It must automatically discover routers, switches, controllers, appliances, and access points to create an inventory of your network, inclusive of software versions and locations. Then it must provide a single pane of glass for continually monitoring those network devices and segments.
For Cisco, Cisco DNA Center provides this critical capability. With this simplified management dashboard, you can simply plug in a compatible device and your Cisco DNA network automatically determines what it is.
Intent
Intent is the real difference maker for automation. You should be able to define how you intend your network to operate. Network automation should then translate that intent and use it to drive the operations it automates. For instance, if you define the policies that govern user access applications and devices, the network should automatically make the required changes and enforce the necessary segmentation to execute on your intent.
Again, Cisco DNA Center provides this critical capability for your network. It enables you to define device configurations, segmentation and access policies, then determines how to ensure that intent cascades across the network. This intent-based network controller is constantly learning and constantly adapting, so it pushes the right policies and configurations to the right devices and locations. As you intended.
Intent is the real difference maker for automation.
Deployment
Automation should make it easy to add or upgrade your network hardware. It should first determine the type of device that’s attached, then, by referencing your intent, it should deploy the device with the right configuration and software image. All without your intervention.
For Cisco, Cisco DNA Center provides this capability. You can either pre-assign your Cisco devices to a site and, by association, a specific software image and network profile/configuration, or you can claim the devices and manually assign them. Your call. Through our plug-and-play agent, the newly added devices automatically discover Cisco DNA Center. If it’s pre-defined, Cisco DNA Center will detect the device when it shows up and automatically deploy it according to your intent. If you choose to claim the device after the device shows up in Cisco DNA Center, you can assign it to a site and confirm the site configuration options. You can even claim and assign multiple devices at once.
Management
Networks live in a constantly changing world. Even if you don’t add new devices or users—which isn’t realistic—you still need to make changes to the network, update software and continually manage network operations. You know this is no easy task. Managing a network without some level of automation can typically be three times as expensive as deploying a network. Network automation can greatly reduce the cost and burden by continually monitoring software images. It can ensure that all devices are configured with the correct and most current images.
Cisco DNA Center provides a comprehensive software image management capability that ensures consistency and optimal performance across all the devices on your network. You can determine the right configuration and deployment for each device at each site. As soon as you designate this image as the standard, or “Golden Image,” Cisco DNA Center makes it easy to ensure all devices at every site are using this image. The management dashboard continually monitors your devices to ensure they remain in compliance. Then, as new features, patches and security advisories are issued, you are notified of the changes. You can incorporate the new images, define them as “Golden” and automatically deploy the revised images throughout the network. You can even run pre- and post-test of the configurations to determine the impact on your network. As a result, your operating systems are always up-to-date, optimized, fully secure and consistent.
Extensibility
Visibility, intent, deployment and management are key tenets and the minimal requirements for effective automation. However, imagine how much more effective network automation can be if it can be integrated with other network solutions. Maybe troubleshooting. Or security. Or support.
This is why we’ve constructed Cisco DNA Center and its network controller to provide resident extensibility capabilities. For instance, when combined with the assurance capabilities resident in Cisco DNA Center, Cisco DNA automation capabilities can create a closed loop system that continually monitors, troubleshoots and optimizes the network. Cisco DNA Center provides the telemetry directly from the network so there’s a direct connection with the way the network is actually performing. Cisco DNA Assurance applies machine learning and 30 years of Cisco domain expertise to pinpoint and resolve issues quickly. This network telemetry can also be shared with Cisco security solutions such as Stealthwatch helping generate end-to-end consistency for the network and security.
Cisco DNA automation can also use APIs and the controller platform to extend the robust set of Cisco-developed automation solutions. Cisco DevNet provides developer tools that enable customers to create custom automations. And, we are actively creating an ecosystem of third-party partner applications that can add industry-specific or other automation capabilities.
Network automation can be a game changer for the modern, intent-based network. But only if it provides the key capabilities that extend that automation throughout the network and ensure it effectively addresses real network management needs. A Cisco DNA subscription and Cisco DNA Center do just that.
Read more about Cisco DNA Center
Join the conversation! Share your thoughts below and watch out for the next installment of our #IntentBasedNetworking blog series on the promise of intent-based networking.
Top!
A great article. Must read and highlight very intent and principles of automation