As networks grow more complex and extensive, the workload for network managers and administrators grows heavier and more time-consuming. Visibility and monitoring tools help lighten the load, but network operations teams still have to carry out many operations that require a great deal of expertise, concentration, and work hours.
As a result, there’s a lot of potential for tools that automate and enable intent-based operations to smooth the path for network operations.
Intent-based network operations refers to the automation of various tasks across a network using Artificial Intelligence (AI). The goal is to simplify the creation and management of these tasks, and reduce the specific involvement of the IT manager in each and every tiny configuration. With intent-based operations, the manager decides on the business intent, and the system automatically manages everything involved in completing the operations necessary to actualize that goal. Once business intent is defined, the AI-driven network translates the user’s end goal into specific configurations. This differentiation between the business intent and how it gets implemented is crucial, since within different networks the goal will need to be implemented in different ways.
Intent-based operation stands in contrast to network monitoring and tracking operations, which observe the network but do not make any changes to it.
For example, configuring VLAN to increase network security is an intent-based operation that requires creating policies within all the switches and devices in the network and configuring all the ports.
Intent-based operations require read-write permissions for the network, plus API tools or remote login tools like SNMP, SSH, or Telnet. Meraki, Fortinet, and other vendors usually include the necessary APIs, but it’s not always easy to apply them for the results you desire.
Intent-based operations can refer to any network operations with a business intent behind them. The business intentions can have an enormous range of sub-activities that need to be done, such as, enabling and disabling ports, creating network policies, network interfaces, and security policies, changing configurations, and more.
Intent-based operations that occur frequently include trouble-shooting, routing changes, backing up configurations, and occasionally traffic shaping and mass upgrades. It’s not usually necessary to rewrite configurations for the entire network, but they do need to be modified from time to time.
At the moment, network managers carry out most network operations manually. They have tools at their disposal, primarily the out-the-box device management software provided by vendors, but those tools require manual, step-by-step changes. Most of today’s network management software doesn’t provide any support for intent-based operations, particularly not across hybrid networks from multiple providers, which is arguably when managers most need the support.
This means that network operations managers and network administrators need to acquire the knowledge to complete all requirements manually. They have access to knowledge bases, community forums, and other information sources that can guide them to the right steps to undertake, but it’s up to them to learn how to perform these operations, log in to each vendor tool’s UI, and carry them out successfully.
Network managers typically experience two main pain points in their daily work: a lack of knowledge, and a lack of time.
Network admins need deep knowledge and understanding of networking, experience with trouble-shooting, and the ability to see what to change and how to change it. In today’s tight labor market, there aren’t enough network managers who have sufficient expertise, with the result that many companies are struggling with their intent-based operations.
Equally, managing the network(s) takes a lot of time, even for those who have the relevant level of knowledge and experience. There are many steps that need to be completed, and often managers need to log into the management UI of multiple vendor tools, which makes it take even longer. As managers move through numerous tools that configure multiple networks, they need to also consider the nature and content of each and every network in order to make the right decisions that will achieve their intended outcome.
Meanwhile, the process is fraught. Just one small mistake can be enough to crash the system, and it can take hours or days for the issue to become evident and the root cause to be identified and resolved. Small wonder that network managers are often nervous about intent-based operations.
These issues affect organizations of all sizes. Large data centers are more likely to have employees with the necessary expertise, but the bigger the system, the more far-reaching the consequences of minor errors. Additionally, those employees have other tasks occupying their time. On the other hand, small and medium companies rarely have sufficient knowledge in-house, and could struggle to afford to outsource tasks to expert contractors.
While today’s network management software enables intent-based operations, they typically don’t include automation support. Network managers have to complete a lot of steps to configure the system, and each step requires knowledge to create the right policies.
The UI for most software is also not user-friendly. You need to be familiar with the interface and how the system works, and even people who’ve used it before can take many hours to work out the right way to complete operations. What’s more, many organizations run a mixed-vendor environment, which requires managers to log in to and master the UI for each vendor tool.
Because the process is manual, there’s a high risk of mistakes creeping in and causing significant damage to the networks. If you’re configuring a new guest network for 300 networks, you only need to lose focus once for a serious error to arise.
This is where automated intent-based operations can make a big difference. If the configurations for 300 sites with new SSIDs are carried out automatically throughout the entire system, it’s practically guaranteed that no mistakes can creep in. It also takes a matter of minutes, instead of hours or days, and you can carry it all out in a single interface instead of entering the system for each vendor.
What’s more, automated intent-based operations platforms have a much lower bar to success. AI-powered chatbots ask the user questions like what is your SSID name, do you want to isolate your network, do you want to limit your traffic, etc. Even non-expert network managers can answer the questions and create the new configurations without risking bringing the networks down.
In contrast, NetOp offers automated tools for intent-based operations like creating modifying SSID, port forwarding, traffic-shaping, content-filtering, firmware upgrades, and backup and restore, thereby saving time, preventing errors, and enabling every network manager to complete configurations successfully.
For example, NetOp automates traffic shaping as needed for specific apps, like limiting bandwidth for users who are streaming YouTube in the office, running a lot of bandwidth-hungry downloads, or upgrading their iPhone to the latest iOS since this could congest the Internet link and cause performance issues. With NetOp, you can apply traffic-shaping rules on the fly at the service level in real time; it would be triggered by the anomaly in the network, and the end user would not even notice any degraded performance. If you tried to configure the same process in the router, for example, one small mistake on the root level of the network would block all the apps and damage everyone’s work.
NetOp even goes a step further and suggests intent-based operations that will improve performance. For example, if you notice a performance issue on your site, most tools won’t give you any recommendations for resolving it. But NetOp will notice that one of your SSIDs is consuming much more traffic than the others, creating a bottleneck in bandwidth availability, and it will automatically change the configurations to give all SSIDs the same quality of service.
You can use NetOp in a similar way for content filtering. As part of its monitoring capabilities, NetOp tracks traffic destinations from your network and can detect if someone is trying to access a banned site, like if students in a school are trying to visit an inappropriate site or workers trying to use a torrent site. NetOp sends an alert to the network manager and can automatically block the URL. If managers want to carry out the operation themselves, they just need to enter the URL they wish to block, select all the network sites to apply this configuration, and approve the change. NetOp can apply the same kind of content filtering for inbound traffic, like blocking access to traffic from specific countries.
Other useful NetOp intent-based operations capabilities include port forwarding via external and internal ports to allow access to specific servers, like letting workers use their remote desktop when working from home. Without NetOp, it can take a full day of work even for someone who’s familiar with the software management tool, but with NetOp it’s as little as half an hour of time.
NetOp also automates backup and restore for configurations to any device, so you can easily restore a switch to the latest known configuration or whatever date a customer may request. Finally, it tracks firmware upgrades by detecting the current version and updating it with the newest and most recommended upgrade.
Intent-based operations play a vital role in any network management strategy, but they are often difficult to execute, time-consuming, and dangerously prone to errors. Modern automated support for intent-based operations makes it easier for network managers and administrators to run configurations and create policies, saves time for net ops teams, and lowers the risk of errors causing significant damage to the system.
Learn how NetOp can help you with intent-based operations. Get a demo today.