Address Your Top 8 Network Challenges with Day-2 Automation By capturing, verifying, and enforcing network intents, up to 95% of all network service tickets, up to 50% of outages can be reduced or eliminated altogether

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION While there has been a great deal of focus on network automation as it pertains to initial deployment and device configuration, the biggest opportunity is found in automating Day-2 operations - which spans the entire infrastructure lifecycle. The typical large enterprise has thousands of network service tickets each month, ranging from the simple and mundane to the most complicated “headline-making” scenarios. This common device-by-device network management paradigm doesn’t usually consider the application and service delivery business requirements or their end- user experiences. Day-2 network automation enables scale for IT organizations by NetBrain Problem Diagnosis Automation System for leveraging policies and best practices created by your most experienced Managing Operations by Network Intent subject matter experts across the organization that have been incorporated into network management over the lifespan of the NetBrain’s Intent-based network management looks at the network as the infrastructure. Day-2 operations is also the perfect place to proactively delivery mechanism for various application and business service intents. enforce the network rules (or “intents”) that have been designed to NetBrain differs drastically from all other device-based network management continuously exist as part of the enterprise architecture, such as those approaches by focusing on the needs of the applications and services in use. dealing with security zones, quality of service, failover, resiliency, and By realigning network operational plans to directly support business application overall performance. service delivery, business leaders and IT professionals can focus on verifying their network’s ability to meet the needs of the business as their core KPI. What’s needed is a Day-2 vendor-agnostic intent-based automation solution for Network Operations that becomes part of the standard NetBrain PDAS (Problem Diagnosis Automation System) manages hybrid operational workflow. Not another tool, but a new strategy. One that networks as a compilation of network intents which directly supports IT service focuses on IT business service delivery intended outcomes, accelerates delivery needs. Day-2 automated network operations allows you to manage service-related tasks, and proactively verifies the infrastructure’s your hybrid network by capturing, verifying, and enforcing network design capacity to deliver IT services at levels the business requires and intents and eases problem diagnosis to ensure those conditions are maintained. prevent new applications from negatively impacting the performance NetBrain’s Automation Library offers more than 50 intents for modern enterprise of existing applications. network operations.

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION NetBrain PDAS Addresses Today’s 8 Most Common Network Challenges 1. Enforcement of Security Policies & Zones Network security is one of the most critical needs of a modern NetBrain's Intent-based network automation platform enterprise. In most situations, network security has been makes security enforcement a standard part of your implemented by a litany of point and overlapping solutions, each network operations. NetBrain continuously tests how well The deployment designed to manage an application or feature access requirement. information is flowing whether verifying enterprise-wide or of security But how do you know when a new security solution interferes with the granular policies and controls focusing on users, data behavior of a previously installed one? How can you confirm that types, services, or individual devices. hardware and your business network is always protected? The key is to continuously software verify the production network against the identified list of security Applications, services, and users live on different networks creates the intents including hundreds of security borders and zones enforced by and subnets, so network and security architects add illusion of “one firewall rules, access control, dynamic routing schemes, and edge segmentation to different networks with policies to allow or and done” access restrictions. deny application traffic. NetBrain enforces network intents protection. automatically: Challenges Security-related The deployment of security hardware and software creates the • on core routing, distribution separation, and edge illusion of “one and done” protection. Most IT leaders diminish the access prevalence or ignore the reality of ad-hoc changes, which results in • by validating configuration, ACLs, topology, device configuration drift for network components, including security state, and permit/deny conditions services. The concept of proactive and on-going verification of the • to assure that VLANs and micro-segmentation thousands of security rules (access control, allow/deny, intrusion), that security zones and subnets are intact must be compliant for complete protection, surfaces much less frequently. Security Assurance Networks are protected from malicious traffic by security products such as firewalls, but how can these devices be tested continuously to assure they allow certain types of traffic and deny other types? Rules for transporting various traffic types and the valid source and destination addresses must be verified continuously. NetBrain uses its Intent technology to assure that all devices that are paired or load-balanced have the same sets of rules.

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION 2. Monitoring Critical Link Failovers Modern networks are designed to eliminate any single point of failure. Critical links are no exception and great effort is put forward to assure that there is redundant connectivity between key sites and services. The problem is that redundancy and failover processes are rarely tested ‘live in production’ to assure that they will function as needed in stress conditions. Many times, Few operational catastrophic failure is the first time that the network operations teams realizes that the failover links have been mis-configured or best practices no longer functional for some other reason. It’s because few operational best practices include on-going verification of standby components. It is assumed that resiliency capabilities will function as intended. include on-going Challenges verification In the real world, a simple link failure can quickly result in a catastrophic outage – due of standby to the drift in network design that has damaged the expected failover protection. components. If the backup link isn’t properly configured, it can prevent communication altogether or perform far outside the needs of the critical link design. The backup link is your last line of defense from a blackout so it must be functional, even when not in use. Resiliency, Failover Verification NetBrain prevents this configuration drift from sabotaging your business continuity plan by: • Capturing network intent embedded inside current failover design • Monitoring the design intents continuously • Warning when detecting configuration drifts

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION 3. Diagnosing Slow Applications When users are reporting that their applications are responding Challenges slowly, everyone automatically points to the network as the source It’s easy to spot network conditions which are binary, traffic of the problem. But, since there are so many pieces involved in is flowing or it’s not, but most companies have significant According to application delivery, the IT organization struggles to identify the difficulty investigating ‘slow’ issues and, as a result, waste Enterprise actual part of the network that may be amiss. In many cases, the too much time testing everything they can in hopes of performance issue resolves itself long before you can identify and pinpointing the actual cause. This is because of a lack of Management execute corrective action. contextual visibility and adherence to network designs. As Associates, "Only What network operation teams need is real-time way to diagnose networks grow, it becomes more difficult to determine root 30% are the network in the context of the applications it serves. That causes of network-related application performance issues. fully satisfied application performance context forms the basis for managing by with their network intent. Network intents allow application designers to set Prevent Reports of Slow Applications troubleshooting specific network requirements that must exist for each application to NetBrain’s network intents technology coupled with its ability tool's support perform as designed. When these conditions vary from the design to execute traffic based real-time path tracing allows you to of problem requirements, application performance is reported as ‘slow’. By locate and visualize the network problem area including the isolation, and capturing the network intents associated with every application and actual routes that application traffic flows. And, its intent- only 28% are then automating network diagnosis for these intents, you can quickly based automation performs the extensive set of diagnostics fully satisfied identify and correct problems. to determine the root cause of application performance with root cause issues. Using its Path Intent capability, NetBrain allows you to document healthy network path baselines for comparison at analysis support." any point in the future. Any deviations from the known good baselines will be overlayed onto the healthy application path intents for easy problem identification. NetBrain’s Problem Diagnosis Automation system provides: • Detailed understanding of traffic paths, forward and backward Source: EMA Network • Baseline the route performance including the effects of Management traffic shaping and filtering Megatrends 2022: • The ability to monitor changes between current network Navigating Multi-Cloud, IoT, and NetDevOps conditions and baseline intents During a Labor Shortage

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION 4. Maintaining a Network-wide QoS Policy Ubiquitous real-time communications applications including voice, video and multicasting require high-performance and high-quality network links to prevent poor experiences. These applications are According to dependent on proper Quality-of-Service (QoS) configuration across ® the hybrid network. Continuous adherence to your network-wide Gartner , A quick QoS policy is critical to delivering high-performance real-time win would be communication experiences. "Creating an automated Challenges network Historically, network quality of service was not well understood. As performance voice and video became part of the standard set of IT supported baseline, such as services, organizations saw mixed results when implementing QoS an automated without the rigid set of control needed to assure QoS policies test that verifies remained in effect. QoS problems are less apparent because traffic and records still flows. Troubleshooting is made difficult because the same level Monitor and Resolve Real-time Communication Quality whether latency of performance must be maintained across different networks. NetBrain enables you to continuously verify the to specific adherence to design intents, including QoS policies, services/ Today, these applications compete with hundreds of other needed to maintain optimal real-time communications applications applications across different types of network technologies including performance by: is within a the home-based edge. Therefore, it’s common for the quality of • Capturing QoS policy as part of the network intent threshold." these services to suffer due to lack of complete adherence to QoS • Verifying network intents to detect QoS policy policies due to configuration drift, human error, and lack of big compliance or drift picture understanding of the impacts on other applications on • Detect variations between the current network and the shared networks. design intent before incidents are created Source: Market Guide for Network Automation Tools - Published 22 February 2022

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION 5. Managing Cloud-Based Services Today’s critical applications are no longer the traditional, monolithic A significant issue with moving to the cloud is understanding server-based applications. Some applications live on cloud-based how to view and measure performance of those services, infrastructure, while others consist of a compilation of distributed but and how to incorporate those services into the same model IT leaders can interconnected services that are delivered by in-house infrastructure as traditional resources. Existing operational challenges no longer think and by the public cloud. include maintaining design compliance and verifying service delivery across these services. of the cloud as The dominant public cloud service providers include Amazon, a black box. Just Google, and Microsoft, and most software-as-a-service (SaaS) Managing Cloud Services because the offerings span more than one cloud provider. Cloud-based services infrastructure is are typically sold by some measure of consumption or in a IT leaders can no longer think of the cloud as a black box. delivered as a transactional fashion making costing cloud-based service very Just because the infrastructure is delivered as a service, the service. straight-forward and elastic. responsibility to keep IT in support of the business remains. NetBrain can help you close the cloud performance and The problem is business is not just about a contract’s penalty terms; visibility gap by discovering, verifying, and visualizing the it’s about the continued necessity to understand service delivery and underlying cloud infrastructure and capturing the network verification of the required service levels. With or without the use of intents for how information flows across hybrid networks to cloud services, the age-old mantra still rings true, “business stops help you more quickly troubleshoot any issue by: when infrastructure stops.” The discussion of SLA penalty terms has • Decoding cloud infrastructure configuration and very little material effect on the need for those delivered services to capturing expected performance using network intents keep the business running, support customer retention goals, • Verifying and enforcing the network intents in place valuation, and reputation, etc. • Automating incident diagnosis Challenges Many IT organizations have limited their responsibility and accountability for cloud-based services, since they largely have no visibility or control of these external infrastructures. In recent years, that has become a major point of contention as business leaders have make it clear that the selection by IT leadership to rely upon cloud provided services does not reduce or eliminate their accountability for business IT operations.

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION 6. Optimizing Corporate Internet Connectivity Today’s connected businesses rely on the Internet as their network backbone to communicate with partners and customers day in and According to day out. Enterprise or production networks may have several inter-connections to the Internet, announcing and receiving publicly facing Enterprise routes. Internet access policies must be adjusted from time to time to accommodate certain events such as partial Internet failure or Management application slowness. In today’s connected world, the Internet is the backbone of every IT organization’s enterprise architecture, Associates, "A connecting customers, partners, and suppliers. large majority of network Challenges operations Without reliable Internet that meets a multitude of application teams are trying performance needs, your business cannot survive. Your business to gain better operates on a set of distinct application requirements to deliver visibility into high-performance experiences. And Internet performance can public cloud vary widely based on a litany of external factors, most out of providers. your own control. People who work in network Optimization engineering, Applications need various types of services, so NetBrain’s DevOps, and IT Network Intents capture and articulate your Internet access architectures in terms of the applications it supports. By understanding were 43% these application and service needs, NetBrain network likely to cite intents can be verified and enforced as needed. NetBrain builds this understanding into your standard operating Internet best practices by: connectivity/ • Codifying Internet access policies and performance hybrid WAN." expectations with Network Intent • Monitoring the KPI off Internet trunk, and failover and Source: EMA Network load-balancing in place Management • Alerting when certain thresholds or metrics are met, Megatrends 2022: proactively resolving issues Navigating Multi-Cloud, IoT, and NetDevOps During a Labor Shortage

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION 7. Audit Network Designs, Best Practices and Rules Your network design compliance is only as good as the next network Challenges update. Most enterprises surprisingly don’t have accurate While the concept of design and best-practice compliance is intuitive, the means to documentation of what’s in their networks, how they’re connected achieve it at scale is daunting. In most cases, audit and compliance processes are and how information is intended to flow. Understanding your network executed infrequently, or in direct response to audits. In worse case scenarios, this and the purpose every device serves in delivering applications is rule enforcement is addressed immediately “after” a catastrophic incident occurs. fundamental to maintaining operational compliance. In addition, adhering to security policies and regulatory compliances (e.g., HIPAA, Achieving Design Compliance and Best Practice Audit PCI-DSS, NIST) can take up a significant amount of time. What’s more, the inability to proactively monitor and enforce security rules, NetBrain enforces design compliance and security policy adherence by: puts you at greater risk of threats and security breaches which in • Explicitly encoding best practice rules with Intent some cases go undetected for days or weeks. Auditing and enforcing • Proactively monitoring rule violation best practice and design architecture rules is the key to enforcing • Mitigating security and performance risks network security, maintaining compliance, and maximizing uptime.

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION 8. Sharing Network Knowledge and Experience Enterprise networks are getting more complex with the addition of Knowledge Sharing new underlay, overlay, security and cloud technologies. In addition, NetBrain enables you to transform complex hybrid the in-house expertise needed to manage these complex networks into network intents that can systematically be The challenge of infrastructures grows organically over time, but largely resides verified and diagnosed by anyone. Capture and share the “operational with your subject matter experts and is not made available to knowledge and expertise needed to keep your network others. Infrastructure understanding in terms of applications is infrastructures up and running with the least amount of readiness” exists critical to long-term support success. effort by: well after • Transforming topology and application knowledge into deploying, Challenges executable intent-based diagnosis practices provisioning, and The challenge of “operational readiness” exists well after deploying, • Enabling the replication of these network intents across configuring new provisioning, and configuring new technologies. People change, the network to solve similar problems technologies. attrition happens, and the knowledge they possess rarely gets saved • Accessing the intent-based knowledge base on or documented or transferred to the next employee. Companies demand must re-build this knowledge set each time their infrastructure or organization undergoes change. Hence, network operations teams end up spending unnecessary time solving the same problems over and over which is very ineffective and reduces scalability.

ADDRESS YOUR TOP 8 NETWORK CHALLENGES WITH DAY-2 AUTOMATION Summary NetBrain empowers network operations teams manage their networks by their design intents that directly support their business applications. It’s no longer necessary to focus on the mix of hardware vendors, only what purpose they serve in the greater network. In this way, we help NetOps better align with business needs. Networks should be redefined as the tens of thousands of network intents that they deliver, rather than the static set of the thousand devices which comprise it on a network diagram. The number of intents those devices support may be 10 or 100-fold the number of devices. And by capturing, verifying and enforcing network intents, IT and the business can be perfectly aligned. About NetBrain Technologies Founded in 2004, NetBrain is the market leader for NetOps automation, providing network operators and engineers with dynamic visibility across their hybrid networks and low-code/no-code automation for key tasks across IT workflows. Today, more than 2,500 of the world’s largest enterprises and managed service providers use NetBrain to automate network problem diagnosis, generate real-time documentation, accelerate troubleshooting, and enforce enterprise architectural rules. Copyright © 2022 NetBrain Technologies, Inc. All trademarks referenced herein belong to NetBrain Technologies, Inc Gartner, “Market Guide for Network Automation Tools”, Andrew Lerner, Ted Corbett, 22 Feb 2022. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. +1 (800) 605-7964 | [email protected] NB-EB-AYT8NCD2A-061322 www.netbraintech.com