ESG Showcase NetBrain Network Intent
SHOWCASE JANUARY 2023 Managing Your Network by Intentions Bob Laliberte, Principal Analyst Abstract: The biggest IT service delivery dependency is the underlying network. The network forms the basis for business innovation and success, so it is imperative that network operations organizations focus on delivering these services as their primary role—not just on maintaining network device health as they have done for decades. And while these network infrastructures are complex in nature, the goal has always been to deliver business services. To do so, network operations teams used device health as the proxy, with the assumption that when all devices are running properly, the services would also be fine. When there were fewer applications that were also less demanding, this approach may have been reasonable, but in modern times where hundreds of applications and microservices are deployed, each competing for use of the common networking infrastructure, organizations need a better way to assure business application delivery success. By capturing all of the business requirements as tens of thousands of overlapping needs that can be programmatically executed, a network management approach using automation can manage the execution of those needs at scale. The network then has the specific characteristics to deliver applications and services with greater success. This showcase discusses the opportunity of automating network operations management throughout the infrastructure’s lifespan by preserving its behaviors. IT Operations Must Become More Scalable, Efficient As infrastructures grow, so too does the operational workforce needed to support them. And these IT resources have tended to stay in place for long periods of time, safeguarding the institutional knowledge and experience associated with every technology. They are comfortable artfully solving network issues and operational tasks individually from personal experience. In most cases, the same engineer might solve the same problem differently each time they address it. But, due to silos in IT, there are limits to engineers’ individual knowledge and experience, so complex issues often required escalations to other subject matter experts that caused additional delays. And addressing one issue may have unintended consequences that affect the performance or delivery of another part of the network. In essence, huge infrastructures and the businesses that rely upon them are tactically surviving and continuously at risk since they have been managed with the same application-agnostic and people-centric approaches that have been used for decades. In today’s era of global socio-economic pressures, this brute force people-centric approach to network operations no longer works. To treat the network as a general-purpose utility is no longer suitable with so many unique applications and IT services built on distributed architectures. So how can organizations scale service delivery and reduce overhead at the same time? Skilled resources can’t be hired as readily as they were previously and the cost to hire the industry’s best talent has sharply risen, making the business of IT significantly more expensive. The foundational knowledge previously used to manage large infrastructures may no longer be available due to attrition and yet businesses rely more on networks to deliver their livelihood. Today, with greater economic pressures, network operations teams need to standardize the NetOps function to make it scalable and more efficient with intelligence about the business services that ride upon it and their specific network requirements. The goal must be to maintain business services as a science, rather than an art, by attaining a deep understanding of the behaviors of the network needed by each IT service. A typical network infrastructure This Enterprise Strategy Group Showcase was commissioned by NetBrain and is distributed under license from TechTarget, Inc. © 2023 TechTarget, Inc. All Rights Reserved 1
Showcase: Managing Your Network by Intentions can be described by all the required and overlapping behaviors needed by its applications, which may be TEN TIMES the number of physical and virtual devices. When a problem gets addressed, a system should capture that experience, normalize it, and make it repeatable across the organization. By taking a more systematic approach, the successful delivery of each application is assured. Effective ongoing automation of the network’s behaviors over the lifespan of the infrastructure must factor applications into the operational goal. Once the real-time picture of the required behaviors has been captured, it can be continuously managed and verified using automation across similar situations that may include different times, people, and geographies. This proactive approach to network operations can begin instantly the moment any abnormal condition exists and will even detect transient problems, allowing them to be corrected before they are reported or manifest into a major outage or service degradation. Hybrid Network Operations Must Focus on IT Service Delivery, Not Device Health Modern hybrid and cloud-connected networks make the ongoing management of IT services even more labor- intensive and far less scalable when using traditional network operations rooted in a brute-force, one-at-a-time paradigm. Research by TechTarget's Enterprise Strategy Group highlights that the majority (86%) of organizations are using two or more public clouds in a meaningful way,1 and virtually all respondents (94%) state edge computing is a top 10 priority for their organization, as well.2 Given most networks are multi-vendor, it shouldn’t be a surprise to find that more than half (54%) of the organizations surveyed cited that their network environment was either more or significantly more complex than just two years ago.3 But worse, many of those same organizations have not created any specific plan to get in front of the growing risk to the business… and simply hiring more personnel is no longer the answer. Organizations need a solid real-time understanding of their networks, including their ability to deliver the organization’s applications and services. Figure 1. Hybrid Environments Create Complexity Source: Enterprise Strategy Group, a division of TechTarget, Inc. Most enterprise organizations have multiple data centers; multiple public cloud services; and campus, branch, and WAN environments, consisting of multiple network vendors deployed in different parts of the network. Traditionally, operations teams are left with the task of trying to manage these environments at the device level, typically ignoring 1 Source: Enterprise Strategy Group Research Report, Application Infrastructure Modernization Trends Across Distributed Cloud Environments, March 2022. 2 Source: Enterprise Strategy Group Complete Survey Results, Distributed Cloud Series: Digital Ecosystems, August 2022. 3 Source: Enterprise Strategy Group Research Report, Network Modernization in Highly Distributed Environments, November 2021. 2
Showcase: Managing Your Network by Intentions the specific needs of their business services, or at best, making changes for a new application that may directly impact the performance of one or more previously deployed applications. At the broadest level, networks typically only match their intended design and performance on the day they are deployed. In large environments, it is not uncommon to see thousands of changes or tickets per month. Unfortunately, many of these service tasks may also have unintended consequences in other parts of the infrastructure without the context of the application-driven required behaviors. So, while the network may look healthy at the device level, mission-critical applications may be suffering, costing businesses millions of dollars in productivity, lost revenue, and, if they are severe enough, negative publicity, customer retention, and stock valuation, etc. Modem NetOps must focus on service delivery rather than device health. Network operations teams struggle to find skilled resources, yet headcounts are flat or even shrinking, due to the "great resignation." This means that operations teams often must rely on individual acts of IT heroism and institutional knowledge to keep networks available, performant, and secure. As a result, these teams are operating in a tactical fashion, and all their available time is consumed by reacting to the chaos unfolding within the dynamic environment—with little to no time for tackling forward-looking activities or advancing network operations’ approaches. Even when network operations teams are leveraging automation tools, they mostly do so on Day-0 Day-1 to accelerate the deployment of new network infrastructure components. However, to help drive operational efficiencies in a much bigger and more impactful way, organizations must focus on Day-2, which often represents a decade or more, on the ongoing management of the environment. Automation and real-time visibility into network availability, performance, and security can truly have a huge impact. Stop the Impact of Both News-making Outages and Slowdowns While outages historically were treated as catastrophic situations where failures rendered large portions of the business inoperable, many resilience technologies have been put into place to eliminate these kinds of single points of failure… yet service degradations of various magnitude still occur all the time. It’s imperative to commit to understanding complex IT service delivery requirements and then deploy the means to prevent service degradations proactively. The stakes are high, so there must be a sense of urgency to look at all parts of service delivery in real time—for example, continuously validating security architecture and assuring that all the components deployed are doing what they were designed to do to protect the enterprise. Even things as commonplace as “slow” applications could be things of the past once a forward-looking and proactive plan is put in place. Accomplishing this requires a real-time automation solution with the ability to understand the needs of the business and ensure the network can support each application’s individual connectivity, performance, and security requirements. To be operationally efficient, this solution must deliver: • Continuous verification: the ability to continuously verify the network’s status against each of its design intentions, which articulate all of the needs of the business. These include items like raw performance characteristics, quality of service, end-to-end connectivity, security controls, etc. • Multi-vendor, Hybrid Cloud Visibility: with a focus on the business outcomes and delivered results, the solution must provide end-to-end true multi-vendor infrastructure support, including the public clouds. Management boundaries cannot exist where one technology meets a second one. • Outage Prevention: a wide range of expected behaviors that are affected by errant conditions, including configuration drift and resilience strategies. • Security Enforcement: ensuring that correct and consistent security designs are enforced across the entire distributed network environment. Too often, unintended consequences of a change or an unsuccessful change 3
Showcase: Managing Your Network by Intentions to the network may create a vulnerability or enable network traffic to traverse beyond defined, secured boundaries. • Defendable Change Management: the ability to rapidly identify the status of the network and its ability to support each of the organization’s defined services before and after changes are made. This prevents unintended consequences of change from manifesting into production. • The Ability to Leverage Expertise: a no-code approach to enable subject matter experts to capture their experience and make it accessible to their peers globally. Once created, this same knowledge can be automatically applied by the machine. The NetBrain Automation Solution To help organizations regain control of and enable network operations teams to proactively manage their highly distributed and cloud-connected network environments, NetBrain created the Problem Diagnosis Automation System (PDAS). The solution enables organizations to easily codify thousands of business-centric network requirements for all applications and IT services and then compare the hybrid network in real-time against those stated behaviors. By doing so, PDAS can detect and correct issues before they manifest into production issues. Once issues are detected, PDAS enables remedial best practices that have been previously captured using no-code principles to also be automated. By doing so, PDAS eliminates inconsistent problem solving, reduces escalations, and resolves problems faster and at a lower cost. NetBrain PDAS provides: • Outage Prevention: Network operations teams leverage PDAS to spot problems before they manifest into production-affecting outages by proactively identifying and fixing them. In essence, the real-time network is continuously compared to the long list of encoded intentions with differences indicating a potential problem in the making. Doing so eliminates more than half of all reported outages and service degradations, saving time and money. • Accelerated Diagnostics: By automatically determining the root cause of any detected issue, problems are pinpointed the moment they occur, and operations teams can spend their time fixing problems rather than trying to find them. To further reduce remediation time (MTTR), NetBrain shares all the automated best practices required to fix the most common issues quickly and consistently across the organization. • Hybrid Cloud Visibility: Given the dynamic nature of hybrid cloud-connected infrastructures, it’s imperative for network operations solutions to continuously observe the network and accurately verify and update the topology model across all vendors and technologies, including the public clouds, software-defined data center, wide- area, security components, and all other traditional components of the network. • Security Enforcement: The larger attack surfaces common in today’s enterprises mandates that organizations ensure secure controls are in place and operating the way they were designed to operate. This enables organizations to mitigate risk while ensuring compliance. By encoding security requirements into automated intents, PDAS offers the ability to continuously verify that intended security policies are in effect. • Application Assurance: Every application and IT service expects the network to support its specific needs. Within the PDAS platform, these needs are encoded into network intents, creating an expansive list of behaviors that must exist for the business to operate properly. PDAS continuously assures that the needs of all services are being met. • Protected Change Management: Most importantly, NetBrain provides structured change management that establishes the condition of the network before any change is made, automates the change, and then verifies that the long list of network intents is still intact after the change has been made. As a result, network operations teams can eliminate any unintended consequences and, if problems do arise, quickly roll back to a last-known good state. 4
Showcase: Managing Your Network by Intentions • Multi-vendor support: PDAS uses a device driver model that allows equipment from any vendor to be included in the live digital twin. Using patented auto-discovery technology that leverages all native interfaces to equipment, PDAS maintains an accurate representation of the entire network, from the cloud to the edge, and everything in between. Ultimately, NetBrain PDAS enables network operations teams to operate more efficiently through automation and by leveraging the knowledge of all their peers, which builds a growing knowledge base for the company that persists regardless of which resources are present at any time within the organization globally. Forward Looking NetOps Strategies Forward-looking IT professionals are elevating their network operations thought process from one that views the network as a general-purpose utility that should be able support anything (as was commonplace in the 1990s) to one of detailed understanding of each of the specific needs of enterprise applications, their architectures, and all of the decomposed microservices that span the hybrid infrastructure. This goes far beyond monitoring device health and allows the tightest alignment of the network and the business. By focusing on IT service delivery, network operations can transform from a tactical and chaotic function, with lots of variability and a never-ending list of challenges, to a strategic function that delivers IT services based upon a plan. The plan can quantify and qualify the network with operational efficiencies at the forefront of the discussion. This provides a more suitable way to address risk profiles as well as the cost structures required to deliver each service. NetBrain understands the challenges of supporting distributed application environments and built PDAS to provide a simple, intuitive, proactive solution to deliver continuous validation of network and security intents. PDAS enables organizations to prevent application or network outages and service degradations in an ever-changing distributed cloud environment. In the event of a problem or outage, organizations can accelerate remediation efforts by leveraging the shared knowledge of teams who had previously fixed the same or a similar problem, which can be accessed from NetBrain’s Intent Library by anyone. All product names, logos, brands, and trademarks are the property of their respective owners. Information contained in this publication has been obtained by sources TechTarget, Inc. considers to be reliable but is not warranted by TechTarget, Inc. This publication may contain opinions of TechTarget, Inc., which are subject to change. This publication may include forecasts, projections, and other predictive statements that represent TechTarget, Inc.’s assumptions and expectations in light of currently available information. These forecasts are based on industry trends and involve variables and uncertainties. Consequently, TechTarget, Inc. makes no warranty as to the accuracy of specific forecasts, projections or predictive statements contained herein. This publication is copyrighted by TechTarget, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of TechTarget, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact Client Relations at [email protected]. About Enterprise Strategy Group [email protected] Enterprise Strategy Group is an integrated technology analysis, research, and strategy firm that provides market intelligence, actionable insight, and go-to-market content services to the global IT community. © TechTarget 2023. www.esg-global.com 5