The first step to local area network automation is adopting network configuration and change management (NCCM). NCCM not only allows network administrators to quickly adapt LANs to changes, but also offers a level of consistency to these changes. There are a number of options for administrators, including doing the work in-house, going open source, or choosing from a bevy of commercial options. The skill set of the administrators, along with budgetary and support concerns, should all weigh into the approach organizations choose.
Scripting your way to network automation
Savvy IT professionals can write their own scripts or macros to automate any number of processes on the local area network. Frequent tasks such as updating port settings, changing administrative passwords, or even adjusting access control lists can be time consuming for network administrators, but are simple and repetitive enough to be handled with a set of scripts. While scripting capabilities vary by vendor and product, most network products offer a command line interface (CLI) available via telnet or SSH, allowing scripts to simply feed a series of commands to the equipment. The advantage to this approach is the low barrier to entry, requiring only a capable network administrator and the time necessary to sit down and code the scripts. A pure build-your-own approach also grants administrators full control over the process, allowing them to automate specifically what is necessary in that environment, without making a software tool with its own frameworks and interfaces. In smaller enterprise networks with a narrow set of unique devices, scripts may be all an administrator needs to speed up adds, changes and deletes on the network. IT organizations within specialized environments, such as networks for high performance computing (HPC), may prefer to use scripts to fine tune networks for their specific needs.
However, as enterprise networks get increasingly complex, so too do the scripts that automate them. Likewise, if the administrator that designed the scripts leaves the organization, there is the risk that all the knowledge of the scripting nuances will walk out the door. Home grown scripts will also have to be reassessed any time a new model or new vendor is included in the infrastructure, adding additional work hours to the process. That said, for small, flat networks that do not see frequent design and architecture changes, building your own scripts might be the best course for network automation.
Building local network automation with open source tools
Much like the industry has seen the rise of open source alternatives for network monitoring and network analysis, NCCM is getting the attention of developers. Open source solutions offer the low barrier to entry like user scripting, but also bring a level of portability and repeatability that in-house scripts cannot provide, with a goal of reducing network configuration errors. An open source solution is not tied to a particular organization or administrator, which means organizations can recruit administrators that know the tool and can use it when implementing administrators leave the organization. Likewise, the implementers themselves can carry both the tools and the knowledge of them to their new positions.
The concern about open source automation tools revolves around support. Ultimately, an open source project is only as good as its developers and community of users. A good user community can assist new users in getting started, building up the device support for the product, and building complementary tools for the product, said Brent Chapman, founder of open source automation tool Netomata Config Generator. But while some open source projects have commercial support services built around them, others can be limited to support via posting questions on community forums or sending emails to online discussion groups.
For network administrators, doing initial work with an open source automation tool might be a good starting point, even if the solution does not completely meet the requirements. NCCM might be a difficult concept to convey to upper management who don't understand the change in management strategy or cost.
"In many cases, cost is not necessarily the prime obstacle in automating the LAN, but fear of making the leap to managing the network a different way," said Chapman.
Using an open source solution as a pilot project could help administrators define the priorities and expectations of automation tools and highlight the power of network automation to upper management in order to proof the need for investment and show the overall benefits.
Vendor sourced network automation solutions
Most enterprise networking vendors offer software options to automate NCCM on an enterprise network infrastructure. Products such as CiscoWorks LAN Management Solution and HP's Data Center Automation Center, provide a central console for controlling the configuration, monitoring, and reporting on local area network devices. In some ways, this choice is an advantage because vendors are intimately familiar with their products, and thus capable of delivering automation tools to support them. Software from the vendor will also come with the same level of support that is available for their networking hardware, making it a simplified process to get help or get questions answered.
Unfortunately, there are a number of concerns with choosing a vendor specific solution. First and foremost, many of the management solutions offered by networking vendors are designed to scale up for their largest customers, and in many cases are priced to match that scale. This can create a cost barrier to entry for small and medium sized customers. Additionally, vendor software is generally designed to work solely with the vendor's hardware. Even if the vendor claims compatibility with competing products, most vendor NCCM products are optimized on the presumption of a homogeneous network. For enterprises that predominantly rely on single-source vendors for their networking gear, this could be the quickest path to deploying a network automation strategy, but for others it may not be an option.
A place for third party network automation tools
Third party products, such as SolarWind's Orion Network Configuration Manager and NetMRI from Infoblox, can bridge the gap between open source and vendor automation solutions. Unlike open source products, third party applications offer enterprises ongoing support, as well as training and services options. Most third party automation solutions take a vendor neutral stance on the network devices they support, making them a better candidate for heterogeneous networks than the vendor specific solutions. But unlike open source tools, third party software solutions have the polish typical of commercial products.
These advantages, however, come at a price not only of the initial software purchase, but also annual support contracts based on a percentage of the purchase cost. Also, third party software, while technically impartial, is likely to focus on the most popular or best-of-breed networking vendors and devices, leaving enterprises on their own for less common or niche devices. It's important to ensure that your organization's network device inventory corresponds to the vendor's compatibility list, and that the compatibility goes deep enough.
This was first published in October 2010