Pavel Ignatov - Fotolia

Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How does security for intent-based networking work?

Monitoring plays an essential role when it comes to security in intent-based networking environments, as it ensures policies are met and detects network anomalies.

Networks are designed and implemented to support the applications on which the business depends. Intent-based networking represents a fundamental change in how those networks are designed and managed. Rather than focusing on the process of selecting switches and other components, the designers now focus on the applications and their requirements.

Network designers use intent-based networking (IBN) tools to identify the network policies required to achieve the necessary level of application performance. Intent-based tools use those specified policies to automate the detailed work of selecting network components and the interconnections between them.

Security for intent-based networking is designed along with other network elements, as the IBN tools determine the security requirements of each application and place them where they're needed. The tools can create a new network design or specify changes to an existing network.

Configuring access control lists, firewalls and virtual LANs has proven to be complicated and prone to error. By automating this process, intent-based networking tools can remove a primary cause of security breaches. Major breaches in the past have occurred because configuration errors allowed malware from vulnerable network components -- such as end-user workstations and Wi-Fi networks -- to penetrate the wider network. Intent-based networking tools can eliminate this risk.

Security for intent-based networking is designed along with other network elements, as the IBN tools determine the security requirements of each application and place them where they're needed.

Intent-based networking can quickly accommodate rapidly arising business requirements, such as video conferences. The tools can also shift network resources and make the required protection changes without the need for network managers to make hurried decisions, which could result in errors.

Monitoring aids security for intent-based networking

Continuous feedback is a major element of intent-based networking. Network monitors have been used for many years, but they don't continually report on whether applications are meeting performance requirements -- nor do they constantly monitor protection settings to ensure the specified settings remain in place.

Intent-based tools continuously make sure all the policy requirements are being met. They monitor application performance and detect network problems. As applications start up or shut down, these tools make the necessary changes to support the modified environment.

Making the change to viewing the network as a collection of applications rather than switches and routers can be difficult, but current networks are complex and change rapidly. Intent-based networking has become a necessity as complexity continues to increase, and networks must remain adaptable to shifting requirements.

This was last published in February 2019

Dig Deeper on Network automation and intent-based networking

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

What concerns do you have about security and intent-based networking?
Cancel

-ADS BY GOOGLE

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchITChannel

Close