Phil Gervasi said he loves the idea behind intent-based networking. But that doesn't mean Gervasi, a network engineer at a large pharmaceutical company in the Northeast United States, is even close to being ready to deploy the methodology.
IBN -- in essence telling the network what you want rather than telling it exactly what to do -- could redefine how applications and services are delivered across networks, even as it ushers in evolutionary technologies like artificial intelligence and machine learning. Gartner, for one, estimated more than 1,000 companies will have intent-based networking methodology in production by 2020. But to be successful, the approach will have to deliver on promises and separate itself from hype.
Central to intent-based networking systems is automation. Manual steps performed by IT -- usually via a command-line interface (CLI) -- currently program the switches and scores of other devices underpinning enterprise networks. Instead of using a CLI, IBN abstracts those configuration requirements via a graphical user interface through which users can plot their intentions -- and the network does the rest. By harnessing intent as well as context -- that is, taking into consideration the application, the user and the user's device -- IBN could prove to be a formidable network management tool, proponents say.
For Gervasi, the lure of intent-based networking is simple: It's not a new technology. Instead, it's a new way to exploit the tools engineers already have at their disposal. "Adding that abstraction level hides some of the complexity" that modern networks possess, he said. "With intent-based networking, you can add your business requirements, and then the network knows what to do. But it's just another abstraction level. It's not a new technology under the hood; instead, it's a new paradigm of how to implement it."
That being said, implementing IBN at his employer's network isn't something Gervasi sees happening anytime soon. "We like the concept, but we have no desire to play with beta equipment for the next few years," he said.
Vendors taking different positions with intent-based networking systems
Even as engineers like Gervasi evaluate IBN, vendors are jockeying for position. A few companies -- among them Apstra, Forward Networks and Veriflow -- have already released software that companies can use to automate and authenticate their operations. But it was Cisco's announcement in June -- unveiling a new Digital Network Architecture (DNA) that automates configuration policies for a new line of campus switches -- that kick-started the market. Soon after, other legacy vendors, including Juniper Networks, Hewlett Packard Enterprise and Big Switch Networks said they, too, would introduce IBN software and components. Most of these initiatives remain in trial or very early production phases, leaving the industry to determine how valid intent-based networking will be in the real world.
John Frueheindependent analyst
The percolating interest in IBN comes as little surprise to John Fruehe, an independent analyst who has followed the methodology's development.
"For the longest time, you've had complexity in the network, but you have had people who were trained and specialized to handle that complexity," he said. "But what's happening now is that particular model doesn't scale well; networks are more complex than ever before, and no one can know everything. You need to automate things. And in this world, you can either automate around arcane language and technology, or you can automate it around what the business is trying to do."
No IBN standards or specific work processes yet
But intent-based networking, like every other new methodology or technology, still needs to sort itself out, Fruehe and other market watchers say. For one thing, placing intent across an entire network -- whether it's ensuring that switch A is really talking to switch B or ensuring that a critical application receives the top quality of service priority -- isn't easy. Myriad network components and operating systems have to be considered. And harnessing all of them under a single IBN umbrella is a formidable undertaking.
Second, everything a network engineer does to establish intent has to be verified and validated -- steps vendors have only begun to address with their products. And third, enterprises will have to carefully map out a strategy that encompasses their entire network. It won't do a company any good if only a small subset of its network is intent-based while the remainder still relies on manual configuration and processes.
A further complication is the tack vendors are taking with their approaches to intent-based networking systems. Cisco is linking its IBN developments to its Catalyst 9000 switches, which means enterprises that want to incorporate the vendor's software-enabled strategy will have to deploy Cisco hardware as well. Startups Apstra and Veriflow are pitching their software as being hardware-agnostic, claiming they can provide automation, configuration and verification changes regardless of the equipment underpinning a customer's network. But each company will have to persuade potential customers they can rely on its relatively new portfolio of products.
Terry Slattery, principal architect with the consultancy firm NetCraftsmen in Columbia, Md., said enterprises will have to document -- specifically and closely -- all of their network resources before considering intent-based networking systems.
"The way most enterprises tend to work on their networks is to come up with a design, and then all the paperwork relative to design gets puts on the shelf and rarely referenced because of all the changes made to the network. You're really lucky if the networking team updates the topology maps," Slattery said. "But today, executives want everyone to move faster, and the result is the documentation and the network fall out of sync with one another."
He added, "With IBN, your documentation has to be the source of truth, and that is an entirely different paradigm for most enterprise networking organizations. Documentation becomes primary and then that is used to populate a database to which your automation tools can go to validate the network."
Creating a foundation of robust APIs to fuel development
Shamus McGillicuddy, an analyst with Enterprise Management Associates (EMA) in Boulder, Colo., said the success of intent-based networking systems also depends on a robust foundation of application programming interfaces. "Those APIs driving programmability to enable IBN have to be really good, and they have to permit [engineers] to do what they need with their network devices. They have to be quality APIs, well-documented and they can't break."
That's particularly important if APIs are to replace the deep functionality now embedded into CLI. "An API should be able to give you access to every feature your networking staff might want to do," McGillicuddy said.
Interest in APIs comes as enterprises are looking for ways to diminish their reliance on CLIs, McGillicuddy said, citing EMA research that found 82% of data center administrators engaged in digital transformation projects would like to swap out CLI for more programmatic tools. And of that total, 17% are taking that step specifically to enable IBN. "They want to increase network agility and reduce risk -- meaning reduce the opportunities for making mistakes," McGillicuddy said.
Another consideration is how IBN will be deployed within the enterprise. For its part, Cisco is focusing its initial effort on the campus network, although it fully expects to extend DNA's capabilities across the WAN and -- through its Application Centric Infrastructure software-defined networking initiative -- to the data center, said Sachin Gupta, Cisco's senior vice president of enterprise product management.
"We believe the network can be much more intuitive; the infrastructure has to be able to consume intent," Gupta said. "We've thought about this from what it means in the hardware to be intent-based, to have the APIs, to be programmable, to have the right data sent to the operating system on top -- we are looking at the entire stack."
Cisco has DNA in trials with 75 customers, including Scentsy and Royal Caribbean Cruises. Gupta said he expects a handful of those customers will be in production with DNA later this year. "We're finding broad interest, but the model we're moving to is a pretty dramatic shift. Customers are very used to CLI and how you build a campus network, so this is a significant shift for them."
In the meantime, Apstra is eyeing the data center as it bets its vendor-agnostic approach to IBN will enable it to gain traction. The company, based in Menlo Park, Calif., just released the latest version of its Apstra Operating System software with features that allow users to apply intent to older Layer 2 switches through the use of a virtual LAN extensible overlay.
"We haven't seen too many organizations that only have one vendor in their environment," said Mansour Karam, Apstra's CEO and founder. "If you want an operational model for your data center that is future-proof, you better not tie it too completely with your hardware because that will preclude your choice in the future. We believe there is a software strategy here that is independent and disassociated from the hardware choice underneath."
IBN impact on engineering roles
While IBN will not require engineers to become full-blown programmers, it will force them to better understand the policies and business requirements driving the network.
"Instead of just overseeing the technical network, they will need to know how to design a business solution," EMA's McGillicuddy said. "That will require translating [network management and operations] into business intent."
NetCraftsmen's Slattery was more direct: "They're going to have to learn new tools."
There will be a culture shift, Slattery added. "[Network engineers] will have to keep their minds open, but realize they will have to change their processes. The cowboys who went, 'OK; give me access to the network devices, and I'll make everything right,'" will no longer exist, Slattery said. "That culture won't work with the new processes."
Above all, intent-based networking is a technique engineers and enterprises need to pay attention to, although adoption will likely face some hurdles as companies begin to incorporate more automation and concepts like machine learning and artificial intelligence into their organizations.
"Intent looks like it's the Holy Grail everyone is striving toward, but that doesn't mean 20 years from now everything's going to be intent-based," analyst Fruehe said. "It means part of that journey will include more automation, more intelligence and more autonomous networking, where the network takes care of itself."
Separating IBN myth from truth
Keep complex networks simple with IBN
Use IBN to manage UC apps
- A Network Operations Guide for Intent-Based Segmentation –Fortinet, Inc.
- Computer Weekly – 21 November 2017: What can intent-based networking do for you? –ComputerWeekly.com