LAS VEGAS -- Cisco has entered the nascent market for intent-based networking systems with a grand vision of leading...
customers to a new era of network management. But realizing that vision will depend on whether Cisco can successfully integrate complex products and build effective support operations.
Cisco launched its intent-based networking system (IBNS) June 20 with the unveiling of the Digital Network Architecture (DNA) Center, the software console for creating and deploying configuration policies for a new line of campus switches called the Catalyst 9000s. This week, at its Cisco Live user conference, the company dedicated a considerable amount of time educating its customers on the use and capabilities of the modernized campus network infrastructure.
In general, an IBNS replaces manual configuration of switches, firewalls and other infrastructure components. On switches, it means a network operator no longer has to make configuration changes through the command-line interface (CLI) of each piece of equipment. Today, roughly 75% of organizations manage network infrastructure manually, according to Gartner.
Having a network management center that executes policy-based configurations makes a company's network more agile because changes can be made quickly based on the demands of business operations. Also, an intent-based networking system lessens the leading cause of network outages -- misconfigurations and errors on the part of network operators.
Cisco DNA Center challenges
The company has said the Cisco DNA Center will eventually become the central console for an intent-based networking system that touches the entire enterprise WAN, including data center, campus and cloud. For that to happen, however, a lot of other Cisco products will have to be integrated into DNA Center.
Those products include the Tetration network analytics engine; CloudCenter, which lets companies manage applications running on multiple clouds; and the Application Policy Infrastructure Controller that is the heart of Cisco's software-defined networking system for the data center.
"Until [DNA Center] is integrated with those solutions, it's not a single pane of glass," said Brandon Carroll, the CEO of IT training company Global Config Technology Solutions Inc.
One area analysts will watch closely is how well Cisco can incorporate analytics to help customers do network monitoring, troubleshooting and identify threats through the DNA network management center. Good analytics can also help customers create the most effective policies.
"Analytics is one of the most daunting pieces and one of the most challenging pieces and also one of the most important ones," said Brad Casemore, an analyst at IDC.
Beyond technology, Cisco also has business challenges. For example, the company will have to provide a way for customers to transition from old switches to the new gear that supports DNA Center. Today, the software communicates to the Catalyst 9000s through significant changes in IOS, the network operating system in the switches. Older Catalysts either won't work or will only support a limited number of the Cisco DNA Center's capabilities.
"[For now,] you still have that underlying infrastructure that you have to manage that's not part of the overall solution," Carroll said. "That's going to be the hardest part -- getting older equipment out [of customers' environments] and the newer equipment in."
Also, each business unit responsible for selling a product that will go into the DNA network management center has to learn to work together in preparing the technology for testing through Cisco's online simulation platform, called the Virtual Internet Routing Lab, or VIRL.
"We see little bits of them not getting along when you look at the VIRL product," Carroll said. "There are a lot of other Cisco products that could be in VIRL if the business units work together to get their products into that solution."
Cisco has time to work out the kinks. Customers got technical details on the DNA network management center and related products for the first time at Cisco Live. Also, intent-based networking, in general, is just beginning to emerge, so no vendor has all the technology needed for a WAN deployment. Other vendors providing some form of intent-based networking include Apstra, Forward Networks, Veriflow and Waltz Networks. Industry experts expect Juniper Networks -- Cisco's largest competitor in the space -- to launch an IBNS soon.
Intent-based networking defined
The concepts behind intent-based networking have been around for more than a dozen years. Analysts are optimistic that current products are mature enough to start gaining traction in the market. Gartner estimated the number of companies with the technology in production will grow from fewer than 15 today to more than 1,000 by 2020.
Gartner lists four capabilities for a system to qualify as intent-based.
- First, the user has to be able to create a high-level business policy that the product converts into network configurations. The system also has to be able to tell the user the potential impact of the changes before they are deployed.
- An IBNS must then be able to implement the new configurations by making the necessary modifications throughout the network infrastructure.
- The technology has to be able to monitor network status in real time.
- Lastly, an IBNS must continuously validate that all policies are being enforced and take corrective action, such as blocking traffic, when there's a violation.
An IBNS carries some risks, according to Gartner. These include the reliability of the algorithms that power the software. No one can say for sure how well they will work across all enterprise networks.
Other risks include the immaturity of many of the vendors in the market and whether typically conservative network operators will embrace the technology, particularly if early implementations result in high-profile failures.
Key features of a unified network management tool
Network functions virtualization requires a new network management model
The ABCs of unified network management