Network design has been a one-sided affair. As engineers and network operators/architects we come up with an idea based on need, and we sit down to create the ideal network. But then something happens, as we go to implement the network we have a breakdown in communication. We have no way to ask the network if it is going to be able to out carry our design.
This failure to communicate is causing all kinds of issues, whose effects usually show themselves as deteriorations in performance, network outages, and security vulnerabilities. And how have we been adapting to this lack of mutual understanding? By changing our behavior as network operators adding in several new systems and tip-toeing around our data centers.
While many of these systems have proven to be useful they are not looking at the cause. We monitor for performance issues or search for breaks in the link all hoping to react and repair the error before a customer, end users or our boss notices. We look for evidence of compromise, indicating a failure of protection and base success on our time to remediate. As network operators, we are still largely in a reactive mode based on what has already happened in the network. How do we switch our posture to a truly proactive one, while using what we already have and without adding more complexity?
We have forgotten the network. We have forgotten to collaborate with the network to build strong, capable and resilient environments. We all want networks that are agile, resilient, protected and not prone to network outages. But our methods have been prescriptive, and we are not looking at the basics. We are not ensuring the network understands our instructions and it has been built to behave as our designs intended.
In life if you want the most out of those working around you, we need to have good concise communication. Networks are no different, if you want a network that is always available, agile, and can carry out changes, without breaking, you must give it concise directions and ensure it understands the intent of your design. This builds it strong and resilient from the beginning. And you must have the ability to constantly verify that this mutual understanding still exists. To find the cause of our communication breakdown, we should go back to how we are currently communicating our network designs. It is a one-sided affair, without feedback from the network.
This is no fault of ours. Today’s networks are complex, supporting a variety of vendors in mixed environments: legacy, virtual, SDN, Containers, and whatever may come next. The evolutionary complexity of our networks has made closing the loop of communication and design basically impossible with current methods. So, we have settled for “good enough,” to validate our intent. We implement a new design, or change, do a spot check on a few devices, maybe even segments on our network, turn it on and cross our fingers. Going home with a giant cloud of fear and doubt over our heads.
This approach is the underlying cause of many of our network availability and agility issues. It comes down to a fundamental breakdown in communication at the onset of design; we have failed to build a good foundation. Now that we have identified the cause, the first step in solving any problem, what is next? This is the force behind the movement of Intent-Based Networking. In recent years, much has been said about Intent-Based Networking in academic circles, and now Gartner too is recognizing the need behind closing the loop on network design.
What if you could have an honest conversation with your network?
Knowing the intent of the network design and verifying that the network is going to be able to do what we want it to do, reaps immediate rewards. The ability to ask the entire network if there are any segmentation violations ensures that any potential vulnerabilities are identified and repaired before they are exploited. Network change is no longer an issue. Imagine an environment with immediate and continuous feedback. Know before you go home, if that change is going to bring the network down and affect its availability. This newfound confidence, agility and ability to quickly spin up new solutions and applications is going to turn any network operator into the business hero.
These benefits are just the start and provide immediate value. The real value is in the unknown. Innovation, no longer held back and limited by known prescriptive designs will spring forth new methods for networking. For too long the network has been stale, with a huge NO placed in network innovation and design around fears of bringing the house down. We have settled for playing within safe, known confines of what has not broken the network in the past. Network architects with a new level of assurance and confidence will break this mold and start collaborating with the network, asking, “what do we want our networks to do?”, with immediate and continuous feedback. Imagine what may be possible. Based on a simple shift in the foundational approach to achieving network intent, design, implementation, and verification, all by closing the communication loop of intent between human and network and building a strong healthy foundation.
Learn more about Veriflow and our Proactive Approach to Assuring Network Resiliency and Protection in our most recent white paper.