Networks are critical components of IT infrastructure, and a source of value, as well as a source of vulnerabilities. Products and solutions have evolved beyond the basic role of simply delivering packets to a destination reliably. Understanding behavior, policy, and content are critical for operating a network that delivers high value.
I’d like to think of these systems as intelligent networks. The terms have been formally defined before in telephony, but I want to use it in a broader context.
What sort of intelligent insights do networks provide? They will give you views into application behavior and malicious activity, and provide feedback and telemetry to guide the management of workloads and ultimately the delivery of IT and business services.
The key attributes of intelligent networks are:
- The ability to understand the performance of data delivery.
- The ability to understand the context of data delivery, such as correlating it with applications or users at endpoints, external influences such as congestion within the enterprise network, or the larger context of WAN or Internet.
- The ability to understand the content to provide for security and applying policy controls.
- The ability to understand why the network policy is defined, which may be the workload architecture at a high level, or a low-level configuration parameter that is applied network-wide. These concepts are also referred to as declarative intent.
We must extend this view outside the traditional data center or enterprise and campus networks. The role of network intelligence in public cloud providers, WAN, mobile networks, or the entire internet is critical, and may require correlation across domains to provide actionable insight.
Assistance from systems outside traditional networking, such as big data analytics or machine learning, may be applied to tease additional intelligence out of the raw data.
The benefits are many: Better intelligence provides security, efficiency in use of resources, reliability, regulatory compliance, and operational efficiencies, which all combine into service assurance for the users and operators.
There are many products already on the market that provide for many of these attributes. A small sample includes:
- Telemetry available in a variety of data center systems ranging from Arista EOS, Cisco (including Tetration), or Juniper Junos. Monitoring solutions from firms like Gigamon, IXIA, and NETSCOUT also provide these benefits.
- SD-WAN systems provide behavioral changes based on application context. Cisco (and soon to be Viptela), Riverbed, Silver Peak, and VeloCloud offer these capabilities.
- Declarative intent in systems like ACI, configuration intent by Apstra, or formal verification from Forward Networks or Veriflow.
The concepts are not new, but, combined holistically, offer IT organizations an intelligent view of how the network operates. These may be assisted by application of SDN technologies, but are not necessarily tied to it.
I plan to explore the theme of intelligent networks further in the future as we provide analysis into the networking industry, since applying these concepts to how a network solution is chosen and deployed makes a lot of sense.