Network Automation: Can It Benefit Everyone?


At a recent Juniper Innovation Showcase analyst briefing, the company emphasized two dimensions of innovation: performance and automation. This made me think of how much we have accomplished in the world of network automation and whether these accomplishments have provided benefits for enterprises as well as hyper-scale (or SaaS operator) companies.


Scale Easily Justifies Automation Benefits

People often consider the requirements of managing hyper-scale networking infrastructure to be significantly different from those of regular enterprise networking. In particular, the need for network automation has traditionally been considered most relevant to operators of hyper-scale or web-scale networks. Obviously, that’s true since large-scale operators try to scale the capabilities of their system admins to handle as many devices as possible. It would be uneconomical to have a network admin-to-device ratio to be similar to those found in typical enterprises, as this would lead to companies such as Facebook or Google hiring a veritable army of admins. Large hyper scale operators are known to have an administrator-to-server ratio that is in the range of one to tens of thousands of devices. Of course, the hyper-scale operators’ workload characteristics are quite different from those of classic enterprises, but it’s still an impressive number. Much of this efficiency comes from the uniformity of type of workloads they run, and a common building block approach to the systems they run, but automation also drives this level of efficiency.

What About Enterprises?

Can enterprises aim to wring the same type of efficiencies from increased use of automation, or are there core differences between these two categories of customers? For instance, enterprises have a wide variety of workloads and networking needs ranging from legacy apps, a variety of networking security zones, and regulatory needs that differ from those who run a social networking site. Let’s consider what motivates each segment to adopt their tools and processes and what prevents them from deploying as quickly as they want.

Enterprises certainly have a high desire to invest in managing their networks. ESG recently completed its annual IT spending intentions survey of 601 senior IT decision makers at midmarket (i.e., 100 to 999 employees) and enterprise (i.e., 1,000 or more employees) organizations across North America and Western Europe. The results show a high desire to reduce manual processes, with 39% of the respondents stating that network management is a key area of investment this year, which is only second to network security. This area includes the provisioning of network services. Therefore, the need and motivation for network automation is definitely there.

Automation comes in many forms. It can include configuration management as well as monitoring. (examples are tools from independent software vendors such as Ipswitch, ManageEngine, and Solarwinds). Monitoring is a well-established area and there are many tools deployed in enterprises today. Interestingly, network data analytics was considered by 28% of the respondents to be an area of significant investment in the coming year and I believe there may be some overlap between network management and data analytics investments. Look for vendors such as Solarwinds and Ipswitch to gain traction here. Open source initiatives from independent projects as well as those made available from network device vendors such as Juniper may also gain popularity, but open source projects do take time to gain critical mass and become more than a point solution.

Given this level of interest in spending, I find the availability of tools for configuration management and provisioning to be still relatively immature compared to monitoring. 

Why Is Automation Hard for Enterprises?

Why do enterprises tend not to deploy as much automation? It’s not that enterprises inherently do not want to enjoy the same efficiency benefits. All else being equal, any network administrator wants to reduce operational costs. The inhibitor is that the fixed or set-up costs for incorporating network automation into their operational processes are often perceived to be too high to gain the benefits for the number of devices they manage.

Why is it so difficult to automate? Surprisingly, people are still using tools or scripts to enter data into CLIs or screen-scrape in order to automate network device control. These techniques have been around for decades! People have attempted to make this better, but protocols such as SNMP has never provided the reliability to perform what it was intended to do.

But the world is finally changing. Many devices from companies ranging from Cisco, Juniper, and Arista now incorporate APIs to supplement command line interfaces. These APIs are accessible for scripting languages that are popular in the dev-ops culture -- these include tools such as Ansible, Puppet, Chef, and are accessible via common APIs such as REST or by scripting language specific libraries. New attempts to create standards such as NetConf and OpenConfig are in progress. Yet even with these tools, we still require network admins to perform automation in a DIY mode, by writing custom scripts. 

DIY mode is somewhat painful, but these APIs are a whole lot better compared to CLI automation and screen scraping. With this foundation, augmented with increased knowledge of scripting, we have now laid the foundation for the next generation of tools, and we should be moving to the next stage of automation.

What’s Next?

We hope that the APIs work with standards that enable cross-vendor automation, and that we get more third party tools as ISVs and networking vendors step up to the challenge to create more comprehensive tools. Companies with broad sets of tools such as ManageEngine or Solarwinds may be in a good position to extend their product lines. The building blocks are starting to get into place, making it more economically viable to deploy network automation in enterprises as well as large-scale operators. The ROI will start to become attractive, and I believe enterprises will consider adopting these network automation tools, even in relatively small deployments.

Going back to what I heard at the Juniper event, it was refreshing to hear that automation is the end goal, and that technologies such as virtualization or SDN are simply means to an end. Everyone wants the benefits of automation and although technologies such as network virtualization are great enabling technologies, we must keep the eye on the ultimate goal.

  network security analysis



Topics: Networking