Networking is on the brink of a paradigm shift with the introduction of Intent-Based Networking (IBN).  This technology promises to deliver more agile networks with fewer issues across heterogeneous devices, which in turn offers benefits of reduced opex, continuously optimized performance, better compliance and better user experience. IBN can do this because it drives the network configuration algorithmically so it can respond faster and scale larger than a human operator.   

How it works

IBN is an automated tool that helps networks engineers plan, design and operate networks to improve agility and availability. It allows the administrator to move away from configuring their desired outcomes in esoteric device-specific command lines, and instead use a natural language or graphical interface to express their intent. For example, they may want to prevent members of the engineering group from accessing sales data, or they may want to ensure there are always two separate paths between servers. Recent advances in formal verification techniques and modeling languages such as YANG have enabled IBN to become a practical solution to answer the question, “Is my network configured correctly?”

The key to IBN is the continuous cycle of verification and remediation that constantly checks the configuration meets the intent and makes corrections in real-time.

Intent Based Networking

IBN consists of a number of components, each of which delivers benefits:

  • Management Dashboard to configure the system (express the intent) and monitor operation. Although IBN’s purpose is to run the network autonomously, human intervention will be required (and desired) for some time to come.
  • Intent Translation takes the “what” and translates it into the “how”. Typical interfaces are either menu-driven graphical or a more sophisticated natural language option.
  • Network Verification proves that that translated configuration will deliver the desired intent with no security or reliability issues. This component uses formal verification tools to mathematically test and exhaustively prove that the configuration is correct.
  • Remediation reacts to changes in real-time (e.g. if a link fails, or a device goes offline). Capable of learning from past incidents and network best practices, using Machine Learning (ML), it is able to apply corrective actions to a wide variety of network issues. This is the newest area for IBN development and although great progress has been made, experts agree that for some time, humans will still be required to approve the corrective actions suggested by a remediation engine.

What does Allied Telesis have?

Allied Telesis began developing tools for autonomous network management several years ago. The Allied Telesis Autonomous Management Framework (AMF) and Autonomous Wireless Controller (AWC) both save time and cost by reducing the amount of manual effort required to operate an enterprise network. Recently we launched Vista Manager EX as our management dashboard that presents AMF and AWC on a single-pane-of-glass graphical tool.

These tools accomplish the day-to-day heavy lifting of running a wired and wireless network, to free up skilled network resources for more useful tasks.

Our roadmap

In keeping with our philosophy of making networking easy, we plan to add functionality to Vista Manager to provide a complete network management solution with the added benefits of IBN.

We already have some components in development, designed to deliver more cost and security benefits for enterprise networks:

  • Secure Enterprise SDN (SES) is a smart application that blocks security threats right at the edge of the network. It works in tandem with the corporate firewall to identify the source of internal threats and isolate suspect devices before they can infect other parts of the network. SES integrates with AMF to enable direct control of edge devices. A plug-in to Vista Manager will be available soon to facilitate easy setup and control of SES.
  • Software-Defined WAN (SD-WAN) is becoming an accepted solution to automatically manage and aggregate multiple WAN connections, and save costs as a result. It enables the network to be defined in terms of applications and priorities, rather than network protocols, which makes it partly “intent based”. As such, it is easier to configure than other WAN technologies, and because it monitors and reconfigures connections automatically, it is able to optimize WAN links for the best experience and the lowest cost. Vista Manager will be the dashboard for SD-WAN offering a graphical interface for set-and-forget configuration.

Further out, we have plans for an Intent Translation component based on our work with OpenFlow and Software Defined Networks (SDN). Our initial goal is for the user to specify only the desired source and destination of the traffic, then the necessary configuration will be automatically calculated and applied to all the intermediary devices.

Arguably, the largest benefit of the IBN solution comes from the formal verification of the network configuration by the Network Verification component. This verifies that the network configuration meets the intent and ensures there are no security breaches or policy violations (e.g. no single points of failure). We have a lot of experience with automated test tools and simulated networks and expect that we can leverage this to produce a tool capable of checking a network configuration for correctness. This will provide a useful verification and diagnostic tool to help keep the network running smoothly with the minimum of skilled human intervention.

Conclusion

Allied Telesis understands that enterprise customers want simplicity, security and automation. Our customers are already well-placed to enjoy a variety of network automation tools that make networking easy. As Intent-Based Networking gains traction, we will continue to deliver even more benefits at an affordable price.