Intent-based networking, the next big thing in networking

Posted on by Hamillton Barnes

The next big thing on the networking horizon promises to be….wait for it… Intent-based Networking. IBN, the word has been thrown at everyone since Cisco revealed its vision for the future of networking earlier this year. And when Cisco is interested in a technology many will follow. Well established network companies and start-ups are all jumping on the intent-based networking bandwagon. But what exactly is it?

Intent-based network systems or IBNS in short is about giving network administrators the ability to define what they want the network to do, and having an automated network management platform create the desired state and enforce policies. An Intent-based network system is fundamentally a network administrator defining a desired state of the network, and having automated network orchestration software implement those policies. According to the Vice President of Gartner Research Andrew Lerner intent-based networking systems aren’t new. In fact, the ideas behind IBNS are already around for years. What changed is that machine learning algorithms have advanced to a point where IBNS can become a reality soon.

IBNS is very different from the way enterprise networks are managed today. The difference is that Intent-based networking systems monitor, identify and react in real time to changing network conditions. IBNS has four characteristics:

  • Translation and validation: One of the key principles of this technology is its ability to translate commands from network administrators into actions the software performs. So, the network managers define a high-level business policy that they want enforced in the network. The intent-based networking system then verifies that the policy can be executed.
  • Automated implementation: After a network manager has defined the desired state of the network the IBNS software manipulates network resources to create the desired state and enforces policies.
  • Awareness of state: IBNS gathers data to monitor the state of the network constantly.
  • Assurance and dynamic optimisation: This technology ensures that the desired state of the network is maintained constantly. It uses machine learning to choose the best way to implement the desired state and can take automated corrective action to maintain state.

 

 

Intent-based networking integrated products and roll-out

Intent-based network systems are meant to be hardware-agnostic, although several vendors such as Cisco, may make products that are integrated within their own hardware.

Now we will look a little bit more in depth into what Cisco is doing with IBN. Cisco will specifically focus its intent based-networking on branch, access and campus networking. It’s integrating the intent-based networking functionality into two of its product lines, the Campus Catalyst switch line and the data center Nexus products. The new Catalyst 9000 switches combined with functionality in the Digital Network Architecture (DNA) management platform will allow users to create an IBN that includes policy creation, provisioning and verification. When a customer purchases the Catalyst 9000 switches, It is mandatory for a customer to purchase the (accompanying) software subscription. This is all part of Cisco’s new software licensing push. Some of these functions should already be available this Fall according to Cisco. Other features should be available at the end of this year or next year.

Then there is also an intent-based networking strategy for Cisco’s popular Nexus data-center switches. Combine Cisco’s Application Centric Infrastructure (ACI), its flagship software defined networking product with its Tetration network analytics and visibility platform, then you get IBN functionality. ACI is fundamentally a way for users to automate the orchestration of their network. It allows users to describe the security policies, the connectivity policies your apps need, and that’s what it will automate across the network.

Gartner Research Vice President Andrew Lerner thinks that IBNS won’t be mainstream till at least 2020. Early rollouts will likely be for well-defined and specific use cases, such as spine/leaf data centre fabric or WAN edge infrastructure. In the meantime, IBNS is best implemented in pilot and proof of concept deployments. The adoption of this technology will be pragmatic, associated with new build-outs or network refresh initiatives.

Juniper and Start-ups intent-based networks

As said earlier on, when Cisco heads one direction many will follow. Some competitors are also jumping on the IBN bandwagon. Take for example Juniper. The CTO of Engineering of Juniper Kireeti Kompella has said that the companies’ open source contrail software defined networking controller has a function that is very much alike to IBN. While it’s not a full-fledged IBNS, it meets most of the definitions of an intent-based network.

Cisco might be a leader in networking, but when it comes to intent-based networking some start-ups where ahead of the curve. Before Cisco’s entrance into the IBN Market there where several start-ups that were already talking about the idea of giving users the opportunity to specify their intent and having a software platform orchestrate it.

Take for example the start-up Apstra. The company has been founded in 2014 and has released its first product in July 2016. Apstra claims to be one of the original IBN companies that was developing this functionality before Cisco announced its interest in IBN. Apstra CEO and Founder Mansour Karam explains his product as follows: “It runs and operates the network in an intent-driven way. It delivers on the autonomous experience.” The Apstra Operating System (AOS) controls and orchestrates network resources. The company also has a distributed data system that monitors the current state of the network and analyses changes that are being implemented. AOS is hardware-agnostic, meaning it’s an overlay software that can run on any hardware vendor’s products or on whitebox switches. AOS can design templates for what the network should look like, build blueprints for how that vision should be implemented, then control the resource and device management to deploy the configuration. It gathers telemetry data to perform real-time analytics about the state of the network and to detect anomalies that are inconsistent with the desired network policies.

Other Start-ups that offer important parts of an IBN system are i.e. Forward Networks, and Veriflow. Forward Networks was founded in 2013 and creates a software copy of a customer’s network. Using this copy, customers can test a potential change to the network before implementing it. They can verify that changes have been made and roll back changes that cause a problem. This can be done to existing networks, allowing customers to get a taste of IBN functionality without a full-fledged IBN deployment.

Veriflow is a company that creates a predictive model of the network and analyses all possible traffic flows through the network. “It’s like a Google Maps for your network,” says CEO James Brear. This allows users to verify and ensure that their business intent is being met in their network.

SD-Access and intent-based networking


In today’s digital age, enterprise networks are under pressure of many different forces. There is an extremely rapid growth of devices getting on the network which bring connectivity and security challenges. Then there is also, transformations of computing and storage is starting to gain maturity and organisations are looking to replicate these virtualisation benefits at the level of the network. These new digital requirements need a different approach. Where Software-Defined Networking (SDN) concepts provide a starting point to begin solving some of the above mentioned problems, it hasn’t been enough. SD-Access is a new capability that combines the power of policy-based networking, an intelligent network fabric and automation to make intent-based networking reality today. Basically, SD-Access makes the network look like a single large virtual switch to the users and devices connecting to it.

Establishing a layer of virtualization for the end user and the network node is becoming very important to manage the growth of people and devices getting on to the network. Virtualisation allows for agility and flexibility in ways that have been unavailable until now.

SD-Access enables security and segmentation within the network. It makes it intuitive to segment your network based on user and device identity using simple and automated workflows. It’s the easiest way to build virtual networks of IoT devices, guest devices and user devices within just a single converged infrastructure. What SD-Access does is that it combines wired and wireless networks within the intelligent network fabric and makes it easy to roam anywhere in the network providing uninterrupted mobility services to the end-user. It also enables IT teams to offer customized services to different lines of business.

 

 

 

 

 

 

 

To conclude intent-based networking is the next big thing in networking. Some see Intent-based Networking as a logical evolution of advanced network automation. Others believe it’s a fundamental shift in how enterprises use machine learning to autonomously manage networks. Only the future will tell how this functionality will work out in the networking industry.