Intent-based network: the next big thing?
A network architecture that can think and automatically react with little human intervention is already here
One and a half years ago Gartner coined the term “intent-based networking”, terming this technology the “next big thing.” And there was good reason for that.
Intent-based networking flips the whole notion of networking. Unlike traditional networks that are managed manually, intent-based networking (IBN) topology incorporates artificial intelligence (AI) and machine learning to automate administrative tasks across a network. The admin defines the desired state of the network (the intent), and then automated network orchestration software takes over to implement those policies.
IBN emerged out of a genuine need to modernise network operations. According to Michael P. Toussaint, research director at Gartner, there has been painfully little innovation in the network operations space in the last decade. “We’ve been running IP/Ethernet/BGP based networks for more than 15+ years. The CLI is still the primary interface for network changes,” Toussaint remarks. Despite a variety of automation options since (automation tools, fabrics, NCCM, overlays), automation hasn’t really taken off, Toussaint observes.
IBN wants to change that.
Intent-based networking technology uses declarative statements or commands to direct how the underlying network of the data centre should operate.
It uses these instructions to intelligently decide how the network should be configured at any given point in real-time based on the resulting set of global policies while maintaining a single source of truth for the entire network, explains Mansour Karam, CEO and founder of Apstra.
IBN may also take advantage of Intent-Based Analytics to continuously monitor the network, collect telemetry throughout the system, and maintain a closed loop feedback model which enables network operators to proactively identify and fix problems, Karam adds.
Apstra a start-up, is one of the pioneers of the technology, together with established network vendors such as Huawei and Cisco.
In June 2017, Cisco launched its intent-based networking initiative, intending to create an intuitive system that anticipates actions, tackles security threats, and continues to evolve and learn.
“Cisco’s IBN helps customers simplify complexity, optimise IT, and reduce operational costs by leveraging intelligence, automation and human expertise” says Osama Al-Zoubi, chief technology officer, Cisco Middle East and Africa.
During this year’s Mobile World Congress, Huawei launched its Intent-Driven Network solution. The solution is designed to bridge the gaps between the physical network and business goals by creating a digital twin of the network infrastructure. These technologies will enable software-defined networks (SDNs) to evolve into intent-driven networks, and drive business value.
Faisal Ameer Malik, CTO, enterprise solution sales department, Huawei Middle East says Huawei’s key strategy is to target clients and customers with large-scale, or ultra large scale DCNs. This also includes enterprise users, extremely large public cloud, and industry service providers, as well as carriers. “This is extremely critical for us since DCN is used as the main channel for the deployment of Intent Based Networking,” Malik says.
These vendors laying the groundwork for adoption now will be the winners. Vendors who are not preparing to the eventual pivot from manual CLI to intent-based automated network, through investments in IBN enablement for their products, will ultimately lose, Toussaint warns.
Even at this fairly early stage of IBN technology, innovations are emerging.
After Cisco’s initial foray into intent-based networking with Cisco DNA, it rolled out the next act – announcing the network as an open platform. This new development is all around transforming IBNs into fully open platforms - ones that seamlessly integrate into IT systems and business processes, says Al-Zoubi.
There are four levels of intent-based networking beginning with Level 0. Nearly all vendors, and more specifically hardware-based vendors, offer Level 0 Intent-Based Networking which enables basic automation of the network. Apstra Intent-Based Data Centre Automation is designed with Level 2 Intent-Based Networking technology. This extends beyond basic automation to include a single source of truth for design, deployment, configuration, operations and analytics of the system (known as Level 1 IBN) in addition to system-wide real-time verification at scale (Level 2 IBN) which delivers intent, collects analytics, and performs verification all in real-time.
The benefits of intent-driven networks are wide and varied, and are only starting to emerge.
Gartner’s Toussaint says businesses can reduce OPEX associated with managing networks and free up senior-level network resources to focus on more important strategic tasks. Additionally, intent-based algorithms can provide better traffic engineering versus traditional approaches, such as routing protocols. This can improve application performance, he adds.
“Intent-based networking can also help in reducing dedicated tooling costs because intent tools can circumvent the costs of other related network infrastructure tooling, as automation and orchestration are embedded in the IBN,” explains Toussaint.
Cisco’s Al-Zoubi says an intent-based approach to networking avails numerous benefits for business and IT leaders. These include improved business agility and operational efficiencies, better compliance and security, continuous IT and business alignment and reduced risk. “The full potential of IBN is ultimately recognised when it is deployed across all network domains, including data centre, campus, branch, and WAN,” he adds.
A general scepticism is whether intent is simply rebranded SDN. No, says Toussaint. Intent-based networking software helps to plan, design and implement/operate networks while SDN is a simple architecture for networks. “Intent-based network software can “drive” a network that is either SDN-based or non-SDN based,” Toussaint explains.
SDN was developed to cater to the need requirement to automate, scale and optimise networking for applications that may be provided either via an enterprise datacentre, a Virtual Private Cloud or a Public Cloud. While SDNs have largely automated the process of network management, organisations now require even greater capabilities from their networks in order to manage their own digital transformation, Al-Zoubi observes.
Organisations are now looking for automated translation of business polices to IT (security and compliance) policies, automated deployment of these policies and assurance that if the network is not providing the requested policies, they will receive proactive notification. These are some of the reasons driving the move beyond SDN towards intent-based networking.
“Though SDN is a foundational building block of intent-based networking, IBN adds context, learning and assurance capabilities, by tightly coupling policy with intent. ‘Intent’ enables the expression of both business purpose and network context through abstractions, which are then translated to achieve the desired outcome for network management,” Al-Zoubi explains.
IBN augments SDN, by delivering the network agility that organisations require to accelerate their digital transformation. By adding important capabilities, such as translation and assurance, a closed loop intent-based networking platform helps IT deliver continuous agility, reliability and security to significantly improve IT and business outcomes.
Malik says IBN and SDN are widely different. SDN is predominantly a network construction method, he explains. It focuses on how to control infrastructure in the network and configure network policies in an open and programmable manner based on software. IBN on the other hand pays more attention on how to enable the network to meet the service intention of the user, so that the intention and the network status can smoothly and continuously achieve a high degree of consistency.
SDN helped to drive increased adoption of commoditised hardware in the data centre and enabled the operation of the underlying network to continue even if there was a loss of the control plane. Intent-based networking solves the same problem SDN set out to solve, but does it at the correct layer - namely the management layer rather than the control layer, Karam explains. In doing so, it delivers on capabilities well beyond these by automating the underlying network, enabling the use of declarative statements as an abstracted interface to direct the network, incorporating a single source of truth, and incorporating real-time verification.
Any conversation around automation leads to questions whether people will be made redundant. Most likely no, says Gartner’s Toussaint. “Intent will simplify things that humans do including validation. It will automate configurations tasks and dynamically remediate. But you need humans to input data into the system. It will certainly shift resources away from mundane networking tasks.”
Internet of things
IoT will have a big enough impact to force a fundamental change in how we create and manage networks. The technical challenges are substantial. IBN, which allows network professionals to manage the on-boarding and administration of network-connected devices at scale, can solve many of these challenges.
IoT has several notable characters including real-time traffic behaviours, a requirement for continuous network reliability and significant volume of content demanding processing, analytics and storage. Scaling data centres and edge compute to address IoT demands often requires more processing and storage which is distributed as closely as possible to where the data originates. The increase in complexity across multiple sites which typically have little to no technical expertise onsite demands a model for remote management, operations and troubleshooting at scale. “Intent-based networking has the ability to deliver this across multiple sites and at tremendous scale,” Karam says.
The IoT revolution is huge, and is on track to be the next big ground breaker in technology. However, such big change requires some essential elements and one such element to IoT is security, observes Malik of Huawei says. “The security of the IBN network does not form a unified standard and interface, which extends the digital world to the physical world. Therefore, the evolution of IBN based on the evolution of security issues is very important for IoT,” Malik adds.
Indeed, intent-based networking will perhaps have the biggest impact on security.
According to Cisco 2017 Security report, an average security breach results in 29% lost revenue, 22% lost customers and 23% lost opportunity. Recent cyber breaches highlight the criticality of securing the digital network against today’s and tomorrow’s threats. Securing the business is critical and co-equal with growth initiatives and with an intent-based network, the two don’t have to be mutually exclusive but are in fact complementary.
Security organisations need to predict and see threats everywhere - across applications, devices, cloud and network. Services such as encrypted traffic analytics (ETA), which is a part of Cisco’s IBN, can identify and mitigate threats even in encrypted traffic with up to 99% accuracy, Al-Zoubi says
Intent-Based Networking incorporates inherent security functions and integrates with network security solutions to align business policies with security policies across private, public and hybrid data centres. Intent-Based Networking will take declarative directives including requirements to establish end-to-end secure connectivity from applications and workloads to destinations, Karam explains. “Intent-Based Networking has the ability to reduce vulnerabilities which may occur as a result of misconfigurations, unapplied policies or outdated operating systems within the network,” Karam adds.
IBN provides a powerful tool for security teams to ensure their infrastructure is in full compliance, all the time. Intent-Based Networking can detect loss of compliance in seconds rather than days, Karam observes.
The network of the future
IBN is just a precursor of where the network is headed. With machine learning (ML) and artificial intelligence (AI), the network of the future will be smarter as well as faster—automating everything and collecting data about everything that happens. “That intelligence is what will bring about the unprecedented business outcomes promised by Future IT, like faster innovation, cost optimisation, and reduced security vulnerabilities,” says Karam.
Cisco’s Al-Zoubi describes the network of the future as a multifactorial sensor, where networking professionals will be able to view the network and everything happening on it, end-to-end and in-depth. Using statistical analysis and machine learning, it will be able to detect service attacks or malware streams and block and remove threats, even in encrypted traffic, without waiting for a human.
Intent-based networking will be extremely critical in how networks are managed in the future, and will be determined by network virtualisation, says Malik. “IBN integrates the resources and functions of network hardware and software into a single virtual network seamlessly. With this upgrade, users can use virtualisation to build a programmable logical network across their physical boundaries to implement large-scale multi-tenant, and improved resource utilisation,” he adds.
Current technologies only allow us to glimpse into how the network will evolve. One thing is for sure-the network will never be the same. The hardware-heavy, labour intensive network we have become used to will give way to an architecture that is agile, intelligent and that will relieve network managers of the mundane tasks of literally running a network.