Cisco brings intent-based networking to the end-to-end network

Cisco brings intent-based networking to the end-to-end network

Today at a media and analyst event in San Francisco, Cisco announced it plans to deliver on “intent based” networking, which has the potential to be the biggest change ever in the way networks are managed.

Intent-based systems operate in a manner where the administrators tell the network what it wants done and the how is determined by the network and then the specific tasks are automated to make this happen. For example, if a business wants to secure all traffic from accounting, that command is issued and the systems would take care of all the technical details.   Network changes are automated and continuous, so if a worker moves, all the policies and network settings follow him or her

The analogy of an autonomous car has been used to illustrate a traditional network versus an intent-based system. A traditional network is a bit like a self driving car where many tasks, like lane changes and turns can be automated. An autonomous car is continuously gathering information and can adapt as the conditions change. If traffic gets congested, perhaps the car takes an alternate route. The data gathered by the car creates a closed-loop system to make the car smarter and more predictive.

The concept of intent based certainly isn’t new. However, up until now most experienced network engineers were able to keep up with the needs of the business, even with manually intensive processes. As I pointed out though, digital transformation changes everything and those organizations that refuse to change will no longer be able to keep up.

Earlier this year, Apstra came to market with a solution focused at the data center but no one has yet to bring intent based to the end-to-end network. Cisco’s new solutions are focused on enabling businesses to deploy a network that can scale from thousands to millions of connected devices while leveraging a closed loop system to constantly learn, adapt and automate network operations to better secure the environment and optimize application performance.

Cisco’s intent-based networking is fueled by contextual information and then acted upon by machine learning based “intuition”. The pervasiveness of Cisco infrastructure allows it to collect network traffic but also contextual information such as who users are, what resources they are accessing, where they may be located and how endpoints are connected. This information can be used to create customized experiences and improve security. Machine learning is used to analyze what the contextual information means, gather new insights and then predict outcomes. This is critical in being able to turn data into actionable insights.

To support its new network model, Cisco announced the following new technologies:

  • DNA Center is a centralized management platform that lets IT teams put intent-based operations into action. The product encompasses all aspects of the network life cycle including design, provisioning, policy and assurance. DNA Center also manages hardware and software life cycles to keep the routers, switches, access points and other infrastructure up to date.
  • Software Defined Access automates policy enforcement and network segmentation across the network fabric. The process of on-boarding users can be time consuming and tedious leading to errors and creating security risks. The ability to automate this process becomes critical for IoT as network operations is often not even aware of when an endpoint is attached to the network. In the press release Cisco claims network provisioning time can be reduced by 67%, and the impact of a security breach lowered by 48%. I’m uncertain of how these were calculated but from my research into automation, these numbers seem realistic.
  • Network analytics platform categorizes and correlates the massive amount of data traversing the Cisco network. It uses machine learning to convert data into actions and then delivers the information to DNA Center.
  • Encrypted traffic analytics enables Cisco to “see” and analyze encrypted traffic. Hackers are smarter than ever and are hiding their threats in the growing amount of encrypted traffic. Cisco’s Talos security intelligence and machine learning is used to analyze traffic patterns to infer threats in encrypted traffic.
  • For all you fans of the Catalyst family, it lives on. The new Cisco Catalyst 9000 Switching Portfolio is a new series of switches built specifically for the digital era to handle the unique demands of mobility, cloud, IoT and integrated security. Like all Catalysts before this, the 9Ks are powered by Cisco’s own silicon. These will run IOS XE for software. The combination of hardware, software and silicon has always given Cisco a competitive edge and these new products will provide similar differentiation. The fixed form factor 9Ks (9300 and 9500) will be orderable in June and the chassis based 9400 in July.

All of the new technologies and intent-based systems are supported by a set of services Cisco is calling “DNA Services”. These can be used to help customers get the technologies deployed faster in a way that can meet their needs best. Not everyone will adopt intent-based networking overnight and Cisco Services are in place to help build a road map that includes all the critical components including software, security, analytics and automation. Historically, Cisco has had a number of technologies that were lightly adopted (TrustSec, ISE) because many customers didn’t have the best practices or the know how to deploy them without creating risks. The DNA services should alleviate those concerns.

Lastly Cisco is releasing a new DNA Developer Center that falls under the DevNet umbrella. This is used to help software developers and IT pros create applications that interface with the network. DNA Developer Center includes a number of learning tracks, sandboxes, APIs and developer support.

Network professionals may look at intent-based networks as the ‘death knell’ of their career but nothing could be further from the truth. The importance of the network has never been higher and can create competitive differentiation for businesses. However, network operations cannot work fast enough to keep up with all the demands created from IoT, cloud and new operating models. Embracing automation and intent based systems allows IT to work on strategic things instead of having to perform mundane tasks.