Blog

Intent Based Networking – A smart leap forward

Yigal Amram By: Yigal Amram July 23, 2018

If you are wondering what an Intent-Based Network (IBN) is all about, Cisco recently described it (in “capsule” form) in a recent introductory paper to the concept, as “A network that predicts, protects and adapts”.

Basically, the system takes a high-level business rule or policy as input from end users, and translates it to the necessary network configuration tasks, and then generates and checks the resulting design and configuration for correctness.

Gartner’s Andrew Lerner expanded on Cisco’s short version about a year earlier, and in particular positioned it within the scheme of networking infrastructure and hierarchy or, more precisely, the role IBN will play there: “[It]….is not a product, or a market. Instead, it is a piece of networking software that helps to plan, design and implement/operate networks that can improve network availability and agility. Another way to describe it would be lifecycle management software for networking infrastructure.” 

Whereas Cisco presents three key concepts, the Gartner definition of what an Intent-based networking system incorporates the following four: 

  • Translation and Validation
  • Assurance and Dynamic Optimization/Remediation
  • Automated Implementation
  • Awareness of Network State

Using some AI in the form of machine learning (ML), it continuously checks that the business intent is being carried out, and if it isn’t upheld, then it takes some applicable network-related action such as blocking traffic, adjusting network capacity and resources, or sending relevant alerts and notifications. All this is carried out autonomously, while providing the network with awareness of state and pervasive visibility, thus ensuring network agility, network availability and stability, and of course network security.

IBN and the thinking car analogy

In an analogy with current automotive concepts of a self-driving car vs. an autonomous car, Cisco describes how the traditional network compares with and differs from the intent-based network:

A traditional network can be compared to a self driving car that has been programmed to carry out various activities and tasks, such as changing lanes and making turns at appropriate junctures, stopping at traffic lights, etc. These can all be automated. The IBN, on the other hand – like the self-learning autonomous car is continuously updating its “knowledge” and “awareness” by gathering data and information, in order to be able to adapt to changing conditions. For example, as traffic starts becoming heavier or entirely congested, the autonomous car may seek out and take an alternate route to its destination. The data gathered by the car creates a closed-loop system to make the car smarter and more predictive.

Similarly, the IBN will gather data on system usage, analyze it, and generate useful and usable contextual information from the network. This could be, for example, data such as who are the users, and what resources they are accessing, where they are located, and how the various endpoints are interconnected. The information can be used to create customized experiences and improve security. Machine learning is used to examine the significance of that contextual information, create new insights into what it has learned and use that information to predict outcomes. In this way, the continual loop of data gathering and analysis via ML enables the IBN to translate the raw data into actionable insights.

IBN use case example: Street traffic management

The intent-based networks concept is in its earliest stages of being implemented in networks across the industry – and already, the talk and the hype is being felt. There is a very informative overview of useful typical use cases presented in a blog by Alan Sardela of Extreme Networks. Here he describes some typical areas where IBN would be a definite boon, as compared to current, traditional network management.

Sardela describes how data is handled in turnaround-scenarios, where critical information and decisions get backlogged in the areas of street traffic management, risk mitigation, and network security. The premise is, that there are numerous scenarios in which intent-based networks can automatically handle situations better than the engineers who need to manually react to situations. They must run through a time-intensive loop of: receiving and analyzing data, and then deciding what to do, and then carrying out the necessary actions, and then following up on the after-effects, which may also require returning to the beginning of the loop with more actions.

In his description of the traffic management scenario, for example, he concludes:

“The transportation analogy […] is very apt here, for you can see that when the changes are not in real time, the remedial action, though correct, is inconsequential or ineffective: changes in the traffic light pattern a couple of hours later will still leave you stuck in the intersection for the interim.” In other words, although everyone in the steps-to-be-taken was informed in time, the actual handling of the situation brought about the correct response – but much later than when you needed it to happen. His example, by the way, is apt not only for street traffic management, but also for network traffic management."

SDN and IBN – A meeting of minds (and technology)

In another example – in a TechTarget article about the software defined network (SDN) and how they relate to IBN – consultant Lee Doyle describes how a data center user could use natural language to carry out a rather complex task: “… an IT administrator or network engineer can request improved voice quality for its voice-over-IP application, and the network can respond.)”

In addition to providing a quick historical and technical overview of SDN, Lee tackles the relationship between SDN and intent-based networking. He suggests that IBN and SDN have common traits, where “IBN extends SDN concepts to improve network automation and abstract complexity, which includes capabilities like reducing manual network programming”. In fact, there is a technological overlap, whereby, IBN integration may actually include SDN controllers, and he also outlines some of the current IBN features being implemented. These include automating operations like IP address settings and configuring virtual LANs, and analyzing network traffic to detect threats and offer clues to troubleshooting network problems.

Advantages of IBN within your network visibility layer

The network visibility layer is composed of multiple devices, such as Network Packet Brokers , Taps and Bypass switches whose overall purpose is ensure that the right tool, whether its a Network Performance Monitoring and Diagnostic (NPMD) tool, a Firewall, and IPS, and or other security tool. Within this environment we are developing Niagara Visibility Controller (NVC) with an IBN framework to achieve two primary goals.

The first advantage is the ability creating and configuring complex services with ease, thus minimizing errors and down time. How do we do it? In "intent-based networking" the user tells the network visibility layer what he wants, but not how to do it. In our IBN framework we developed an abstraction layer on top of REST API. For example if my deployment includes three connected packet brokers, each with an array of connected network traffic points and tools, the user would say “load balance traffic from inbound1 and inbound2 across inline tool A and inline tools “. In a prescription language the the that would translate to “check connection between packet brokers, find most efficient path, create forward and backward paths for each inline, VLAN tag the paths between the packet brokers device, define output ports as port group….and more.

The second advantage is to turn the traditional static network visibility layer into a responsive and dynamic layer. In a responsive network visibility layer, event-condition-action will change the packet broker configurations to block certain traffic flows, or forward traffic through different route across the connected virtual switching fabric.

Summary

Like the autonomous car that is just around the corner that will make great strides in changing our everyday transportation needs, the intent-based network (IBN) will change the way networks will be designed and run. The INB is going to offer a new approach to network management and infrastructure, providing a self-learning system that will parallel and/or integrate with SDN for more visibility, quicker reaction time when required, and adaptive intelligence for smoother and more stable networks.

Niagara Networks see intent-based networking (IBN) as the up-and-coming direction of network infrastructure, configuration, and implementation. Our highly innovative network operation teams are not just poised to implement the new technology, but are already pioneering and breaking ground in this field.

New call-to-action