itb-au logo
Story image

Networking is experiencing a paradigm shift due to IBN

Networking is on the brink of a paradigm shift with the introduction of Intent-Based Networking (IBN). This technology promises to deliver more agile networks with fewer issues across heterogeneous devices, which in turn offers benefits of reduced opex, continuously optimised performance, better compliance and better user experience. IBN can do this because it drives the network configuration algorithmically so it can respond faster and scale larger than a human operator.      

IBN is an automated tool that helps network engineers plan, design and operate networks to improve agility and availability. It allows the administrator to move away from configuring their desired outcomes in esoteric device-specific command lines, and instead use a natural language or graphical interface to express their intent. 

For example, they may want to prevent members of the engineering group from accessing sales data, or they may want to ensure there are always two separate paths between servers. Recent advances in formal verification techniques and modelling languages such as YANG have enabled IBN to become a practical solution to answer the question, “Is my network configured correctly?”

The key to IBN is the continuous cycle of verification and remediation that constantly checks the configuration meets the intent and makes corrections in real-time.

IBN consists of a number of components, each of which delivers benefits:

  • Management Dashboard to configure the system (express the intent) and monitor operation. Although IBN’s purpose is to run the network autonomously, human intervention will be required (and desired) for some time to come.
  • Intent Translation takes the “what” and translates it into the “how”. Typical interfaces are either menu-driven graphical or a more sophisticated natural language option.
  • Network Verification proves that that translated configuration will deliver the desired intent with no security or reliability issues. This component uses formal verification tools to mathematically test and exhaustively prove that the configuration is correct.
  • Remediation reacts to changes in real-time (e.g. if a link fails, or a device goes offline). Capable of learning from past incidents and network best practices, using Machine Learning (ML), it is able to apply corrective actions to a wide variety of network issues. This is the newest area for IBN development and although great progress has been made, experts agree that for some time, humans will still be required to approve the corrective actions suggested by a remediation engine.

Ultimately technology is required to deliver IBN and examples of technology that is intended to make networking easy, reduce cost and improve security include Secure Enterprise SDN and Software-Defined WAN’s (SD-WAN).

  • Secure Enterprise SDN (SES) is a smart application that blocks security threats right at the edge of the network. It works in tandem with the corporate firewall to identify the source of internal threats and isolate suspect devices before they can infect other parts of the network. SES integrates with AMF to enable direct control of edge devices.
  • Software-Defined WAN (SD-WAN) is becoming an accepted solution to automatically manage and aggregate multiple WAN connections, and save costs as a result. It enables the network to be defined in terms of applications and priorities, rather than network protocols, which makes it partly “intent-based”. As such, it is easier to configure than other WAN technologies, and because it monitors and reconfigures connections automatically, it is able to optimise WAN links for the best experience and the lowest cost.

Arguably, the largest benefit of the IBN solution comes from the formal verification of the network configuration by the Network Verification component. This verifies that the network configuration meets the intent and ensures there are no security breaches or policy violations (e.g. no single points of failure). 

Article by Allied Telesis contributor

Story image
ForgeRock appoints new execs to lead IAM growth
“Identity and Access Management is foundational to a modern security architecture especially now as we are experiencing a paradigm shift towards Zero Trust."More
Story image
Tencent Cloud launches Voov Meeting videoconferencing tool
Tencent Cloud is deepening its presence in the unified communications business, after launching a cloud-based conferencing tool as the world shifts towards remote offices.More
Story image
Data#3 announces remote working solutions to enable Aussie businesses
“We’re delivering proven solutions to our customers and have taken steps to ensure our new rapid approach to deployment delivers the outcomes our customers critically need."More
Story image
Starschema launches COVID-19 dataset on Snowflake's Data Exchange
“It’s essential organisations have access to accurate, near real-time data in this rapidly evolving environment and were humbled that the platform architecture is uniquely positioned to help democratise access to Starschema’s data in this time of need.”More
Story image
Five questions organisations should ask when evaluating an asset management solution
Asset management solutions are imperative for business security, and choosing the right solution that is tailored to business requirements, will determine its success.More
Link image
Revealed: How to ensure compliance in an Open Banking landscape
Find out how financial organisations need to react to help ensure compliance, deliver transparency, and adopt new business models as Open Banking becomes the new norm.More