For many network practitioners, the journey to full network automation has ended prematurely because of two common misconceptions:
- There is too high of a risk associated with automating across a network that lacks any standardized configuration.
- Automation requires me to learn to program and write code.
These may have been valid concerns in the past, but today this is no longer the case. Network teams can quickly implement compliance and automation together to standardize across their entire infrastructure, whether it’s on-prem or cloud, and simultaneously build the skills necessary to create new automations, without the need to write a single line of code.
In Itential’s Academy Session at the ONUG Fall 2021 event, we demonstrated a solution to combat these common misconceptions so network teams can feel empowered with the right tools and processes to automate their networks. Let’s take a look at how we did it.
Start with Standardization
In this Academy session, I demoed how any network team can easily build compliance across their entire infrastructure with Itential and how this compliance enables them to quickly continue the journey into automation.
The first step is to identify a network device or service that best resembles your standard, then view the current running configuration in real-time in Itential Configuration Manager. Next, identify the components of this configuration to determine which features to start with as we build out a Golden Configuration template.
In the CLI portion of the Academy session, we selected features like management services (http and https), syslog, network time, and SNMP. These are great starting points for building a compliance template because they are important secondary features, but commonly end up becoming misconfigured over time. For the API portion, we selected VPC features for Internet Gateway, and Security Groups. In the world of AWS VPCs, these define services similar to an internet router and firewall rules or an ACL.
One of the unique features showcased is how the Itential Automation Platform enables compliance for both on-prem and cloud infrastructure in the same application and a common methodology that every network practitioner already instinctively understands so they’re automation isn’t limited to parts of their network.
Once your Golden Configuration is created, you can assign network devices or API-based network services to a branch of the configuration tree and run a manual compliance check. This compliance check compares the live configuration to the compliance standard that was just built and determines whether the device or service is in compliance. Remediation can be accomplished within Configuration Manager, but this becomes a perfect transition into using automations to accomplish the same process.
Extend Compliance into Automation
Because of the unified design of Itential’s platform, everything that was accomplished in Configuration Manager is available to leverage within an automation inside of Automation Studio, a low-code environment for the rapid creation of end-to-end network automations. We presented an automation workflow that is a 1:1 example of every step of the process followed in Configuration Manager, and leverages all of the work we accomplished in this application. With the compliance process extended into an automation, network teams are immediately familiar with the use case and develop the critical skills they need to build their own automations, without the need to write any code. It becomes a simple matter of using the drag-and-drop canvas to create a logical step-by-step workflow.
In the case of this session, network teams can build out more intelligence into compliance automation to identify which configuration changes could be remediated immediately and which ones may need to be scheduled for a maintenance window. The overall benefits to the network team are compounded as they continue to use compliance and automation together. The network gets more standardized, paving the way for a higher level of trust and confidence that the network can support more complex automation, and in parallel, the network team is quickly gathering the skills they need to make existing automations even more efficient and to build new automations with integration into any network domain and any IT system.
You can watch the full session here:
How Itential Supports Compliance & Automation Together
With Itential, it’s now possible for network teams to deliver on the promise of compliance and automation across network and cloud infrastructure and do it in a way that doesn’t take months or possibly even years before the first automation is run. Enterprises are moving quickly, and network teams need new solutions that empower them to use compliance and automation in tandem to eliminate the manual backlog of work and ensure that the entire network is deployed quicky and correctly and remains compliant.
Sound too good to be true? Watch the full Academy Session to see for yourself just how easy it is. If you’re ready to try it yourself, get started with the Itential Automation Platform for free.
Rich Martin
Director of Technical Marketing ‐ Itential
Rich Martin is the Director of Technical Marketing at Itential. Previously, Rich has worked at several networking vendors as a both a Pre-Sales Systems Engineer and Systems Engineering Manager but started his career with a background in software development and Linux. He has a passion for automation in the networking domain, and at Itential he helps networking teams to get started quickly and move forward successfully on their network automation journey.
