Assuring the Full Promise of Intent-Based Networking: Introducing the Cisco Network Assurance Engine

Capture your network’s intent, accelerate change, predict outages and assure policy compliance

As digital enterprise unexpectedly speeds up, we’ve seen an explosion of recent applications – housed throughout containers, visualized environments, and clouds – acting on massive data sets. How do you ensure your community policies follow the ones programs wherever they are living? With intentbased Networking (IBN) for the data center.

IBN definitely changes the data center networking game by capturing the intent you want from your network, then automating, enforcing, and assuring it across your diverse records center network.

We’ve been capturing this intent and implementing it within the network with our application-Centric Infrastructure (ACI) for years, using programmatic interfaces and expressive policy constructs. With Tetration, we’ve achieved what no one else has doneautomatically generated your probable cause for you, using factsdriven inference from found applicationbehavior in all of its aspectslocally and across the network, with remarkable high resolution.

Now, the Cisco network warranty Engine closes the loop on IBN with continuous, formal verification, insights, and corrective actions. In short, we assure that your infrastructure is doing what you intended it to do – allowing you to accelerate changepredict outages and assure compliance.

What’s the practical consequence of the current assurance gap in today’s data center networks?

>>When intent breaks in operations, we spend hours troubleshooting.
>>When intent breaks in network security, it’s often difficult to discover. And when it’s ?           found, we scramble to fix it…fast.
>>When intent breaks in compliance, we fail audits.
>>When intent breaks with changes, we attempt to undo the changes under pressure and       frequently worsen our lot from inability to assess the consequences.

With the Cisco Network Assurance Engine, we close this assurance gap. I can tell you in one word why our Network Assurance Engine is so amazing: Math! By analyzing the rules inside your network, we model them, continuously verify the network is following those rules, and ensure those rules are self-consistent.

We perform this mathematically precise modeling for all aspects of the network control plane and data plane, including your complex policy rules and their exact impacts, at a speed humans simply can’t match. All continuously reasserted and re-verified across underlay, overlay, and virtualization layers. What do you get from this? Some very critical business outcomes.

Predictive change management = Less risk & lower cost

Human error is by far the largest contributor to network outages in data centers. Some estimates attribute as much as 40% of outages to human error.1 Most of the time, data center issues occur during the change process. The reality in our multi-cloud, virtualized world is that change is constant – and even more so when you are doing large-scale change like consolidating data centers. It’s hard to feel confident to change when you don’t know where your applications reside and how your policies are intertwined. With the Cisco Network Assurance Engine, you can verify changes and their impact before the change, significantly reducing the risk of human error-induced network failures.

Proactive & continuous verification of network-wide behavior = Detect potential outages

Intent starts with availability. Your network needs to be up and running at the highest levels no matter what. The best defense against outages is to change from a reactive to a proactive posture. By combining your models with 5000+ built-in models from our 30+ years of experience, we can proactively pinpoint deviations from intended behavior and also recommend remediation – preventing outages before they occur. Whether it’s something simple yet devastating, like overlapping subsets, or conflicts across thousands of policies in a containerized, multi-cloud infrastructure, the Network Assurance Engine can help you transform your operational paradigm closer to one of certainty of delivered intent.

Assure network security policies = Provable, continuous policy compliance and consistency

Static audits simply can’t provide the level of detail you want to see in which your dangers are, and with accelerating paceof exchangecommunity state drifts immediately away from the ultimate audit. with out an information of what exists and the purposeyou are unable to pinpoint if the hassle is non-compliance with policies, conflicting policies, or absent rules. With the community guarantee Engine, we assure community security guidelines and check for compliance towards enterprise policies to reduce community safety chance and acquire provable continuous compliance – bycoverage and with the aid of country.

I’ve already witnessed the value that the network assurance Engine is bringing to our first customers – like Bosch, Axians, and Vecozo. With ACI and Tetration, we’ve added the capability to translate software rationale and activate policies across the network or at the endpoints in which applications residewhich includes leading public clouds like AWS and Azure. Now with the network assurance Engine, we’re changing the sport – delivering motiveensuring availability, minimizing chance, and propelling us in the direction of an automated data center future.

To learn more about how Cisco Network Assurance Engine is delivering on Intent-Based Networking, please click here.

Cisco Operational Insights: A New tips of Seeing Operations


Recommended For You

About the Author: usama

Leave a Reply

Your email address will not be published. Required fields are marked *