Intent-based networking is more than the newest catchphrase in IT, it’s a software-based approach that helps an IT department create and implement networks with massive improvements to their availability and agility.
At Cisco Live 2018, three Cisco customers—Montana State University, SSC-ICT, and CIT Group—shared details on how they each created an intent-based network and why they did it.
«What we’re trying to do as we drive intent-based networking is to abstract the complexity of the network below, routers, switching, Wi-Fi. And the way we’re doing that is we’re abstracting all of that complexity in a software layer called DNA Center,» said Dave West, Cisco vice president of enterprise networking and security. «And then, through that process, we’re using all of our best practices, Cisco Validated Design, those really big, thick Cisco Press books, and we’re putting those best practices into software.»
SEE: Network Security Policy (Tech Pro Research)
West explained what intent-based networking is: «In every military operation, and I love to use this analogy, you never go into an operation without understanding the commander’s intent, and that’s the end state of every operation. And so what you can think about with intent-based networking is what’s the end state of what you want to achieve in the business.»
In healthcare, for instance, it’s important to determine what you want to achieve with on-board medical devices, and how to do that securely while assuring that physicians around the world can leverage the capabilities, West said.
Once intent is implemented through software and it’s driven across the network, then visibility is needed to see if it happened as planned and if intent was properly executed. That’s how context works, by giving visibility insights into what happened in a company’s intent-based networking journey.
«What’s interesting about this is we really have machines talking to machines, so machine learning comes into play across all of this,» West said.
Nine months ago, Montana State University began deploying software-defined access in the Cisco DNA Center on campus.
«The reason that we took this approach is that we found, in an era with the complexity and change that we have right now, hardware-only solutions just aren’t flexible enough to allow us to really meet our end-user needs,» university CIO Jerry Sheehan said. «So we’ve deployed software-based architecture with Cisco’s hardware underneath it to allow us to be more flexible and meet our end-user needs.»
At CiT, the journey toward digitization began by upgrading the infrastructure of bank branches before moving to the second stage of the project.
«The way I tried to approach it is we are building the railroads for the trains to ride on the railroads. Unless you understand how fast those rails are going to ride on the railroad, you can’t build the railroad,» said Sandeep Kapor, vice president and global head of network services for CIT Group.
CIT is building the pathway for better performance in the future for its own customers, and give its bankers faster access to data.
According to Kapor, the banking group is using the ENCS [Enterprise Network Compute System] from Cisco and the hosting SD-WAN tower. CIT has just begun deploying the intent-based network.
Governments are also using intent-based networking. SSC-ICT is the shared service provider for the Dutch government and it is on an intent-based networking journey, according to Pieter-Jan Nefkens, a network architect for SSC-ICT.
«We provide ICT services for six to eight departments, which is a unique challenge on its own,» Nefkens said. «I’m working with [one] team, and we’re responsible for managing the buildings and the networks in there. Our journey for intent-based networking actually got started from the operations team.»
At Montana State, it’s a research-intensive university and moving big data around is a key component.
According to Sheehan, the university started with a physical network called the Bridger Network, but that failed to meet their needs for flexibility in moving big data. But, once they saw Cisco embrace software-defined networking, they jumped on board and were able to get the same performance that they had with their hardware-only network.
It’s much faster to put in an intent-based network than a traditional network.
«In the past, if we needed to put in a specific network segment that was a physical segment and building, it was probably about a week’s worth of time in order for us to do that,» Sheehan said. «But because we’re relatively thin, in terms of our IT staff, it would take us somewhere between six to eight months to actually get that network in the building, by the time everything was done, even though you’re only looking at a week’s worth of work.»
Now, with a software-defined networking approach, the work takes about a week to complete, Sheehan said.
It’s been much faster for SSC-ICT as well, with it only taking two days to roll out the configuration for a new building, instead of two months as in the past, Nefkens said.
Kapor said it’s made CIT much more flexible. When CIT started digitizing its banks about 10 years ago, they’d have to limit what they could do because the software didn’t work with the network and servers.
«At that time, we started saying, ‘Okay, we can simply just upgrade the servers, upgrade the network, hardware, the switches, call it a day,’ and that would be a story that we always did 10 years ago,» Kapor said.
«My team and I said, ‘okay, we’re going to take a step back, we’re going to say, what can we do so that we don’t have to come back to this every single time before we even upgrade our hardware, where we’re ready to upgrade the hardware?’ So, we said, ‘Okay, we’re going to capture the requirements,’ and we captured the requirements,» Kapor explained.
At that point, everything was still being exported back to the data center, and the question became why that was necessary. Reducing the need for «white box solutions» was the answer, and CIT began using a hosting service on the ENC but was still using PETAL software and various other components pieced together, Kapor said.
«So we came to Cisco and we said, ‘Okay, this is all great, but now I have to buy 10 different things. I don’t want to buy 10 different things, I want to buy a solution,’ Kapor said. «Cisco committed to build and code a convergence solution that they would call the re-edge.»
The solution was recently finalized, and each of the 70 branches of CIT are now using it. «The POC [proof of concept] went from months, to days, to hours. For us, we can stage a full branch in 10 minutes with the DNS Center,» Kapor said.
Sheehan said that moving to intent-based networking is a monumental change for business.
«We’re talking about a fundamental paradigm change in thinking about the network. Hardware-only networks were really great things to look at, but they focused and functioned like utility systems. They were almost the equivalent of: Did the network work, or did it not work? And that was our engagement with users, unless we threw people power at doing something that was very boutique and very difficult,» he said.
«We changed the nature of the network from being a barrier to an enabler, because we get back to the human interactions that are important before you can automate things,» Sheehan said. «So that’s a tremendous paradigm change from where we were in the past.»