5 Levels of Network Automation Maturity

Over the last few years, networks have become more complex and difficult to manage. Add in remote working and cloud computing and the problem increases, some say exponentially. Add to that the growing ferocity and frequency of network-based service denial and malware attacks. Network protection and management means increased resources and hence costs.

This post is about how an organization can assess the state of automation maturity of their network. It sets out some stages on the way to full automation so they can draw up plans for network improvements.

Why Implement Network Automation?

Currently, many organizations are still not taking full advantage of network automation. To give some background: despite growing interest, a recent report– the Gartner 2025 Market Guide for Network Automation Platforms, published in April 2025– highlights that about ‘67% of enterprise networking activities are performed manually’, resulting in ‘poor incident and change performance’. This is mostly due to companies using multiple tools but struggling to connect them, leading to automation fragmentation or silos.

This report also reveals that “by the end of 2028, over 80% of all comprehensive network automation initiatives will have been shelved due to persistent skills scarcity and inadequate funding, up from less than 10% in 2024.”

As networks become more and more complex, operational costs are increasing. Both the capital costs of software and appliances and the operational costs of staff monitoring network behavior and remediating issues are getting larger.

Network automation can help reduce both capital and operational costs. It is a longer-term objective and will not provide immediate cost savings. However, that must be balanced against the effects of network downtime or security incidents that create broad organizational risk.

As a result, there has been an increased focus on automating network management. It can be at a basic level with the introduction of scripts and automation frameworks, through software-defined networks (SDNs) or intent-based networks (IBNs). The intention is to create self-managing, self-healing, and self-configuring networks that need little or no low-level management resources.

Software-Defined Networks

Simply put, SDNs split networks into two planes: the control plane and the data (forwarding) plane, with the objective of making the network, as far as possible, self-managing, self-configuring, and self-healing at the physical level. For example, devices are added to the network without prior preparation, and the network configures them automatically according to rules and policies set out at the logical level.

If a device fails, the SDN automatically reroutes traffic around the point of failure without manual intervention, if that is possible. It may also reroute traffic to avoid network congestion and maintain service levels.

The network is managed at the logical level according to manually prepared policies.

Intent-Based Networks

Cisco defines IBN as follows:

“IBN transforms a hardware-centric, manual network into a controller-led network that captures business intent and translates it into policies that can be automated and applied consistently across the network. The goal is for the network to continuously monitor and adjust network performance to help assure desired business outcomes.”

In short, IBNs build on SDNs by explicitly encoding intent and driving the network via a controller. For large networks, central controllers may drive other secondary network controllers spread around the network. Smaller networks may have a single controller.

Networks then become adaptive, reconfiguring themselves as operators drive changes via the intent model. Many common problems are resolved without human intervention, and resources are devoted to higher-level activities, ensuring improved levels of safety and service.

If there is a problem that the IBN cannot resolve, it provides network managers with detailed information about the network problem, speeding up their response by removing the need for a detailed investigation of the fault.

Moving to Network Automation

It is clearly in an organization’s best interests to automate network management as much as possible. There are service level improvements and cost savings, principally from reductions in network downtime and equipment management. There is also increased user and customer satisfaction. If coupled with improved network security, policies, procedures, and software, the benefits can be great.

However, moving to a full self-healing, self-configuring, and self-learning network is not done overnight. The network can’t simply shut down and restart when the upgrade is complete.

Stages of Network Automation

Here are five stages of network automation. These are broad classifications, and many organizations are on more than one level.

1. Manual

In this stage, human operators perform network operations entirely using manual processes and procedures. There is little or no automation in the network. Configuring equipment before installation and installation of configuration changes are made manually.

As an example, consider a network failure or loss of service.

The first step is to find the point of failure and its cause. That can be a lengthy exercise in a complex network.

If it is a switch failure, for example, adding or replacing a switch means prepping it before installation with an IP address, routing information, and perhaps VPN information at a port level. That takes time and resources and lengthens the recovery process.

A further issue is that of detecting potential network attacks. That means looking out for changes in network activity and reacting quickly to them. Again, it means supplying dedicated resources. Being human, detecting and responding to potential attacks takes time, and mistakes can be made.

One example that hit the media recently was when an IT team mistakenly raised an alert because of significantly increased activity on the organization’s e-commerce website. It turned out to be a false positive, which meant increased activity for network security and reduced service levels while the incident was investigated.

2. Scripting

At this stage, network operations teams start to use scripting languages like Python and automation tools like Ansible to automate repetitive tasks such as backup and restore procedures, configuration changes, and network monitoring. Scripting is still a great way to start on the automation journey and can give huge rewards in very short time-frames.

Network monitoring is eased by using scripts to generate alerts and configure the basic settings of devices. Some manual intervention is still needed for more complex configurations.

3. Orchestration

This is the stage at which an SDN comes into play. The scripts used in the previous stage can be the basis of those driving the SDN, and staff can be transferred to more productive areas in monitoring service levels in network monitoring and cybersecurity.

Network operators use orchestration tools to automate complex workflows and processes across multiple devices and systems. Orchestration tools help to reduce manual intervention and automate the end-to-end process.

Be aware that an SDN does not work with all network devices. Some legacy equipment cannot be configured remotely. It needs to enter a special maintenance mode initiated manually.

It is not truly complete automation, but a major step on the way.

4. Automation

Simply put, this would be graduating from an SDN to an IBN. The bottom level, the physical level, is completely monitored and managed by the IBN. This has the benefit of releasing staff for higher-level tasks, for example, to enhance the overall cybersecurity of the organization.

At the physical level, automation tools are used to perform routine network tasks such as device configuration, software updates, and security patches. The network is largely self-operating, and human intervention is only required for exceptions.

5. Artificial Intelligence (AI)

This is the full implementation of an AI-based IBN.

At this stage, the network is fully automated and self-learning. AI algorithms are used to detect and remedy network issues, optimize performance, and ensure that the network is always running at its best. AI also enables predictive maintenance and provides insights into the network’s behavior and performance.

This level of intelligent network automation is not usually feasible in practice today, but with the rapid improvement of infrastructure AI operations coupled with semantic data from platforms like NetBox, more networks will achieve this level of automation in coming years.

Evaluating Your Automation Maturity

Effectively implementing network automation starts with a crucial first step: understanding your current automation maturity level to identify areas for improvement. This involves examining existing processes, tools, and workflows to identify the gaps between where they are and their automation goals.

The following questions should be considered to help assess where your organization stands:

1. How much of the network configuration and deployment is done manually? This requires inventory analysis– properly documenting the network automation workflow to easily identify repetitive tasks that can be automated. If most of the changes still require human intervention, you’re likely in the early stages of automation maturity.

2. Are your current automation efforts fragmented or siloed? While many organizations start their automation journey with individual teams writing up various scripts which might solve immediate problems, this quickly creates isolation of automation solutions which are not well integrated and do not communicate with each other.

Due to a lack of end-to-end visibility, multiple teams might end up building multiple similar scripts, hence wasting resources and causing maintenance overhead.

3. Does your team have the technical expertise? A technical skill assessment should be carried out by the IT team to ascertain their readiness for adopting automation tools like Python, Ansible and NetBox.

How to Get There

It is important to note that the journey to full network automation maturity is a gradual process, and it may take years for organizations to move from one stage to the next.

As with all projects, moving from stage to stage means setting out the business objectives of the new network environment, then defining measurable goals and objectives, a managed implementation plan, and dedicated resources. Funding is also a serious consideration. It may also be necessary to have a feasibility study or trial implementation.

It is prudent to ensure that each project ensures that the current network remains operational and provides acceptable levels of service. A backup plan to return to full operation of the previous network configuration if the upgrade fails is also a good thing to have.

Benefits of Network Automation

1. Cost Efficiency

While initial investments are required, network automation delivers long-term cost savings in various ways:

1. Reduced Operational Expenditures: Choosing to automate repetitive tasks will significantly reduce the manual effort spent on routine operations.
2. Minimized Downtime Costs: Each instance of downtime often costs organizations substantial revenue, Since a major cause of network outages is human error, automation will greatly reduce both the likelihood and duration of outages.
3. Optimized Resource Utilization: With automation, you can dynamically provision resources faster and de-provision any misconfiguration on demand, ensuring efficient utilization of resources like compute resources and storage.
4. Faster Time-to-Market for Services: The ability to quickly configure services using automation will mean that businesses can now release new product offerings to their users, which will result in a competitive advantage in the market.

2. Consistency

1. Standardized Deployments: Adopting automation the right way involves using a single source of truth– like NetBox– for a predictable network behavior. Ensuring that new devices and services are all deployed with the same standards and policies, regardless of what tasks they carry out.
2. Compliance Assurance: For organizations operating in strictly regulated industries with several requirements such as HIPAA, GDPR, and PCI DSS, automation provides a way to support “continuous compliance”. This means that configurations are uniformly applied throughout devices, and can be easily and regularly updated.

3. Enhanced Security

• Proactive Threat Detection and Response: Fully developed automated systems can monitor all network traffic for any anomalies or compromises and flag and escalate detected issues, triggering remediation responses instantly.

Drawbacks of Network Automation

1. High Upfront Costs of Initial Investment: Purchasing the necessary specialized software, automation tools and in some cases new hardware could pose a barrier to entry for some organizations on a limited budget.
2. Integration Challenges (Legacy Infrastructure): Enterprise systems with old network devices may lack the capacity to be managed outside their traditional CLIs, which will demand other workaround methods to be used, thus impacting the efficiency of automation.
3. Vendor Lock-in Silos: Most network vendors have a suite of interdependent or interconnected tools that make having a multi-vendor, end-to-end integration very difficult, thus forcing organizations to fully invest in a particular vendor for a seamless experience.

Final Thoughts

A fully functional and cost-effective network is becoming more and more essential. Recent times have increased pressure on businesses, in general, to be able to provide online services. Having a resilient, stable, and, most importantly, secure network is now vital to business prosperity, if not survival.

Network automation is a good way to start that process.

Check out NetBox Labs to learn more about building and managing a complex network.

This post was written by Iain Robertson. Iain operates as a freelance IT specialist through his own company, after leaving formal employment in 1997. He provides onsite and remote global interim, contract and temporary support as a senior executive in general and ICT management. He usually operates as an ICT project manager or ICT leader in the Tertiary Education sector. He has recently semi-retired as an ICT Director and part-time ICT lecturer in an Ethiopian University.