Intent, Understanding, and Action: Announcing NetBox Discovery and NetBox Assurance

Today at AutoCon 2, we announced the upcoming launch of two new products from NetBox Labs: NetBox Discovery and NetBox Assurance. Both products work natively with NetBox to unlock powerful new use cases for operating, observing, automating, and securing networks and infrastructure.

  • NetBox Discovery makes it easy to quickly document your IT infrastructure by gathering and ingesting information from your network for NetBox.
  • NetBox Assurance solves operational drift, coupling with NetBox Discovery and other sources of network data to identify deviations from your intent in NetBox, provide analytics to understand drift and plan for remediation, and take action.

You can read the press release announcing these two new products. Read on below to learn more about why we’ve built NetBox Discovery and NetBox Assurance, what we’ve learned along the way, how they’re built for today’s network and infrastructure challenges, and how they fit into the thriving NetBox ecosystem.

Network operations and automation are a journey

Tens of thousands of organizations depend on NetBox to document, model, and automate their networks and infrastructure. Most start when they have a complexity problem: the infrastructure has evolved, documentation is nonexistent or untrustworthy, and NetBox provides a path to powerful, collaborative network and infrastructure documentation. The act of documenting infrastructure in NetBox drives operational consistency and cohesiveness because of NetBox’s rigorous modeling, and this paves the way for automation driven by NetBox as the source of truth for intended configuration and state. The journey to automation is buoyed by the massive NetBox ecosystem spanning use cases across operations, observability, automation, and security.

The longest pole in the tent of this journey tends to be getting your infrastructure data into NetBox in the first place. When network documentation is messy or nonexistent, building out an effective source of truth can be a slog. This is where discovery and data ingestion tools make a huge difference, automating the process of gathering information about your infrastructure, ingesting it into NetBox, and preparing you to turn the corner toward intent-based operations with a comprehensive view of your existing infrastructure.

In 2024, we announced partnerships with several world class network and infrastructure discovery partners whose tools work well with NetBox. Those partnerships have been successful and we are excited to continue to support the discovery technology ecosystem around NetBox. At the same time, we’re always working to drive down barriers to accelerating network and infrastructure automation. That’s why we built the Diode data ingestion service for NetBox earlier this year. And it’s also why now, we’ve built NetBox Discovery: to provide an easy, tightly integrated option that will always work natively with NetBox to accelerate the documentation, modeling, and automation journey. With NetBox Discovery, teams can quickly get a handle on infrastructure operations in the face of exploding complexity and change.

Operational drift: a quiet killer of IT velocity, performance, and security

The reality of automation is that even in the most mature organizations, the network and infrastructure are never operating in a fully “closed loop”. There are always sources of noise in the environment: engineers making changes by hand to triage issues, failures caused by faulty systems, bugs in code, mislabeled gear – there are oodles of ways for infrastructure to drift away from its intended configuration as defined in a source of truth like NetBox.

We’ve seen the impact of operational drift on network and infrastructure teams, and it’s nefarious. When you can’t trust your source of truth, you also can’t trust your automation. The blast radius of automations that assume one configuration and are applied against another in the wild can be huge. This risk tied to change holds teams back from adopting automation. And it’s a self-perpetuating drag: networks managed by hand, even with well defined processes for maintaining documentation in a source of truth, are often minefields where just about every operation risks introducing new deviations from intent. Operational drift slows day-to-day operations, causes outages, and introduces surface area for attacks.

NetBox Assurance is built to tackle the challenge of operational drift. With NetBox Assurance, network and infrastructure teams can reduce what are too often unchecked wildfires of drift into manageable occasional flare-ups, and keep things that way over time.

In working with our design partners to understand operational drift in their networks, we heard that the first and most common problem is simply getting a view of drift in the environment. When asked to characterize drift in his network, one design partner, an architect at a major global financial institution, threw up his hands and said “if I could really see all the drift in my network, I’d probably pass out”. Another, an architect at an AI datacenter scale-up, said, “drift is everywhere, and I need visibility to know where to start, how to set goals for my teams to reduce drift, and even what teams to set goals for”.

Most teams aren’t in control of operational drift in their environments, but even those that are need better tools to keep in control. A senior engineer managing a mission critical backbone network at a Fortune 500 enterprise SaaS company emphasized the importance of quickly identifying, diagnosing, and acting on any deviation from the intended state in NetBox’s data model. Any drift in the company’s backbone creates risk for the entire business and must be immediately diagnosed and fixed.

Guided by our design partners, we’ve set out to solve these problems with NetBox Assurance: first, to characterize operational drift so teams can analyze, build plans, and get drift under control; and second, to keep it that way with power tools for identifying and remediating deviations quickly.

Built for scale – and to help you get started

NetBox Discovery and NetBox Assurance will work natively with NetBox, but they’re not part of NetBox itself. NetBox remains laser focused: it is the world’s most widely deployed network and infrastructure source of truth, and we don’t believe its focus should be diluted by injecting other components of the stack into NetBox itself. Instead, NetBox Discovery and NetBox Assurance are purpose-built by the NetBox Labs team to couple tightly with NetBox, for effectiveness in the most demanding environments, and for ease of use by teams that are just getting started with their NetBox journey.

NetBox Discovery is powered by Orb’s rock solid distributed agent framework, enabling discovery agents to be deployed quickly and easily in your network. This architecture means getting started with NetBox Discovery is a cinch, but it also unlocks key capabilities at scale. NetBox Discovery agents can be deployed strategically in segmented network environments with strict reachability boundaries, enabling discovery where other solutions deployed centrally fall flat. And agents can be fanned out to parallelize discovery workloads, improving performance in large environments. NetBox Discovery agents and their source code will be made available to the community, accelerating the journey to network and infrastructure documentation and automation for everyone. When NetBox Discovery launches for public preview in late 2024, it will focus on basic network and device discovery with wide coverage of common network infrastructure, and we expect to quickly expand support for discovery of new kinds of infrastructure through 2025 and beyond, guided by the input of the community.

NetBox Assurance builds atop Diode, the scalable data ingestion service for NetBox released to the community by NetBox Labs earlier this year. Any source that can send data to Diode’s open APIs – like NetBox Discovery, other discovery tools, data exchange integrations, or even your own scripts – can feed input to NetBox Assurance. The product provides analytics and exploration tools for characterizing and planning remediation of operational drift, along with power tools for inspecting and taking mitigation actions on deviations as they arise including triggering automated remediations. With NetBox Assurance, operators can improve overall operations, reduce change risk, mitigate failures and security threats quickly, and accelerate automation. NetBox Assurance will be available for private preview in early 2025.

The NetBox ecosystem grows ever stronger

The ecosystem of tools that work with NetBox is enormous, and NetBox Discovery and NetBox Assurance add powerful, tightly integrated new options that address huge needs and will accelerate the automation journeys for many teams. In keeping with our “Big Tent” strategy to support an open, composable ecosystem for network and infrastructure management, we’ve built these new products atop the open APIs of NetBox, Diode, and Orb. We will continue to support the integration of other tools with NetBox and Diode for discovery and assurance use cases, including those of our partners and other vendors, along with new tools built by the community. Our ecosystem is better when we build together and explore different approaches to solving the challenges of modern network and infrastructure management.

What to expect – stay tuned!

Both NetBox Discovery and NetBox Assurance are in development today. We’re building with input and feedback from our many design partners – thank you to the dozens of partners who’ve worked with us so far! NetBox Discovery will be available to preview later this year, with preview for NetBox Assurance slated for early 2025.

We’ll be sharing more news and inside looks into NetBox Discovery and NetBox Assurance in the coming weeks and months

Want to speak with our team about these products sooner so you can plan ahead for what’s coming? Contact us today.

Sign up below to get updates on both products:

Share the Post:

Related Posts