Network Automation Tutorial: How to Get Started

Over the last decade, the importance of networks of all types has grown rapidly. The growing use of cloud, the transition of content and applications online, and the criticality of connected services for every business has increased the requirement for the corporate network to be accessible and usable as close to 100% of the time as possible.

Network suppliers, such as Cisco, have introduced products that simplify network management, reduce resource requirements, and lower costs for network managers. Software-defined networks and, more recently, the application of AI techniques to create intent-based networks, have transformed network management from device and routing-level management to monitoring and managing performance and availability.

Network automation is equally applicable to the largest multi-tier, multi-site corporate network as to the simplest single-tier, small office network. Each needs to be managed to ensure correct operation, with proper security for data and operations. Automating the management tasks has the additional benefit of reducing the resources needed and, hence, the operational costs of the network.

This post explores how network automation can help in network management and how to begin your automation journey.

Network Automation Defined

Network automation is the process of automating the configuration, management, and operations of network devices such as routers, switches, and firewalls using software tools and scripts.

Types of Networks for Network Automation

Basic Configurations

The three-layer network model (core, distribution, and access layers) is a common way to conceptualize network structure. The core layer is the backbone of the network, and it carries traffic between different parts of the network. The distribution layer sits between the access and core layers, consolidating traffic between the two. The access layer connects individual devices to the network.

The situation has been confused by the introduction of devices such as WiFi access points, which should be connected to the core or distribution layer but, for cost and configuration reasons, are usually connected to the network’s access layer switches.

Simpler Networks

Traditionally, networks were managed from the device upward by dedicated resources. Devices such as switches and routers needed to be prepped before installation. Routes were manually calculated, and end-user devices such as desktops needed to be configured.

In the case of a network failure, network staff needed to find the point of failure and initiate remedial action. This often meant downtime for end users and, at best, reduced levels of service.

Large numbers of such networks still exist, particularly in the small-business environment.

1. Local and Wide Area Networks:

LAN, though confined to a small environment or geographical area, connects devices like computers and printers. These are typically high speed with low latency. WAN, on the other hand, connects multiple LANs often across a large area using the public internet and private circuits. It is critical for facilitating and connecting branch offices, data centers, etc.

2. Data Center Networks:

Typically a high-speed network connects servers and storage within a data center. It often supports enterprise software and most cloud-native workloads. It may possess the Fat-Tree Architecture, Three-Tier Architecture, Spine-and-Leaf Architecture, among others.

3. Software-Defined Networks (SDN):

An SDN is a self-configuring, self-learning, self-healing network.

Simply put, software-defined access splits the network into two levels or planes: the physical level of equipment and the software level that sits over the physical level and defines what the network looks like and how it operates. In essence, the network configures itself as new equipment is added to it and heals itself when a component fails.

That then gives the opportunity to define and manage the network from a central point using software rather than configuring individual bits of equipment. This makes deployment and management of the network simpler and less resource intensive. It’s therefore cheaper and more effective.

4. Intent-Based Networks (IBN):

An IBN builds on an SDN network by using a network controller that acts as a central control point for network activity. Cisco defines their architecture as follows:

“The closed-loop system of IBN operates with the following functional building blocks to deliver intent, or support for, the business or IT outcomes that your organization needs. Translation: The capture and translation of intent into policies the network can act on. Activation: Installation of these policies across the physical and virtual network infrastructure, using network-wide automation. Assurance: Use of analytics and machine learning to continuously monitor the network to verify that the desired intent has been applied and the business outcomes are being achieved.”

IBN is a newer model, and major IT companies are fully embracing it, seeing it as a means of easily introducing new technologies into an existing environment.

An IBN is an environment in which existing and new technologies can be merged as the network develops. For example, adding WiFi networks and IoT devices can be part of the automation process.

 

 

 

 

Common Network Automation Use Cases

1. Configuration Management:

This is by far the most commonly adopted use case among network professionals. It involves automating the manual process of configuring network devices, such as routers and switches.

This use case will help standardize a baseline configuration across a larger number of devices automatically. It also includes configuration drift detection, which performs regular automated audits of networking device configurations and detection of deviations from the desired state.

2. Network Provisioning:

Automation helps accelerate the set up and deployment of new devices. This includes:

• Service Provisioning: This refers to configuring the network to enable certain services when a new device is added.
• Dynamic resource scaling: This involves dynamically allocating and deallocating resources on demand.
• Zero-Touch Provisioning (ZTP): When a new device is powered on, it automatically receives its configuration from a server.

3. Software Upgrades and Patching:

Network automation also helps keep the operating system up to date through automatic updates. This is essential for both security and performance reasons. It makes it easy to apply security patches across the entire network.

4. Network Security Enforcement:

To strengthen a network’s security posture, automation can be used to enable the consistent application of policies and for rapid threat mitigation such as blocking malicious IP addresses.

Beginning the Network Automation Journey

With increasing complexity reliance on networks, network management can no longer scale through hiring alone. Automation is a requirement in today’s networks.

Following are some best practices for beginning to introduce network automation into your organization.

Define Your Business Goals

As with all major business projects, setting the aims and objectives collectively as measurable goals is essential.

Before you start, identify the tasks that you want to automate. This could include tasks such as configuring devices, deploying updates, monitoring network performance, and troubleshooting network issues. Look for low hanging fruit at first, and seek to get some simple wins before “boiling the ocean”.

Choose Your Upgrade Path

You can automate what you already have by using network automation tools or building your own automations. For most teams, this is the practical path and enables you to start small and gain momentum from early wins. As the network automation community has grown and success stories have emerged, most of them start with this approach.

The alternative is a root-and-branch network upgrade to introduce a software-defined network (SDN) or intent-based network (IBN). This often implies a substantial lift and shift to new infrastructure, which obviously comes at a cost. While that can be worth it given reduced operational costs over time and other benefits, this kind of “big bang” approach is extremely challenging and risky for any substantial network with real operational workloads.

Automate an Existing Network

There are various tools available in the market to automate network tasks, such as open source tools like Ansible, Python, SaltStack, and Terraform, or commercial tools like Gluware, Itential, and others. Choose the tool that fits your requirements.

You may also need to train your network management staff in basic software development principles depending on your approach. A team building custom automations will need some proficiency in Python. A team leveraging commercial tools with pre-built automations may need less development expertise.

Training your staff will take time, and it is likely that some network devices cannot be included in the automated environment. Some legacy network devices with older user interfaces and operating systems are typical examples.

Build Your Network Source of Truth

Identify the network devices that you want to automate and gather information about them, such as their IP addresses, device types, and operating systems. Inventory and configuration data like this is critical for automation, and generally you’ll want to start your automation journey by implementing a network source of truth such as NetBox, which provides comprehensive and cohesive data models for all your network data. NetBox Discovery can accelerate the process of building your source of truth, and the NetBox ecosystem is rich with connectors to open source and commercial automation tools that can drive automations based on your data in NetBox.

Create Automation Scripts

Once you’ve built your source of truth and selected an automation tool, it’s time to start automating your network!

Start with simple scripts that automate basic tasks such as configuration backups or applying a standard configuration to multiple devices. Look for simple, repeatable processes that create toil for your team – these are great targets for your first automations.

Test, Refine, and Test Again

This is a no-brainer. Test your scripts on a test network before implementing them on a production network. Refine your scripts based on the feedback and results of your testing, before deploying them into your production network with care.

Necessary Skills for Network Automation

As networking and its operations become more software-dependent, it increasingly incorporates automated tasks and functions. Hence, it’s a good idea for network engineers and managers to learn network automation skills.

Below are three basic skills you need to learn:

1. Soft Skills (non-technical):

This is probably where most networking professionals should start. This includes learning more about existing tools like configuration validations, update functions, and simple ways to achieve automation without programming.

2. Scripting:

You should get familiar with a script-based system like Ansible, which can be used for simple automation tasks like running commands to collect operational facts/data in files, validating network operations, and working with templates to create and load configurations into networking devices driven by dynamic inventory from a source of truth like NetBox.

3. Source Control:

As your library of automations and tools grows, you’ll want to implement a source code repository (usually Git based) to manage changes to your code.

4. Software Development Concepts and Skills:

The journey to network automation is an ongoing learning process, which doesn’t necessarily require programming expertise, but having a basic understanding of how software is built can be very beneficial, especially when communicating with developers. It’s also useful to know Python, which is currently the primary language used in network automation for handling advanced scenarios and tasks.

Read up on various concepts like lists, conditionals, loops, and learn about the various Python libraries available (e.g., Netmiko, NAPALM, Paramiko) and how you can combine them with Ansible for a more robust solution.

Final Thoughts

To summarize, the changes in the business environment and user behavior over the last few years mean that businesses are more and more dependent on their internal and customer-facing business networks.

Operating a cost-effective and efficient network is now a clear business imperative.

Explore the tools and frameworks (plenty of which, like NetBox, are free and open source) to find which are best suited to your environment and business goals.

Remember that network automation is an ongoing process, and you’ll need to continue to update and refine your automation solution over time as your business environment evolves.

For a video guide on getting started with network automation with NetBox, click here!