Intent-based systems have been all the rage since Cisco announced its “Network Intuitive” solution earlier this year. For Cisco customers, its solution is certainly interesting. But what about businesses that want an alternative to Cisco? Or companies that want to run a multi-vendor environment?
Over a year before Cisco’s launch, a start-up called Apstra shipped the closed-loop, intent-based solution. It was designed to be multi-vendor in nature with support for Cisco but also Arista, Juniper, HP and others, including white box. Apstra operates as an overlay to networks built on any of the leading vendors to deliver intent-based networking in heterogeneous environments.
This week, Apstra announced the next release of its software, AOS 2.0, which addresses the gap that exists between physical underlay and virtual overlay networks, including VXLAN. I’ve discussed this topic with many network professionals, and there is a high degree of interest in using network virtualization, but the lack of visibility between the underlay and overlay is a huge deterrent. Without an understanding of the relationship between the two, network managers are faced with managing two separate networks — the physical network and virtual overlay.
Also, with this model, troubleshooting becomes extremely difficult as the virtual network is one big blind spot. Any application problems that occur in the overlay is, for all intents and purposes, invisible to the engineers running the physical network. The lack of visibility also creates security problems because malware or other malicious traffic could spread like wildfire across the overlay and be hidden from the security tools attached to the physical network. There’s an expression that you can’t secure or manage what you can’t see, and that’s certainly true for overlay networks today.
Bringing the two environments together using traditional management models like CLI would be like trying to compute all the algorithms in an autonomous vehicle manually. People can’t work fast enough to process huge volumes of data, analyze it and take action on the insights to make it practical. That is why the task is turned over to machine learning systems. Similarly, with a network, trying to maintain the intent of a network is hard enough to do with a single network. Bring in the virtual overlay, and all the dependencies and the task would be so monumentally difficult that it’s practically impossible, even for the largest network teams.
Apstra's AOS 2.0 facilitates management of physical and virtual networks
Apstra’s intent-based operations works off a closed-loop model where the intent is continuously validated. Virtual overlays introduce VXLAN segments that are used in conjunction with VLANs to segment virtual machines and containers in data centers at a more granular level. When these resources are put in motion and spun up and down dynamically, it becomes very difficult to maintain specific policies, such as “all workloads in VLAN1 are to be assigned to a specific VXLAN segment.” Intent-based solutions continually gather data and automate the re-configuration.
Sign up for MIS Asia eNewsletters.