Modernizing Configuration Management to Address Network Complexity

The expansion of network infrastructure to multiple cloud platforms brings challenges in managing cloud-based network infrastructure and services with existing on-premises equipment in the enterprise. As a result, non-compliance with industry and security standards, as well as corporate and regulatory policies and requirements, will likely become the norm. In order to effectively face and manage the growing network, enterprises can implement network configuration changes and common network-related configuration tasks through automation. They can replace manual processes with configuration templates for multiple device categories. Modernizing infrastructure through automation will enable better management of physical, virtual and cloud-native network infrastructure.

Here, we’ll discuss how to enact changes in network configuration to face this new normal head-on and ensure that enterprises can grow and scale effectively as demands on the network increase.

[[396843]]

Network governance and team collaboration

As enterprises continue to adopt multiple cloud platforms and SaaS-enabled services simultaneously, network teams will need to invest in the right tools to assist in the governance of this expanded infrastructure, rather than completely control it. Network users are dispersed across homes, offices, or public areas, and applications are similarly dispersed across on-premises and multiple cloud infrastructures. Therefore, network teams will need to work with existing CloudOps and DevOps teams. These teams have experience working with cloud infrastructure and can work closely with network engineers to ensure fast and secure infrastructure deployment, moving from purely controlling a perimeter network into a world of providing governance over a decentralized infrastructure.

Quick integration with existing systems

Many modern network solutions are moving away from managing individual network devices through a command-line interface (CLI) to a network controller that manages all network devices in the field. The human interface to these systems is typically a web front end, but there is almost always a defined API available for machine-centric integration. Having said that, while taking an API-first approach enables network engineers to simply automate changes across multiple controllers and multiple domains, support for both CLI and API is necessary as organizations may still choose to support existing and new CLI automation efforts, which will require appropriate integration. API system integrations can be automatically generated by network teams so that end users can quickly create integrations as new systems are deployed.

Management of physical, virtual, and cloud-native network configurations

Managing cloud-native network infrastructure requires network teams to navigate multiple cloud dashboards to make simple changes in common things like virtual private clouds (VPCs) or virtual networks (VNETs). This introduces complications and complicates the process. As the number of VPCs, VNETs, ​​and other cloud-native tools grows across multiple cloud platforms, network teams need a way to standardize the configuration of all types of infrastructure. This means network teams need the ability to discover and manage cloud-native network services, such as VPCs or VNETs, ​​and treat them like traditional network devices. This will enable teams to translate complex configurations into simpler open standard file and data exchange formats.

Collect and combine data

Adopting a new network solution means having multiple sources of truth in the network world. Add to that the sources of truth that exist in IP address management (IPAM), inventory, and monitoring systems, and it becomes clear that making simple changes to a single device requires a significant amount of human effort. An API-focused solution can simplify the entire process. It enables rapid integration with all systems, meaning that the information contained in any of those systems can be made available in real-time. All of this can be achieved with a “swivel chair” approach without consuming time. Configuration can be performed with the highest quality information about that device and its status within the network. Most importantly, network teams must build confidence and trust in the automated systems they create and free up valuable time to handle higher-level work on the network.

Compliance and Remediation

A key element of configuration management is the ability to automatically back up configurations, check compliance, and perform intelligent remediation. This also means providing compliance and remediation for both traditional CLI infrastructure and modern API-driven infrastructure.

A network device or group of devices can be backed up and compared to the existing device configuration or a previously saved configuration. Network teams must schedule compliance checks regularly or run them as needed for any part of the configuration tree. This will result in instant reporting, which will display any configuration drift that exists, provide a score based on the amount of drift, and provide the opportunity to remediate the drift with recommended configuration statements. Automated remediation workflows should be created in a low-code environment so that network teams can define the precise terms and metrics required before any changes are made to network devices. This checks and balances approach provides a measure of trust and a higher level of confidence that any changes are made based on their expertise and guidance without the need for human intervention.

The pandemic has accelerated digital transformation, pushing enterprises further along this journey in a shorter time than expected. Unfortunately, this means that networks are not being managed as they should be. Taking action now to implement appropriate configuration management changes will help alleviate network complexity and properly prepare for the future as enterprises adapt to an increasingly connected world.