Configuration Management

Configuration & Compliance: Part 1 – Why Your Network Feels Like Oz

Rich Martin

Director of Technical Marketing ‐ Itential

Configuration & Compliance: Part 1 – Why Your Network Feels Like Oz
Share this:
Posted on March 9, 2021

“Toto, I have a feeling we’re not in Kansas anymore…”

Upon surveying her strange new environment with excitement, fear, trepidation, and wonder, these are the first words that Dorothy uttered to her devout canine companion when they arrived in the land of Oz. And in an eerily similar vein, these are the thoughts racing through the minds of networking teams as they survey their current network environment, and struggle with how to build configuration management processes around both CLI-based and API-based network devices and services.


Your Network Exploded

Let’s put it all out on the table ­– enterprise networks have exploded on the Internet forever changing how we build, manage, and maintain networks.

In the past, networks were designed with physical devices (routers and switches) that were configured and managed through Command Line Interfaces (CLI), which Network Engineers quickly learned to master. Networks were designed like digital fortresses, neatly bound with impenetrable walls with very few ways in and out. The passage of packets in and out was limited to only a few devices, and fiercely guarded by security policies, access control lists, and the watchful eye of the networking team. This design made it very straightforward to determine which traffic was originating from “inside” the network and therefore “safe”, and which traffic was originating from “outside” and therefore “unsafe.” The network then grew and expanded into branch offices and data centers, but the concept of “inside = safe” and “outside = unsafe” is no longer the case.

Configuration management is critical to ensuring the security and stability of an ever-expanding and changing network. As the number of network devices and device types increased in the exploded network, it has become more and more difficult to ensure that the configurations for all of the network elements were up to date with current standards for how the network should operate, and who should have access to it.

Without a process to ensure compliance of all network devices, the walls of the network fortress start to show cracks. It has become apparent that leveraging manual processes to check for network compliance has not really scaled, and better tools are needed to automate this process for networking teams to ensure their networks are fully in compliance.


Why Your Network Feels Like Oz

Today’s networking teams must feel a lot like Dorothy examining her foreign environment for the first time, wondering where the once normal idea of “inside” and “outside” the network went. While there’s plenty that is still familiar like physical, CLI-based hardware, there’s also plenty of new and different elements of the modern, exploded network.

There are virtual devices, which provide a similar look and feel to the physical counterparts, including a familiar CLI interface, but there are a growing number of devices which depart from the comfort of CLI. There are more modern, controller-based network solutions which trade CLI for Web GUI interfaces and API back-ends, such as SD-WAN solutions. There are API-driven cloud-native network services and API-driven interconnect services that will be required to securely and efficiently connect distributed users to distributed apps.

Most networking teams are finding themselves dropped into the middle of this fascinating and strange new world that feels a lot like Oz. And now they are wondering, how will my current tools for configuration management and compliance work in this new network environment?

Be sure to keep an eye out for Part 2 of this 3 part blog series where I will focus on answering that exact question and tackle the topic of how to manage API-driven network infrastructure as well as how it changes the landscape of the modern network.

In the meantime, you can watch Itential’s on-demand webinar, “Simplify Configuration & Compliance Across Network & Cloud” where I’ll discuss this very topic as well as demo how Itential’s latest product release provides a modern approach to network configuration and compliance management.

Rich Martin

Director of Technical Marketing ‐ Itential

Rich Martin is the Director of Technical Marketing at Itential. Previously, Rich has worked at several networking vendors as a both a Pre-Sales Systems Engineer and Systems Engineering Manager but started his career with a background in software development and Linux. He has a passion for automation in the networking domain, and at Itential he helps networking teams to get started quickly and move forward successfully on their network automation journey.

More from Rich Martin