Configuration Management

Configuration & Compliance: Part 2 – CLIs & APIs & Clouds, Oh My!

Rich Martin

Director of Technical Marketing ‐ Itential

Configuration & Compliance: Part 2 – CLIs & APIs & Clouds, Oh My!
Share this:
Posted on March 18, 2021

Upon entering the dark forest on their journey to see the great Wizard of Oz, Dorothy asks her new companions a question – “Do you suppose we’ll meet any wild animals?”  The Tin Man very calmly explains that they will mostly meet lions and tigers and bears.  In today’s world of the expanding modern network, network engineers are feeling pretty similar to Dorothy in that moment as they will most likely encounter the wild animals of their new network ­– CLI and APIs and Clouds (Oh My!).

In part one of this blog series, we took a look at the evolution of CLI-based networks, and how configuration management became increasingly more difficult over time because of the recent explosion of enterprise networks on the Internet. Manual processes of ensuring device compliance simply do not scale in this new world, and tools and automation are needed. The goal of every network engineer should be to build and maintain the most reliable and secure network possible, and ensuring compliance across the entire network is a foundational element necessary to meet that goal.


Encountering APIs

The new “wild animals” that networking teams are now facing are API-based networking solutions and cloud-native networking services that have become part of their sphere of responsibility. Since these solutions do not operate based on a CLI management methodology, how can compliance be ensured across this part of modern network infrastructure? Existing CLI-based tools won’t be able to easily bridge the gap to work across this new environment, so it’s clear that a new set of tools, controllers, and dashboards will be required.

As an example, let’s take a look at a modern API-driven network solution that many network engineers are already familiar with – SD-WAN. Regardless of the vendor, most SD-WAN solutions are focused on providing management of remote and branch network devices through a centralized controller or director, which presents itself as a web-based interface located in a cloud environment. Almost all management is done through this interface, with very little CLI interaction, perhaps only needed for a deeper level of troubleshooting. While these controller-based solutions are good at automating the initial deployment of configuration to edge devices, they may lack robust features that can ensure compliance at a granular level after initial deployment.  However, if you do a little research, you’ll find that behind the web-interface, there’s probably a very robust set of API functions that are available to use.


Encountering Clouds

Networking teams are spending more time utilizing and maintaining cloud-native network infrastructure across multiple cloud platforms. As organizations have deployed applications across multiple clouds, building the appropriate connectivity between these applications has become more complex, and networking teams are brought in to leverage their expertise to solve the networking puzzle across the clouds.  They quickly notice that, in the world of cloud-native network, not only do these constructs behave differently from cloud to cloud, but they are all managed through dashboards.

In the world of cloud networking, there is little focus on compliance, which is always top of mind to the networking team, so this is an additional challenge that needs to be solved. Fortunately, like the example of SD-WAN solutions, there are very robust APIs available on every cloud platform, and this is the key to ensuring compliance to this new type of network infrastructure.

Watch out for the final part of this blog series where I will take a deeper look into how teams can successfully drive compliance across CLI and API and Cloud (Oh my!) network infrastructure as well as how Itential provides an innovative and modern approach to delivering compliance and validation across your entire network, regardless of whether it is physical, virtual, or cloud-native.

In the meantime, be sure to watch Itential’s on-demand webinar, “Simplify Configuration & Compliance Across Network & Cloud” where I share more details and demos on this very topic.

Rich Martin

Director of Technical Marketing ‐ Itential

Rich Martin is the Director of Technical Marketing at Itential. Previously, Rich has worked at several networking vendors as a both a Pre-Sales Systems Engineer and Systems Engineering Manager but started his career with a background in software development and Linux. He has a passion for automation in the networking domain, and at Itential he helps networking teams to get started quickly and move forward successfully on their network automation journey.

More from Rich Martin