Network teams tend to adopt automation solutions to go faster.
At least, that’s the goal… Teams are tasked with delivering services quickly and maintaining configuration consistency and security across complex infrastructure. Automation is the only real way to keep up.
However, many network teams struggle to deliver the speed and efficiency they’re looking for with their initial automation efforts. This is usually down to two key challenges: participation of stakeholders, and tooling limitations. We recently worked with a large investment bank facing a situation many teams will relate to: they had a small team of network automation engineers, good at writing code on their laptops, but they still had to accelerate service delivery and increase efficiency to meet the needs of the business.
Not wanting to scrap their existing scripts, they used our platform to adopt an approach we’ve seen be very successful across our customers: embracing the platform’s capabilities to ingest and combine both high-code automation assets (scripts, Ansible Playbooks, etc.) and rich low-code orchestration capabilities (API adapters, data manipulation features, and northbound API exposure).
They’ve expanded participation across teams and empowered automation engineers to do more, faster, with less effort.
Why Network Automation Sometimes Stalls: Participation & Tooling Limitations
When teams start out with network automation, they will usually use some combination of vendor tooling (e.g. domain controllers, point solutions for a certain device type, etc.) and DIY tooling such as Python or Ansible.
While teams initially see success automating routine use cases, two major challenges tend to hold teams back: participation (due to skillsets), and tooling limitations that make integrating network automation with other systems and automating across multiple domains difficult to scale.
First, network engineers usually need to pick up new skillsets to write network automation code in Python or write Ansible Playbooks. When teams get started with automation, it’s often one, two or three individuals who take on the project of learning how to write automations and creating assets — however, if everyone needs to acquire these skills to participate in automation, it’s difficult to scale, especially when the day job still needs to get done. Maybe a few more engineers will pick up the right skills over time. But expanding participation, let alone the ability to share these assets with other team members to easily utilize or execute, requires a shift in approach.
Second, in terms of tooling, a DIY approach makes it difficult to integrate automation (e.g. your script to configure a Campus VLAN) with critical IT and network systems, since engineers will need to write custom integration code for each system and platform. Taking this on is a huge challenge for most teams and organizations, often resulting in massive technical debt. At that point, the team spends more time maintaining code designed to interact with such systems than expanding on those initial automation goals.
Outside of DIY tooling, most vendor automation tools are limited in scope, leaving engineers to swivel chair across different tools and still perform certain tasks manually (e.g. interacting with systems of record). IT organizations are increasingly looking to orchestrate automation across multiple infrastructure domains to deliver efficient network services and meet evolving business needs.
A network automation and orchestration strategy must provide the team with a streamlined, central framework for integrating automations with all the various systems, platforms, and domains required to orchestrate processes end-to-end.
Itential Helps Teams Solve Automation Challenges
The network team at the customer I mentioned above found themselves facing these challenges as network service request volume continued to increase — a situation many network teams can relate to. They’re a financial services company that operates globally, so security and configuration consistency are significant challenges — the team needs to be able to make real time changes across a multi-vendor and multi-domain network.
One specific example of this is the high volume of firewall policy updates the team must make per day across the network. Before partnering with Itential, this one use case took a significant amount of time for engineers, including a block that could only happen overnight outside of regular working hours. Even with DIY automations they’d built, all the steps took too much time. They knew they had to start delivering secure services more quickly across an infrastructure landscape that was only getting more complex — otherwise, they’d never get out of standard changes to dedicate time to higher-impact projects.
With Itential, the team built a central orchestration strategy that paired their high-code automation efforts with a low-code platform that streamlines integration and allows processes to be coordinated end-to-end across multiple domains. The platform onboards high-code automation assets such as Python scripts, Ansible Playbooks, and OpenTofu plans, allowing the engineers who have the skills required to focus on building those scripts, not managing them.. Then, others can use them as assets in a low-code workflow builder, orchestrating automations with other tasks like automated pre-checks and post-checks, inventory and IPAM, or anything else required for a given change process.
Crucially, this also helped with adoption, allowing teams to continue building automations with any language or tool, and allowing Itential users to design orchestrated workflows that exactly match the desired steps for a given change process by integrating with any system and making API calls.
They’ve solved the two primary challenges facing their automation initiative: participation and the ability to use the tooling they have to automate across everything. Itential’s low-code orchestration capabilities allow everyone to participate in building automation logic, and the platform exposes orchestrated workflows as APIs so others can consume them easily and securely. Plus, the platform automatically integrates automation with other network and IT systems and platforms using API documents, taking that workload off engineers’ shoulders and allowing the organization to quickly scale automation capabilities across all domains and any new platform a domain team adopts.
The strategy this customer developed fits a pattern we’ve been seeing lately: the teams who embrace high-code automation and low-code orchestration at the same time are seeing the most success. By leveraging the best of both approaches, teams are able to move faster, expand participation easily, and deliver network services efficiently across a complex, evolving infrastructure landscape.
Explore this customer’s story in full here, or learn more about Itential’s low-code workflow orchestration capabilities here.