Overview
Selecting the right network orchestration and automation solution for your organization’s needs can be difficult.
With an increasing number of tools that enable network automation for different domains, technologies, and device types, it’s difficult to manage automation centrally, so organizations are turning to powerful orchestration platforms to integrate across disparate tooling to orchestrate the entire change process end-to-end. In addition, while some domain-specific automation tooling is low-code, more flexible tooling like Python and Ansible require more coding expertise — which can leave some network engineers struggling to get value out of automation initiatives.
To select the right tool for the right job, it’s important to understand what an orchestration platform can and should offer your organization.
In this guide you’ll see what makes up network change processes and learn how to build an orchestration strategy, leveraging key capabilities to stitch disparate automation tooling and domains together and deliver end-to-end network services and drive self-service consumption.
The Network Change Process: What Am I Orchestrating?
When you think about a network change, you probably think about pushing some config to a device or a set of devices. That’s the implementation phase of a network change process, but there are usually several steps before and after this point. The request has to be made, then the network engineer must perform a series of activities such as sourcing an IP address or performing security checks before making the specific network change.
The engineer might have previously written an automation to execute the task at hand, but they still need to manually input any required variables and “feed the beast” to get things started.
And while the network team might have built out a healthy library of these task-based automations, usually with Python or Ansible, each automation only performs actions on a single network domain and/or for a single device type. Coordination of cross-domain changes would need to be done manually via a swivel-chair approach. When fulfilling a network service request requires a process that touches multiple systems, this approach can significantly slow organizations down.
Network orchestration platforms enhance basic functions — like receiving work orders, executing changes, and coordinating changes across multiple systems and domains — to increase the value of existing and future automation efforts. Orchestration can be viewed as “automation of automations,” where individual automations are connected in a workflow so that service delivery speed can keep up with the scale and complexity of infrastructure. Adopting the right orchestration solution elevates a network team’s capabilities, enabling greater flexibility, higher capacity, and end-to-end process coverage.
The Orchestration Process
You can think about a network change as a multi-step flow, like the diagram here: first, an entity initiates a change, then steps are executed along a workflow across any relevant domains until the change is complete. Each individual step can be automated using best-fit tooling, and the entire process can be orchestrated end-to-end with the right platform.
Expected Capabilities of an Orchestration Platform
An orchestrration platform should be able to EXPOSE automation to more types of users, including events, order systems, and CI/CD pipelines, so that services can be requested by a variety of different entities both human and machine.
It should ENHANCE your infrastructure by working directly with other network systems such as network sources of truth, monitoring systems, and AI ops, integrating with all these systems so automation engineers can make calls to those systems within a single workflow.
And it should EXTEND the value of automation by onboarding existing domain-level automation, like Python, Ansible, and Terraform, so they can be incorporated into orchestrated workflows. In addition, it should be easy to orchestrate a change process across any number of different domains, network technologies, and/or integrated third-party systems. The platform should facilitate both high-code and low-code automation assets and enable them to easily be coordinated so entire teams can leverage automation to increase productivity and consistency.
Next, we’ll look at each of our ten criteria through the lens of these three sets of capabilities and provide some questions to consider when making your evaluation. With these criteria and the three-step expose, enhance, and extend concept as the building blocks for your automation and orchestration strategy, you’ll be well equipped to select the best possible solution for your organization.
Solution Evaluation Criteria
Each of the following ten evaluation criteria is an important element of a network orchestration solution. If you select a platform that meets these requirements, your network team will be enabled by its exposure, enhancement, and extension capabilities that make network automation and orchestration easier to adopt and more useful to the rest of IT.
01 Network Focus
Is the solution purpose-built to enable network automation and orchestration?
06 Scalability
Can the technology scale to support current and future growth?
02 Multi-Domain Support
Does this solution support orchestration across multiple network and infrastructure domains?
07 Deployment Flexibility
Can the solution be deployed both as-a-Service and on-premises?
03 Integration Ecosystem
Does this solution provide flexible integration capabilities?
08 Ease of Use
Is the solution easy to use, or does it require heavy set-up and/or development competence?
04 Adaptability
Will this solution work with systems and platforms you adopt in the future?
09 CI/CD Capabilities
Does the solution provide support for integration with CI/CD pipelines?
05 Skillset Involvement
Does the solution provide value to high-code and low-code users with varying skillsets?
10 API Exposure & Self-Service
Does the solution provide self-service capabilities and expose its API for northbound integration?
01 Network Focus
Is the solution purpose-built to enable network automation and orchestration?
There are plenty of tools out there that offer automation capabilities in different ways. Some device vendors offer automation tooling for their products, and different commercial solutions exist for automation across different network domains. Then, there are workflow orchestration solutions like IT orchestration platforms, Business Process Automation (BPA), and more. However, these tools lack capabilities that are critical for multi-domain, multi-vendor network-facing orchestration, most are vendor-specific, or domain-specific, or they can’t integrate directly with network systems, etc.
To solve for this, it’s important to ensure your network orchestration platform can orchestrate across all network domains and cloud environments. In addition, it should easily integrate with all domain-specific and high-code network automation solutions such as ansible or terraform, in your environment as well as network-centric systems like IPAM and CLI compliance solutions.
A solution that’s built for networking will be able to work more effectively with other network infrastructure and will make network automation and orchestration more widely usable across your organization.
Why It Matters
- It’s important to differentiate network-oriented orchestration solutions from business process automation (BPA), equipment vendor automation systems, and other tools that are limited when it comes to networking.
- The limitations of a solution will be defined by what it’s designed for – an open source tool might require custom work for integrations between systems, and a solution from an equipment vendor might not support certain devices.
- A network-focused solution will work with your network-specific systems such as AI ops and telemetry tools, and will enable you to onboard both high-code and low-code network automation assets easily.
- A network-focused solution will allow you to orchestrate across multiple network domains including traditional network domains, SD-WAN, and public cloud environments.
Solution Evaluation Questions
- Is the network the core focus of the solution?
- Does the solution provide support for common network automation technologies like Python and Ansible?
02 Multi-Domain Support
Does this solution support orchestration across multiple network and infrastructure domains?
Modern network and IT infrastructure is distributed across multiple domains, including traditional on-premises data centers, public and private cloud environments, SD-WAN, and more. It’s critical that an orchestration solution can be used to build workflows across these domains so network teams can keep up with evolving infrastructure.
Why It Matters
- Orchestration solutions should meet the reality of your distributed network across all domains and third-party tools.
- Multi-domain, multi-vendor support for all devices and all platforms enables future expansion and evolution of network infrastructure.
- End-to-end orchestration of domain-specific automations simplifies network management and reduces manual swivel-chairing.
- IT service delivery speed can continue to increase even as domains like cloud and SD-WAN branches gain a growing share of your network traffic.
Solution Evaluation Questions
- Does this solution support multiple network domains such as cloud and SD-WAN?
- Can workflows be orchestrated across multiple domains quickly and easily?
03 Integration Ecosystem
Does this solution provide flexible integration capabilities?
For most organizations, network infrastructure is comprised of a disparate and growing collection of third-party tools across different network domains. As infrastructure evolves, this ecosystem is only going to become larger and more complex. An orchestration solution must be able to integrate with your entire environment and ecosystem of tools to facilitate end-to-end processes, allowing engineers to automate across all infrastructure, leverage any third-party network and IT systems, and expose capabilities to other platforms via API.
In addition, to enable orchestration, the platform must be able to easily transform data between different steps in a workflow, including payloads sent to and received from integrated third-party systems. Otherwise, a process can’t be coordinated from start to finish without manual intervention.
Why It Matters
- You need to be able to build workflows that seamlessly connect different systems, tools, and platforms.
- Integration helps eliminate swivel-chairing between domain-specific tools, without losing the specialized capabilities of those tools.
- Integrations should be easily built or generated for newly adopted tools and systems, as opposed to paid offerings or services.
- More types of users and events can initiate automated network services if a platform exposes orchestrated workflows to other systems, such as ITSM tools.
- Teams can maximize the impact of their work when you can leverage and extend whatever automations your team has already built with both high-code tools like Python or Ansible and low-code domain-specific point solutions—and then integrate them into orchestrated workflows alongside API calls to other systems.
Solution Evaluation Questions
- Does the solution support multiple types of systems and environments?
- Does this solution require hard coding or custom work for integrations?
- Are custom integrations free to build, or a service offering that you will be charged for?
04 Adaptability
Will this solution work with systems and platforms you adopt in the future?
When considering a network orchestration solution, you’re not deciding in a vacuum. The platform will interact with many other systems across your network infrastructure, so it needs to be adaptable to fit with your future plans for new systems, new network domains, or increased scale. It’s important to ensure a solution supports automation and orchestration for multiple technologies, like different data formats and platforms from multiple vendors, as opposed to a limited ecosystem. And, it’s important to make sure the solution enables both high-code and low-code users to get the most out of network automation. The key is ensuring you have the flexibility to make technology decisions that fit business needs, confident in the knowledge that your network orchestration platform can adapt to continue providing value. This ensures you have full freedom when building out your constantly evolving network infrastructure.
Why It Matters
- Proprietary or closed solutions lock you into a certain ecosystem, limiting options when looking to evolve network infrastructure.
- If a solution requires you to invest in changing up the network infrastructure tools you use today, it’s reducing the value you’ll see from adopting automation and orchestration.
- A solution that is built to work across all domains and systems will be better equipped to handle innovations, new technologies, and future network domains.
Solution Evaluation Questions
- Will this solution work with systems and platforms you adopt in the future?
- Does the solution make it easy to manage cloud, SD-WAN, and other domains?
05 Skillset Involvement
Does the solution provide value to high-code and low-code users with varying skillsets?
Some network teams who have become familiar with open source tooling like Ansible or Python will adopt a fully DIY approach to network automation, and these teams often see success initially. However, it’s difficult to use these tools to automate anything more complex than a single discrete networking activity or task, and network teams who stay still can end up stuck automating at the domain level with no practical way to connect these automations together.
In addition, reliance on high-code automation can lead to stratification, where some engineers build everything and others rely on the “super scripters.” Low-code orchestration that can onboard high-code assets allows engineers of all skillsets to participate and become more productive.
A robust orchestration solution is one that requires very little re-skilling to get up and running but still provides advanced functionality, enabling teams to naturally maximize the value of domain automations without losing time (and without specialty new hires). The right solution will extend the impact of high-code automations while also providing a way to leverage low-code automation tooling in the same workflows.
Why It Matters
- Complex skill requirements increase time-to-value and potential cost for automation and orchestration.
- Avoiding specialized skillsets ensures any changes to team structure wouldn’t significantly affect automation effectiveness or cause delays.
- A simple solution increases buy-in and enthusiasm from network teams.
- Consumption of automated services is still possible for users who lack networking expertise.
Solution Evaluation Questions
- Does the solution require special skillsets to successfully build end-to-end workflows?
- Does it require training with a proprietary model or language?
- Could it practically be used by others outside the network team?
06 Scalability
Can the technology scale to support current and future growth?
Increased demand on the network and growth of an organization will lead to more networking elements that need to be managed. And as network infrastructure scales and the volume of devices and changes increases, multi-domain orchestration only becomes more important. Scalability features include the ability to reuse parts of workflows in a modular way, the ability to integrate with security solutions and monitoring, and a way to leverage network state data to make automation more efficient and dynamic over a long period of time for a large, complex network environment.
Why It Matters
- Network infrastructure is growing – network teams need to be able to operate faster and fulfill more service requests than ever before.
- With scale comes new systems to monitor and manage your network, and your solution needs to be able to integrate with those systems so they can be leveraged in orchestrated workflows.
- A solution that can’t scale will cause significant issues down the road, and switching may involve re-skilling, custom integration work, and more.
Solution Evaluation Questions
- Can the technology scale to support current and future growth?
- Is the cost of the solution affected by the number of network services requested?
- Does the solution handle especially large and/or complex workflows efficiently?
07 Deployment Flexibility
Can the vendor solution be deployed in a manner that suits your needs?
For most organizations, software is ideally delivered as a cloud-based service, where you have access to easy scalability and rapid software updates. Most orchestration solutions can be deployed through the public cloud like many other applications, but for some customers the option to choose an on-premises deployment could satisfy some regulatory or security requirement they have and give more control back to the customer. If a solution enables flexible deployment options, your organization can select whichever option best matches needs and requirements, enabling more user and organizational confidence.
Why It Matters
- Deployment flexibility allows the system to meet your needs.
- This will enable you to deliver network services to the users your organization needs.
- Regulatory or security concerns can be alleviated depending on deployment.
- The choice allows the solution to orchestrate across all your domains even if some of your domains have specific security requirements.
Solution Evaluation Questions
- Can the orchestration solution be deployed both as-a-Service and on-premises?
08 Ease of Use
Is the solution easy to use, or does it require heavy set-up and/or development competence?
A solution that’s usable out-of-the-box is going to deliver value much more quickly than one that requires customization and set-up work. Open source solutions and many third-party options will require custom development work for integration with your network systems, and many of these systems also require development know-how to use effectively. For these reasons, solutions that are able to offer an easy onramp to building multi-domain workflows can provide a lot of value — just ensure you’re not overcorrecting and selecting a solution whose simplicity limits your capabilities.
Why It Matters
- Customization and setup work would increase time-to-value, decreasing return on investment.
- More complex solutions will require investment in re-skilling or will be limited to a small number of practitioners.
- An easier solution allows additional IT teams to interact with network automations and orchestrated workflows as needed.
Solution Evaluation Questions
- Is the solution easy to use, or does it require development competence?
- Is there a heavy set-up or customization process necessary for adoption?
09 CI/CD Capabilities
Does the solution provide support for integration with CI/CD pipelines?
CI/CD practices are tried and tested, with a history of success in software development. As demands on network infrastructure grow, network teams will need to adopt methods and approaches that bring their processes more in line with the rest of IT to enable faster delivery of any network-dependent services. A solution that allows CI/CD pipeline integration sets teams up to succeed by adopting a NetDevOps approach to network operations.
Why It Matters
- The future of networking is in NetDevOps and treating infrastructure as code, and an orchestration platform that supports CI/CD pipelines and practices enables network teams to evolve.
- With northbound integration, the solution can expose workflows to be called via API as steps in a CI/CD pipeline.
- With southbound integration, the solution can make a call to a pipeline as part of an orchestrated workflow.
Solution Evaluation Questions
- Does the solution provide support for integration north/south with CI/CD pipelines?
- Can the solution be part of a NetDevOps strategy?
10 API Exposure & Self-Service
Does the solution provide self-service capabilities and expose its API for northbound integration?
To fully integrate into your IT ecosystem and ensure the workflows built by the network team can be utilized to their full potential by the rest of the IT organization, an orchestration solution should provide northbound integration capabilities by exposing an API that can be called by CI/CD pipelines, ITSM systems like ServiceNow, and more. This enables any IT team to self-serve any network service published by the network team. The solution should also offer robust RBAC features and the ability to integrate with any other security or access control systems so that organizations can manage access, security, and risk in accordance with their policies and standards.
Self-serve network and infrastructure services are enabled by strategies like infrastructure as code (IaC) and platform engineering, major priorities for IT organizations today. If your network orchestration solution makes it practical to deliver self-serve networking, it can form the foundation for your organization’s platform engineering strategy for network infrastructure.
Why It Matters
- Northbound integrations enable delivery of orchestrated network workflows as fully automated services, enabling the rest of IT to run them without a re-skilling effort.
- The NaaS model increases intra-team speed and efficiency.
- More convenient consumption means more consumption, driving up the ROI on network automation and orchestration investments by delivering services as easily and efficiently as possible.
Solution Evaluation Questions
- Does the solution enable you to provide end users with self-service capabilities?
- Does it expose its API for northbound integration with your IT systems?
Final Takeaways
With network infrastructure more critical to how organizations function than ever, it’s important that teams find ways to keep up with speed, scale, and security needs. Teams are making significant progress with network automation using tools like Python, Ansible, and Terraform, but can find themselves limited by an inability to orchestrate large-scale services across multiple domains and involving multiple network changes in sequence. An orchestration platform that delivers on the ten criteria listed in this guide helps teams and organizations reach the next level of efficiency, accelerating network service delivery at scale.
Remember to avoid:
- High learning curves that make sophisticated automation and orchestration prohibitively difficult.
- Limited or proprietary tools that limit your network infrastructure now and in the future, especially when it comes to integrating network automations with calls to third-party systems.
- Red flags: paid integrations, generic IT or BPA focus, a hard-coded data model, and a lack of API support.
The right solution will enable scale and efficiency by integrating with your infrastructure and making network orchestration easy, revolutionizing the way your organization’s network infrastructure supports infrastructure transformation and innovation.