In the last 20 years, we’ve seen a new kind of business arise and grow: the digital native enterprise. Companies like Salesforce, Google, Amazon, Uber, eBay, and Airbnb have leveraged digitization as a disruptive force across a variety of industries. All of these companies rely on network connectivity for their businesses to flourish. For these companies, the network is the foundation of the business.
A reliance on the flow of data isn’t limited to digital native companies, however. Nearly every large business or enterprise today relies on continued connectivity among employees, partners, suppliers, customers, databases, and software services to operate.
United Airlines can’t put a plane in the air if there’s a network outage: Electronic systems problems, when they arise, are well-publicized reasons for system-wide ground stops. Amazon is reported to be exposed to over a million dollars a minute of losses when its servers go offline. And when a cloud service goes down, critical business functions—like sales—can go with it across industries, as some customers of Salesforce discovered in a widely publicized outage in May 2016.
For thousands of companies of all kinds, the network is the foundation.
But the network is evolving.
There are converging trends—some technological, some business-driven—that put pressure on businesses’ historically static network infrastructures. For example, the growing use of multiple cloud-based services for business-critical functions disrupts typically centralized security models (while it also enables the rapid provisioning of new applications). The influx of Internet of Things (IoT) devices into the workplace upends traditional security models and creates an endpoint environment that is constantly expanding and evolving.
Connectivity is now business-critical and the availability of modern campus and branch networks must grow to reflect this new reality. The resulting new systems will be, in many ways, more complex, and they simply cannot be managed the way networks, devices, and security were run just a few years ago.
At Cisco, we saw this coming. We’ve known for years that the network architectures we’ve been using—that we helped build over the last 30 years, to be honest—were not what we would need for the next generation. As end devices and applications become more dynamic, so must the network. We need to be able to instantly reconfigure every node of the network the second a decision to utilize a new application in the cloud is made, or even more quickly, based on emerging threat conditions.
For this to work, we cannot expect network operators to continue to program each network device (each router and switch) separately, nor is it realistic to expect network managers of the near future to have to maintain complex access control lists (ACLs) and VLANs as the primary method of separating users and devices, and acting as the first line of defense for security breaches.
Telling network equipment how to do what we need it to do is getting less manageable by the day. Rather, we need to tell networks what we need them do, and then rely on them to handle the heavy lifting of configuring the equipment automatically.
This is what intent-based networking does, and what Cisco DNA Center is. It’s the unified control system that lets IT managers set up and maintain an entire network fabric by defining rules that span network devices, and that move across the network with users as they and their devices are in motion.
Cisco DNA Center also provides a feedback loop—Assurance—that can use advanced analytics to make sure the network is doing what you intend for it to do. For security, for capacity planning, and especially for troubleshooting, this capability is invaluable, especially as enterprises’ endpoint and application environments get more varied and dynamic.
Cisco DNA Center puts a coherent management interface on top of an entire network, including much of the network equipment we’re using today. In other words, it’s an abstraction layer on top of current systems. Network operators will be able to set up, maintain, and optimize business operations on networks without having to know every CLI on every device and be able to program every device by hand (just as business application programmers today rarely have to think about CPU-level microcode). But as we transition from traditional methods for running networks to a new, directed way to manage them, it’s valuable to understand how the old and the new systems interact.
That’s what I hope you get out of this book. Moving to intent-based network management is a big shift, and we know that networking experts need to learn to trust it before they learn to use it. We hope this book helps you understand the how and the why of intent-based networking in general, and Cisco DNA Center in particular, so you can take full advantage of this new capability.
It is our sincere hope that by moving to intent-based network management, we will help network operators work more efficiently. We want you to spend less time programming multiple devices to do the same thing, less time chasing ACL configurations, and far less time troubleshooting.
With this time saved, we believe that network experts can apply their expertise to more strategic tasks. For every business running on a network (that is, nearly all of them), the people running the network can be a great lever in helping the business to run faster and be more dynamic. By focusing more on the value the network can unlock for businesses, and a little less on the minutiae of how it works, we’ll be able to build more robust, more competitive, more agile, and more secure enterprises.
—Scott Harrell
SVP, Cisco and GM of Cisco’s Enterprise Networking Business (ENB)