New Frontiers: The Network. Intuitive. What Does it Mean?

New Frontiers: The Network. Intuitive. What Does it Mean?


Humans used to be hunters and gatherers. We often had to spend all day looking for food, just to stay alive. But then, agriculture was invented and that changed everything. It freed up time during the day that could now be spent studying the world. Now the same could be said in the enterprise network space, where IT people spend most of their time doing tedious, repetitive tasks. But what if we could flip that on it’s head and have machines take care of machines, leaving people to do what they do best: thinking, being creative and innovating. Wouldn’t that be wonderful? Cisco just announced something new in networking that they say will change the face of IT. Heh, now that made me curious, so I came here to talk to Carl to see what all the hub-bub is about. Hey, Carl, nice to meet you. Nice to meet you too. So Carl, uh, why are you guys doing this? If you look at the way networks operate today, and the capabilities that we need to incorporate into that; IoT, cloud, mobility, security, those things didn’t happen twenty-five years ago. Yet a lot of the tool-sets that we used to manage and handle those networks back then are still being used today, and that’s a problem. It makes it difficult to administer and manage those networks, and it results in a lot of inefficiencies. If you look at new services, for example, it can take weeks if not months to roll those out. We want to change the way in which users go about managing their networks, and this is why we’re looking to build a new network for the future. Wow, tell me more about this new network. Well let’s start first with policy automation. Here we want the user to express intent through a new, intuitive user-interface; we’re calling it DNA Center. So, for example, I want to separate my IoT cameras from my wireless guest users. So after a few clicks, the network basically does the rest. It applies that intent across the entire network; LAN, WAN, and wireless-LAN. All while not having to bother the administrator with worrying about the CLI or how that intent is applied. That’s sounds way more efficient. It is more efficient; what used to take weeks, changes can now happen in seconds. And more importantly, it’s less prone to human-error. Ah, that sounds good. But that’s just the beginning, because now we’re gonna have network that starts to learn from itself. And that’s the network intuitive. Yes, it is. So how do you apply learnings to improve application experience? Well the reality is that there’s a lot of data, in fact, probably too much data for one person to analyze completely, and that’s why we developed Assurance. The network is going to monitor our applications, advice’s, and our users, and it’s gonna establish a baseline behavior, defining what is normal operation behavior and what is not. Now if something happens outside of the ordinary, the network is gonna alert the administrator and it’s gonna tell them which application, which user, or which device is impacted or is going to be impacted. Going to be impacted, does-does this mean that it can predict the future? Well kind of, Assurance includes training capabilities, and as it learns it’s gonna give you a more accurate representation of might happen. But that’s not all, Assurance is also gonna speed up and facilitate troubleshooting by providing recommendations on how to resolve issues, utilizing Cisco best practices. Ah, so you’re gonna save time, not just with debugging but also just finding the right fix faster? Yes. Now, how to you play these learnings to network security? So with our new learning and correlation capabilities, the network now understands the notion of context. So for example, an accountant is downloading spreadsheets from the corporate server onto their laptop from a given location. The network establishes this as a baseline behavior. Now the context changes; the accountant is now uploading gigabytes worth of data to an external server from that same laptop, from the same location. The context has now changed, so the network sees this as a perceived threat and will alert the administrator of this fact and can now quarantine that user from sending anymore data. But if all this data is encrypted, how do you address that? Well, we have this brand new capability and I’m actually quite excited about it. It’s something we call Encrypted Traffic Analytics. We’re able to detect malware, even if that traffic is encrypted, and most importantly it avoids compromising user privacy, because we’re not decrypting the traffic and looking inside what that traffic is. How? We’re using custom algorithms that we’ve developed inside Cisco and utilizing machine learning and traffic patterns, we can identify which traffic has a malicious intent and which traffic does not. So how do I get started with all of this, the Network Intuitive, do I have to upgrade my network at all? The good thing is that many of the customer deployments out there are going to be prime for this capability. What will be needed is that you will need to add a controller, our new analytics engine, a new policy engine, and you’ll have to upgrade software across all those devices. And once you’ve done that you’ll be in a position to actually start your migration, moving a few devices at a time, across this new fabric and start to take advantage of those capabilities. This is really cool. You know, Carl, I have learned so much about IT and networks by doing this. I think I’ve learned enough now that I could be an IT manager, what do you think? Hm, maybe not, but then again if you use DNA Center, you might just have a chance. So you’re saying there’s a chance? I am. I like the sound of that Carl, thank you so much, really appreciate your time. No problem.

4 comments

  1. Hey Mike! I would disagree with you!; hunters & gatherers in lands of plenty had MUCH more free time; farming was LABOR intensive (except for party days when the harvest was in or something, lol). but take another look at that issue, really.

Leave a Reply

Your email address will not be published. Required fields are marked *