A Model for Automated Network Provisioning and Management: An Exciting New Paradigm

Network provisioning and management have changed little over the past decade or two. Despite advancements in automation and software-defined networking (SDN), many networks still rely heavily on manual processes, direct configurations, command-line inputs, and physical supervision by network engineers.

This "traditional" approach has its drawbacks. It lacks scalability, is prone to human error, and demands costly resources, especially in dynamic environments like large-scale events, expansive enterprises, and service-oriented IT infrastructures. But a new approach aims to change that.

INOC developed and tested the Integrated Network Provisioning and Operations Platform, or INPOP, which promises to streamline network management through automation and integration.

INPOP redefines network management by integrating IaC principles and a CMDB, automating and streamlining provisioning and operations. Launched at a major conference in 2023, INPOP significantly reduced manual interventions, enhanced network stability through standardized configurations, and allowed the network to adapt more easily to changing demands.

Here's why we’re excited about INPOP as an alternative approach to building and managing networks and why other ITOps professionals might find it compelling:

As a somewhat pioneering approach, INPOP confirms the benefits of more automated, flexible, and reliable network management practices. It offers a refreshing alternative to the status quo and provides a blueprint for future innovations in the field.

This case study explores INPOP's development and first real-world implementation, highlighting its potential for broader adoption and further evolution in various networking environments.

Background: Evolving Event Network Needs and the Genesis of INPOP

INPOP’s first deployment was a rigorous test, providing pop-up network support for the Radiological Society of North America’s Scientific Assembly and Annual Meeting. This event is the largest medical imaging gathering in the world, attracting over 55,000 professionals and more than 700 exhibitors. With hundreds of tech-heavy booths, displays, educational sessions, scientific exhibits, and event operations, the IT infrastructure is vast—and 100% uptime is critical.

The event’s network, RSNAnet, spans two million square feet and includes multiple distinct networks for various needs. Its growing size each year underscores the limitations of manual, spreadsheet, and CLI script-based management methods. (More details about this network can be found in our other piece here.) The event's complexity prompted us to apply innovative and automated techniques we've developed for NOC support, leading to a better model for setting up and operating RSNAnet.

Inside INPOP

Again, INPOP’s software-based system combines IaC principles with a CMDB to automate key aspects of IT infrastructure management. At its core, INPOP utilizes a central database to store and manage all network-related configurations. This centralized approach allows for automatic application of settings across the network, significantly reducing the need for manual input and lowering the risk of human error.

While initially designed to meet the complex and dynamic networking demands of large-scale events, INPOP's versatility suggests potential applications in various other IT environments. The system's ability to streamline setup, configuration, and ongoing monitoring positions it as a promising solution for a wide range of network management challenges.

The figures and step sequences below illustrate how INPOP introduces databases and tooling into a typical network setup and, more importantly, how this tooling enhances management.

Traditional Network Management Approach

INPOP (Automated Network Management)

Below, we dissect the specific technical components to more clearly show how its architecture and features contribute to its effectiveness in modernizing network management practices.

1. CMDB Integration

Integrating a CMDB shifts network management towards a model that emphasizes abstraction and automation to handle complexity. A central, declarative model defines the network's intended state and pairs with automation tools to simplify administrative tasks, making the networking team more agile and responsive.

CMDB as the Network's Architectural Blueprint

INPOP’s CMDB consolidates all network configuration data into a unified repository, acting as the network's architectural blueprint. This provides a comprehensive view of the network's design and operational state, allowing for more precise management and oversight.

The CMDB is meticulously detailed, covering device IPs, hostnames, port configurations, and VLAN assignments. From this singular reference point, every network component can be easily accessed, analyzed, and managed.

A Declarative Model for Network Configuration

Beyond providing data storage, the CMDB underpins a declarative approach to network configuration. Administrators specify the network's desired state within the CMDB, from overarching network topology to specific port settings. INPOP then aligns the actual network configuration with this blueprint, shifting from the traditional imperative management model—relying on direct commands and configurations—to a declarative model that abstracts and simplifies complex tasks.

INPOP interprets the CMDB's directives to automatically enact the required configurations across the network infrastructure, ensuring consistent adherence to the planned network design.

Automated Alignment with Real-World Network State

Crucially, INPOP actively maintains the alignment of the actual network setup with the CMDB's declarative model through an advanced automation layer. This layer interfaces with network devices, applying the configurations dictated by the CMDB. It translates high-level, human-readable directives into specific device commands and settings, merging theoretical design with practical execution.

The system continuously monitors the network to confirm operational compliance with the CMDB's parameters. Any discrepancies are automatically corrected or flagged for intervention, preserving the network's operational integrity and ensuring its performance matches the intended design.

2. Automated Provisioning

INPOP represents a possible step forward in network setup through its advanced automated provisioning system, deeply rooted in the CMDB's extensive data. This system translates the CMDB's high-level design objectives into precise configurations across network devices, aligning the physical network with its detailed digital blueprint.

Parsing CMDB Entries

The process begins with parsing the CMDB entries, where INPOP uses algorithms to interpret the configuration data. This step identifies the specific requirements of each network component, serving as the foundation for generating exact device configurations.

Generating Device-Specific Configurations

After parsing, INPOP dynamically generates configurations tailored to each device. This involves translating the CMDB's high-level directives into practical configurations that devices can execute. The process accounts for each device's model and capabilities, ensuring compatibility and performance optimization.

For example, in configuring VLANs, INPOP assigns VLAN IDs and integrates considerations for link configurations, tagging protocols, and access control policies, facilitating robust network segmentation and security.

Deploying Configurations to Network Components

With configurations ready, INPOP deploys them across the network through automation scripts and APIs, directly communicating with network devices. This remote application bypasses the need for manual CLI interactions, reducing delays and the risk of human error.

Deployment is managed to avoid disrupting network services, with changes typically staged for maintenance windows or designed for easy rollback to ensure network integrity.

Handling Complex Network Tasks with Automation

The true power of INPOP’s automated provisioning system shines in its handling of intricate network tasks:

• VLAN Assignments Across Multiple Switches: INPOP manages VLAN configurations with precision, orchestrating VLAN traffic optimally across the network, configuring trunk links for VLAN carriage, and setting up specific VLANs on access ports for effective segmentation and security.
• Automated Gateway Configurations: INPOP streamlines gateway device configurations, selecting appropriate routing protocols and settings based on the network's design and traffic needs as outlined in the CMDB. This includes managing dynamic routing, VPN tunnels, and NAT rules, enhancing network connectivity and performance.

3. Real-time Monitoring and Validation

INPOP's comprehensive monitoring system continuously checks the network to ensure its operational state aligns with the CMDB's specified designs. This system blends active and passive monitoring methods, such as SNMP polling, Syslog analysis, and tailored health checks to collect extensive telemetry from network devices.

Any discrepancy between the CMDB's definitions and the actual network setup triggers alerts, leading to either automatic or manual rectification. This constant, hyper-vigilant validation process confirms adherence to the planned network design and supports swift fault detection and resolution.

Advanced Real-time Monitoring Techniques

INPOP's monitoring framework is designed to maintain constant harmony between the network's operational state and the CMDB's specifications. Using a mix of active and passive monitoring strategies ensures thorough oversight of the network's health and functionality.

Proactive Discrepancy Management

The heart of the real-time monitoring and validation process in INPOP lies in its capability to detect and address discrepancies between the CMDB's declarations and the network's actual operational state.

When deviations are detected, INPOP initiates a well-defined sequence of responses:

Enhancing Network Performance and Reliability

INPOP's real-time monitoring and validation functions ensure strict conformance to the network's designated blueprint and enable quick issue mitigation. This proactive stance optimizes network performance and minimizes downtime and operational interruptions. By ensuring the operational network precisely mirrors its CMDB-drafted ideal, INPOP secures the RSNA event's network infrastructure's strength, dependability, and adaptability to meet evolving demands.

4. A User-friendly, Web-Based Interface and Portal Architecture 

We built INPOP with a user-friendly web portal, using modern web technologies to ensure accessibility across various devices and browsers. The portal's modular architecture allows seamless integration with the CMDB and the automated provisioning and monitoring systems.

Implementation at RSNA’s Annual Event

The implementation of INPOP at the RSNA event showcased its ability to oversee the network's full lifecycle, from setup to decommissioning.

Below, we briefly explain a few of the key steps of implementation.

Results

After its first deployment, INPOP demonstrated several compelling results that motivate us to continue refining the system.

• Efficiency Gains Through Automation: INPOP streamlined network management processes for the RSNA event, from setup to daily adjustments. It translated high-level configuration directives from the CMDB into specific device commands, eliminating manual configuration and enabling rapid changes in response to evolving event requirements, showcasing better network management agility.
• Enhanced Accuracy and Reliability: By automating the configuration process, INPOP minimized human error, a common source of network issues. This automation ensured every device was configured based on predefined specifications in the CMDB, significantly decreasing configuration errors. As a result, the network became more stable and dependable, with fewer disruptions and increased satisfaction among RSNA participants and vendors.
• Operational Insights for Proactive Management: INPOP provided monitoring and validation capabilities that helped the network management team detect and address potential issues before they impacted users. This capability ensured smooth operation throughout the event and helped optimize the network to handle high-demand moments.
• Scalability to Meet Evolving Requirements: INPOP's modular, code-driven nature offered significant scalability benefits. The system was designed with flexibility in mind, allowing for easy adaptation and scaling of the network infrastructure to meet the RSNA event's dynamic requirements. Whether accommodating additional participants, integrating new technologies, or expanding the network to cover more areas, INPOP could efficiently scale to meet these needs.

A Potential New Blueprint for Network Setup and Management

The INPOP model represents a refined approach to network management. It demonstrates a holistic method that integrates modular architecture, automation, declarative configuration, real-time monitoring, and user-centric interfaces. Synthesizing this model offers a comprehensive blueprint for building and managing future networks more effectively.

Here's how these components could inform a better approach to building networks:

Final Thoughts

INPOP signals a step forward in a network management paradigm long ripe for innovation. As IT environments become more dynamic and demanding, the limitations of traditional network management will grow more untenable. INPOP has opened an avenue for better network efficiency, reliability, and flexibility. The principles and practices built into this system offer a solid foundation for considering the next generation of network management solutions.

Schedule a free NOC consult to learn more about our services and explore some potential NOC solutions. Our consults are tailored to your needs, whether you’re considering outsourced NOC support or operations consulting for a new or existing NOC.