Network Field Day 23 Overview, or Throw Out Your Net Management Tools, They’re Obsolete!

Author
Peter Welcher
Architect, Operations Technical Advisor

Network Field Day 23 took place from September 29 through October 2.

I was able to attend (virtually) since NetCraftsmen likes to track current trends to provide the best guidance with our consulting to customers. What’s real, what’s coming, what’s not quite there yet (bleeding edge)? How does an organization get there?

Need I mention that it’s also fun hearing about technology with the Tech Field Day delegate community?

This blog attempts to summarize some common themes contained within the vast amount of technical information presented over four days by the ten participating vendors: Arista, Juniper, Cisco, Broadcom, Intel, PathSolutions, IP Fabric, CatchPoint, Apstra, and AirVine.

I intend to subsequently write several blogs going into light detail concerning what the vendors presented. The full details will, of course, be available via the posted video recordings of the presentations. I’ll be trying to flag topics of interest to help you decide which videos are priority viewing for you.

But first, it seems appropriate to try to summarize the entire event.

Two Themes

Two common themes really hit home:

  • Network management is being re-invented rapidly.
  • The emphasis is shifting from managing individual devices and links to managing the entire network or some significant portion of it, such as a data center fabric.

Some characteristics of the “New Network Management for the 2020s”:

  • Ease of installation and use
  • Automated discovery and data collection with minimal configuration
  • Automatically configured data analysis to detect issues, as well as alerts
  • Rapid delivery of value
  • Plain language alerts
  • Data snapshots (not just configurations) stored for long periods capturing the state of the network
  • SNMP is available now and can be done efficiently to boost scale; however, telemetry at a much greater scale is here now in selected instances/products
  • Visual reporting using network diagrams is cool again, with layers and some sort of “time slider” or “Time Machine” so you can compare the state of the network or traffic levels at various times or across Layers 1-3.
  • Helpful interpretation of events and detected issues in simple language
  • One product supports natural language queries

Why you might care: NM tool efficiency reduces the MTTR (Mean Time to Repair) or MTTI (Mean Time to Innocence), and frees you up to be productive in other ways.

“New” products may only have some of the above characteristics – but that may be good enough for your needs.

The usual warning applies: demos always look great, but serious hands-on proof of concept field testing is wise. That’s the only to detect what a product does poorly before you write the vendor a check!

NM Tools Covered

Here is a small amount of additional detail about what the vendors covered in the way of NM tools. Some of the vendors also presented additional other topics as well. This is by way of teasing you to read the follow-on blogs as they come out!

IP Fabric and PathSolutions are a possible fit for Enterprises and primarily use SNMP (efficiently!) and perhaps show commands to gather data, build maps, etc. The videos provide demos if you’re interested. Interesting capabilities!

IP Fabric has a 20-node trial version available at no cost. And their presentations were great.

PathSolutions’ video is worth watching just for Tim Titus. The podcasters among the delegates were in awe of his voice, and his enthusiasm made the one-hour session both interesting and a great sales pitch—one key feature: plain English heuristics explaining alerts.

CatchPoint competes with the now-Cisco-owned ThousandEyes. Their agents perform User Experience (UX) monitoring from both inside and outside your organization. CatchPoint is a little more narrowly focused than the above long list of bullet points but provides a quite useful overview of where your network or the outside world has gone slow or down for users. Cloud-based, so fairly easy to set up and use. See also a Success Story showing NetCraftsmen’s use of CatchPoint.

Arista just acquired Awake. Their presentations covered various topics, including CloudVision (“CV”) and now CVaaS! The latter offers the possibility of your NM tool gathering data etc. and being able to readily share that with Tech Support! “Innovative win-win” comes to mind.

Juniper acquired AI in the form of Marvis, along with the MIST acquisition. MIST cloud now performs wired assurance, switch templating. One demo had ServiceNow approval chains tied into Ansible, Github, and NetBox. Juniper also demonstrated natural language queries.

Cisco presented on NSO, among other topics. And wow! They started with basic NSO CLI automation to get the audience some context. Then Hank Preston really grabbed my/our attention by demoing NSO services automation. A Cisco team has built up automation for global management of many devices making up Cisco’s DevNet and other lab environments. Integration of services across Cisco and other products now allows the management team to do things like consistently add a new tenant and VLANs across large numbers of routers, switches, firewalls, FI / UCS platforms, and VMware. NetBox was also mentioned.

Apstra showed its multi-vendor datacenter EVPN / VXLAN fabric management tool. It tightly couples several functions that other solutions might address with separate tools, in that it is the Source of Truth (SOT). When you enter or add information, it automatically re-provisions itself with the large-scale assurance monitoring probes needed to detect any problems. It has Time Voyager functionality tracking network state changes.

Both Apstra and Cisco NSO also talked about state rollback.

The chip manufacturers, Broadcom and Intel, talked about new measurement capabilities baked into their chips. This is necessary given the vast amounts of data 100, and 400 Gbps optics can transmit – a CPU just can’t really keep up to the degree needed to detect problems in cloud-scale datacenters. Software is needed to enable and configure the new chip capabilities. Cloud scale providers may have developed their own, and at some point enterprise monitoring solution vendors may choose to incorporate these great new data sources into their products. Interestingly, there is an IETF RFC draft about one aspect of this bearing Broadcom and Arista’s names at the top.

The other vendor at NFD23, AirVine, was quite interesting but did not present anything relating to network management.

Conclusions

  • The network management table stakes are going up significantly. Your legacy network management products probably don’t come close to doing the above list of things. They require a lot of care and feeding, and the CLI is often preferable for troubleshooting. So while I don’t necessarily advocate just throwing out the old product right now, you may want to start looking at what the new products do.
  • Another decision is vendor siloed products versus broader products that support multiple vendors’ network devices. Tools from Juniper, Arista, or Cisco will likely work best on some subset of the vendor’s equipment, and poorly or not at all on other equipment. The trade-off (channeling Russ White here) is they may be more tightly integrated across that vendor’s platforms. Multi-vendor products may instead be broader across hardware but shallower, due to sticking to common features.
  • It feels to me like the early days of telemetry. I expect vendors to keep evolving to more and deeper telemetry and related reporting / alerting. Some of what little I’ve seen so far of router/switch telemetry looks like updates out of a YANG device model, providing the ability to detect state changes and measure performance, interface counters, etc. Will there be standards across vendors? If so, how soon, three years, five years, longer?

Also Noteworthy

A couple of the demos showed automation using API’s to couple together separate tools. That demonstrates the power of having a developer person who is good at API’s and gluing applications together. Ahem, integrating applications.

Some of the products were available in both cloud and on-prem versions. On-prem in case you have concerns about data retention/nationality where it is stored.

References

If you want to start viewing the video recordings of NFD23, follow that link and click on the appropriate vendor icon. That’ll take you to a page listing the videos available as well as blogs, both for NFD23 and prior Tech Field Day events.

   

Disclosure statement 

 

Nick Kelly

Cybersecurity Engineer, Cisco

Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.

 

Virgilio “BONG” dela Cruz Jr.

CCDP, CCNA V, CCNP, Cisco IPS Express Security for AM/EE
Field Solutions Architect, Tech Data

Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.

 

John Cavanaugh

CCIE #1066, CCDE #20070002, CCAr
Chief Technology Officer, Practice Lead Security Services, NetCraftsmen

John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services.  Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.

He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.