“What we’ve announced has fundamentally redesigned how we help our customers design, manage and scale their networks,” says Shenoy. “We’re calling that a network that is intuitive, one that can constantly learn from itself and from the data it sees, constantly adapt to the changing business demands and then constantly protect against advanced threats.”
But Lerner, the Gartner analyst, says that all together, the software and hardware components Cisco announced do not amount to a full-fledged IBNS. “It’s a platform that should enable intent driven network management in the future,” he says. “Except for some discrete, tight use cases around configuration, it’s not quite completely glued all together yet.”
The system at this point, he says, lacks the ability to take a policy defined at a high level and have the system configure the network to match the desired state. As of now, Lerner believes the system still has a degree of network configuration intricacies and nuances that could make it difficult to onboard. As Cisco develops the product he expects more abstractions will be created to push it closer to an IBNS.
What it will be used for
Tompkins, the Scentsy network architect, is optimistic the advanced automation capabilities Cisco announced this week will be benefit his 125-person IT shop that runs the company’s development, ecommerce and logistics operations.
Scentsy was an early customer of Cisco’s Unified Computing System (UCS), is running Cisco’s Application Centric Infrastructure (ACI) and is one of the few customers that has trialed the intent-based networking gear.
During the recent Wannacry vulnerability, Tompkins wanted to ensure that a specific port was shut down throughout his network and an intent-based system could execute that policy change easily, he says. Doing that process manually is not only cumbersome, but a potential security risk because it’s difficult to ensure the ports have been shut down on all devices.
Tompkins is also excited about the ability to more granularly enforce policies based on user activity and role. A system like this could, for example, ensure that workers only have access to core company data during normal business hours. “These are decisions made at the policy level, and applied at the network level,” and he says they’re done without managing the “minutiae of access controls.”
Rohit Mehra, vice president of network infrastructure at IDC says elements of intent-based networking, specifically around policies and context, have been around for a while. “This is taking policy enforcement to the next level,” he says. “It uses a combination of intent and context, based on what the application is, who the user is, what the device is, and automates the network management to actually get to the desired state of what you want the network to do,” he says.
Cisco did not release pricing details for the new software and hardware it announced this week.
Sign up for Computerworld eNewsletters.