Cisco’s intent-based networking – next stop, telcos and network slicing

Cisco launched itself into the latest area of hot networking hype, intent-based networks, claiming it was “redefining the network for the next 30 years”, as CEO Chuck Robbins put it. Cisco’s announcements, and indeed most emerging intent-based networking concepts, are firmly geared to the data center. But as telco networks evolve into IT and cloud platforms, and even the mobile RAN can be run as a set of virtual network functions (VNFs) in a data centre, intent-based systems – once stripped of their hype – will certainly be closely watched by mobile operators too.

Intent-based networking has been buzzing around in the conversation about next generation enterprise and carrier networks for at least a year and a few start-ups have implemented elements of it commercially (Apstra, Veriflow and Forward Networks among them). Like SDN (software-defined networking), it is a broad concept of how a network can be run, into which many specific products and standards will fit. It is basically a new approach to lifecyle management for networking infrastructure, harnessing machine learning to plan, design and run highly agile systems in a very automated way which responds to changes in traffic, or network condition, as they occur.

The main difference from other software-driven network ideas is that the network configures itself based on an outcome mandated by the operator or the user. An operator issues a command and the network automatically configures itself to achieve that.

Its tasks can be grouped around four stages of operation, all of which can be applied to the mobile RAN and backhaul. Once an end user or operator expresses a desired outcome or policy, through commands or APIs, the system:

Ingests real time network status alerts with advanced context awareness.
Creates a network configuration in response to user request or operator policy and validates whether it is achievable.
Implements that configuration automatically across the network infrastructure, via orchestration software (e.g. if an operator defines a certain level of security for certain apps, firewalls and other elements can be configured for the appropriate users, times of day etc) . This is not about managing individual devices, but applying a policy throughout the network and its elements.
Continuously validates that the policy objective (e.g. bandwidth amount, QoS level) is being met, in real time, and takes corrective actions (e.g. modifying capacity, fixing faults, blocking traffic) when this is not so.

This extends existing ideas of intelligence, automation and agility which have been creeping into MNO thinking via virtualization, SDN, self-optimizing networks (SON) and network slicing. Indeed, intent-based networking may be very significant in making network slicing a more practical option for some operators, helping to bridge the gap between implementing SDN and creating dynamic, end-to-end slices of capacity, optimized with the right network characteristics for a particular service or user.

Machine learning is at the heart of intent-based networking, enabling the network to learn constantly about its context and use that knowledge to make ever-better decisions about tweaking and adjusting itself.

This is where the test will come for Cisco in the operator environment – whether its approach stands up against those of other organizations which are developing AI algorithms and embedding them into the functions of lifecycle management, network orchestration and preventative maintenance. From Nokia’s self-driving telco program to Juniper’s Cloud-Grade Networking (see inset), there are many takes on this issue, whether or not they are labelled intent-based.

The primary reason why machine learning is on the minds of enterprises and operators now is the looming spectre of the massive Internet of Things, one in which many millions of devices may be attached to one network. Manual engineering and optimization processes will clearly fall down at this point but Cisco claims that, with intent-based systems, network provisioning time can be reduced by 67%, and the impact of a security breach lowered by 48%. With promises like this, the vendor aims to put intent-based networking at the heart of its multi-faceted attack on the IoT world.

“We have to drive ruthless simplicity,” said Robbins, in order to accommodate a world of mobility and IoT. That means viewing the whole network holistically, since there will be no time for different siloes to set up communications, in a world of huge numbers of devices, some requiring near-real time response. In order to “turn the entire infrastructure into a single system”, Robbins added, intent-based networking will be paired with telemetry and machine learning to create a constant feedback loop that allows the network to be fully context-aware.

This clearly fits with the approach that many mobile industry players believe will enable effective network slicing. These slices will be orchestrated and assured from end to end through automated closed control loops using intent-based management, analytics and policy, says TMForum.

Cisco says its new portfolio is the culmination of its vision to create an “intuitive system that anticipates actions, stops security threats in their tracks, and continues to evolve and learn.” In fact, many of these ideas were already present in their portfolio. Tom Nolle of CIMI Research wrote in a blog post about the launch: “Cisco’s approach to transformation has always been what cynics would call ‘cosmetic’. There really isn’t much new in the Cisco intent approach.  Cisco has always been an advocate of “policy-based” networking, meaning a form of determinism where the goals are translated into a hierarchy of policies that then guide how traffic is handled down below.  This is still their approach.”

However, the individual announcements under the voguish banner do show some significant reworking of established offerings, and over time, the intent-based technologies will appear in a wide variety of Cisco products, so that the intelligence and intuition can be applied to any element in a Cisco network in a holistic way.

To kick off this process, the company has made some significant changes to some of its core products, from switches to the IoS network operating system:

The DNA Center, a successor to Cisco’s Digital Network Architecture, is the brains of the intent-based system. This will be the command and control platform, communicating intent to network elements and receiving and analyzing telemetry inputs.

Catalyst 9000 switches. Cisco’s latest Catalyst models are its most programmable to date, in line with the move to a software-driven network. They are based on new ASICs which are sufficiently programmable that they can support third party applications. That will be valuable in the one of the key approaches of the intent-based system – to distribute the cloud platform, with all its analytics and AI, to the network edge. As Cisco SVP David Goeckeler said: at the launch: “If I have IoT devices, and I want to learn more about those devices at the edge of my network, I can run the applications right on these platforms.” The new switches will provide replacements for the whole Catalyst portfolio – the 9300 will replace the Catalyst 3000 line, the 9400 will succeed the 4000 range, and so on.

Upgraded IOS XE, which has been rewritten to be “open, modular, and API-driven”. Cisco has added container support and the ability to program the OS through APIs, and for the first time, the system will run third party applications.

SD-Access, new software to manage automated policy enforcement and network segmentation.

Network Data Platform, a repository that categorizes and correlates network data for use by the machine learning tools.

DNA Developer Center, which includes learning resources, sandboxes, APIs and support to help developers create applications that interface with the network.

Another interesting feature, though not directly related to intent, is a new range of encrypted traffic analytics, which claim to be able to spot malware inside encrypted traffic without decrypting it (to maintain privacy).

Robbins said 75,000 organizations are conducting field trials of the intent-based network.

Despite opening its IOS and Catalyst kimonos enough to support third party applications through APIs, the intent-based networking launch is still vintage Cisco, spurning the industry move towards open source and multivendor software networks and keeping everything firmly within its garden walls. Cisco has always relied on the pervasiveness of its equipment in most enterprises to keep customers on its platforms, and to enable it, when it does reach out to the wider world, to drive de facto standards. Since intelligent, intuitive networks rely on inputs from every part of the network, only Cisco has enough kit present to promise an end-to-end intent-based network without having to involve partners. Cisco may have to deliver its systems increasingly as software on white box hardware, but that doesn’t mean those white boxes and software shouldn’t still be all its own.

Cisco pervasiveness will be true for some operators too, as long this intent-based technology is mainly confined to their data centers and wireline or backhaul networks, where Cisco is well ensconced. But Cisco will have more of a challenge when intent-based networking extends its reach into the RAN, where the company has not penetrated the fortresses of Nokia, Ericsson and Huawei. Those vendors may not be using the term just yet, but they are pushing ahead with AI-driven, automated, intuitive and self-driving networks all the same. They tend to start in the access networks where they have unique strength, but they are moving rapidly into the data centers too, conscious that this will be the key to power in virtualized, IT-driven RANs.

A mighty clash is threatening between the traditional mobile vendors and Cisco, in the critical battle to achieve end-to-end orchestration of a virtualized, software-defined telco network, which can support slicing even in the difficult area of the RAN.

Cisco’s intent-based networking may be currently focused on its traditional customers, but if it is to rejuvenate its carrier business, it will need to ensure that their particularly demanding requirements are met. This will come to a head when operators start to plan slicing for real, and have to decide between an approach with mobile industry roots, as defined by NGMN or ETSI, and one coming from the IT industry. The same dilemma is seen in other key places within the new software-driven telco network – ETSI MEC versus OpenFog for edge computing, for instance, or OSM versus OpenStack-based ONAP for orchestration.

There will not be a strict either/or decision, and most vendors and operators will end up combining elements of both approaches. That may involve Cisco opening its garden walls a little and working more closely with partners with real telco and RAN knowledge, strategic ally Ericsson being the obvious one. For now, its new announcements may not be as radical as it would have us believe, but they do put a fashionable label on a very significant attempt to seize the initiative as the telco network turns into another IT platform.

Juniper promises a self-driving network:

Juniper Networks has launched a new family of products under the banner of Cloud-Grade Networking, to help operators and enterprises build and deploy cloud networks more rapidly and move towards the goal of self-driving networks.

Like intent-based networking over at Cisco, Juniper says Cloud-Grade Networking uses telemetry, automation and machine learning capabilities to devise and deliver services in a new way.

Its cornerstones are:
a platform-first approach
self-driving networks, which Juniper defines as combining telemetry, workflow automation, DevOps and machine learning in a single infrastructure.
software-defined security.

For the platform-first approach, Juniper has announced the Junos Node Slicing service model. Operators can run multiple services or instances on the same router, with a separate administrative design for each.

For disaggregation, it has introduced a Universal Chassis which allows operators to standardize all routing and switching deployments across the data center and the WAN in a unified way.

The vendor claims these approaches can reduce the operational complexity of managing application needs by up to 60% and reduce platform qualification requirements by up to 50%.

“The demand for cloud-based services continues to create disruption, resulting in complexity for operators and enterprises that need to pivot quickly. In order to establish a foundation to innovate across IT layers, organizations need to rethink the network,” said VP of marketing Paul Obsitnik.