Intent-based networking will "revolutionise the data centre"
There are a number of new technologies bursting on the scene with promises to change the way data centres operate.
Apstra chief technology officer Sasha Ratkovic says intent-based networking is one of them as it works to allow companies to run their networks reliably and cost-effectively while offering more agility and control.
The hard problem to achieving that is determining how to compose the complex infrastructure capabilities in order to serve business needs in the presence of constant change in device capabilities and business rules.
“Dreaded ‘brown-field’ environments are a testament to the fact that in complex environments dealing with changes gets progressively more and more difficult until the ability to evolve finally stalls. With Intent-Based Networking, the premise is that knowing the intent and understanding how it is implemented makes dealing with change safer and predictable,” says Ratkovic.
“One set of changes comes from the operator in the form of a business rule change or policy change. Even more challenging ones (as you don’t control them) are changes coming from the infrastructure in terms of operational status changes or failures. So by definition, Intent-Based Networking deals with all phases of network service lifecycle: design, build, deploy and validate, as each of them involve some specification of user’s intent or validation that the intent has been met.”
Ratkovic believes intent-based networking is a foundational technology being used to enable intent-based data centre automation to address business transformations like digital overhauls, cloud adoption, mobility proliferation, advanced applications, pervasive IoT, and end-user demands.
“The composition problem mentioned earlier is a consequence of the fact that today’s data centers act as scale-out computers and there is a need to compose this infrastructure consisting of compute, network, and storage. But this is only one dimension of this composition problem,” says Ratkovic.
“Another dimension is how do you incorporate complex business rules and policies? Infrastructure capabilities, as well as mechanisms to consume them, are subject to constant change. And the situation with business rules is even worse, both in terms of the frequency and the complexity of the changes.”
Ratkovic says every time that a change occurs, operators are forced to perform some composition.
“If you take something out, is what remains still acting as a coherent whole? If you add or modify something, is the new composite valid? With a single compute virtualisation node, the problem the operating system must deal with involves partitioning resources as well as dealing with isolation,” says Ratkovic.
“Hypervisor was a vehicle for compute virtualisation. But with the data center acting as a scale-out computer, the distributed operating system first has to perform composition and only then again resource partitioning and isolation. But if you fail at composition due to changes in infrastructure and business rules, you will never even get to consuming your precious and expensive scale-out compute resources. So in some sense Intent-Based Networking is your data center hypervisor.”
Software-defined networking (SDN) is rife around the world among data centres and IT departments, and Ratkovic is confident the same will be true of intent-based networking.
“The earliest incarnations of Intent-Based Networking started 4-5 years ago and the technology advances since then are impressive. Aside from technology it takes our collective response to embrace opportunities presented by technology to make it mainstream,” says Ratkovic.
“We are seeing intent-based data centre automation which is built on intent-based networking, distributed system architecture, and vendor-agnostic overlay being deployed by several marquee customers which is an indication that the shift is happening. The feedback from the early adopters is phenomenal.”
Ratkovic says customers are reveling in the freedom of choice because to stay competitive they need to enable advanced services by composing and leveraging best of breed capabilities across vendors.
“Choice also offers these businesses cost control. Intent-based networking allows them to compose a reliable system out of a disaggregated networking stack. It allows them to deal with their infrastructure by managing it as a fleet (“cattle”) of disaggregated, replaceable commodity components,” says Ratkovic.
“They also have the option to build their masterpiece snowflake out of more expensive, brand name components (“pets”). Once they make a choice, they may want to preserve that capability in the future. You don’t want to be free to make a choice and then be locked in by it. To stay competitive you need to be nimble in the presence of change and evolve with your digital transformation.”
Ratkovic says there are a number of other positive aspects brought in by intent-based networking, which include:
- Reduces the kind of work tied to running a production services that tends to manual, repetitive, automatable, and devoid of enduring value.
- By enabling a declarative specification of a desired outcome, it greatly simplifies all phases of a service lifecycle and reduces the chance of human error.
- Reduces the time to debug and fix problems as it delivers a context rich operational state which allows extraction of knowledge from the raw telemetry, providing actionable context rich anomalies to identify root causes and identify gray failures.
“Given the above excitement that Intent-Based Networking solutions provide and the traction they are getting I am very optimistic about intent-based networking becoming widespread,” says Ratkovic.
And finally, when it comes to how Apstra is looking to blaze a trail in this market, Ratkovic says the company’s solutions are empowering intent-based data centres with intent-based networking, a distributed system architecture, and a vendor-agnostic overlay.
“Our strategy is rooted in building the solid foundation and not cutting corners. The composition problem described earlier is a hard problem to solve and chasing opportunities at the cost of quality is short-sighted strategy, embraced by many and doomed to fail. Our unique funding structure allows us to spend time solving the problems in a manner that produces reliable, testable and maintainable software,” says Ratkovic.
“Our co-founder David Cheriton used to say that when you build a bamboo hut, it happens fast, you get instant gratification but then after the first storm it is gone. On the other hand when you build a skyscraper you first go down for few years with everyone around you wondering what is going on, but once you emerge above the ground level adding floors becomes fast. This is where we are now and it is without a doubt the most exciting and creative time you can imagine!”
Source datacentrenewseu
Industry: Data Centre News
Latest Jobs
-
- Public Sector Cyber Security Sales | UK
- England
- N/A
-
Public Sector Cyber Security Sales | UK UK | Remote / Hybrid A cyber security provider is seeking a Public Sector Sales professional to drive growth across UK government and public sector organisations. Must have current Cyber Security sales experience. Responsibilities Generate new business selling cyber security solutions into UK public sector Build relationships with CIO, CISO and senior technology stakeholders Manage the full sales cycle from opportunity to contract close Develop pipeline across central government, local government and public sector bodies Support bids, tenders and framework opportunities Experience Proven cyber security sales experience in the UK Track record selling into public sector organisations Familiarity with CCS, G Cloud or other government frameworks Strong stakeholder engagement and deal management skills Location UK based Security Requirements Eligible to obtain UK Security Clearance
-
- Security Architect | MoD - Security Cleared. OUTSIDE IR35 | Hampshire
- N/A
- Outside IR35
-
Security Architect | MOD | Security Cleared | Outside IR35 | Hampshire Commutable The successful candidate must be willing to undergo DV Clearance, ideally already holding active clearance. You will produce high and low level security architecture documentation, guiding and validating designs for systems deployed within sensitive environments. The role requires providing specialist security input into solution design, service transition and change initiatives, working closely with engineering, operations, client and third party stakeholders. You must have current hands on architectural experience, including VMware secure platform design and virtualisation architecture, alongside AWS expertise. This is an outside IR35 contract- 6 month rolling. Part of a longer term MoD project
-
- Active Directory | RBA engineer | UK Remote | SC Clearable
- United Kingdom
- N/A
-
Technical Active Directory (AD) and RBA specialist needed to play a key part in complex, enterprise scale Active Directory and access transformation programmes. You will work alongside senior team, helping reshape access models, modernise legacy directory structures and strengthen security posture across secure environments. This is hands on delivery within high impact projects where your work directly improves access control, compliance and operational resilience. Active UK Security Clearance required. This is a remote role with client travel. Implementation of Role Based Access Control across large AD estates Restructuring complex permission models, security groups and delegated access Supporting domain controller upgrades and core directory improvements Applying security hardening standards and remediating audit findings Enhancing authentication, policy and access governance frameworks Troubleshooting and resolving technical AD challenges within live environments Producing robust technical documentation and identifying project risks You must have the following technical experience Enterprise Active Directory administration Role Based Access and permission remediation OU design and governance Group Policy management Security group delegation models DNS and DHCP services Kerberos authentication / NTLM PowerShell scripting and automation Azure AD | Entra ID Hybrid identity environments Identity Governance PAM
-
- Identity and Access Management Consultant (Saviynt & Microsoft Entra) | UK
- United Kingdom
- N/A
-
Role summary Technical IAM consultant delivering identity governance and cloud identity solutions to enterprise clients. What you will do Implement / Configure / Deploy Saviynt IGA / Microsoft Entra solutions: Lead technical workshops, gather requirements and translate into solution designs. Troubleshoot complex issues, support testing and deployments. Produce technical artefacts and configuration guides. Key skills Hands-on Saviynt IGA experience (workflow, connectors, access governance). Strong practical knowledge of Microsoft Entra ID / Azure AD identity and access controls. Understanding of identity protocols (SAML, OAuth, OpenID Connect) and hybrid identity. Experience with APIs / REST for integrations and automation. What we are looking for Proven delivery experience in IAM / IGA projects, preferably in consulting. Confident communicator with client-facing delivery exposure.