NFD31 - BackBox
On the second day of Network Field Day 31 BackBox presented their automation tool.
Task Automation VS Network Automation
Network automation is still in its early stages. Some vertical industries have already adopted automation with a huge impact on business, but most enterprises are still in the study phase.
But is automating the entire network the only possible goal? Or is it possible to focus on automating tasks that are manual, require too much manual labor, and are error-prone?
I saw some great automation projects failing before anything useful was accomplished, the perfect example of how Gall's law applies to complex systems:
“A complex system that works is invariably found to have evolved from a simple system that worked. The inverse proposition also appears to be true: A complex system designed from scratch never works and cannot be made to work. You have to start over, beginning with a working simple system.”
So why is targeting a complete network automation solution so attractive? Why not start with task automation instead, and then integrate automation tools into a single orchestration layer?
Every network engineer knows some tasks are exciting, others are not.
Two of the most boring tasks are backups and software updates.
BackBox presentations clearly showed that the product is able to automate specific tasks, including:
- OS upgrades and patching
- configuration drift and remediation
- compliance checks
There is no need to discuss the importance of backups. The absence of backups means that a time bomb is ready to explode, and more likely to happen on weekends, at night. It is easy to agree backups should be automated and reliable.
What about OS updates and patches? In my experience, I usually see two approaches: some NetOps teams update only critical nodes, including firewalls/security equipment, DC/core switches, WiFi via the controller. Others extend the upgrades to the access layer, with a lot of effort in terms of cost and man-hours.
BackBox automates the upgrades (with over 180 vendors supported) turning a taks that is at the same time boring, time-consuming and critical for the network stability and security, in something almost trivial. The upgrade workflows include pre and post validations, integrations, alerts and reports.
No more excuses to run old software on the network devices!
It is quite common to see a lot of effort put into producing compliance reports, and then repeat the same work a few months later because compliance data needs to be updated.
A perfect example of a task that once automated frees up many hours of work.
Why not take advantage of a tool like BackBox and focus on something more creative?
Other tasks that fall to a NetOps team, such as configuration drift/correction and inventory management, are too often done manually or completely ignored. They are all included in BackBox ’s platform.
Last but not less important, API integrations. As I wrote at the beginning of this blog, BackBox can integrate with external tools for alerting and reporting, for inventory, and it provides API to automate tasks.
Following Gall's law the automation solution arises from the integration of working simple systems.
I’ve been a fan of network automation from the beginning, but too many times I’ve seen projects fail after trying to model all the details of the network, or stuck in a cycle of meetings to discuss all the processes involved.
What BackBox can offer is a mature product that provides immediate value and can significantly reduce the manual work of a NetOps team.
I think that’s more than enough to really take in consideration the product and stop doing some manual tasks as soon as possible.
Never make a person do something that software can do.
In case a full network automation is the end goal, BackBox has enough integrations and API to join other tools and be part of a bigger scenario.