Cisco launches an ‘intent-based’ networking approach using machine learning

Ian Scales
By Ian Scales

Jun 21, 2017

via Flickr © Prayitno (CC BY 2.0)

via Flickr © Prayitno (CC BY 2.0)

  • Biggest thing since sliced networks
  • Cisco claims adherence to 'intent model' with new approach
  • Critic implies move more closely resembles the Cisco 'hype model'

Cisco has unveiled what it’s calling “intent-based networking solutions” which, it claims, are the culmination of its vision to create “an intuitive system that anticipates actions, stops security threats in their tracks, and continues to evolve and learn. It will help businesses to unlock new opportunities and solve previously unsolvable challenges in an era of increasing connectivity and distributed technology.”

Cisco’s pitch is that companies are currently managing their networks through traditional IT processes that are not now sustainable as the network grows and gets more complex  - there are just too many buttons to push and adjustments to be made, so the  whole construction is becoming unmanageable, it claims.

So in response  Cisco's says it’s harnessed the concept of ‘intent networking’ to create an “intuitive system that uses AI and machine learning to  constantly learn, adapt, automate and protect, to optimize network operations and defend against today's evolving threat landscape.”

The broad idea of an ‘intent model’ is easy enough to understand and one of its most robust originators and promoters has been Tom Nolle of CIMI Corporation who, as I thought he might, has popped up today with a timely blog post on the Cisco launch.

Tom has long maintained that the problem with SDN/NFV (and the reason that it hasn’t taken hold as quickly as it might) is because it isn’t defined by any goals set for it. Rather, it has become a big pile of technical capability labelled vaguely as ‘agility’, ‘OpEx savings’, ‘ecosystem’, ‘technical community’ and so on. All very clever and worthwhile, but in and of itself not a proposition that works particularly well when placed before a  Chief Financial Officer.  “Yes, but what revenues will it drive for us to justify the cost and risk?” he might ask.

An intent model (and an Intent-driven network) turns things around and posits abstract network objectives (the intent) and then has the network figure out how it’s going to deliver these using AI and machine learning to constantly refine its approaches. This technique also works well to tackle network security, which is what Cisco’s announcement (see below) is mostly about.

Here is Tom’s definition of intent networking from today’s blog.  He maintains it’s very much a way of creating deterministic network services when and where they’re needed.

“Best effort (network performance) is increasingly not good enough in a competitive market, but nobody wants to go back to full determinism (where the network delivers exactly the right data at the right speed and latency) to achieve something better—the cost would be excessive.  The alternative is to somehow couple service requirements into packet networks in a way that doesn’t break the bank. In an intent model, elements of infrastructure are abstracted into a black box that asserts interfaces and an SLA but hides the details.  Intent modeling is therefore a way of looking at how to express ‘how deterministic’ a network has to be.  It also leaves it to the vendor (and presumably the network-builder) to decide how to fulfill the intent.” he says.

“Intent modeling is an incredibly important tool in realizing the benefits of virtualization and infrastructure transformation, because it lets operators create abstract building-blocks (intent-based black boxes) that combine to build networks, and that then evolve internally from legacy to modern technology.  A good evolutionary intent model has to be anchored in the present, and support the future.”

So what does Tom think about Cisco’s adoption of ‘intent’?

“Cisco’s approach to transformation has always been what cynics would call “cosmetic”, he says. “There really isn’t much new in the Cisco intent approach.  Cisco has always been an advocate of “policy-based” networking, meaning a form of determinism where the goals (the “intent”) is translated into a hierarchy of policies that then guide how traffic is handled down below.  his is still their approach, and so you have to wonder why they’d do a major announcement that included the financial industry to do little more than put another face on a concept they’ve had around for almost a decade.”  Harsh but fair.

Cisco’s announcement in detail - it’s all here

With this new approach, Cisco is changing the fundamental blueprint for networking with reimagined hardware and the most advanced software. This shift from hardware-centric to software-driven networking will enable customers to experience a quantum leap in agility, productivity and performance. The intuitive network is an intelligent, highly secure platform — powered by intent and informed by context:

Intent: Intent-based networking allows IT to move from tedious traditional processes to automating intent, making it possible to manage millions of devices in minutes — a crucial development to help organizations navigate today's ever expanding technology landscape.

Context: Interpreting data in context is what enables the network to provide new insights. It's not just the data that's important, it's the context that surrounds it — the who, what, when, where and how. The intuitive network interprets all of this, resulting in better security, more customized experiences and faster operations.

Intuition: The new network provides machine-learning at scale. Cisco is using the vast data that flows through its networks around the world, with machine learning built in, and unleashing that data to provide actionable, predictive insights.

The technologies that power the intuitive network

Cisco Digital Network Architecture (DNA) provides customers with a portfolio of innovative hardware and software to bring the new era of networking to life. Today Cisco is introducing a suite of Cisco DNA technologies and services designed to work together as a single system and empower customers to move at digital speed:

DNqA Center: An intuitive, centralized management dashboard providing IT teams with an intent-based approach spanning design, provisioning, policy and assurance. With full visibility and context across the entire network, DNA Center allows IT to centralize management of all network functions.

Software-Defined Access (SD-Access): SD-Access uses automated policy enforcement and network segmentation over a single network fabric to dramatically simplify network access for users, devices and things. By automating day-to-day tasks such as configuration, provisioning and troubleshooting, SD-Access slashes the time it takes to adapt the network, improves issue resolution from weeks and months to hours, and dramatically reduces security breach impact. Initial analysis with field trial customers and internal testing have shown a reduction in network provisioning time by 67%, improved issue resolution by 80%, reduced security breach impact by 48%, and opex savings of 61%.

Network Data Platform and Assurance: This powerful new analytics platform efficiently categorizes and correlates the vast amount of data running on the network and uses machine learning to turn it into predictive analytics, business intelligence and actionable insights delivered through the DNA Center Assurance service.

Encrypted Traffic Analytics: Today, almost half of cyber-attacks are hidden in encrypted traffic and this number keeps growing. By utilizing Cisco's Talos cyber intelligence and machine learning to analyze metadata traffic patterns, the network can identify the fingerprints of known threats even in encrypted traffic, without decrypting it and impacting data privacy. Only Cisco can enable IT to detect threats in encrypted traffic with up to 99% accuracy, with less than 0.01% false positives. As a result, the new network provides security while maintaining privacy.

Catalyst 9000 Switching Portfolio: Cisco is introducing a new family of switches built from the ground up for the new realities of the digital era, centered on the demands of mobility, cloud, IoT and security. The Cisco Catalyst 9000 delivers unmatched security, programmability and performance by innovating at the hardware (ASIC) and software (IOS XE) layers.

Software Subscription: Cisco is now making software subscription an essential element of its flagship campus switching portfolio. When purchasing the new Catalyst 9000 family of switches, customers will access the DNA software capabilities by subscription, either via pre-bundled Cisco ONE software suites or a-la-carte components. Available across the entire enterprise networking portfolio, Cisco ONE software provides businesses with access to ongoing innovation, budget predictability, and a more agile way to consume the technology.

DNA Services: To help customers embrace intuitive networking with speed and confidence, Cisco has created a new portfolio of services that leverage our proven experience, best practices and innovative tools. Whether customers are looking to transform their entire network or integrate new security and automation capabilities into their existing network, Cisco has a comprehensive lifecycle of advisory, implementation, optimization and technical services to help them on their journey. Cisco channel partners can also resell these services and build networking practices that incorporate software, security, automation and analytics for their customers.

Developer Center: Cisco is releasing a new DevNet DNA Developer Center with resources to help developers and IT professionals create network-powered applications and integrate them within their IT systems and workflows. This includes new learning tracks, sandboxes, and developer support resources for using APIs and building skills.

Email Newsletters

Sign up to receive TelecomTV's top news and videos, plus exclusive subscriber-only content direct to your inbox.