“The network automation market is evolving from operationally focused network configuration and change management tools, to policy-based tools and orchestration tools, and — in rare, forward-leaning use cases — more strategic and business-aligned, intent-based networking systems” – Gartner
We couldn’t agree more. Tufin has long been focused on an automated, policy-based approach to meet business demands and eliminate the tradeoff between agility and security by reducing the complexity and risk that result from manual configuration changes. The Gartner report “Market Guide for Network Automation”, published in March 2018, raises some interesting points for network teams and the need to embrace automation to meet the growing demands that are placed upon them.
In this report, Gartner defines the network automation market as “tools that automate the visibility, troubleshooting, reporting and maintenance of virtual and physical network device configurations, supporting opportunities to lower costs, reduce human error and improve compliance with configuration policies.” 
As evidence of the importance to adopt automated processes, the report points to network automation software/tools as the most strategic networking investment organizations are planning in 2018.
4 Key Drivers for Network Automation
Networks are growing increasingly more complex and most enterprise organizations have multi-vendor, multi-cloud configurations. At the same time, they are trying to meet demand with limited resources and streamline their change processes. They also can’t ignore the future of containers and serverless computing. If IT teams can’t keep up with the rapid pace of business change, application developers will find ways to work outside of basic controls to meet the needs of the business. When this happens, vulnerabilities are inadvertently introduced. Without automation, organizations will never meet demand and risk will continue to rise.
Gartner highlights a growing need for new approaches, tools, and technologies that facilitate automated, policy-driven, change and configuration management with the top four drivers as:
- Improving agility and responsiveness to business demand
- Monitoring, optimizing or securing the network more effectively
- Lowering maintenance and service costs
- Simplifying the network
Network Automation Maturity
The Market Guide for Network Automation highlights four stages of Network Automation beginning with Network Configuration and Change Management, moving to Orchestration, advancing to Policy-based Automation and the highest level being Intent-Based Networking Systems where business intent and network configurations are in synch.
We feel this is very much in-line with the Tufin philosophy that you first need to gain visibility into the network landscape, including on-prem devices, hybrid cloud workloads and containers. Once you can visualize the environment, you can monitor and analyze configuration changes across the enterprise to understand the impact and orchestrate change across multi-vendor, multi-cloud environments.
Policy-based automation is then possible, where network and application configurations are analyzed, optimized, and automated to ensure proper execution of changes and to maintain connectivity uptime. The maturity model for network policy orchestration, developed by Tufin, follows a similar process and accomplishes this last phase of intent-based networking through zero-touch automation, where network configurations are executed according to the intent of the business (i.e. security policy) and fully or semi-automated according to risk tolerance to ensure continuous security.
Culture Shift to NetOps 2.0
Gartner notes “another driver observed during the past six to 12 months is a noticeable shift in culture across network and IT operations teams and the use of automation across the network domain. Previous attitudes of cultural resistance and reluctance to modify standard operating procedures that may have evolved organically persist across many organizations. However, a growing number of network and IT operations teams have begun to realize that they need to become more agile and responsive to heightened business expectations and more-demanding end users.”
In what has been dubbed NetOps 2.0, (see the February 2017 report “NetOps 2.0: Embrace Network Automation and Analytics to Stay Relevant in the Digital Business Era”) Gartner believes that while “the need for deep-domain networking skills won’t disappear, network operations requires a significant rethink if it is to adapt to future technology and process demands, such as agile, DevOps, the Internet of Things (IoT), cloud and software-defined infrastructure.”
In the Market Guide, Gartner states that “the adoption of NetOps 2.0 principles can come about only by embracing automation in a systematic and strategic manner.”
Recommendations for Network Automation
The Gartner Market Guide for Network Automation Recommendations:
- Prioritize the process-driven, agile and business-aware characteristics of a NetOps 2.0 culture above technology procurement by adopting the right methodologies and harnessing a receptive cultural environment, so that new tooling is effective.
- Prioritize greater agility by investing in network automation tools that enable an orchestration, policy-based and IBNS-oriented approach to configuration and change management.
- Prepare your network automation tools strategy by supporting virtual network infrastructures and programmatic, open-standard APIs.
- Automate manual tasks performed more than four times a year by mandating the use of network automation tooling, particularly when there are at least 10 of the same device type present.
NetOps, SecOps and DevOps Working Together: A Security Policy-Based Approach
We see Gartner’s key findings in Market Guide to Network Automation as highlighting the need for teams to embrace automation and work together. The culture shift will demand that NetOps, SecOps and DevOps teams align goals for greater efficiency and security.
Tufin has recognized this need and provides the pathway for NetOps, SecOps and DevOps teams to find a common language that will reduce risk, improve security posture, speed up the change process, and provision applications without impeding the speed of digital transformation. A security policy-based approach provides the common ground for NetOps, SecOps and DevOps to work cohesively together to meet the demands of modern business and maximize both security and agility.
*** This is a Security Bloggers Network syndicated blog from Tufin - Cybersecurity and Agility with Network Security Policy Orchestration authored by Karen Crowley. Read the original post at: https://www.tufin.com/node/1637