beawolf - Fotolia

Trigger gets props among hot next-gen network automation tools

This week, bloggers look into network automation tools, incident response, and the new reality of MPLS and SD-WAN.

Thomas, a network engineer who writes under his first name only, explored network automation tools in a Packet Pushers blog. In particular, he pointed to Trigger, an open source network automation framework that differs from other network automation tools, such as Ansible, which is based on the Python Secure Socket Shell Paramiko library.

Instead, Trigger is based on Twisted, an asynchronous I/O framework. Twisted permits what Thomas called a "staggering number" of devices to be managed simultaneously because of its Conch framework and an asynchronous socket functionality.

When it comes to network automation tools, Thomas said he believes Trigger offers some unique advantages, including asynchronous execution and context switching to maintain weak connections. He added that using an event-driven architecture and nonblocking sockets offers benefits -- sockets are only acted upon when data becomes available and the program executes a callback on data from every read and write to the socket.

An additional feature Thomas cited is enabling informed decision-making across a number of target endpoints. "We can make use of the Twisted I/O library. Twisted is a solid and dependable framework, with over 10 years of development. Twisted supports all the usual clients, such as HTTP, SSH, Telnet and whatever else you want that runs on UDP/TCP [User Datagram Protocol/Transmission Control Protocol] if you have the time and patience to implement it," Thomas said. "Although modern Python supports asynchronous execution through the asyncio PEP features, they do not provide the robust client protocols that Twisted provides," he added.

Explore more of Thomas' thoughts on network automation tools.

Thinking about incident response and orchestration

Jon Oltsik, an analyst with Enterprise Strategy Group Inc., in Milford, Mass., highlighted six points that emerged from interviews he recently conducted with network security professionals discussing their incident response (IR) strategies. Among them, IR is often "anchored" in manual processes, a few key people and lots of basic tools.

Secondly, organizations try to turn to commercial tools, but often end up crafting their own simple scripts in-house. orchestration is becoming a favorite tactic, which quickly leads to automation and IR becoming proactive, rather than reactive.

"When I started covering this space a few years ago, enterprise organizations either rolled their own IR automation and orchestration solutions, or simply remained buried by security alerts and manual IR processes," Oltsik said. "Fast-forward to 2017, and IR automation and orchestration projects seem to be well under way [sic] or on every CISO's short list [sic]," he added. The result, Oltsik said, is an evolution toward a security applications and analytics platform architecture that incorporates automation and orchestration.

Dig deeper into Oltsik's thoughts on IR.

MPLS' new role

John Burke, an analyst with Nemertes Research in Mokena, Ill., highlighted the group's 2016 Cloud and Networking Benchmark, which found 18% of organizations were adopting some form of SD-WAN.

IT professionals look to software-defined WAN to provide a less expensive WAN architecture and more reliable service. SD-WAN has enabled network engineers to spot problems much sooner and prevent "brown outs" on poor-quality links that rely on MPLS and the public internet for primary and secondary connectivity. Burke said one of the promises of SD-WAN is being fulfilled: "[Engineers] are getting that more resilient and more reliable WAN."

However, when it comes to lower costs, Burke said organizations are achieving savings, albeit with one important caveat: They aren't eliminating their MPLS. Nemertes research indicated 77% of respondents have no intention of replacing MPLS in their SD-WAN environments. Even those that do plan to abandon MPLS won't take that step for another five years, Burke said.

Nevertheless, changes are afoot. WAN strategies now emphasize cheaper connectivity options, even while MPLS is viewed as the backbone of SD-WAN. Although SD-WAN may not be generating huge cost savings right now, organizations are examining how they will be able to bring down future WAN costs.

Read more of Burke's thoughts on MPLS and SD-WAN.

Next Steps

Looking into Network automation scripts

Automating network security

MPLS routing changing with the times

Dig Deeper on Network management and monitoring

Unified Communications
Mobile Computing
Data Center