NetOps, also known as NetDevOps, is the practice of monitoring, managing, automating and operating a network using DevOps techniques, such as Agile software development, continuous integration/continuous delivery and extensive use of automation. The goal of NetOps is to use these techniques to enable rapid and accurate changes to the network in support of changing business applications. And the use of so many DevOps techniques is leading to the rise of a new type of engineer.
NetOps engineers, like DevOps engineers, rely primarily on automation and programming scripts to implement repeatable processes. But network automation has lagged behind DevOps' advances in application development primarily due to two factors:
- Culture change is required to adopt software development practices for networking.
- There is difficulty in creating a development and test environment that replicates the production network. While virtual instances of network OSes from major networking vendors, such as Cisco, Juniper and Arista, are starting to make this easier, replicating the production data flows in a test network is still a challenge.
The emergence of the NetOps engineer
Addressing both issues is leading to the rise of the NetOps engineer, a position that comes primarily out of two different disciplines:
- The most common is the network engineer who first learned about networking using the traditional command-line interface. These engineers are likely to be frustrated by the slow, error-prone process of manually making changes to device configurations. These candidates start the transition by learning software techniques that enable them to be more effective.
- The other comes out of being a DevOps engineer with interest in networking. This person is interested in applying software development techniques to network administration, possibly to help out some friendly network engineers.
What do NetOps engineers do?
The primary function of the NetOps engineer is to employ repeatable, automated processes to network operations. NetOps engineers apply paradigms equivalent to those of DevOps, in which standardized server builds reduce administrative workloads. To get there, network design must minimize design variations in favor of standardized designs to enable the automation of common processes.
This requires working with network architects to create network building blocks based on common, best practice designs. Configuration templates are then created to incorporate variables for variations within each building block implementation, such as device names, IP addresses or virtual LANs. The variables would come from a central repository, known as a network source of truth (NSoT).
NetOps engineers work with automation systems to create network device configurations from the merger of configuration templates with NSoT variables. Automation is used to deploy the resulting configurations to the production network. Changes to NSoT variables can be quickly deployed across the network, such as updating access list rules or modifying quality of service parameters.
Another function for NetOps engineers is to construct a virtual test/dev network infrastructure that matches the production network environment as much as possible. The test/dev network enables staff to test proposed network changes before deployment into the production network.
Once a test network is in place, the NetOps engineer can create processes for continuous integration/continuous delivery (CI/CD). Network engineers use the CI/CD process to verify a proposed network change, and if the change passes all tests, it could be automatically applied to the production network. This is analogous to the process DevOps teams use for server and application administration.
NetOps engineers may develop scripts for custom automations, as well as using commercial tools for common tasks. In either case, network standardization, templates and variables are key elements.
Because they are responsible for network configuration, NetOps engineers work closely with cybersecurity operations (SecOps) engineers and network architects and engineers to monitor the network for problems. A common automation task is to update security controls or validate that the network is performing as intended. To accomplish that, integration of the NetOps systems, security systems and network monitoring systems is required.
NetOps engineer skills
Critical skills for NetOps engineers include an understanding of network configuration, network protocols, software development and the languages used for NetOps. An understanding of fundamental networking concepts helps prevent needless mistakes. For example, data center networks, enterprise office LAN environments and WANs often have subtle but crucial differences. Since many different network environments are transitioning to software-defined networking controllers, the NetOps engineer should have an understanding of what's happening under the hood.
The advanced NetOps engineer understands and applies the principles of object-oriented programming, the use of abstraction layers and the concept of infrastructure as code to automation tasks. Software development paradigms, processes (including Agile), languages, tools and libraries for network automation must be well understood. Excellent troubleshooting skills are essential, both for software and for networking.
Finally, strong communications and collaboration skills are required when working with network architects, application system architects, DevOps engineers and SecOps engineers. Good reading skills are essential for understanding API documentation and applying it to build and customize automation systems.
NetOps engineer career paths
A career as a NetOps engineer can start from either software development or from networking, eventually encompassing both knowledge bases. Regardless of the starting point, curriculums like Cisco's DevNet certification are beneficial. Those starting from a software development background also should look for network associate and network professional courses. Conversely, software development courses are best for an existing network engineer. Either track should start with simple concepts and progress to learning the best practices for each discipline.
NetOps engineer job postings are currently showing expected salaries of $115,000 and higher. An experienced engineer with a background of successful implementations should expect higher compensation, particularly with higher-level certifications.