Photo-K - Fotolia

NetOps vs. DevOps vs. NetSecOps: What's the difference?

DevOps, NetOps and NetSecOps ... oh my! These IT concepts have their differences, but at the end of the day, they're family. Here's how they relate.

At the dawn of DevOps, circa 2008, an idealistic IT pro might have envisioned an immediate future in which development, operations and quality assurance teams would work in collegial harmony to seamlessly and continuously create, test, secure, deliver, iterate and maintain applications and services.

More than a decade later, however, networking and security pros have been slow to join system administrators in the DevOps fold -- with enterprise IT leaders still citing unresponsive, sluggish and change-resistant infrastructure as a top impediment to DevOps' success, according to Gartner analyst Andrew Lerner.

Theoretically, IT operations -- the Ops in DevOps -- includes the network. But in fulfilling their long-standing mandate to minimize risk and maximize uptime, networking pros have historically prioritized change control over speed and innovation, putting them at odds with DevOps' iterative, fail fast approach.

As a result, the concept of DevOps matured without significant network involvement. When the typical DevOps team finishes developing an application, they throw it over the wall to the network team, which then begins its provisioning and configuration tasks.

As one disenchanted IT pro commented in response to a recent DevOps/NetOps survey by application networking vendor F5, "app developers aren't thinking about network or security; security is only marginally aware of development; networking learns of the operational changes once development is done."

But the demands of today's enterprise, in which fast and frequent application releases are paramount, require a more holistic approach.

NetOps vs. DevOps

A growing number of enterprise network pros are embracing core DevOps values, tools and practices, including automation, programmability, orchestration, virtualization, APIs and templates in an approach referred to variously as NetOps, NetOps 2.0, DevNetOps, NetDevOps and Super-NetOps. It's important to note, however, that, in some contexts, NetOps may simply be an abbreviation for traditional network operations and unrelated to DevOps.

By treating network infrastructure as code (IaC) as "products, not projects," in Lerner's words, NetOps aims to make the production pipeline more accessible to developers via automation and self-service. With IaC, DevOps can manage an application's operational environment throughout the development and testing phases rather than throwing a release over the proverbial wall and waiting days, weeks or months for network provisioning and policy configuration to be complete.

NetOps and DevOps are complementary but distinct concepts, both working to support continuous delivery (CD) of applications to end users with a high degree of internal cooperation and collaboration.

SecOps vs. DevSecOps vs. NetSecOps

Like NetOps, the term SecOps implies the use of DevOps tools and techniques to automate manual processes and support CD. More specifically, DevSecOps aims to embed security pros and testing processes within the software development pipeline itself.

Another respondent to F5's DevOps survey described security as "an afterthought" for many developers, who tend to prioritize speed over security and reliability concerns. DevSecOps addresses this issue by flagging and fixing vulnerabilities as code is written rather than after it's complete.

While DevSecOps addresses application security, NetSecOps deals with network security. As a type of NetOps, NetSecOps automates network security testing and incorporates it into production workflows alongside the previously discussed configuration and provisioning tasks.

This was last published in February 2019

Dig Deeper on Network management and monitoring