Network Management Interoperability Technical Exchange Session D: What is the role of automation in network management? Session Facilitator: Charlie Williams III Senior Network Systems Engineer MITRE 1 * * There is a clear interest in SDN * SDN provides a south-bound interface to applications. SDN may provide an entry to automation * * SDN may provide entry to automation * Discussed the Opex vs Capex of SDN based solutions comparing to traditional network management PBNM would work with SDN to guide decisions. It is necessary to clearly define the mission needs by stakeholders to develop the policies Soldiers should be left out of the loop as much as possible. The network should be automated to support soldiers. Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • To what degree is automated management and reaction feasible? Where is the human touch still needed? Inputs: • What SNMP v3 vs SDN cost benefit analysis on config management • SDN is to control the network. SNMP gathers the mgmt data. SDN does not req SNMP. But, can use the protocol. • What is the def of SDN? It is grammatically control the network, network programmable. It control data flow through the network • It may have adaptor using SNMP v3. not there are IA concerns. Concerns on how to secure it. • SDN is more than Openflow. • Automation from good understanding of the operation. • What is tracking record on cost of SDN? It may reduce cost. As it reduce number of operators of the network. SDN enables queries to performance matrix. Use cases are more on user request of resources. At tactical edge. Like one connect a modem to the network gets auto config. It can collects data that people can make correlation of them • Daily operation cost can be reduced by SDN. In the case of failure, that is not automatically recoverable. It may req operator intervention. How to recover should be considered. 3 * Mgmt at tac level. Who is in control of the network? Integration with big SDN interface? Cisco is on SDN, may provide appl. Using some open stnds. * Router, firewall, switch may use similar product. Policy shall appl to all of them. Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • What role do Software Defined Networking (SDN) and Policy Based Network management play in achieving automation? Inputs: • How pbnm may help? Policy may be given to SDN controller. • New firewalls are looking at layer 3 and above. Can we mgmt together with routers? • Openflow works at many layers. Controller functions. SDN supports unified policy that applicable to all layers.Dod has policyn at different levels. Routing policy diff from session policy. Don’t want single point of failure • Constrained env vs tac edge. Tac network is more dynamic. It has BW constrains. No FIOS to fox holes. Today QoS policy is hard to do. • What is Policy app to tac, mobile network. What is the cost. Centralized network control may not work. Must be simple. Hyb solution may most likely. And distributed. • Logical centralized vs actually centralized. if centralize refers to common policy, then that might work. One controller could be the primary. End nodes make their decision. Central node has overall view. Node has autonomy. Hyb may most likely. 5 Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • What role do Software Defined Networking (SDN) and Policy Based Network management play in achieving automation? Inputs: • How pbnm may help? Policy may be given to SDN controller. • New firewalls are looking at layer 3 and above. Can we mgmt together with routers? • Openflow works at many layers. Controller functions. SDN supports unified policy that applicable to all layers.Dod has policyn at different levels. Routing policy diff from session policy. Don’t want single point of failure • Constrained env vs tac edge. Tac network is more dynamic. It has BW constrains. No FIOS to fox holes. Today QoS policy is hard to do. • What is Policy app to tac, mobile network. What is the cost. Centralized network control may not work. Must be simple. Hyb solution may most likely. And distributed. • Logical centralized vs actually centralized. if centralize refers to common policy, then that might work. One controller could be the primary. End nodes make their decision. Central node has overall view. Node has autonomy. Hyb may most likely. 6 • In joint network, how does SDN wk – a policy issue • How to exchange route between SDN domains? Stnd working on this. * Army. Radio networks sharing SA. How allows who to joint network. * SDN may help. N SDN domains. Q is at what level – at BT level. SA is needed. * * * * * * * * * * * * Collaboration is needed. Expert system can help O6 to make better decision. Provide knowledge base to assit his job. What course of action. What about risk? Human shall be in the loop. Can we program for every situation? SDN has the same issue. Network is not aware of application. What are their req. SDN need that to be defined. What is the traffic model? SDN south-bound interface may help. To interact with applications. North bound interface is still be worked. S3 vs S6 work. Now each layer has its state. In BW constrained network has to be rules and understanding of the constrains. SDN and LTE network. SDN does not fix phy problem. It can reduce manual labor. Software helps work. SNPP protocol, + command line interface Juniper use their command center. SDN does not need people to touch all the devices. This reduced the mgmt work load. Open issue for protection Would control inf in-band. ? It shall be out-band logically. DISA is all out band. * Would auto help interop? In Collation, automation how to protect inform/ntwork based on level of trust? * For intercon of domains, automation will help. On path control, based on config of switches. Flow data forwarded to controller, than shared and SA for the flow. Observe SA and share, improve QoS. Gets a big picture. * In and between vendor’s equip/ntwk. * Control plan shall be stnd, certified. * We are able to see latency now. Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • How do we ensure that automation is implemented consistently across disparate networks? Does everyone need to use the same rule sets? Inputs: • • • • • • • • • What really help NM interop? From a broader view. Not just SDN tech. what does automation mean to NM interop? How to support different level of echelons. Automation of ntwkr, perf, fail, config, sec and acc 5 areas? Solution vs requirements. Autom provide speed and needs. But sec Unified req for Ene-to-end solution Bus mgmt layer issues. GTPs with stnd. At CIO level. Can de described in automation point of view. Auto of ntwk mgmt. which can not should be pointed out. Bis mgmt layer is important. It may change a lot of approached. In the autom area. Some are easy. Eg. Conf, acc, . What to do with m-domain SDN? Perf mgmt. should wk from the tip of spear. i.e. starting from the field. Shall person in the loop. But the tip is not a ntwk person. Shall be automated, simple. 9 Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • How do we ensure that automation is implemented consistently across disparate networks? Does everyone need to use the same rule sets? Inputs: • • • • • • • • • What really help NM interop? From a broader view. Not just SDN tech. what does automation mean to NM interop? How to support different level of echelons. Automation of ntwkr, perf, fail, config, sec and acc 5 areas? Solution vs requirements. Autom provide speed and needs. But sec Unified req for Ene-to-end solution Bus mgmt layer issues. GTPs with stnd. At CIO level. Can de described in automation point of view. Auto of ntwk mgmt. which can not should be pointed out. Bis mgmt layer is important. It may change a lot of approached. In the autom area. Some are easy. Eg. Conf, acc, . What to do with m-domain SDN? Perf mgmt. should wk from the tip of spear. i.e. starting from the field. Shall person in the loop. But the tip is not a ntwk person. Shall be automated, simple. 10 * Automation at the low level is important. The person not understand the ntwk. Ntwk shall be aware of that. He does not need to know how to get to other end of ntwk. At each level it has different level of need for information. Need to be automated. * Satcom access, line-of-sight access, etc, need to optimal assign resources for com. * In battle field, router connected to diff com links. We set cost to routing. Condition change. Can SDN sense the link condition? No. But it can react to sensor’s report based on policy. * Army can sense the antenna conditions. Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • To what degree is automated/dynamic network reconfiguration possible? Inputs: 12 Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • To what degree is automated/dynamic network reconfiguration possible? Inputs: 13 Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • Using automation how do we efficiently and operationally impact information exchanges in both austere and challenged environments? Inputs: • Soldier as a sensor. Collecting env infor. On armo too. His main function is to pull the trigger. Shall autom other functions. 3000 RF transmitters in a BG! Not enough BW.. Need qos mgmt. • SDN may give us some hope. • soldier, tank, ntwk… shall optimize the oper of all echelons. Ntwk shall understand the mission priority and config ntwk to support the mission. • Mission may req person in loop to def mission that guides ntwk. • Impact on security. Identify the users. • Satellite tech for real time com. Use other tech for other com. May use relay site. Store-n-forward mechanism. 14 Network Management Interoperability Technical Exchange Breakout Session D: What is the role of automation in network management? • Using automation how do we efficiently and operationally impact information exchanges in both austere and challenged environments? Inputs: • Soldier as a sensor. Collecting env infor. On armo too. His main function is to pull the trigger. Shall autom other functions. 3000 RF transmitters in a BG! Not enough BW.. Need qos mgmt. • SDN may give us some hope. • soldier, tank, ntwk… shall optimize the oper of all echelons. Ntwk shall understand the mission priority and config ntwk to support the mission. • Mission may req person in loop to def mission that guides ntwk. • Impact on security. Identify the users. • Satellite tech for real time com. Use other tech for other com. May use relay site. Store-n-forward mechanism. 15 * AB-tank has N ntwks inside it. Mgmt by diff people. Acqu process may help. * PACE plan. Op order may not need to give the PACE plan. From S6 view this shall be automated. * SDN should worked on mil domain issues. To be mission centric driven. Army, DISA etc are working on this