If you have operational experience in running large networks then you're probably yearning to replace the traditional way of managing individual network devices via SSH with something better and more reliable. Software Defined Networking (SDN) was touted as the all-encompassing solution, but what we got instead is a heap of academic ideas, several platforms that require as much investment as an SAP deployment, and a bunch of proprietary products focused more on increasing lock-in and vendor revenue than solving operational problems.
It's time we learn from the Unix playbook and start building our network automation solutions from small reusable components... but can we make such a solution secure and reliable? Can we still protect the network from misconfiguration, management-plane attacks, or automation-caused failures? This presentation will discuss the security and reliability challenges of network automation, and describe a few potential solutions.
Ivan Pepelnjak, CCIE#1354 Emeritus, has been designing and implementing large-scale service provider and enterprise networks as well as teaching and writing books about advanced technologies since 1990. He’s the author of several Cisco Press books, prolific blogger and writer, occasional consultant, and creator of a series of highly successful webinars.