January 26, 2017

Delivering business value with the Forward Platform

by Charlie Elliott

Since making our platform available, many of the world’s largest banks, telcos, and IT companies have come to rely on Forward Networks to keep their networks healthy and operated efficiently. From the CTO to a junior engineer, people quickly grasp the value of what the Forward Platform can deliver, like turning a common 4-hour task into a 4-second query, or discovering a hidden device misconfiguration before it turns into a costly outage.

But exactly how are these organizations using the Forward Platform? Furthermore, how are they translating the platform’s usage into business value? Allow me to explain in detail, with real customer examples.


Reducing the Cost of Operating Networks

To start, a primary area where the Forward Platform delivers value is in its ability to reduce operating costs by eliminating the most painful and manually intensive activities of network management. Typically, when a network engineer needs to verify a config, debug an issue, or answer any basic question about network operation, he or she must undertake a manual and lengthy CLI-driven process — going line-by-line, rule-by-rule, and box-by-box — using ancient tools like ping, traceroute, SNMP, and netflow.

Forward Platform — Status pane shows the most current state of the network in an interactive topology diagram

With the Forward Platform, customers gain the ability to quickly view, analyze, and act, using simple searches that can instantly find any device, its connections, and traffic paths. This approach significantly reduces the man-hours typically required for network troubleshooting and root-cause analysis which, in turn, lowers mean time to repair.

One of the largest telcos in the world chose the Forward Platform to maximize the speed and cost efficiency of its network operations workflow. Prior to using Forward Networks, this telco’s network teams were over-burdened with labor-intensive debugging and maintenance activities associated with its 100,000 network devices. Engineers would troubleshoot network issues by logging into devices on a box-by-box basis in an attempt to infer behavior and divine the root cause of problems. Such a manual approach was not only time-consuming and fraught with error, but inherently reactive. This put the telco’s network engineers and operators on the defensive, where they were constantly working from behind in a continual fire-fight.

Forward Search - Example of host-to-host query and path discovery

By adopting the Forward Platform, this telco customer is now able to search network behaviors and potential traffic flows quickly and at scale. Using the Forward Search capability, these queries show not just where the traffic can go, but also show all the relevant configuration and state details that explain how that traffic gets handled. This has eliminated time-consuming network discovery and troubleshooting efforts, allowing them to get ahead of problems before they become business-impacting. Anecdotally, the telco calculated that where it once took 4 man-hours to audit the configuration correctness of a single core switch or router, this effort is now completed in a matter of seconds with the Forward Platform.

Increasing Network Reliability & Resilience

A second area where the Forward Platform delivers customer value is its ability to substantially mitigate the risk of human-induced network outages. Even the most skilled network engineer can mistype a filter list, fat-finger an IP address, or misconfigure a trunk interface, or forget to update a network diagram with newly added devices. These errors can have a cascading effect on the behavior of hundreds or thousands of devices. In our experience, no network is completely free of this type of error.

Our customers are using the Forward Platform as a network assurance solution to detect these problems before they manifest into some business-impacting incidents. Furthermore, the platform can be used to pre-validate that device configuration changes are not just policy-adherent, but safe to make before they are rolled into production.

One of the world’s largest financial institutions is using the Forward Platform to continually audit the configuration correctness of their networks. They had experienced a series of major outages that were due to latent network device misconfiguration. As a notable example, one of their engineers incorrectly set the Maximum Transmission Unit (MTU) on a router which was critical to keeping their retail branch network up and running. This MTU mismatch was never noticed and had no immediate impact on the branch network. However, six months after the engineer originally made the error, traffic with large packets caused a cascading failure, resulting in a 6-hour outage spanning 200 branch sites.

Forward Verify - Example of visual diagnosis of failed policy check

With the Forward Verify capability, this bank is now able to continually audit the configurations of its network devices to proactively identify any new or latent errors, ranging from configuration issues like VLAN and MTU inconsistencies, duplex mismatches, IP address duplications, and routing loops, to more sophisticated ACL policy errors or traffic reachability issues. This capability has enabled their network teams to isolate and remediate these problems before they disrupt any service.

Forward Predict - Example of Predict guiding the user through problem resolution in a Checkpoint firewall

Furthermore, using the Forward Predict feature, the platform enables their network teams to test that new configuration changes do not violate network policy or intended behavior prior to them being rolled to production. Specifically, whenever the bank is making access control list changes on their firewalls, they are able to pre-test these changes to ensure perimeter security compliance policies are always enforced before any change is committed to production. Taken together, these capabilities have helped the bank increase the resiliency and reliability of their networks by eliminating device misconfigurations and change-induced errors.

Getting Started with the Forward Platform

In any large organization, network chaos knows no boundaries. But how do our customers get started in their journey to tame this chaos with Forward Networks? To start, we offer every prospective customer free access to the Forward Platform to run an audit of their network. In this effort, our customers can deploy the platform to model and verify the configuration correctness of a subset of their network. Invariably, the Forward Platform will identify a variety of issues, ranging from outage-inducing device misconfigurations to higher-level traffic or security policy violations. Customers then typically file tickets to repair these issues in the production equipment. As a one-time audit of a portion of their production network, our customers are able to experience the value of the Forward Platform first-hand and free-of-charge.

Get in touch with us and let us show you how we can do the same for your network: Request a Demo

Subscribe to our blog!

February 6, 2023
Visit Stand E08 at Cisco Live EMEA

Let the Games Begin! Cisco Live Amsterdam has officially started, and we’re delighted to be here meeting with the best and brightest of the European networking community. Stop by to say hello, and play Forward Quest to learn how easy it is to put your people back in charge of the network and register to […]

Read More
January 25, 2023
MSD Partners Leads Forward Networks $50M Series D Funding

Following 139% year-over-year growth, Forward Networks closed $50M in series D funding. The round was led by MSD Partners with support from new investors, Section 32, and Omega Venture Partners. Demonstrating ongoing support, existing investors Goldman Sachs Asset Management (Goldman Sachs), Threshold Ventures, A. Capital, and Andreessen Horowitz participated in the round. Since its last […]

Read More
January 18, 2023
Forward Networks to Host Cloud Field Day 16

I don’t know which is more exciting: the fact that there’s no rain forecast for the next two weeks or that we’re hosting Cloud Field Day 16 at the Forward Networks headquarters in Santa Clara, CA. It’s a nice dose of synchronicity that we get a break in the rain to dry out and clean […]

Read More
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram