January 26, 2017

Delivering business value with the Forward Platform

by Charlie Elliott

Since making our platform available, many of the world’s largest banks, telcos, and IT companies have come to rely on Forward Networks to keep their networks healthy and operated efficiently. From the CTO to a junior engineer, people quickly grasp the value of what the Forward Platform can deliver, like turning a common 4-hour task into a 4-second query, or discovering a hidden device misconfiguration before it turns into a costly outage.

But exactly how are these organizations using the Forward Platform? Furthermore, how are they translating the platform’s usage into business value? Allow me to explain in detail, with real customer examples.


Reducing the Cost of Operating Networks

To start, a primary area where the Forward Platform delivers value is in its ability to reduce operating costs by eliminating the most painful and manually intensive activities of network management. Typically, when a network engineer needs to verify a config, debug an issue, or answer any basic question about network operation, he or she must undertake a manual and lengthy CLI-driven process — going line-by-line, rule-by-rule, and box-by-box — using ancient tools like ping, traceroute, SNMP, and netflow.

Forward Platform — Status pane shows the most current state of the network in an interactive topology diagram

With the Forward Platform, customers gain the ability to quickly view, analyze, and act, using simple searches that can instantly find any device, its connections, and traffic paths. This approach significantly reduces the man-hours typically required for network troubleshooting and root-cause analysis which, in turn, lowers mean time to repair.

One of the largest telcos in the world chose the Forward Platform to maximize the speed and cost efficiency of its network operations workflow. Prior to using Forward Networks, this telco’s network teams were over-burdened with labor-intensive debugging and maintenance activities associated with its 100,000 network devices. Engineers would troubleshoot network issues by logging into devices on a box-by-box basis in an attempt to infer behavior and divine the root cause of problems. Such a manual approach was not only time-consuming and fraught with error, but inherently reactive. This put the telco’s network engineers and operators on the defensive, where they were constantly working from behind in a continual fire-fight.

Forward Search - Example of host-to-host query and path discovery

By adopting the Forward Platform, this telco customer is now able to search network behaviors and potential traffic flows quickly and at scale. Using the Forward Search capability, these queries show not just where the traffic can go, but also show all the relevant configuration and state details that explain how that traffic gets handled. This has eliminated time-consuming network discovery and troubleshooting efforts, allowing them to get ahead of problems before they become business-impacting. Anecdotally, the telco calculated that where it once took 4 man-hours to audit the configuration correctness of a single core switch or router, this effort is now completed in a matter of seconds with the Forward Platform.

Increasing Network Reliability & Resilience

A second area where the Forward Platform delivers customer value is its ability to substantially mitigate the risk of human-induced network outages. Even the most skilled network engineer can mistype a filter list, fat-finger an IP address, or misconfigure a trunk interface, or forget to update a network diagram with newly added devices. These errors can have a cascading effect on the behavior of hundreds or thousands of devices. In our experience, no network is completely free of this type of error.

Our customers are using the Forward Platform as a network assurance solution to detect these problems before they manifest into some business-impacting incidents. Furthermore, the platform can be used to pre-validate that device configuration changes are not just policy-adherent, but safe to make before they are rolled into production.

One of the world’s largest financial institutions is using the Forward Platform to continually audit the configuration correctness of their networks. They had experienced a series of major outages that were due to latent network device misconfiguration. As a notable example, one of their engineers incorrectly set the Maximum Transmission Unit (MTU) on a router which was critical to keeping their retail branch network up and running. This MTU mismatch was never noticed and had no immediate impact on the branch network. However, six months after the engineer originally made the error, traffic with large packets caused a cascading failure, resulting in a 6-hour outage spanning 200 branch sites.

Forward Verify - Example of visual diagnosis of failed policy check

With the Forward Verify capability, this bank is now able to continually audit the configurations of its network devices to proactively identify any new or latent errors, ranging from configuration issues like VLAN and MTU inconsistencies, duplex mismatches, IP address duplications, and routing loops, to more sophisticated ACL policy errors or traffic reachability issues. This capability has enabled their network teams to isolate and remediate these problems before they disrupt any service.

Forward Predict - Example of Predict guiding the user through problem resolution in a Checkpoint firewall

Furthermore, using the Forward Predict feature, the platform enables their network teams to test that new configuration changes do not violate network policy or intended behavior prior to them being rolled to production. Specifically, whenever the bank is making access control list changes on their firewalls, they are able to pre-test these changes to ensure perimeter security compliance policies are always enforced before any change is committed to production. Taken together, these capabilities have helped the bank increase the resiliency and reliability of their networks by eliminating device misconfigurations and change-induced errors.

Getting Started with the Forward Platform

In any large organization, network chaos knows no boundaries. But how do our customers get started in their journey to tame this chaos with Forward Networks? To start, we offer every prospective customer free access to the Forward Platform to run an audit of their network. In this effort, our customers can deploy the platform to model and verify the configuration correctness of a subset of their network. Invariably, the Forward Platform will identify a variety of issues, ranging from outage-inducing device misconfigurations to higher-level traffic or security policy violations. Customers then typically file tickets to repair these issues in the production equipment. As a one-time audit of a portion of their production network, our customers are able to experience the value of the Forward Platform first-hand and free-of-charge.

Get in touch with us and let us show you how we can do the same for your network: Request a Demo

Subscribe to our blog!

November 10, 2022
Why You Should Care About Vendor Hack Weeks

Hack weeks and hack-a-thons are like foosball tables; if you don’t have them, are you even a tech company? These events, once revered for innovation, are now relegated to being blasé and often perceived as little more than playtime for engineers. As someone who’s worked in tech for longer than I care to admit, I […]

Read More
October 13, 2022
How do you know a software rep is lying?

A customer posed this question to me recently; after pausing and smiling (a little too) broadly, he continued, “Their lips are moving.” I thought this would be funnier if it weren’t partly true. The software industry has over-promised and under-delivered for years, making technical executives rightfully skeptical when they hear a new promise. Unfortunately, it’s […]

Read More
September 20, 2022
When is a Digital Twin Entertaining?

When it’s ensuring that tens of thousands of visitors have the best experience possible every single day. Keeping people entertained is a 24/7 endeavor, even the smallest hiccup results in a social media firestorm. Keeping things running requires thousands of dedicated employees and a staggeringly complex network that sprawls the area of a major city […]

Read More

Sign up for our newsletter

crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram