Since making our platform available, many of the world’s largest banks, telcos, and IT companies have come to rely on Forward Networks to keep their networks healthy and operated efficiently. From the CTO to a junior engineer, people quickly grasp the value of what the Forward Platform can deliver, like turning a common 4-hour task into a 4-second query, or discovering a hidden device misconfiguration before it turns into a costly outage.
But exactly how are these organizations using the Forward Platform? Furthermore, how are they translating the platform’s usage into business value? Allow me to explain in detail, with real customer examples.
Reducing the Cost of Operating Networks
To start, a primary area where the Forward Platform delivers value is in its ability to reduce operating costs by eliminating the most painful and manually intensive activities of network management. Typically, when a network engineer needs to verify a config, debug an issue, or answer any basic question about network operation, he or she must undertake a manual and lengthy CLI-driven process — going line-by-line, rule-by-rule, and box-by-box — using ancient tools like ping, traceroute, SNMP, and netflow.
With the Forward Platform, customers gain the ability to quickly view, analyze, and act, using simple searches that can instantly find any device, its connections, and traffic paths. This approach significantly reduces the man-hours typically required for network troubleshooting and root-cause analysis which, in turn, lowers mean time to repair.
One of the largest telcos in the world chose the Forward Platform to maximize the speed and cost efficiency of its network operations workflow. Prior to using Forward Networks, this telco’s network teams were over-burdened with labor-intensive debugging and maintenance activities associated with its 100,000 network devices. Engineers would troubleshoot network issues by logging into devices on a box-by-box basis in an attempt to infer behavior and divine the root cause of problems. Such a manual approach was not only time-consuming and fraught with error, but inherently reactive. This put the telco’s network engineers and operators on the defensive, where they were constantly working from behind in a continual fire-fight.
By adopting the Forward Platform, this telco customer is now able to search network behaviors and potential traffic flows quickly and at scale. Using the Forward Search capability, these queries show not just where the traffic can go, but also show all the relevant configuration and state details that explain how that traffic gets handled. This has eliminated time-consuming network discovery and troubleshooting efforts, allowing them to get ahead of problems before they become business-impacting. Anecdotally, the telco calculated that where it once took 4 man-hours to audit the configuration correctness of a single core switch or router, this effort is now completed in a matter of seconds with the Forward Platform.
Increasing Network Reliability & Resilience
A second area where the Forward Platform delivers customer value is its ability to substantially mitigate the risk of human-induced network outages. Even the most skilled network engineer can mistype a filter list, fat-finger an IP address, or misconfigure a trunk interface, or forget to update a network diagram with newly added devices. These errors can have a cascading effect on the behavior of hundreds or thousands of devices. In our experience, no network is completely free of this type of error.
Our customers are using the Forward Platform as a network assurance solution to detect these problems before they manifest into some business-impacting incidents. Furthermore, the platform can be used to pre-validate that device configuration changes are not just policy-adherent, but safe to make before they are rolled into production.
One of the world’s largest financial institutions is using the Forward Platform to continually audit the configuration correctness of their networks. They had experienced a series of major outages that were due to latent network device misconfiguration. As a notable example, one of their engineers incorrectly set the Maximum Transmission Unit (MTU) on a router which was critical to keeping their retail branch network up and running. This MTU mismatch was never noticed and had no immediate impact on the branch network. However, six months after the engineer originally made the error, traffic with large packets caused a cascading failure, resulting in a 6-hour outage spanning 200 branch sites.
With the Forward Verify capability, this bank is now able to continually audit the configurations of its network devices to proactively identify any new or latent errors, ranging from configuration issues like VLAN and MTU inconsistencies, duplex mismatches, IP address duplications, and routing loops, to more sophisticated ACL policy errors or traffic reachability issues. This capability has enabled their network teams to isolate and remediate these problems before they disrupt any service.
Furthermore, using the Forward Predict feature, the platform enables their network teams to test that new configuration changes do not violate network policy or intended behavior prior to them being rolled to production. Specifically, whenever the bank is making access control list changes on their firewalls, they are able to pre-test these changes to ensure perimeter security compliance policies are always enforced before any change is committed to production. Taken together, these capabilities have helped the bank increase the resiliency and reliability of their networks by eliminating device misconfigurations and change-induced errors.
Getting Started with the Forward Platform
In any large organization, network chaos knows no boundaries. But how do our customers get started in their journey to tame this chaos with Forward Networks? To start, we offer every prospective customer free access to the Forward Platform to run an audit of their network. In this effort, our customers can deploy the platform to model and verify the configuration correctness of a subset of their network. Invariably, the Forward Platform will identify a variety of issues, ranging from outage-inducing device misconfigurations to higher-level traffic or security policy violations. Customers then typically file tickets to repair these issues in the production equipment. As a one-time audit of a portion of their production network, our customers are able to experience the value of the Forward Platform first-hand and free-of-charge.
Get in touch with us and let us show you how we can do the same for your network: Request a Demo