NetBox Labs, is the open-source startup behind NetBox, a tool designed specifically for network engineers and operators. It combines the functionalities of IP Address Management (IPAM) and Data Center Infrastructure Management (DCIM) into a unified solution. With this relationship, Forward Enterprise and NetBox Cloud customers:

The relationship includes a joint effort to build a bi-directional integration between Forward Enterprise and NetBox. I’m thrilled to announce that the initial release of this integration has been published in this GitHub repository!!!

It enables customers to:

Onboard a NetBox instance

Onboarding a NetBox instance can be achieved by utilizing the data discovered and collected from the network through the Forward platform. This process involves running the provided Python script available in the mentioned GitHub repository.

Fig. 1: Python script execution steps

The scripts performs the following actions:

  1. Retrieves Forward Devices and Interfaces using Forward NQE REST APIs
  2. Gathers information such as Sites, Device Types, Device Roles, Interface type, etc. from NetBox via REST APIs
  3. Translates the data from Forward into the NetBox schema
  4. Pushes Devices and Interfaces to NetBox via NetBox REST APIs

Here are two screenshots that display devices and interfaces imported into NetBox by the script:

Fig. 2: Devices imported to NetBox

Fig. 3: Interfaces imported to NetBox

Import device data from NetBox

This integration is designed for users who would like to import data stored in NetBox into Forward, either to display them in the Forward application or to create verification and compliance checks.

This integration did not require any development! It relies on features like External Sources import, NQE Queries, NQE Verifications, and NQE Decorators, which are available to all Forward customers. With Forward External Sources, customers can import data from any HTTP-based external application each time it collects information from the network infrastructure. Forward automatically infers the data schema from the imported data and stores it in NQE. Once in NQE, it can be used like any other data collected from the network.

The following screenshot shows a device card displaying data imported from NetBox:

Fig. 4: NetBox decorator

What’s next?

This is just the beginning of the collaboration between Forward Networks and NetBox Labs. Stay tuned for more exciting updates!

Meanwhile, check out the GitHub repository and feel free to provide any feedback or, better yet, contribute with any enhancement!! Reach out to Forward Networks or NetBox Labs for more information. This marks just the beginning of the collaboration between Forward Networks and NetBox Labs. Stay tuned for more exciting updates!

As one large, global financial institution prepared for employees to return to the office, its IT team identified a significant issue with the company's more than 8,000 access switches. The switches in question were used to provide connectivity to IP Phones – a crucial part of people's work across virtually all areas of the company.

In many cases, the 8,000 phones in question had essentially been unused for almost two years, as the pandemic forced people to work from home using alternate communication devices. As some users returned to the office they found the IP phones were not functioning. The bank's IT team discovered that the recently upgraded access switches had a configuration that rendered the phones inoperable due to a software defect.

Identifying the misconfigured switches was a laborious process that required engineers to manually examine the configurations of all 8,000 switches. The problem was exacerbated by the fact that the configuration wasn't consistent across the fleet of switches. This increased the complexity of identifying which devices needed to be rolled back.

At that point, the IT team turned to Forward Networks to determine whether its Network Query Engine (NQE) could simplify the process of identifying misconfigured switches and shorten the time for rolling back the configuration. NQE enables users to easily build verification checks – like those needed by the bank – that work across the entire fleet of devices in a network.

The IT team provided a list of requirements needed to identify misconfigured switches – checking for certain characteristics, ignoring others. Additionally, the IT team wanted a report of the findings so the third party could be tasked with repairing those switches.

By utilizing NQE, the bank's IT team was able to identify all of the switches that needed to be rolled back (6,000 of 8,000) in less than a day. Instead of manually trying to identify devices that were misconfigured, the financial institution's IT team was able to simply create criteria for doing so, and the Forward Networks platform did all of the work — at a fraction of the cost and in a fraction of the time. After the configuration was rolled back, the bank’s IT team was also able to use Forward Networks NQE to validate if the rolled back configuration was accurate.

Without NQE, it would have taken an average of about five minutes per switch to check for the misconfiguration. Manually checking 8,000 devices at five minutes per switch would have taken the bank's IT team at least 667 hours. By assuming a rate of $150 per hour, the bank would have spent more than $100,000 to manually complete the project. By utilizing Forward Networks and NQE to identify the misconfigured switches, the bank was able to lower the cost of the project significantly and save time.

To learn more about how you can use Forward Networks and NQE to automate labor-intensive, costly processes, schedule a demo today. Be sure to read our other blogs in this series about how Forward Networks is impacting enterprise networks around the world, including From Days To Minutes: Digital Media Provider Uses Forward Networks To Overhaul Reconciliation and Confidence In Action: Investment Bank Uses Forward Networks To Verify Automation Software.

With the combined challenges of tight IT budgets and scarcer technical talent, it’s becoming imperative for enterprise network pros to embrace automation of processes and the way infrastructure responds to changing network traffic.

Not only can automation help address these problems, they can also improve overall application-response time by anticipating and addressing looming congestion. Modern applications, such as virtual reality and artificial intelligence, and architectures that incorporate IoT and hybrid cloud have yet to reach their true potential because network capacity seems to always lag behind demand.

A common problem is that too much networking infrastructure is still manually maintained and managed, but major vendors are starting to addressing these issues, as are startups that seek to break bottlenecks through automation.

Continue reading...

Read more about Forward

VISIT THE FORWARD BLOG

In my previous ONUG blog post Query Your Network like a Database, I talked about how companies are embracing Network Automation in order to become more agile. I described how Network Automation can be very powerful but frighteningly dangerous without a proper safety guard. I explained what the Forward Networks Network Query Engine is and how it can help in building a rock solid network verification solution.

But now I’ll explain how customers can build a complete network automation and verification solution with Ansible and Forward Networks.

Ansible (by Red Hat) is a simple, powerful and agentless tool used by many customers to automate the deployment and configurations of applications, servers and network devices.

Forward Networks’ flagship platform, Forward Enterprise, documents, searches, verifies, and predicts the behavior of your network by creating an always-accurate software copy of your entire network infrastructure for both on-prem and cloud.

With available REST APIs, it easily integrates into existing network management workflow and tools.

Continue reading...

Read more about Forward

VISIT THE FORWARD BLOG

In agile network operations, network configurations need to be updated to reflect new application or policy requirements, or to implement a change in network behavior. As business and application requirements change, we have to translate new policies into specific network configuration changes in one or more devices.

In Figure 1, we describe the workflow of rolling out a network update. From the current operational state of the network, we have to respond to a new intent or policy requirement with proposed configuration changes. The development of the change candidate by network engineers is reviewed by various teams and architects, including security. These design reviews can be tedious and manual, and may highlight additional changes or corrections to minimize the impact on existing infrastructure.

Once the candidate change has been approved, it moves into the network lab for testing. But this step can usually only provide cursory testing because the lab network is not running at the scale of the production network, nor can the proposed change be evaluated under all scenarios and conditions that will actually arise over time. In order to improve network agility, testing has to be short and efficient, but this also increases risk and potential for issues post-deployment. After the proposed update has completed the test scenarios, it is pushed to a configuration repository and scheduled for deployment.

Accelerating Change Windows and NetOps with Forward Networks

How can we accelerate the above workflow to increase network agility and reliability, and better align network teams with DevOps processes? Forward Networks has developed the industry-leading solution for analyzing network behavior and verifying configurations in a software model of the network. This allows for rapid evaluation and verification of proposed changes outside the live network, and can automate many of the lengthy review and testing processes.

Automating the Verification Process

Network verification provides assurance that proposed changes accurately implement all of the defined network policies. Rather than looking at live traffic and reporting on current activity, verification proactively analyzes the network configuration files to build a behaviorally accurate software model, and then identifies scenarios under which the current implementation could fail to meet policy objectives. In Figure 2, we see how various features of the Forward Enterprise solution, our flagship product, can automate and improve our earlier workflow.

For example, the initial change of policy or intent can be defined in Forward Enterprise as a policy rule or check. That policy rule would be verified against future network implementations and any configurations that would violate that rule would be immediately flagged (as in Figure 4). The new intent rule would be added to the overall rule repository and verified along with all other rules as part of the pre- and post-change verification.

Network Analysis with Forward Search and API queries

Forward Enterprise is a large database of network configurations, state and behavior information from a series of individual snapshots in time. The software model of networking behavior simulates traffic behavior accurately and predicts which vulnerabilities or scenarios will cause policy violations. Like any database, the Forward Platform can be queried, with the behavior and policy results being displayed in an intuitive and interactive network map (see “API access” block in Figure 2 and Figure 3 below).

Similarly, candidate changes can be quickly peer reviewed automatically in Forward Enterprise (see “Acceptance Test” block in Figure 2). After an initial policy query, it becomes clear how network traffic paths will be affected by the new change (as shown in Figure 3). With the automated and more detailed review available from Forward Networks, networking teams can proceed towards deployment with greater confidence and less manually-intensive test scenarios.

Summary

In recent years, there has been a great deal of focus on network automation in order to increase IT agility and to better align network operations (NetOps) with accelerated DevOps processes. That focus has been mainly on accelerating network deployments and automating virtual network configurations to support new application requirements.

Forward Networks has now delivered a new platform that focuses on the automation of network design verification, network analysis and change processes. Network verification, a new methodology to analyze network designs and configuration changes, can both provide greater confidence by reducing network risk and preventing outages, as well as accelerating once-manual design, review and testing processes that slowed network agility and resulted in lengthy change windows.

Top cross