arrow down
Arrow down
Arrow down
Arrow down

Everyone and their mother has a booth at the RSA Conference (RSAC) where they want to sell you something shiny and new. We aren’t everybody, and we don’t have a booth at RSAC— we have a Roadhouse, a place where you can and will be embraced, understood, and HELPED. 

Life is hard, trade shows are hard, and network security is hard AF. We don’t think it should be; our approach to RSAC isn’t about pitching, selling, or convincing. We want to offer a place of respite where you can tell your tales of network and cloud security woe to another technical person who understands. While you are there, enjoy a craft root beer, get a boss (temporary) tattoo (does anybody still say boss?), and share your stories with our “bartenders” who are field technicians when they aren‘t pulling drafts. They can offer a knowledgeable ear, share experiences, and maybe eliminate some of your work burden. 

If you want something a little stronger than root beer, join us at booth 3217 on Wednesday, June 8, 4:00 – 5:30 p.m. for the pub crawl, as we pre-party before our event at SPIN SF.  We’d love it if you joined us at SPIN too, sign up here.  

Learn more about our security solutions.  

Did you hear about the change window that went exactly as planned? No? That’s because the odds of winning the PowerBall without buying a ticket are better than the odds of executing a change window on a global network without a glitch. 

What about the story of the tier one network engineer that diagnosed and resolved an ACL in seconds? That one also seems as mythical as staying friends with your ex—but it’s not. 

Instead of telling you the story, I want to show you how it’s done, which is why I recently hosted a workshop showcasing how we use search and intent verification within the Forward Networks Platform to tame ACLs (Access Control Lists). 

I’ve spent untold hours trying to troubleshoot an ACL issue after a change window and that was on a network I’d been running for decades, for tier-one admin, or even a more advanced engineer working on a new (or newly blended) network, it’s like trying to find a needle in a haystack while wearing a blindfold and being chased by rabid badgers.

On the face of it, the process for resolving ACL issues is pretty straightforward:

  1. Determine where your ACLs are running (which interfaces)
  2. Locate the ACL creating the issue
  3. Analyze the ACL to find the problem and resolve the issue

Except—networks have evolved over decades and include tens of thousands of devices from dozens of vendors and cloud providers running billions of lines of config. The fact is network complexity is outpacing IT support capabilities. Today, nothing about running a global network is straightforward without a comprehensive understanding of the network’s behavior and detailed visualization of traffic paths. 

Managing ACLs  shouldn’t be that hard

At Forward Networks, we think that the hard stuff should be easy, so we’ve done something unique. We developed a mathematical model that creates a network digital twin with Google-like search capabilities. By collecting and analyzing device state and packet forwarding data over time, we provide more than network visualization – we put the humans back in control of the network by providing them synthesized, actionable insights around network behavior. 

The Morning After the Change Window Before

The call comes in—a user can’t access an application – or worse, unauthorized users are accessing a secure app. What to do?  The network team always gets the call first, but the firewall tribe and security squad were also making changes – so how do you know which change created the problem?

The Forward Networks Platform (which functions as SaaS or be loaded onto an on-site VM) collects snapshots of the network over time including state data (ARP tables, route tables, interface tables, and so on) to develop a behavioral model of the network, providing detailed information on how packets are forwarded, filtered, and mutated. The end result is not only detailed visualization of the network but also advanced behavior modeling. For the ACL workshop, I focused on two ways to solve the issue, search and intent verification.

Search Two Ways: Text and Behavioral Path

Wouldn’t it be great if your network was indexed the same way the Internet is, and you could search it as easily as using Google? Ima ‘bout to rock your world by doing it right in front of your eyes.

Maybe you only know the IP address of a device that’s misbehaving. Our text search bar lets you enter that IP address (or any other atomic network information) and instantly gives you everything you need to know about that device (including which ACL rules/policies are applied to it). Maybe you want to search by ACL names—you can do that as well, and the platform returns config information with the ACL-related lines highlighted. This is ridiculously helpful when firewall configs have tens of thousands of lines. Now, even Tier-one support engineers can diagnose the problem and route it to the correct team with the context they need to immediately resolve the issue—no more searching manuals or paging through thousands of lines of config. 

By conducting a behavioral path search from the Internet to a specific application, you can see the exact path(s) traffic takes to the application in blue.  The gray lines denote detailed information about what happens to the packets as they flow through the network and the functions that are applied to them which is explained in the path’s pane. The platform serves up the relevant information without the network admin having to know details about the firewall or its syntax. The search shown above tells us that there is a path, and helps us easily identify that there are issues are with the firewall config, saving tons of time (conversely, it would tell us if the network path is broken). 

Behavioral searches can be saved as expected behaviors (intents) so that anytime the platform gathers information about the network, it will confirm that path is working as expected. In the workshop, I show how this function also can be used to verify if the “fix” applied by our friends in the tribe of firewall worked as expected (spoiler—it didn’t but network operations saves the day) without any risk to the production network, by using the predictive capabilities of the platform within the network digital twin. 

NQE – Your ACL management BFF 

In-App NQE (Network Query Engine), checks the data collected from the network and looks for states in the network that should (or should not) exist. For instance, an NQE Check can look for ACLs that are defined on a device but not applied to an interface. Custom checks can be written from inside the browser using syntax within the browser. There’s nothing to download; all of the reference information such as the data model and documentation is available within the browser window. This is a much better way to roll than my days of custom coding queries trying to pull information from the dozens of tabs I’ve opened to write code in the past. 

Sound interesting?  Watch the full ACL workshop (30 minutes of live-demo content). We host Forward Fix Live every month – On April 21, 2020 we’re going to dive deeper into one of our most popular features—NQE. There are two sessions, so no matter what time zone you are in! one for the East Coast and one

April 21, 2021 10:00 a.m. Eastern Time

April 21, 2021 10:00 a.m. Pacific Time

Only have a few minutes but you want to see more content by engineers for engineers?  Check out our YouTube playlist Forward Fixes – no hype, just actionable information, in roughly five-minute chunks. 

In network operations, it’s never the same day twice.

Most network engineers love this aspect, but it has a dark side. The best plans often fall to the wayside—in an instant work stops and firefighting begins.

In the last year, I’ve been part of a whole-day colo move, diagnosed an outage in the middle of the night, and resolved a slow performance issue. I know what the networking operations experience is like, and I know how much better it can be. 

Enabling others to solve every network problem at “global enterprise-scale”—faster and with more confidence is… let’s just say, very motivating. Especially when the networks are composed of multiple clouds, tens of thousands of devices, and are managed by multiple operations teams. I think about it like this:

If network behavior and insights were instantly available, you could speed up pretty much every network operations or engineering task.

In over seven years, I haven’t come across anyone who disagrees!  Everyone who has personally felt the stress of an outage, wasted a week tracking down a problem that ultimately was outside the network, or even spent too long with a simple ticket, doesn’t just agree—they feel it.

People in network operations and engineering wonder—is this even possible. The first questions are always of the “does it really work,” “how long will it take to set up,” “how much risk does it add,” and “can my team use it” variety. Not only do I hear these questions—I ask them of my vendors. Yes, it’s possible; we’ve been doing it at full scale for lots of companies you know, including Goldman Sachs for years.

Network operators and engineers don’t just need to see it to believe it. They need to deploy it, use it, and then have their coworkers use it, to believe it. 

The first step is seeing it. We joined Networking Field Day 24 to show what a day in a network operations professional’s life using the Forward Enterprise Platform looks like, from unboxing to integrations—covering killer use cases between. Instead of death-by-PPT, our field engineers, the technical experts who work side-by-side with our users to deploy Forward Enterprise, gave live demos and took questions. To make it easy for you to find content that’s relevant, we chunked it into short segments.

If the potential of instant network insight excites you—and you think maybe, just maybe—more time in the day could enable your team to be more proactive—then I’d like you to pick one thing you’ve recently had to spend time on, and check out the corresponding video below.

With the hands of our field team driving this, you’ll see what it’s like with the Forward Enterprise Platform. And if that passes your sniff test, as it’s done for many Fortune 500 enterprises already—reach out and schedule a personal demo. We’ll answer your toughest questions. We want to!

In fact, I dare you to pick one task from the list below that you or your team have done recently, and show me why instant access to info and insights WOULD NOT transform the speed of that task, and get your team on a path to faster, more proactive operations. 

Here’s what we covered, over a complete “day in the life”:

Unboxing to Up-to-Date, Searchable Network Model—15 minutes to Insight

Knowing the network topology’s detailed state is the first step in ensuring that your network is agile, predictable, and secure. Watch our Technical Solutions Architecture team leader, Elyor Khakimov, create a usable map and comprehensive collection of network data in less than 15 minutes without disrupting the network.

Path Analysis—Using Automation to Combat Complexity

After spending 20 years in the field helping network operations teams resolve issues, Technical Solution Architect Glen Turner knows that immediate access to actionable network behavior information is key to solving complex problems quickly. In this live demo, watch Glen use the search functionality within the Forward Networks Platform to analyze paths and reduce time spent troubleshooting to the seconds it takes him to type in a query into a search bar. 

Security Breach—Going back in time to resolve a leak

Need to find and resolve a data-leak issue but don’t have hours to do it? Armed with only four MAC address characters and the Forward Enterprise search bar, Senior Technical Solution Architect Scot Wilson shows how he’s used the Forward Networks platform to do it in four steps and under 10 minutes.

Audit—Search Billions of Lines of Config in Seconds

A simple typo caused a major network outage. The Forward Networks Network Query Engine (NQE) ‘s Google-like search capabilities helped resolve the issue in seconds – not hours. Customer Success Manager Jack Shen demonstrates how he did it and how NQE makes audits faster and more accurate.

Workflow Integrations—Solve Problems Faster by Getting the Right Data to the Right People

Without context, even the best applications only partially streamline ticket resolution. Senior Technical Solutions Architect Kevin Kuhls takes you through a live demonstration of our ServiceNow and Splunk integrations to show how quickly incidents can be resolved when context is automatically shared. 

Do you want to see more content by engineers for engineers and have only 5 minutes?  Check out our YouTube playlist Forward Fixes – no hype, just actionable information, in roughly five-minute chunks.

Still skeptical? I get it, and I challenge you to put us to the test, request a demo and give us your toughest challenges.

Top cross