SearchNetworking has named Forward Networks Inc. the latest winner of TechTarget’s Network Innovation Award in recognition of its assurance and verification software. The platform collects configuration states from network devices and creates a real-time behavioral model of the environment — what the company calls the network’s digital twin.
This information enables IT pros to confirm their network is behaving as expected and intended, or alerts them if it’s not. The platform also enables operators to test hypothetical changes in a virtual sandbox to predict how they will influence performance.
Forward Networks CEO David Erickson recently discussed the technology and the role it plays in intent-based networking.
Editor’s note: This interview has been lightly edited for length and clarity.
What problem does the Forward Networks platform address?
David Erickson: I think there are a couple of common challenges that, effectively, everyone running a network deals with. The first is visibility — determining what’s in the network and what it’s doing. The second is determining whether the network is actually delivering the level of service and security the business requires.
We have applications to address both challenges — a visibility application called Search and an application called Verify that tells you if your network is actually delivering the behavior you want it to. The platform basically talks to every device in the network and builds a digital twin of the environment — a copy of the network in software.
So now you have a replica of your production network that offers full visibility into how it’s working right now, and also how it’s worked historically. You can use this model to mathematically prove you’re delivering the desired level of service.
And how does that fit into intent-based networking?
Erickson: In networking, many of us are still down in the weeds, manually writing very low-level configuration code on a device-by-device basis. That process is highly prone to error and very tedious — and makes it hard to see the forest through the trees, so to speak. We need to make the same level of change in how we program and operate networks as we did in software development.
David EricksonCEO, Forward Networks
Intent-based networking is trying to pull us up out of the weeds so we can say, ‘What do I actually need from my network? What is the end-to-end behavior? What applications do I need to connect? What sites do I need to ensure can communicate?’
There are two approaches to intent-based networking. One — what I would call the orchestrator, control-plane approach — is geared toward clean-slate, brand new networks. It’s pretty inflexible and limited in the types of configuration parameters you can apply. Plus, the vast majority of the world operates on brownfield networks.
We, as a company, have pioneered the other approach — what we call network verification. The concept is simple. ‘I’ve got this existing complex network that may have thousands of network devices and hundreds of thousands of lines of configuration supporting thousands of network applications. I need to know — right this moment and on an ongoing basis — if my network is delivering the connectivity and security that my business needs.’
I want to be able to sleep at night — to go through change windows and know my network engineers haven’t fat-fingered something and taken the network down in a way they won’t realize until angry customers start calling. Our software gives you the visibility you need in even the most complex environment — whether it’s brownfield, greenfield, SDN [software-defined network], cloud-based, hybrid, with any combination of hardware or software — and proves it’s working the way you want it to work.
So who is a typical Forward Networks customer?
Erickson: In general, our users are network engineers and operators from medium-sized or large corporations.
We work with some of the biggest companies on the planet, which tend to have the largest and most complex network environments and often the biggest pain points. Telcos, service providers, banks, retail companies, government organizations and startups — it’s across the board.
And what does Forward Networks’ deployment process look like?
Erickson: The enterprise product has two deployment options — one is on-prem built into virtual machines or containers and the other is cloud-delivered. In the cloud case, you would deploy a small, lightweight collector device on premises to collect the data from your network devices and then securely transmit it up to the cloud.
If you deploy the cloud version, which is what we recommend, and you have an existing list of your network devices and the credentials that would allow the service to log in and collect information, then you could be up and running and getting value in a matter of minutes.