By and large, Cisco DNA describes the requirements and operations of a network infrastructure of an enterprise on an abstract level. Cisco DNA achieves this description by dividing the requirements of the enterprise network into several functions and design principles. Cisco DNA itself does not describe how to use or implement that network architecture. You can compare it with the design of a large office building. The drawings provide enough guidelines and a viewpoint of how the building will look. But it does not provide details on which materials the contractor needs to create the building or which functionality the building will be used for. Cisco DNA is nothing more than a description of the network in an abstract manner.
Intent-Based Networking (IBN) provides a powerful description and methodology on how you can use that network if it is built using Cisco DNA’s specifications and requirements. IBN is essentially a viewpoint or perspective of an implemented network using Cisco DNA’s requirements, design functions, and abstraction levels.
But what is Intent Based Networking? What perspective does it provide? This chapter describes IBN in more detail and covers the following topics:
What is Intent
Intent-Based Networking paradigm
IBN designs
Network as a platform
Possible IBN implementations
IBN examples
What Is Intent?
To understand what Intent-Based Networking is, it is important to know more about what Intent encompasses. Purpose is a synonym and probably makes the definition of intent easier to understand.
Every person, department, or organization has multiple intents or purposes. An organization can have the purpose to provide the best in class of software to schools, or to provide the best phones in the world. A business process can have the intent to fulfill its described task in the most efficient manner. A person can of course have multiple intents or purposes. In general, intent or purpose is a description of a goal to be achieved.
A good example of intent would be that my wife likes me to clear out the garbage cans in the kitchen and put their contents in the containers outside our home. My actions to fulfill her intent would then be: Take out the general-waste trash bag from the can in the kitchen and carry it to the appropriate container outside. Walk back to the kitchen and then take the bag of recyclable waste and put it in its correct container. Clean the kitchen cans if needed and put new trash bags in them.
This example describes intent quite well. My wife has an intent, and I have described steps to fulfill that intent. And once you take this point of view to many common tasks, intent can be seen everywhere. Table 5-1 shows some examples of intent.
Table 5-1 Overview of Intents
Intent |
Execution Steps |
I need the lawn cut. |
Take the mower out of the garage, connect it to power, pull cord to start, push onto lawn and mow in lanes until lawn is finished, power off the mower, remove grass from the lawn, disconnect the mower from power cord, clean grass from the mower, and put it back in the garage. |
I’m organizing a dinner party. |
Invite friends, prepare dinner as much as possible ahead of time, clean up the house, dress up, welcome friends, finish and serve the dinner, clean up the table, and have a great evening. |
I want to drive the car. |
Check whether enough fuel is in the car; if not, drive to the nearest gas station and fill up the tank; start driving. |
This sales order needs to be shipped. |
Check the stock for this order, search each item in warehouse, pick the required items of the sales order, place them in a box, print the packing slip and place it in the box, fill the box with bubble wrap and close it, notify shipping organization of shipment, print the shipping label, stick it on the box, and place the box on the outgoing platform. |
Next year I need to replace firewalls. |
Prepare a budget proposal for the CFO explaining why replacement is required, present the proposal, wait for approval, request quotes, procure hardware, execute project to replace firewalls in production. |
This car needs to be assembled. |
Procure all required parts, components, and implementation details; weld the chassis; place the chassis on the belt; let robots and workers assemble all parts; execute quality and assurance testing; prepare the car for shipment, and ship the car to the dealer. |
I need to upgrade the code on the network switch. |
Determine the new version of the software, upgrade the test environment with the new version, execute tests to check if the new version works with existing designs, validate results, request a change window for update, notify end users, execute update, validate if the upgrade was successful, update documentation, and close the change. |
As you can see, intent is everywhere. An intent is essentially a brief description of the purpose and a concrete predetermined set of steps that need to be executed to (successfully) achieve the intent. This principle can also be applied to the operation of a network infrastructure. The intent and its steps describe very specifically what needs to be done on the network to accomplish a specific task. Table 5-2 provides a number of examples of how intent can be applied on a network infrastructure.
Table 5-2 Overview of Network-Based Intents
Intent |
Execution Steps |
I have a telepresence session at 10:00 a.m. |
Create an HD video session to the remote peer, create the required end-to-end Quality of Service parameters for this specific session, reserve the bandwidth, set up audio, validate performance, keep the connection safe and secure during the session, once finished disconnect the HD video session, remove the end-to-end quality of service session, and remove the bandwidth reservation. |
This application is migrating to the cloud. |
Take the existing access policy for that application from the datacenter policy, transform the policy into an application policy for Internet access, deploy the policy on all perimeter firewalls, and change routing for that application to the cloud. |
This new IoT application needs to be enabled. |
Create a new logical compartment on the network, create an IP-space, set up Internet access policies, create access policies to recognize the IoT devices, and assign them to the logical compartment. |
This application needs access to HR systems during salary runs. |
Once the user starts the run, request access to system via the network, open the required ports and IP addresses for the device that user is connected with via an access policy, wait until salary run is finished, remove the temporary access policies, and clear the open connections. |
Potential malware has been found on a device. |
Reallocate the device to an investigate policy that includes in-depth monitoring of traffic and host isolation, execute a Change-of-Authorization to place the device in the new policy, notify security and administrator of a possible incident, and await investigation. |
Table 5-2 provides only a small number of examples, but the possibilities are endless. The most important condition (and restriction) is that the proposed intent must be written in controllable, repeatable execution steps, so that the automation function within Cisco DNA can execute those steps automatically. In summary, Intent-Based Networking is a perspective or viewpoint on how a network infrastructure that meets Cisco DNA’s functions, design principles, and requirements is operated. Using this perspective to operate the network will in turn enable the enterprise to embrace digitalization and the digital enterprise.
The following sections describe in more detail how this perspective leverages Cisco DNA’s functions and design principles to achieve Intent-Based Networking.