Exclusives Featured

The Quest for Verification with Forward Networks

Life is unpredictable. Too often the best laid plans go to waste because of it. We can map out the course of our lives, only to have these ripped asunder by the uncaring force of wanton chance. This is one of the many lessons learned on the way to adulthood. It’s something both explicitly told to us, and implicitly learned in the cruel tutelage of experience. Most people come to accept this, perhaps even in some way to celebrate this as one of the many marvels of existence; that for all our knowledge and wisdom of the world, we are bound by our own bizarrely personal Uncertainty Principal. For some however, this is a lesson forever left unlearned. These are the people behind Forward Networks.

In getting ready for Networking Field Day, I wanted to make sure I had a feel for all the companies. Most of this was pretty easy, even for the newer players, there was some published content about what they were offering. At the very least, there was a general sense of what we would see, even if there were a dearth of technical detail. For Forward Networks, admittedly still in stealth prior to the event, there was a vacuum. The best I could find was this Medium post by Andrew Wesbecher, their Head of Sales. From this I learned Forward wanted “to help enterprises avert costly network failures stemming from misconfiguration and other human error.” Okay…

At least I found their logo!

I also found out they like logos with gradients

Arriving at the Andreessen Horowitz offices for their presentation, we walked passed their private library and some abstract sculpture (possibly also a fountain) into a small conference room. You could sense the excitement from the Forward Networks team, they had just come out of stealth that week, and were clearly looking forward (get it) to showing off their wares. I just had no idea what I was in for.

The elevator pitch CEO David Erickson hits you with off the bat is pretty tempting. Remember how the Internet was before Google? When Yahoo and other aggregators would keep curated directories of the web, and how much longer it took to find everything, because it involved too much room for human error? That’s the state of networking today. Forward sees itself as Google (or if they ever get acquired, AltaVista). So what, they’re doing some kind of version of PageRank to your network? Not quite. Their solution: math!

Or Maths in the UK!

I’m told this is math ][ Image Credit: AJC1

Remember that whole spiel about unpredictability at the beginning? That abounds in networks too. Most monitoring solutions are reactive, they’re seeing what’s going on, and trying to interpret it. Forward Networks takes a different approach. Instead of inserting an appliance on the ground level of the network, they’re more interested in working top down. They propose something rather bold, if they can figure out every possible way a packet can travel, they can create a perfect model of the network.

Sitting in the room when they unveiled this approach, the reception seemed a little muted. I think Forward planned for this to be a big unveiling, but no one quite new how to react. The scope of the approach is so out there compared to other solutions, there wasn’t a lot to use as a point of reference.

The way they create this model is to model a ton of networking hardware in software. They look at its feature set, capabilities, and essentially see given any packet input what it’s output will be. This is then all put together over an entire network model. They didn’t go into a ton of detail about how exactly they are doing all this modeling in software. From what we were shown, the model is constantly being updated, so the mapping will always be accurate. Additionally, an entire history of the network is maintained, so you can see how a packet would run on a past configuration.

All of this would be little more than interesting if the model isn’t useful. In this, the Forward Network’s team shows their academic heritage (the founders are all Stanford PhDs), because they realize that data en masse isn’t all that useful if it’s on the user to parse out meaning. The UI they use for all this is almost painfully simplistic. When I start thinking I could get legitimate use out of their solution, it’s got to be dead simple. But they provide a really simply network configuration model, as well as semantic search for doing queries on where traffic is flow. It was really impressive that the search model used basic language to accomplish this. It seemed like this could really widen who could use their tools.

But just kind of

Hey! I kind of get this! ][ Image Credit: Forward Networks

Their big feature though didn’t really jump out at me during the presentation. I’m not a networking guy, so some of the concerns of a network engineer don’t really register with me. But because they can model how the network will precisely route traffic in it’s current configuration, or when a new appliance is added, it lets them do some interesting things. For one, you can set up policies on how traffic can run. I was told this is really important for servers that have HIPAA information that have very strict rules of access. So you can set up a policy that no data from your HIPAA server can ever hit certain points in your network. When you model a proposed change down the line, you will get a proactive warning that this will cause a conflict. I could also see it being used to detect malware.

So are there any limitations to this approach? Well, Forward Networks isn’t too interested in performance outside of where the packet is going, they’re not really mapping any kind of latency into their model. To go along with that, there doesn’t seem to be a plan to make this into any kind of remediation tool. They are sticking with diagnostics. They also didn’t go into detail on how they would monetize this, and what kind of hardware you would need this to run on. They’ve got a couple POCs in the wild, and their pitch is strong enough for them to get more, but I have to wonder what kind of deployments they see this working on. I asked CTO Brandon Heller if there any theoretical limits to how this modeling would scale, since adding a single node could expand the potential places a packet could go dramatically. I was told there is a theoretical mathematical limit with current compute where they couldn’t do the modeling in real time, but that the scale would be astronomical for it to be an issue.

Overall, I got the impression from some delegates at NFD that while Forward Networks approach was completely out of left field, the end result was more of refinement. This is probably not going to be the Google Search moment for network analytics. But the refinement of what they are offering already looks impressive.

About the author

Rich Stroffolino

Rich has been a tech enthusiast since he first used the speech simulator on a Magnavox Odyssey². Current areas of interest include ZFS, the false hopes of memristors, and the oral history of Transmeta.


Leave a Comment