All Forward Networks Forward Networks 2024 Sponsored Tech Field Day Events

Improving Network Operations with a Doppelganger from Forward Networks

Network practitioners have long realized the benefits of lab environments. Some use them to learn command syntax and practice configuration speed for certifications. Others build partial replicas of production networks to test out the impact of manual configuration changes and device upgrades. 

With the promise to increase scale and frequency, and, consequently, the blast radius of these changes, network automation begs a complete replica a.k.a., a digital twin. 

At the recent Networking Field Day event, Forward Networks showcased how their solution creates a digital twin of any network to assist with day-to-day operations.

It’s Complicated

Modern networks are complicated. They consist of myriad devices – routers and switches from one or more vendors, firewalls – possibly from a third vendor – and managed with a skillset different than the first two. Load balancers coming from yet another vendor require additional application knowledge. A healthy dose of cloud to that, three doses (AWS, Azure, and GCP) for good measure, and you have something that resembles a Rube Goldberg machine

It’s not just the network devices that concoct complexity. The protocols that connect them and the security measures that keep them safe are arguably more difficult to understand. IPv4 and IPv6 are the dominant network layer protocols, while TCP and UDP are primary at transport layer, with QUIC gaining ground. IPSEC and TLS provide encryption, and MPLS, GRE, NVGRE, and VXLAN furnish overlays. 

Nothing works if the underlying protocols (BGP, IS-IS, OSPF) are having a bad day, or the supporting systems (DNS and authentication) are down. NAT boxes introduce another level of uncertainty for network traffic.

When the network, cloud, security, or infrastructure teams are to respond to an outage, all this complexity and siloed knowledge amount to finger-pointing and protracted MTTR. Because operating a single production network is difficult enough, and maintaining a second network at the same scale and with all the same feature set and functionality is near-unattainable.

Cloning the Network

Forward Networks takes a fresh approach to network modelling. Forward Enterprise generates a digital twin of the network by collecting configuration and state data from all packet-pushing devices on premises and in the cloud. A collector with read-only access performs several show commands, and runs the output through a mathematical model. This model analyzes every possible network behaviour, traces where every packet could ever go, and produces a queryable, vendor-independent data model, complete with visualizations.

Knowledge is No Longer Siloed

Using Forward Networks’ Network Query Engine (NQE), a SQL-like language, every user can access network configuration and state information without needing knowledge of specific network vendor’s command syntax. With access to this tool, the application team can determine if their application is blocked without relying on the firewall resource. The security team can pinpoint the location of the IP or MAC address with a simple NQE query.

Personal Assistant Included

Packet-pumping devices typically contain data that is of interest to people outside the networking team. But the barrier to entry may still be high for some, despite NQE’s resemblance to SQL making it easy to learn. For non-technical staff, learning NQE for infrequent uses is a bridge too far. Alternatively, they are required to submit a ticket and wait for a response.

Forwards Networks has a way around this. Recently, they added an A.I. assistant to Forward Enterprise that creates NQE queries from natural language leveraging generative A.I. The above IPv6 query was produced from a single prompt – “Write a query to find all devices and interfaces that have an IPv6 address configured on a bridge.” In mere seconds, AI Assist queried the digital twin to find the information requested.

A second feature included in Forward Enterprise is Summary Assist. Summary Assist is the inverse of AI Assist, in that, given an NQE query, it spits out a natural language summary of what that query is doing. 

NQE has become a team sport with many areas of an organization creating and maintaining queries. Summary Assist provides someone with a quick understanding of a query developed by another that they are trying to modify or add to it.

Conclusion

Timely access to precise network information is critical to successful operations, security, and troubleshooting. Forward Networks’ digital twin fully democratizes network data, accelerating accurate responses to any situation or challenge. Where manual data retrieval methods take weeks and months to produce results, NQE reduces the investigation timespan to hours, even minutes in some cases. The new AI Assist brings it down futher to mere seconds, making operations incredibly speedy and efficient. 

Check out Forward Networks’ presentation from the recent Networking Field Day event at the Tech Field Day website.

About the author

Bruno Wollmann

I’ve been in the Information Technology (IT) industry for over 20 years, with most of my roles revolving around computer networking in some form or another (i.e., design, architecture, implementation, support, and troubleshooting). Other roles I’ve held in my career have been in sales, training, programming, desktop support and server administration.

Leave a Comment