The practice of creating digital doubles of real-world things to study constitutions and prognosticate behaviors has been around for many decades. Digital twins have been a mainstay in aerospace since late last century, and over time, the manufacturing industry has adopted it as way to enhance products. The concept is now percolating through other areas, and has gained immense purchase lately.
At Cisco Live EMEA 2024, Gestalt IT met with Forward Networks whose flagship product is a digital twin technology that produces virtual replicas of enterprise networks.
“A digital twin is basically a software representation of something physical that’s out there. It captures the behavior of how that thing is working as a whole,” explains Nikhil Handigol, Co-Founder of Forward Networks.
This is not an architectural blueprint or a mere diagram of the network. It’s a behaviorally accurate model end to end, he says.
The incredible amount of accuracy involved makes digital twins especially challenging to execute. Forward Networks’ technology is a standout in regard to the amount of nuances it is able to reproduce. “This digital twin that we create computes every possible path that any packet can take through the network. It computes and indexes this information, and makes it accessible to the users just the way you can search how you can go from point A to point B on Google Maps.”
Impact of Digital Twin on Network Operations and Security
You could think of this as having two pointed use cases in networking and security. Digital twins are mathematical models constituting vast amounts of data points, and that data can serve as the single source of truth for a variety of IT personas, namely SecOps, NetOps, CloudOps, applications teams, compliance and audit and so on. “Everybody relies on this repository of data to perform the tasks that’s specific to their domain.”
It is possible to get answer to any question about the network from this digital clone. What seems to be the problem with a device that is down? What’s keeping specific devices in the network from communicating? Is there something off with the traffic? The digital doppelganger finds the answer and gives it back in just a few seconds.
That ability is impressive, because it didn’t use to be this simple. Earlier, operators relied on a much more complex and time-consuming drill which involved logging into devices hop by hop, running commands to extract textual outputs, and reading through pages of them to make sense of a problem. That kind of data scraping in a multi-vendor environment which most networks are by default these days, is woefully laborious. Then comes the part of parsing the data and joining the dots. Doing this mentally took weeks and months on end.
The Network Query Engine (NQE) embedded in the Forward Networks platform makes it possible to bypass the manual work and extract configuration and state data with a simple query. With an SQL-like query, the network could be queried like a database, says Handigol.
Digital twin technology is also frequently useful in security operations, specifically for incident management. The Forward Networks solution has an easy-button feature called the blast radius analysis that analyzes the network reachability of a compromised host, and generates a complete list of target assets in the event of a breach. This is helpful in deciding how to launch a kill chain or contain the breach.
Digital twin also lends itself to building and testing automation. “We have customers who routinely use Forwards’ digital twin technology as the foundational system on top of which they build automation.”
Digital twins’ network data offers tailored information for automation development. But there is no risk-free way to know if the automation one built is going to help or hurt.
“How do you know that you’re not leaving the network in a worse state than what you started with? Automation without validation or verification is like a power tool without a guard. It’s just a faster way to break your network,” he warns.
With digital twin, this crisis too can be averted. Users can trial an automation on the clone network before releasing it in the real network, as opposed to testing it out in the actual environment which is always risky.
Querying the Network Using Natural Language Prompts
With chatbots becoming a necessary addition to solutions, Forward Networks has recently launched its own brand of AI assistant for their platforms. Forward Networks AI Assist acts as a co-pilot to the heavily successful NQE. The interface is designed to respond to natural language prompts making the solution accessible to an even broader userbase within the enterprise.
How accurate is it? “AI systems are only as good as the data that they’re based on,” Handigol notes. And where good-quality, accurate and fresh data is concerned, Forward Networks has a specific advantage.
“Digital twins are repositories of some of the most unique data in networking – configuration, state, analyzed data, all the parts that we compute, etc,” he explains.
The Forward Networks platform continually clones the state and health of all devices in the network, alerting operators whenever something goes sideways. As a result, the model has all the data that the chatbot could need to produce true and trustworthy responses to user prompts.
We asked if expansion is on the horizon for AI Assist? “AI Assist in its current form is just the start. One big area of focus for us is going to be natural language interface to other features of the product,” he told.
Another priority for the team at Forward Networks is to generate ready proactive insights that can help operators troubleshoot the network faster and more efficiently.
To dig more into Forward Networks’ digital twin solution and the new AI Assist, head over to Forward Networks’ Website. Also, keep your eyes peeled for their presentations in the upcoming Networking Field Day event.
Nikhil Handigol is the Co-Founder of Forward Networks. You can connect with him to continue this conversation on LinkedIn and find out more about Digital Twin and Forward Networks on their website.