The App Store for Network Automation

The Challenge: Manual Overload in a Dynamic Network

Network and security operations teams are constantly battling misconfigurations, policy drift, and the overwhelming task of validating network health across diverse, multi-vendor infrastructures. Traditional methods struggle to keep pace with dynamic changes, leaving organizations exposed to outages and security breaches. The sheer volume of checks, from BGP stability to ACL audits and NIST compliance, consumes valuable time and resources, often leading to human error.

Herd Immunity for Your Network : The Golden Assessment Library

The Golden Assessment Library (GAL) fundamentally redefines how network reliability and security are enforced. It’s a pre-built library of ready-to-use automated assessments.
Comprised of industry-wide outage knowledge, the Golden Assessment Library (GAL) adds a protective layer of assurance to your network, enabling “herd immunity” by learning from past incidents and applying automated validation to detect misconfigurations before they cause outages.
The strategic imperative is clear: embrace the Golden Assessment Library to not just manage, but truly master your network’s reliability and security in the face of ever-evolving needs and threats.

Available to every NetBrain customer, GAL’s power lies in its dual-component approach:
1. Golden Intent Library: This component assesses network health (e.g., BGP neighbor stability, OSPF routing, device performance) and proactively detects risks such as misconfigurations and security gaps. It provides curated, automated checks to validate against best practices and standards, enabling an intent-based approach to network management. For example, it supports comprehensive assessments across various systems, topologies (L2, L3, MPLS, VxLAN, IPSec VPN), routing protocols (EIGRP, OSPF, ISIS, BGP, Static Route), multicast, performance, redundancy (HSRP, VRRP, HA), and device security. It extends to public cloud environments like AWS, GCP, Azure, and SDN/SD-WAN platforms such as Cisco ACI, Cisco SD-WAN, and VMware VeloCloud SD-WAN.

2. Golden Config Library (Plugin-Discovered): This part identifies devices with similar configurations, groups them, and sets the most frequent configuration as the “golden” standard. This is crucial for identifying deviations and manually configured errors – for instance, detecting when one device in a group of ten has a differing NTP server configuration. This library supports extensive configuration auditing for various ACL types (Cisco IOS, Nexus, IOS XR, Arista) and prefix lists across multiple vendors and routing protocols.

Analyze Relevance to Your Network Devices in a Snap

In the context of the Golden Assessment Library (GAL), Relevance is a critical metric that indicates precisely how many devices within your network environment match the criteria of a specific assessment. This concept ensures that your automated checks are always applied to the right devices, providing accurate and actionable insights.
Relevance is determined by how devices align with three key criteria:

• Assessment Feature: This refers to the broad network characteristic or behavior you are assessing, such as BGP health, device performance, or security posture.
• Assessment Rule: These are the specific, detailed checks within an Assessment Feature that define what you’re looking for.
• Device Scope (within the reference cluster): This specifies the particular group of devices that an assessment is intended to apply to.

How Relevance is Calculated:

The system meticulously analyzes device relevance to ensure precision in your assessments:
1. Based on the Assessment Feature: The system first determines relevance by counting the number of devices that match the broad criteria of the Assessment Feature. This gives you an initial overview of how many devices are potentially subject to a given assessment.
2. Based on the Assessment Rule:

• With a Reference Cluster: If your assessment rule leverages a Reference Cluster (a powerful GAL feature for grouping similar devices and setting golden configurations), the relevance is then precisely based on the device scope defined within that cluster. This ensures the assessment targets only the relevant devices within that pre-defined, similar group.
• Without a Reference Cluster: If no Reference Cluster is used, the system intelligently falls back to using the device scope defined directly within the Assessment Feature itself.
• Referencing Another Feature: In cases where an assessment rule refers to another feature, its relevance will be determined by the device scope of that referenced feature.

By precisely calculating relevance, the Golden Assessment Library eliminates guesswork, ensuring that your automated network reliability and security checks are always accurate, targeted, and highly effective. This precision is fundamental to truly proactive network management.

The Value-Add: Shifting from Reactive to Prescriptive Network Observability

The true value of a Golden Assessment Library extends beyond mere automation; it empowers network ops teams to adopt a proactive, automated, and outcome-driven approach to network operations.

• Automate Network Mapping & Visibility: Automate multi-vendor network discovery of hybrid-cloud devices and intents, document and map it all, and gain total design compliance observability on Day 1.
• Proactively Enforce Security Posture: Verify device security posture, automate policy drift detection and remediation, enforce Zero Trust without manual audits, and auto-find misconfigurations attackers exploit.
• Rapidly Investigate Drift: Cut investigation time from hours to minutes.
• Prevent Network Risk: Gain 360-degree, 24/7 observability to prevent network outages.

Don’t just dream about it; come try it out in the NetBrain Playground, today!