NetBrain Named “Next Big Thing” by Fast Company and Top InfoSec Innovator
The NetBrain Integrated Edition platform is fairly straightforward to install and configure, but building your NetBrain deployment to its full potential takes time and effort. This is because your NetBrain deployment must evolve to meet the needs of your network.
We here at NetBrain have devised a three-level framework to explain the common development path of a NetBrain deployment. Please note that this is a framework for discussion, not an ironclad path of progression. For example, many NetBrain users choose to develop a particular use case or technology through to Level-3, then the next.
Level-0: This refers to the traditional methods of network and security engineering, without the use of NetBrain. As we see in the graphic, at least 75% of an engineer’s time is traditionally spent gathering, analyzing, and collating data via manual processes. Even with a full suite of traditional network management tools, a maximum of about 25% of manual labor can be offloaded into automation, not least because data is spread between manual documentation and these various systems.
Level-1: This refers to the use of basic NetBrain functions and simple automation in our normal workflow. This includes Network Discovery, Benchmarking, and Calculated Topologies. With these, we can build Dynamic Maps on demand. These functions are extremely powerful, and are also the foundation of Adaptive Network Automation in NetBrain. Level-1 automation also encompasses the most basic types of Adaptive Automation, such as Data View Templates, the Golden Baseline, the Parser Files that underlie them, and system tasks to regularly gather the data they require. In short, Level-1 Automation Success automates general data collection and analysis in support of any task.
Level-2: This refers to the building of Runbook Templates and Qapps to automate full troubleshooting, security response, and other procedures. As it turns out, it’s quite simple to bring our procedure documentation right into NetBrain in the form of Runbook Templates, and also turn each step into a single click in the form of Qapps or Gapps. In short, Level-2 Automation Success automates the data collection, analysis, and procedure for specific incidents.
Level-3: This refers to the linking of NetBrain to our other network management systems via RESTful API. Once integrated, each of these systems becomes an additional source of data that can be used in NetBrain automation. NetBrain thus becomes our Single Pane of Glass for network operations. Moreover, we can set up Just-In-Time-Automation, where other systems can be set to automatically trigger NetBrain automation when they detect a problem. In short, Level-3 Automation Success automates the end-end resolution process with integrated tools and triggered activities.
Network Discovery is the process whereby a NetBrain deployment figures out which devices are present in the network and which drivers and credentials each one requires. Discovery can either be run against a straight range of IP addresses, or it can be told to “neighbor-walk” starting from a few key points. Using the latter method, the system can discover up to 7,000 network devices per hour under ideal conditions!
Once our NetBrain Domain is fully discovered, we must then tell NetBrain what data we wish to pull from our network devices on a regular basis. This is done first and foremost through System Benchmarks, which allow us to not only gather data but also use it to feed our Calculated Topologies, Sites, and many other functions and features within NetBrain. In addition to System Benchmarks, we can also schedule the regular collection of data relevant to specific Parser Files and Data View Templates.
Regularly Benchmarking all of our important network data also allows NetBrain to build a history of these values over time. This history can be viewed when using a Data View Template, and also feeds the creation of our Golden Baseline (see below).
There are many types of Built-In Data, which NetBrain knows how to pull from any relevant device types via the drivers for each operating system. However, this is not nearly every type of data we could need, to say nothing of data from linked network management systems. NetBrain handles this data by means of Parser Files.
To be brief, a Parser File tells NetBrain how to gather a particular data pull (CLI, Config, SNMP, or API) and how to extract all the different variables from the output. We can then use the Parser to build any type of Adaptive Automation that we need.
The Golden Baseline is the NetBrain deployment’s sense of what is ‘normal’ in our network environment. It consists of specific values, ranges, or conditions for specific variables on specific devices or interfaces. We can set these ‘golden values’ manually, of course, but we can also tell our NetBrain system which values are important and let it determine the golden values automatically.
With the normal state of the network established, our Data View Templates (see below) will automatically alert us whenever a value is abnormal.
When presented with any networking problem—a trouble ticket, an alert from a monitoring system, et cetera—our first course of action is to gather the necessary data to ensure we have identified the root cause of the problem. We can then proceed to the correct procedure for localizing and remediating this root cause. In a NetBrain-powered world, this first course of action is embodied in a Data View Template, the first piece of automation that we employ in most workflows.
A Data View Template is a pre-defined set of data and a layout for how we want it to be displayed as a Dynamic Data View. However, in addition to simply gathering and displaying the relevant data for the subject at hand, there are three cool things that distinguish a Dynamic Data View from a normal, static Data View:
In NetBrain, user actions and the resulting data and notes are documented in the powerful, simple Runbook format. Runbooks are essentially a series of steps, each step defining an automation task for the NetBrain system to run and recording the results, along with any notes the user wishes to include. The end result is automatic, complete documentation of the workflow in question.
All automation functions in NetBrain, both hardwired and adaptive, are executed via Runbook steps. Their results are stored in the Runbook, which in turn is stored within a Dynamic Map. Therefore, all particulars of a workflow are automatically embedded in the Dynamic Map used to execute said workflow.
In NetBrain, user actions and the resulting data and notes are documented in the powerful, simple Runbook format. Runbooks are essentially a series of steps, each step defining an automation task for the NetBrain system to run and recording the results, along with any notes the user wishes to include. The end result is automatic, complete documentation of the workflow in question.
Runbook Templates allow us to pre-define Runbook flows, which allows us to keep our standard procedures right inside of NetBrain. These templates can include not only NetBrain automation, but also knowledge transfer—the single biggest difference between a good procedure and a great procedure, regardless of format. Runbook Templates can also include branches, allowing authors to guide users through multiple potential courses of action. We can even clearly specify the particulars of actions to be taken outside of NetBrain itself (replacing a cable, for example).
To help us jumpstart our NetBrain deployments to Level-1 Automation Success, the NetBrain Support & Services Teams, with lots of help from the NetBrain user community, has developed a huge package of general-use Data View Templates (DVTs) covering all manner of features and operating systems. This package is freely available to anyone who wants it.
Moreover, they have developed a simple utility program to let us easily determine which DVTs within the package are relevant to our network and automatically set up Benchmarking and Golden Baseline analysis for the data in these DVTs.
One of the first pieces of NetBrain automation developed, Qapps—Quick Automation Applications—are small, user-definable programs within the NetBrain platform. The most unusual aspect of Qapps is that while they require their authors to program (specify what to do), they do not require their authors to code or script in any form; they are built through a point-and-click interface.
In practice, a Qapp is generally a single task within a larger procedure; in fact, many Runbook Templates consist mainly of Qapps. While it is certainly possible to build large, complex Qapps, most steps within a procedure are actually fairly simple. What makes Qapps so powerful is that these simple tasks are often very labor-intensive when done manually. The couple of minutes it takes to build a Qapp often save literal hours of work.
An optional element of the NetBrain platform, the Change Management Module allows us to plan CLI change scripts, get them approved, and then execute them quickly and cleanly. We can then easily verify the changes with NetBrain’s data-gathering and compare (delta analysis) tools. This is all done through the crisp, clear Runbook format, making it easy for all involved parties to see what is planned and what has happened.
The use of NetBrain Change Management allows us to remediate problems immediately after diagnosing them, with full approval, documentation, et cetera. Also, we can create Change Templates, just like regular Runbook Templates, to codify commonly used change procedures within our network environment.
In addition to all of its native features and functions, NetBrain has full RESTful API integration capability. The basic use of this capability is to link NetBrain to all of our other network monitoring and management systems. Once the systems can communicate, we can use Parser Files (see Part 2) to pull data from these other systems and use it in NetBrain automation. Because these other platforms often provide data and insights that cannot be gleaned directly from network devices, this grants us vast new possibilities in building our NetBrain automation.
Moreover, the ability to view the data generated by other platforms in the clarity of NetBrain’s Data View format makes those platforms that much more valuable and usable. This creates a positive feedback loop of value between our NetBrain deployment and our other systems.
Best of all is the fact that this integration, once complete, makes NetBrain the coveted Single Pane of Glass that we as an industry have been striving for. Quite aside from NetBrain making the data more easily useable, we save a great deal of time not having to bounce from one system to another.
The highest tier of NetBrain Automation as it currently exists, Just-In-Time Automation (“JITA”) is the practice of setting a linked system to automatically trigger NetBrain automation when it detects a problem, receives an alert, et cetera. This automation consists of the creation of a Dynamic Map and (usually) the execution of a Runbook Template. This allows us to set up very powerful triggered responses to events within our network environment.
In practice, this means that we create a Runbook Template encompassing all of the data pulls and analysis that are indicated when a particular type of alert is detected by one of our monitoring or management systems. We then set that system to trigger the mapping of the affected network area and the execution of said Runbook Template when it detects such a problem. This means that all requisite data for initial assessment of this type of situation will be gathered immediately, without the need for human intervention. This allows the responding engineer to go directly to work upon the gathered data. Moreover, it also ensures that the data will be gathered while the problem is still in progress. This last point is especially valuable when combatting quick intrusions or intermittent problems, which are the bane of our existence as security and network engineers.
NetOps shapes how organizations expand, innovate, and protect their digital ecosystems. Informed by DevOps, NetOps combines hybrid architectures, distributed workloads, and artificial intelligence (AI) powered data centers into fast, adaptable,...
Artificial Intelligence promises a self-healing, autonomous network. For today’s NetOps teams, that promise often feels hollow. The reality is that most AI tools are bolted on – built on a...
Modern network security is facing more complex and sophisticated threats. Automated incident response is the tool enterprise networks need to ensure business continuity. Automation solutions provide the intelligence and agility...
We use cookies to personalize content and understand your use of the website in order to improve user experience. By using our website you consent to all cookies in accordance with our privacy policy.