Go back

Finally, You can have Continuous Network Assessment!

by Mark Harris Aug 23, 2023

For many of us IT professionals, we have spent our entire lives thinking about what it takes to deliver IT services in a reliable, predictable fashion. Sometimes it’s a tech discussion, sometimes it’s a process discussion, and it always ends up as just one of many ongoing discussions needed to support the service delivery goal, which changes over time to be sure. Lots of people are involved as our infrastructures get bigger and more complex. And in most cases, an infrastructure contains dozens of vendors supplying hundreds of different models over the lifespan of every infrastructure.

And then we double and triple the whole thing every time we get involved in an M&A activity. Then throw in the fact that half of all computing is now handled by virtual services provided by the public clouds, and you have something that is much harder to appreciate with a simple glance as it was when Visio was the network assessment tool of choice. Today, digital infrastructures are tough to keep track of, at the very moment in time when they have become mission-critical… when the network stops, so does business.Network Assessment

Now think back to an earlier point in your career and start counting how many times you have heard about the need to conduct a “Network Assessment”. I am sure you have heard the term a hundred times and may have even been part of a network assessment a few times. Network Assessments were born out of a need to understand what kind of network you had, and where problems and vulnerabilities existed. They served to identify performance bottlenecks and failover issues. But as thoughtful and important as they were back then, they became unwieldy as infrastructures changed. sites became campuses, campuses became continents, physical became virtual and applications became much more dependant on the characteristics of the network itself. Traditional network assessments simply couldn’t keep up, and they largely became a check-box audit item, focused on just a handful of points, conducted once every few years.

Whew. No wonder network assessment has been ignored entirely or summarily outsourced as a bounded audit style project every few years. Too bad, because the need for network assessment is not going away, and more troubling is the value of a continuous network assessment has never been greater!  Sure, CIO and IT executive leaders will continue to put the traditional assessment back on their operational plan periodically- and every few years that line item will be fulfilled. In “those” years, RFPs are written and third parties are engaged to conduct these limited network assessments to fulfill the operational compliance plan. These assessment audit projects span months, and cost hundreds of thousands of dollars, only to yield the most basic understanding about the infrastructure as it existed during the audit (quickly out of date).

Most of the time, those leaders are missing the strategic value of the assessment, not because of any negligence, but because the technology to make continuous network assessments is rooted in automation, which has largely been overlooked. Today, it’s easy to TRANSFORM Network Assessment from an antiquated audit-related chore to of a strategic real-time operational tool to empower your ops teams. To be strategic, we needed to make the assessment broader; to look at vast numbers of operating conditions including connectivity, performance design, security, application, and resiliency. In fact, every subject matter expert, enterprise and network architect, security analyst, and application deployment specialist has their own set of conditions that really should be assessed if we had to make a wish list. We had to create the no-code automation platform to conduct full assessments continuously, architected by your SMEs but executed by machine. Continuous network assessment is a game changer. It offers never-before-imagined operational guidance to the NetOps teams allowing them to prevent service delivery problems long before users are impacted, begin to freak out, and submit countless tickets.

Redefining Network Assessments in the Era of Automation

NetBrain’s no-code automation platform transforms Network Assessment into an ongoing, dynamic health check, providing valuable insights across your hybrid enterprise network at scale.

Read Solution Brief


Enter NetBrain NextGen.  Our no-code network automation platform allows every subject matter expert to create Network Intents that describe the results and behaviors they expect from the network. Every one of your SMEs can add their own list of desired behaviors, and frankly, more is better, since the machine will be executing these assessments continuously. NextGen is meant to scale, so these SMEs are free to add tens of thousands of points to assess (which we call intents) if they like. This level of network assessment adds to the breadth we discussed above. Now that we have the long list of behaviors desired, we can fire up our automation engine to assess all of those intents continuously. Want to confirm that QoS profiles are in effect and that your throughput is adequate for VoIP? Define that Intent to assess. Want to see if your firewalls are not running out of steam, or that those HA pairs are always mirrored properly? Define that Intent to assess. Assessment is really just about capturing the list of things that can affect service delivery. And when done continuously, it becomes a strategic solution to outage prevention.

Finally, the Network Assessment can do what it was meant to do- identify problems, anomalous conditions, and vulnerabilities across the infrastructure. Sure the network infrastructures today are 100 or 1000 times bigger and more complex than those of the mid-90s when network assessment was a hot topic, but there is no reason not to just build upon that original goal, and in doing so create an entirely new outage prevention strategy. Continuous Network Assessment is finally here and should be on everyone’s strategic agenda for the coming year.

FAQs At-A-Glance:

  1. What is a network assessment? A network assessment is a means to establish the operational status and parameters of any network. While traditional assessments focus on establishing an inventory of equipment and how it is connected, network automation enables any operating parameter to be assessed or verified, at scale, to establish the suitability to support business-critical applications. Automated network assessments can be much more comprehensive and can assess hundreds or thousands of operating conditions such as device CPU and Memory resources, real-time connectivity throughput, performance, resiliency and secured access, service availability and user experience, and performance amongst others. When automated assessments are conducted continuously, the cornerstone of any enterprise’s outage prevention strategy is established.
  2. How long does a network assessment take? Traditional network assessments are labor intensive, and can take months or longer to complete depending on the number of consultants and other resources applied. To reduce the duration, most traditional assessment plans limit the number of operating conditions that will be assessed, and then to limit cost, traditional assessments are then conducted every few years as an audit or compliance item only. Automating network assessments changes the entire paradigm. Once assessment goals are established, (which can be significantly more detailed and strategic) comprehensive assessments can be executed every day (or more often) if desired since they are conducted automatically without the need for human intervention… and in doing so transform network assessments from an audit checkbox to an outage prevention strategy!
  3. What kind of assessments are most common? By properly implementing scalable automation technology, any number of conditions can be assessed without limit, enabling assessments to span many disciplines: NetOps, ServerOps, DevOps, and SECops. Some of the most common:
    • device resources and configurations to confirm that they have not deviated from their established baselines
    • resiliency and failover to verify that expected alternative traffic paths are operational in the event of a subsequent failure.
    • application support which ensures that network performance is at the level needed for key applications
    • security boundaries and access controls must be verified to confirm that they are protecting information
    • cloud access performance to directly support the migration of computing services to the public cloud
  4. Why is a network security assessment so critical? Every large organization has invested millions of dollars to secure their IT systems and data. While these investments may seem to answer the security challenge, a wide range of errant operational processes may prevent these security components from protecting the It environment as expected. Many times simple changes to devices or service configurations may result in a long list of unintended consequences, and human error can make matters worse. Security is the high-priority use case for automated assessment and secure access and controls are easily captured without any programming to decode the desired traffic behavior across zones, boundaries, and control planes.