NetBrain: Redefining Network Automation
Recently, I was the proud winner of CDI’s first Idea of the Month contest! I wanted to share a little bit about my submission, how it works, and just how beneficial it can be.
Throughout the years, many tools have been published promoting a single pane of glass where your entire infrastructure map can be discovered and documented. Some have been effective, others were limited, but all were missing key components that would ultimately make the customer and the MSPs’ life easier.
To find this all-encompassing tool, the search came to a halt when NetBrain was recommended by one of my clients. The difference with NetBrain when compared to competitors alike, is that it leverages a state-of-the-art discovery engine which can discover network devices and underlying design simultaneously. The discovery engine is extremely fast and 99% accurate, providing a complex data model of the network.
Once a customer network is discovered, our consultants can carry out many forms of network analysis from a map-driven environment. In certain scenarios where consultants have no live access to the customer network, NetBrain can still function by importing network configuration files and/or show-command output from network devices including routers, switches and firewalls from most major vendors. Not only will this tool save countless hours of someone physically assessing an environment, but you also rule out human error. Ultimately, putting a consultant in a great position to support a customer with accuracy and efficiency.
The most common reason behind a client not having all the information, is because documentation is a laborious task that often gets overlooked or is not updated properly. My favorite function of NetBrain is the Automated Documentation feature. Several types of documentation can be exported from NetBrain. The inventory, design, and topology data embedded within a dynamic diagram is used to create asset reports, design documents, and Visio diagrams with one-click. When the live network changes, NetBrain’s benchmark engine will capture those changes and update its backend data model. Users can then automatically update the exported documents. Additionally, Automated network documents are ideal for security compliance requirements, such as PCI, HIPAA and Sarbanes-Oxley compliance.
Simply having knowledge of your environment is one aspect of providing a great service. Documentation is the most critical step for teams to prove network compliance. However, the ongoing issue for most companies is the manual and arduous nature of the process. What we need to understand is that staying compliant is an ongoing process, not a one-time fix. So is guarding against potential security threats.
For the entire process to work effectively, collaboration and visibility is crucial. Validating every network configuration against a common set of compliance rules (e.g., device passwords are encrypted, timeouts are configured, no vendor defaults are present) is a crucial step towards compliance and security hardening. Many organizations run into compliance troubles when making network changes and over time, “drift” away from compliance standards. To combat this, security teams can leverage NetBrain’s Executable Runbooks to ensure compliance through new service deployments and operational changes. These runbooks may include design guides and best practices to help enforce security best practices going forward.
All in all, NetBrain is a tool that provides us with information that better equips engineers to support and design our customers’ complex and elaborate technical infrastructures. It’s helped me and many of my colleagues in understanding the current state of our customer’s environment and it allows us to design their technical roadmap for the future.