A Large Broadband Provider

Network Automation at a North American Broadband Provider

Infoblox provided the NetMRI network automation solution for multiple applications at a large North American provider of broadband entertainment and broadcast services. The customer is a broadband service provider with over 5M residential customers.

Network Automation is a key challenge for service providers, where rapid and reliable service rollout are keys to profitability. A combination of rapid provisioning and high scalability is critical—an area where enterprise-class automation solutions often fall short. NetMRI has extensive scalability to support a high network device count while supporting a very broad range of network devices. NetMRI delivers extensive automated change and configuration management capability, enabling operators to manage their infrastructure very cost-effectively without adding support staff.

For providers of traditional networking services, for mobile services, or for hosting and cloud providers, network automation is a constant challenge. The ability to configure dev ices rapidly, manage the device configuration, and track all changes for audit and security purposes presents a formidable challenge as new functionality is introduced in high device counts, often under severe time and budget pressure which can lead to shortcuts that later become costly. Once executed and tracked, the need to demonstrate compliance to industry or corporate standards is another challenge for many operators. Equally, access to and from unmanaged devices is a major security exposure if passwords are not rotated properly or if inactive switch ports are not shut down.

The Customer Challenge

As a result of new compliance initiatives requiring standardized naming conventions for network devices, the service provider was challenged with changing the configurations of over 60,000 switch ports spanning the entire network. Manual changes to each network interface were required in order to meet the new naming standards, a task that spanned multiple weeks and maintenance periods and which would have cost considerable amounts in overtime payments. Network engineers were required to manually rename the interfaces—a task which, on a manual basis, would have required approximately 9000 staff hours and take many weeks to complete. Further, the highly skilled engineering team was consumed by a very tedious series of repetitive, manual tasks.

Several security problems also surfaced, including the need for password rotation on older equipment and gaining visibility into switch-port utilization in order to shut off inactive ports to eliminate a security exposure.

The Infoblox Solution

By creating a series of scripts in the NetMRI GUI, the network engineering team was able to automate the changes to interface names on 60,000 switch ports. Script generation was extremely simple, requiring no programming skills—as scripts were generated from the NetMRI GUI and compiled automatically into run-time Perl scripts without the need to hire and brief programmers.

The new Infoblox NetMRI solution is deployed across both the corporate network and the customer-facing network, delivering automated change management, storing and archiving all device configurations, and comparing them to standard configurations to highlight discrepancies. By constantly monitoring the network, any further changes—whether authorized or not—can be identified as soon as they happen, along with detailed information on changes made, time of day, device description, and user credentials for the person making the changes.

Business & Technical Drivers

The decision to adopt Infoblox NetMRI was driven by several key factors, including the low cost of programming effort over the course of the initial project. A successful proof-of-concept showed that the project could be executed very quickly and be funded by eliminating overtime staffing costs. NetMRI also provided switch port visibility and control to shut off unused switch ports, as well as rotating passwords for older devices, removing two major security exposures.

NetMRI can also be used to generate reports on all network device changes and configuration policy violations and generate reports on compliance to internal or external industry standards, without requiring the operations team to stop work on daily tasks to manually compile compliance reports during periodic audits.