- Cato Networks adds TLS inspection capabilities to SASE platform
- CISA Chief Jen Easterly Set to Step Down on January 20
- I still recommend the Samsung Galaxy Watch Ultra - and it's the lowest price I've seen
- A matter of time: 3 metrics that demonstrate the value of immersion cooling
- ‘Tis the season to innovate: Optimizing your contact center for the holidays
Certifications that can land you a job as a network-automation engineer
Modern networks require more dynamic changes than traditional networks, and the solution to building these dynamic capabilities is network automation, which means the job of network engineers is changing.
Historically, network reconfigurations required manual work that might require network downtime while changes were made. Network automation has the potential to mitigate this downtime by re-routing network traffic or scheduling the downtime for off-peak hours.
To meet the challenges of this change, traditionally trained network engineers may benefit from certifications in automation. Engineers need ways to minimize the time-consuming, error-prone manual changes that ever-changing workloads demand.
Cisco and Juniper Networks offer certs specific to automation, and those are described in this article. Other vendors, including VMWare, AWS, and Microsoft Azure, have certifications that validate closely related skills.
Enterprises seek network automation skills
The first major use case for network automation is DevOps workflows. Given the highly dynamic nature of the modern application stack there are scenarios where adjusting the underlying network for scalability or availability adds value to the application-hosting architecture.
Secondly, multi-site corporate networks traditionally use WAN connections and site-to-site VPNs to build cohesive networks. This model can be enhanced by leveraging software-defined WAN (SD-WAN), which can dynamically switch among WAN connections, optimizing the choice based on connection speed, cost, and reliability.
Third, with network hardware forming a critical part of enterprise infrastructure, system updates and configuration changes can mean scheduling downtime. Network automation has the potential to mitigate downtime by re-routing traffic around devices being updated or scheduling downtime for off-peak hours.
Technologies such as containerization and virtualized workloads are increasing, and the dynamic nature of the application service stack benefits from a network that is equally dynamic. Additionally, data centers that host multi-tenant or hybrid workloads may have industry or security requirements for separating data belonging to different customers or even branches within the same company. The solution to building these dynamic capabilities is network automation.
What are network-automation skills?
New skills that network engineers need to meet the challenges of network automation include the ability to create policies and rule sets that can implement configuration adjustments on the fly. These policies can affect VLANs, subnets, and routing, among other factors. The job of automation engineer must take into account that while core concepts and protocols still pertain, aspects of both the hardware and the automation system are highly vendor specific.
That said, there are some commonalities among these systems. Most network automation platforms involve building out policies which drive configuration changes based on certain conditions being met. This necessitates network automation engineers to understand infrastructure-as-code concepts as well as common data formats like JSON, XML, and YAML.
Scripting skills, particularly using Python, can also be incredibly useful in both designing automation policies and in testing them to ensure consistency and reliability. A firm grasp of application programming interfaces (API) is also valuable since many automation platforms rely on them for integration between different systems.
Cisco offers DevNet automation training
Cisco’s DevNet certification track is made up of associate, professional, and expert-level certifications. Candidates are required to demonstrate proficiency in development skills such as data structures, design patterns, and elements of version control. They will also be expected to learn how to interact with systems through APIs, webhooks, and HTTP communication.
Cisco expects candidates to become proficient with Cisco SDKs, managing Cisco platforms through APIs, and understanding resources Cisco makes available through its DevNet developer community. Enterprise topics surrounding application deployment and security are also key concerns for enterprise-level certifications, opening a wide range of topics like containers, virtualization, unit testing, protection of secrets, encryption, firewalls, and vulnerability handling.
Candidates will need to show automation skills, in particular workflows, infrastructure as code, and common automation platforms like Ansible, Puppet, Chef, and Cisco NSO. Winning the Cisco certification requires a mastery of networking fundamentals such as MAC addresses, VLANs, IP addresses, routes, subnets, switches, routers, firewalls, load balancers, and NAT, amid myriad other topics essential to understanding modern networks.
The Cisco DevNet Associate certification requires candidates to pass the 200-901 DEVASC exam. Cisco offers a self-paced training class for it called Developing Applications and Automating Workflows using Cisco Platforms. It costs $800. The DevNet Professional and Expert certifications both require the 350-901 DEVCOR cert as their foundation. The self-paced prep class for the 350-901 DEVCOR exam is called Developing Applications using Cisco Core Platforms and APIs, also $800. DevNet Professional candidates must also pass one of eight concentration exams, all of which are focused on automation or development of various Cisco platforms. The Expert level DevNet cert requires completion of an eight-hour lab exam, which requires candidates to navigate the entire development lifecycle from design through development to deployment and maintenance.
Juniper issues associate and specialist certs in automation
Juniper Networks’ DevOps certification track offers associate and specialist certs: Juniper Network Certified Associate, Automation and DevOps (JNCIA-DevOps) and Juniper Network Certified Specialist, Automation and DevOps (JNCIS-DevOps). Each has its own certification exam, and the specialist cert requires the associate-level certification as a prerequisite. Juniper certifications are valid for three years and can be recertified through additional exams or course attendance.
Juniper exam objectives aren’t as daunting as what Cisco’s, though at a high level they are pretty similar. Topics surrounding the Junos automation stack as well as basic DevOps concepts make up the first set of objectives, with functionality and use of NETCONF, XML concepts (including XPath), and API usage making up the second.
Data serialization and templating are also core objectives, incorporating topics such as YAML, JSON, Jinja2, and XML. Python is another area of focus, and candidates must show proficiency in the Junos Snapshot Administrator (JSNAPy), Jinja2, Remote Procedure Calls, exception handling with PyEZ, and handling device status and configuration. Candidates should also be familiar with REST APIs in general, and more specifically with the Junos REST API offerings, including the Junos REST API Explorer and Client URL access. Candidates for the specialist-level certification will also need to be familiar with automation concepts (play books, Tower, and using SALT to automate Junos), Junos automation scripts (commits, events, translation, SNMP scripts, and SLAX), and YANG models.
Top automation engineers earn $200,000-plus
The skills a network automation engineer span both deeply technical areas of enterprise networking and software development. Due to the level of specialization in the modern IT workforce, it’s rare for an individual to achieve expert-level specialization in both disciplines. That means it’s a job-seekers market for individuals with proficiency in both areas that they gained either through job experience or applicable certifications. These jobs will primarily be available at large enterprises, government organizations, or consulting firms that provide services to enterprises.
Salaries for network automation engineers commonly start between $90,000 and $110,000 for positions that require one to three years of experience. Candidates with more than five years of experience can expect to earn $125,000 to $175,000, while those with both experience and certifications have a leg up landing jobs paying up to $215,000.
Note: Many network automation jobs are a good fit for remote work. Since most of the effort is spent on design, development, and testing, there is minimal need for on-site work. In many cases network automation projects span multiple physical locations anyway, adding further justification for working from home.
So for career advancement, better pay, and staying relevant as networks evolve, training in network automation skills could be just what you need.
Copyright © 2023 IDG Communications, Inc.