Transforming Cyber Operations with Network Infrastructure as Code (IaC)
The network is fundamental to connect users, devices, applications, data, and services no matter where they reside—from edge to cloud; however, much of network administration has not changed meaningfully in 30 years.
Why Model-Driven DevOps (MDD) for NetOps?
I recently had the opportunity to speak at the Military Cyber Professionals Association’s first national conference – #HammerCon – where I emphasized how Model-Driven DevOps (MDD) is a must for Network Operators to enable mission transformation.
Increasingly, as digital services are delivered more frequently through adoption of DevOps for software development that focuses on services or applications, gaps and weaknesses are quickly identified in the supporting hybrid cloud network infrastructure. Network operators face increasing pressure to move faster – often at the sacrifice of fundamental, scalable network architecture and security best practices – while at the same time, they are being held responsible to help mitigate risks and respond to threats. This challenge demands a cultural shift – requiring a DevOps mindset inclusive with network infrastructure.
Failure to transform to a DevOps approach for network infrastructure aligned with the Continuous Integration/Continuous Deployment (CI/CD) process is not an option. A model-driven DevOps approach enables network operators to maneuver the network at machine speed through a deliberate process which: 1) Encapsulates the network as a data model; 2) Renders a data model of the network into a “digital twin;” 3) Enables repeatable synthetic testing; and 4) Provides the means to automatically deploy network changes (employ network maneuver) at machine speed in response to increasing application-driven data demands, evolving mission needs, and delivering Mission Intent — fighting in and winning the day in Cyber.
What is Model-Driven DevOps?
DevOps is often used as a term to describe a specific outcome. However, it is really an evolving organizational strategy used to deliver better value and mission outcomes. To enable Mission Transformation, DevOps should be thought of as a combination of culture, tools, and processes aimed at: accelerating delivery of new services, improving the scale of services, improving the quality of services, and lowering risk when done deliberately.
Simply put, a model-driven DevOps approach is a structured way to enable network automation at scale built on data models which leverages the power of software-defined abstraction and these six fundamentals: Automation, “Digital Twin” as the Source of Truth (SoT), APIs, Infrastructure as Code (IaC), and Continuous Integration/Continuous Deployment (CI/CD) – which I describe in the MCPA Cyber Magazine HammerCon Edition.
Although much focus around DevOps is being applied to applications, most NetOps teams are still operating the same way they have been for the last 30 years. If the reasons to adopt DevOps for NetOps are so strong, then why are DevOps processes not already applied being more widely applied to better deliver mission-driven applications, services, and infrastructure?
As with most challenges in the cyber domain, the challenges for implementing DevOps for Network Infrastructure span both cultural and technical. In the MCPA article, I discuss six broad challenges that act as impediments to implementing a DevOps approach to implement Infrastructure as Code (IaC).
Realizing Change and Transforming the Mission
A DevOps Roadmap can be undertaken in five deliberate steps that are aligned with the CI/CD process:
- Architecture – Build architecture focusing on standardization
- Simulation – Simulate architecture as a virtual twin
- Automation – Automate deployment in the simulated environment
- Testing – Create / Validate deployment tests in the simulation
- Deployment – Use Automation to deploy into production
NetOps cannot wait another 30 years to change how we operate. By committing to following a DevOps Roadmap and understanding the supporting DevOps for NetOps fundamentals, NetOps teams can re-evaluate and change how they operate network infrastructure. The physical network cannot be the bottleneck for digital mission transformation – it must be an enabler.
With this commitment and the understanding of MDD fundamentals, realizing a transformation in NetOps is attainable through the rational implementation of new policies, processes and, above all, driving culture change. NetOps cannot be the reason to slow mission transformation – it must enable it.
Share: