Although programmable networking technologies such as software-defined networking (SDN) and the software-defined wide-area network (SD-WAN) have gained traction in recent years, intent-based networking is a relatively new concept. So, what is intent-based networking, and how does it relate to SDN? One way to look at it is to say that SDN operates at the control plane, while intent-based networking operates at a higher level. Enterprises can deploy either or both, but they don’t need SDN in place to use intent-based networking.

“Intent-based networking is the true automation of networking,” says Cheriton, whose company provides an operating system for intent-based networking. With this strategy, users tell the network what they want, and the network figures out how to achieve that goal.

Infographic produced by MIT Technology Review Custom in partnership with VMware. Technology and concepts by Intentionet. To learn more please visit Intentionet blog



As keynote speaker Ratul Mahajan, CEO of Intentionet, a networking startup, points out, there’s a huge gap today between the network manager’s policy intent and actual runtime behavior. Manual processes inevitably introduce bugs that result in outages, security breaches, and reduced agility.

One promise of intent-based networking is that it will create a closed loop; a network manager expresses intent, and the network performs formal validation to verify the intent was achieved and is being maintained. The benefits of this approach include increased network reliability and agility, reduced costs, and faster time to market for the business.

Although pieces of the intent-based networking puzzle are being delivered today by companies including Apstra, Intentionet, Veriflow, and Forward Networks, it’s still early days. Traditional Fortune 500 companies are unlikely to deploy intent-based networking until the technology matures. However, digital-native companies such as Google, Amazon, and Facebook have embraced network automation using (mostly homegrown) software for many years. They shared their insights with the 300 attendees at the invitation-only future:net event, as did an impressive lineup of speakers from Netflix, LinkedIn, Bloomberg, Electronic Arts, Oracle, and VMware.

The key themes at future:net included the profound shift from hardware to software, the rise of open source software as a platform for innovation, and the issue of build versus buy when it comes to a networking strategy.

Trendsetters: Netflix and Bloomberg

Netflix clearly demonstrates what a company can accomplish when IT focuses on the business rather than on infrastructure. For example, Netflix's control plane runs entirely on Amazon Web Services, so instead of worrying about the network, its IT resources are freed up to develop the thousands of micro-services that run in the background, including the ones that decide which movies to recommend to Netflix's 100 million customers.

Netflix has zero employees configuring routers for the control plane, because Netflix owns zero routers in AWS, says Manish Mehta, senior security software engineer at Netflix. "People don't think about networks anymore," he says. When it's Christmas Eve and demand for movies spikes, for example, the Netflix network automatically scales up with no human intervention and no late-night alerts for Mehta.

Bloomberg, the financial services technology company, is another example of a forward-thinking organization with a complex, mission-critical legacy network—including 15,000 customer-premises equipment (CPE) routers and its own global Internet Protocol (IP)/Multiprotocol Label Switching (MPLS) network that carries stock market data, video, voice, and screencasts.

Truman Boyes, Bloomberg’s head of network architecture, says his goals are to reduce complexity and to reuse and recycle where it makes sense to do so, instead of trying to manage everything in-house. “If we can get it off GitHub or partner, that’s better than the artisanal crafted configurations that we’ve grown up with.”

Boyes says his guiding principles are to automate everything in the data center, use open source in situations where the company wants to make changes, use virtualization and containers for all applications, and use the cloud to scale the business.

Shift from Hardware to Open Source Software

Innovation in networking historically has been driven by hardware. It was all about speeds and feeds, says Rajiv Ramaswami, VMware’s chief operating officer for products and cloud services. Now, it’s all about applications that can run anywhere from an on-premises data center to multiple public clouds. “The future is all about software,” he says.

Brenden Blanco, staff engineer at VMware, adds a personal touch to the discussion by describing his journey as a software developer. He recalls when he started out in 2006 as part of a team of 250 people; they cranked out two major release cycles a year and were trapped waiting for the next hardware release. There was no open source, the Amazon cloud was still in beta, and “everything was big, slow moving, and complicated.”

The advent of cloud computing put pressure on IT organizations to become more flexible and scalable. All eyes turned to application developers to help build the next generation of software to automate processes, move networking functionality into the cloud, and transition from a centralized to a distributed infrastructure.

To meet those requirements, an arsenal of open source tools emerged, such as Open vSwitch, which gave developers a plethora of choices. Today, software engineers like Blanco work in small teams and use new, agile methodologies with short life cycles to develop innovative applications.

Software developers are empowered today to write code and move it into production with few of the earlier roadblocks, says Frans Van Rooyen, infrastructure architect at Adobe. Deploying an application at scale used to be extremely difficult. Now, open source containerization technologies such as Docker and open source orchestration technologies like Kubernetes enable developers to wrap code in a container and scale it as needed.

Cloud Security Insights

Cloud security remains a core issue. This is true both for enterprises determining which workloads they will move to the cloud and for cloud service providers whose reputations depend on ensuring the safety of customer data. The multi-tenancy and shared control inherent in the cloud create potential security problems, says Pradeep Vincent, an architect for Oracle’s Infrastructure as a Service (IaaS) cloud. What if a packet gets sent to the wrong company? What if an attacker gains access to someone else’s virtual machine within the same physical server?

Oracle has deployed a three-tier system of “defense in depth,” which includes narrowing the interface to the virtualization layer, creating multiple points of routing decisions, and building multiple trust zones to isolate high-risk devices from internal systems.

Amazon’s DeSantis adds that when he built the Elastic Compute Cloud (EC2), he “found religion around partitioning.” Amazon has 16 distinct regions and multiple availability zones, each essentially a separate network.

On the enterprise side, Prajakta Joshi, product manager at Google, recommends that companies adopt a new way of looking at security when moving workloads to the cloud. Instead of perimeter security, enterprises need to deploy pervasive security, which means securing every aspect of the network.

The Build versus Buy Conundrum

Another common theme during the conference was the issue of whether companies should continue to buy hardware and software or build some network components in-house. Amazon “abandoned black boxes” years ago, says DeSantis, and developed its own router and switch designs. In fact, Amazon is developing its own silicon.

Naturally, the typical enterprise isn’t going to go that far. However, Rob Sherwood, network engineer at Facebook, suggests that companies need to start thinking about what they might be able to build on their own, beginning with orchestration software and moving to network management. The benefits include increased business agility, faster time to deployment, and better security.

In his closing keynote, DeSantis recalled his early years at Amazon, prior to AWS, when the network was considered “an unreliable entity.” Whenever there was an outage, everyone’s first inclination was to blame the network. But that perception is changing. “The cloud has transformed the way users and practitioners interact with the network in cool and exciting ways,” he says.

DeSantis built a network to support AWS that isn’t perfect but is “indistinguishable from perfect.” The goal was to create the network “as a service,” to get to the point where the network just works and then gets out of the way.

His parting words of wisdom: “Once you can rely on the network, exciting things can happen.”

For more on the need for enterprises to take a fresh look at networking as a software-based endeavor, visit vmware.com.