IT network assurance
IT network assurance quantifies risk from an IT network perspective, based on analysis of network facts.[1] Examples could be identifying configuration errors in network equipment, which may result in loss of connectivity between devices, degradation of performance or network outages. Relevant facts about the network that could be analyzed would include not only network configuration files, but current network state, network traffic analysis, error logs or performance data.[2]
Network Assurance is closely related to the topic of Service assurance, which is primarily for service providers and telecommunication networks to ensure the proper level and quality of network service are delivered to customers. IT network assurance is generally for corporate networks and enterprise IT departments.[3] Network assurance involves the engineering process of formal verification, which specifically contrasts with design testing. Verification of network design compares the policy requirements of the network with the actual implementation under all conditions, rather than testing specific test scenarios under a finite number of conditions.[4]
A complement to IT application-level security and data-level security solutions, and a sub-set of Network management, Network assurance measures the impact of network change on security, availability, and compliance. Network assurance helps companies keep policies and defences correctly implemented during times of rapid network change. It also helps organizations prioritize remediation efforts and validate network policies and controls.[5][2][6] Colleges are now offering classes specifically for this Network Management sub-domain under IT Forensics.[7] The capabilities of a network assurance solution also overlap closely with the technology category of intent-based networking, which also compares network intent and required policies with actual network designs and configurations to provide assurance of network functions.[2][8][9]
Vendors
IP Fabric introduced a software platform in 2017 which seeks to improve the reliability and security of enterprise networks through continuous network assurance. Cisco introduced a network assurance solution in January 2018 called Network Assurance Engine.[9] Veriflow Systems is another vendor that claims to provide network assurance capabilities in its platform through continuous network verification.[10] All three of these systems rely on a mathematical model of the network, rather than monitoring of live network traffic, to analyze and verify behavior in comparison to network intent and desired policies.[11][9]
See also
- Gordon–Loeb model for cyber security investments
References
- Network Assurance Solidifies Data Security Fully Understanding the Network is Critical to Validating the Security of Your Data Archived 2008-07-04 at the Wayback Machine, Wall Street Technology Association, 2007.
- "The Case for Network Assurance" (PDF). IDC. Feb 2013. Retrieved 2015-05-02.
- "What is service assurance (SA)?". TechTarget. Retrieved 12 February 2018.
- Heller, Brandon (27 April 2017). "Seeking truth in networking: from testing to verification". Forward Networks. Retrieved 12 February 2018.
- Dario Molinari (2014-04-23). "Why network assurance is still relevant". IBM. Retrieved 2015-05-02.
- "Communications Network Assurance Services". Infosys. Retrieved 2015-05-02.
- "Security & Network Assurance". Palm Beach State College. Archived from the original on 2015-06-30. Retrieved 2015-05-02.
- Lerner, Andrew (7 February 2017). "Intent-based networking". Gartner. Retrieved 12 February 2018.
- Kerravala, Zeus (31 January 2018). "Cisco brings intent based networks to the data center". NetworkWorld. Retrieved 12 February 2018.
- "Veriflow Systems". Bloomberg. Retrieved 12 February 2018.
- "Getting Grounded in Intent=based Networking" (PDF). NetworkWorld. Retrieved 12 February 2018.