It’s not every day you see something that excites you to a point of ecstatic glee. This is a special day indeed, and it’s thanks to the minds at Forward Networks.
TL;DR, Forward Networks has introduced the first and only accurate software copy of your exact network. That’s right — a full-scale, veritable sandbox of your massive network, in a clean and powerful interface. No lie – it’s cool!
Forward Networks – Who are you?
Forward Networks is a brand new company started in late 2013 by a small group of industry SDN engineers and scientists. In fact, the team at Forward Networks is comprised of multiple PhDs with collective backgrounds from Google, Facebook, Microsoft, Apple and Cisco, to name a few. Some of these folks are the pioneers of OpenFlow, creators of Mininet, Beacon and ElasticTree. If you’ve done any research or development with SDN, you’ve definitely played around with with the network emulator – Mininet. It’s simply incredible!
Forward Networks – What do you do?
If you were to ask me this question last week, I’d have no idea. As of a few days ago, their website was essentially a list of available jobs and an About Me page. Well that just changed, with Forward Networks officially coming out of stealth mode, proverbially blowing everyones mind.
Forward Networks is a Network Assurance platform, designed as a Google-like network search engine for validating and predicting network intent. In short, the Forward Networks platform collects all configurations from your network devices, including forwarding tables and firewall policies, and builds an impressive software-based replica for which you can sandbox, validate and prove network expectations.
Forward Networks Platform Architecture
Regarding the REST APIs, Forward Networks has one of the sleekest API browsers I’ve ever encountered. I’ll have to personally use it some more, but from the demonstration on their site it looks amazing!
This list of supported vendors is huge. Immense libraries have been built within the Forward Networks solution to understand how elements, forward tables, security parameters, interface parameters, etc., are presented by each vendor so topologies and analysis can be properly vetted and replicated in software.
Equipment from Cisco, Juniper, Arista, HPE, Fortinet, Checkpiont, F5, Palo Alto Networks, Pica8, and many others are already supported.
Googling with “Forward Search”
DB Admin: Yo Dave, what’s the path my SQL query takes from point A to point B?
Me: Let me Google that for you. (*fires up Forward Networks UI*)
DB Admin: Oh, and can you let me know if it’s allowed through the firewalls?
Me: Yep, here’s the path end-to-end, and it does look like two firewalls need to be opened.
DB Admin: Wow, that was quick! Can you send me the info for change control?
Me: Sure, here’s a link detailing everything you need to know.
DB Admin: I love you
With Forward Networks, you can literally type in a source IP, destination IP, port, application, you name it, and search your network topology to verify path and security permissions end-to-end. I have wanted this for years! Yes, there are similar solutions out there, like NetBrain, Fluke TruView, etc., but never have I seen this presented so eloquently and with such a wide support of vendor equipment.
The use cases are simple, yet profound. Search traffic paths to find out where traffic will traverse in both directions. Find devices on your network and detail their connections. Interact with a topology without impacting production networks. Inventory the network, including details of every network element.
Again, most importantly, you want to verify intent! Build requirements into your audit and get immediate results. Is the network built properly? Are all network security measures in place?
Test your network like a programmer
Forward Networks is enabling network engineers to step up their game and get out of the world of ping and traceroutes. With Forward Verify, users can automatically identify failed connections, violation of security policies, and incorrect forwarding behaviors via a library of predefined checks, coupled with your actual network topology and configurations.
Forward Networks believes that networking teams should follow similar testing practices that a programmer would when developing software. The network industry has existed for far too long without proper applied testing prior to implementation in production environments. Moreover, having the ability to run your network in software and validate expectations post-implementation is hugely valuable.
Full Scale Sandbox with “Forward Predict”
Take the guesswork out of network change management
Have you ever heard the question during a change management call, “Did you test this in a lab?”, and all you could say was “no” or “sort of”? It’s not feasible for most companies to invest in full scale replicas of their production networks simply to validate networks changes like a software developer would test a new application build. Not only can you do this with Forward Predict, but you can do this at full scale with hundreds or (I’m told) thousands of nodes.
Easily perform diffs across network configurations and topologies, simulate NOS code upgrades, and measure impact of re-architecture. Check out more on their site.
I’m ridiculously excited about the Forward Networks tool set. Too long have I wanted a tool that would let me search my network like Google searches the web. I’d be surprised if you didn’t think this was cool. Do yourself a favor and check out their site, along with their first recorded video sessions done at Networking Field Day 13.