Site Logo
Site Logo Close menu
Products Overview

ProVision Core

IPAM ReView

ProVision Suite

DNS Controller DHCP Controller Peering Manager
Resource Manager Global Commander REST API

ProVision Family

ManyCast DNS API Composer Platform
Service Overview
ProVision Jumpstart
Data Normalization
ProVision OEM
Solutions Overview

By Role

CIOs & CTOs Network Architect Network Admin DNS Zone Admin

By Industry

Enterprise SaaS & Cloud Service Providers Education

By Company Type

Small & Medium Business Multi-Cloud & Hybrid Consultancies Enterprise
Resources Overview
Blogs
Case Studies
Press Releases
Whitepapers

Whitepapers

Reducing Network Complexity with Automation for Service Providers

How to Improve Provisioning Efficiencies and Reduce Costs

Executive Summary

Handmade products are what you expect from purveyors of fine custom clothing and bespoke footwear.  The “Made by Hand” label denotes tradition and craftsmanship and provides these merchants with a great marketing advantage.  However, this is not so for  service providers, for whom the “legacy” way of managing their networks has become a significant liability.

Faced with new demands for virtualization and containers, adoption of cloud/SDN/NFV, exploding mobile data and smart device growth, and bulletproof performance, service providers have outgrown the spreadsheets and proprietary vendor appliances they’ve historically relied on to manually provision their networks.  Greater user mobility, BYOD, virtualization technologies, IoT and the accelerating runout of IPv4/adoption of IPv6 are all compounding the complexity of network infrastructure and what it takes to manage them.  At the same time, downward pricing, declining margins, and relentless pressure to improve service quality are driving operational teams to reduce costs.  Manual approaches to network control and processes are labor-intensive, inefficient and error-prone. Unable to keep pace with the growing demands on the network, manual approaches hamstring service delivery, increase the risk of a service interruption, and prevent a more cost-effective allocation of resources.

Automated provisioning of network infrastructure offers an elegant solution.  Correctly deployed, an automated provisioning platform can alleviate staffing pressures and prevent underutilization of network resources while significantly improving service quality, accuracy, and consistency.  It achieves this by squeezing complexity out of the network by radically simplifying tasks such as IP address management, DNS zone editing or even BGP session configuration. Provisioning jobs such as IP subnet allocations and assignments, DNS zone editing, and DNSSEC zone signing that used to take hours and multiple operational tasks now take minutes and are less error-prone.  Different aspects of network control become integrated, and network-wide changes and are no longer the exclusive province of separate teams.  Resource allocation is based on policies, as determined by network architects, and is no longer ad hoc.  All this results in reduced error rates, much more rapid service delivery, and substantially lower management costs – even when managing heterogeneous network infrastructure.

This white paper will discuss the challenges facing service provider network managers and reveal the many benefits of automated provisioning software for teams that manage data networks, hosting centers, network access, and mobile networks.

The past ten years have witnessed an enormous change in networking.  The mass adoption of cloud computing, smart mobile devices, and hardware virtualization has been accompanied by much greater demands on the network, which has become the focal point for data center operations. With new initiatives building on top of virtualization platforms like SDN, NFV and container-based service offerings, these network infrastructure demands have only grown and don’t show any signs of letting up.

Greater commercial dependence on network operations has raised the bar on service levels, because any type of network outage or loss of throughput can result in a significant hit to the business.  For service providers, the impact can be great because a single outage may affect multiple customers, magnifying the revenue loss. For example, the University of California, Berkeley, estimates that a large provider on the scale of Amazon stands to lose at least $520,000 for every hour of network downtime.[1] The loss for smaller service providers would be less in terms of total dollars but just as great proportionately—90 percent or more of total revenue for the duration of the outage. And this figure does not take into account the larger threat to service providers from customer disaffection and long-term loss of business. 

The growth of the cloud, improvements in wireless throughput, and the great advances in device miniaturization have led to a tidal wave of mobile computing.  This, too, has added whole new levels of network complexity as large segments of employees, consumers, and the businesses have unplugged their desktops in favor of mobile devices.  In 2012, smartphone sales surpassed those of laptops for the first time, and the trend is accelerating.  With many users employing more than one device to access the Internet, the number of devices requiring IP addresses is exploding. Cisco estimates that the number of IP-enabled mobile devices surpassed the human population last year and will exceed 10 billion, or 1.4 devices per person, by 2016.[2]

Increased traffic and device proliferation has accelerated the depletion of IPv4 address space.  Asia Pacific and large swaths of Europe have already exhausted their available pool of IPv4 addresses and are relying increasingly on IPv6.  In North America, unassigned IPv4 addresses are being rationed, and a market for the private resale of IPv4 address blocks is flourishing.

The exhaustion of IPv4 addresses is driving the adoption of IPv6, along with the implementation of dual-stack environments to support this new global reality.  This uneven transition will only further complicate matters for service providers on a global level, as they will have to support both protocols for the foreseeable future. Since 1998, Internet transit prices have been declining at an average annual rate of more than 60 percent.  In 2013, they’re expected to fall to a new low of $1.57 per Mbps.[3] This trend will continue to push service providers towards the high end of the value-added services market in order to maintain their margins and differentiate their services.  But value-added services are more difficult to roll out and provision, thus placing an additional burden on already overstressed management systems.

To stay competitive, service providers must adopt provisioning solutions that can manage the entire network—regardless of device and location. These solutions also need to provide value to the current legacy infrastructure, while allowing vendor agnostic access to new technologies like SDN/NFV – all without disrupting operational workflows.

Provisioning Challenges Facing Service Providers

These currents of change are presenting service providers with three major challenges: ensuring service quality, adding new revenue-generating mobile and managed services, and preparing for globally emerging technologies like IPv6 and DNSSEC. 

Improving Service Levels

Even as the demands on network performance and reliability have soared, IP network management processes have fallen behind, and network managers at most service providers today are swamped with change requests.  The result of these fractured groups and processes is what we term the “dumb silo” – local tools that don’t scale and only solve a limited problem, but then have no ability to understand context for provisioning.

Homegrown scripts and manual spreadsheet-based processes still utilized at most service providers used to be sufficient for tracking configuration changes and provisioning new services.  But with the swelling influx of change orders, device adds, new service requests, legal requirements, and accompanying address changes, operators are challenged to keep up.  Plus, all this takes place in an increasingly complex and brittle environment, where years of accumulated protocol overlays, competing standards, proprietary equipment, rotating personnel, undocumented code and virtual devices have created a rigid, unwieldy infrastructure that is increasingly error-prone and difficult to manage. Throw in new technology initiatives like SDN/NFV or even virtualization and container-based technologies, and this a recipe for disaster in even the most robust operational team.

Inevitably, this results in delayed service deployments, higher operator error rates, and the ever-present threat of a significant network outage.  But under the current management and control model, these issues are impossible to set right.  Operating procedures are too compartmentalized, legacy and manual processes are too inefficient, and the cost of adding additional personnel is simply too great. The “dumb silo” is a reality and can’t be ignored.

Profitably Introducing New Services

To retain customers, maximize revenue from legacy network assets and offset declining transit costs, service providers must roll out new, value-added services such as LTE, software as a service (SaaS), infrastructure as a service, and managed networks. However, given the complexity of provider networks and the inefficiencies of their siloed management processes, these services are difficult and costly to deploy.

Because value-added services involve numerous underlying systems, a spreadsheet-based or isolated provisioning process turns this into a lengthy ordeal, and operations personnel are not always familiar with each step in the procedure.  This delays rollouts, increases errors, and undercuts profitability. Due to the lack of a holistic approach to infrastructure provisioning, introducing new services on the part of an agile service provider carries an even bigger risk as time passes with legacy manual processes behind the scenes.

Deploying to IPv6 and Understanding the Impact in your IPv4 World

There is no getting around it: The coming transition from IPv4 to IPv6 will be a major undertaking that affects every facet of a service provider’s business from capital expenditure to customer service.

A growing percentage of customers are already making use of IPv6. By mid 2012, nearly 20 percent of the world’s installed base of routers was IPv6 capable.  This will soar to 59 percent by 2016, according to Synergy Research.[1]  IPv6 mobile deployments are also rising rapidly. A Cisco mobile data forecast pegs the number of IPv6-capable smartphones and tablets at 479 million, or 41 percent of the total device population, in 2012, rising to 2.2 billion, or 73 percent of all smartphones and tablets, by 2017.[2]

To accommodate this growth, service providers must ensure that their networks are dual stacked (support IPv6 and IPv4 protocols). This will mean new equipment and software supported by new operating procedures. And because there will be a prolonged period when the only new routable addresses will be available under IPv6 but most Web-based content will still only be available via IPv4, service providers will be forced to support both protocols concurrently via dual stacking, in which both versions of the IP protocol run in parallel. However, older network infrastructures may not allow for dual stacking and will have to rely on some form of encapsulation technology, such as tunneling, in order to support the dual protocols. This effectively means that technical operations teams will be responsible for two operational networks!

Another critical issue: Under IPv4, with its relatively small number of public addresses, RFC 1918 space and network address translation (NAT) was implemented to allow devices to “share” an IP address. This changes radically with IPv6, which, with its vastly larger pool of available addresses, assigns IP addresses in different ways and places much more importance on access control lists (ACLs) to ensure that devices are reachable or hidden per a given security policy. In other words, under IPv6 tracking, managing IP address assignments and managing smarter mobile devices will become far more complex than it is today.

The waves of change reshaping the Internet’s landscape have left IP service providers with a stark choice: Either automate or drown.  

Automated Provisioning: The Solution for Growing Network Complexity

Designed to help service providers eliminate network management and automation complexity, many network administrators are turning to automated provisioning software.

Manual, spreadsheet-based provisioning focused on individual, vendor-specific network elements cannot keep up with the proliferation of new devices and the dynamic nature of today’s networks.  As a result, manual configuration raises the risk of network outages and delays the introduction of new services, thus forfeiting revenue and customer trust in the process.

An automated provisioning and control platform in contrast, integrates the entire infrastructure provisioning process, including IP address assignment, DHCP, and DNS configuration and with the ability to tie in permissions and object metadata in a vendor agnostic fashion. Each step in the process is carried out automatically, in a dynamic fashion, as new services are deployed and devices are attached or detached from the network.  Policies can be defined and put in place to set parameters for how the system carries out these tasks.  The platform consists of a suite of software tools that enable service providers to:

  • Significantly reduce operational costs by automating labor-intensive tasks such as IP address allocation, DNS zone management, DNSSEC zone signing, and DHCP configuration for both physical and virtual network elements
  • Improve service consistency and reliability by reducing error rates and integrating related tasks into repeatable processes
  • Improve operator productivity and speed new service delivery by replacing functional silos with integrated workflows, and by replacing slow manual processes with dramatically faster API-led automated responses

The various tools of the provisioning suite rework the individual tasks involved in allocating IP address space and configuring different devices into a workflow of repeatable processes.  This workflow reflects the reality in which the network is actually managed, and the different software functions all sport a similar look and feel and can all be accessed from a single screen. This means that network architects should have a view that differs from a network operator or a DNS administrator, but each interface should prioritize the tasks that each user needs.

Optimally, the tool suite also includes asset identification and management features.  These encompass asset identification and inventory, hardware assignment, and configuration capabilities, which make it possible to track and view all the IP-enabled devices attached to your network in real time.  This is particularly critical in light of the transition to IPv6 because all devices with an IP address will be visible on the network and need to be accounted for and secured – and these devices can have multiple IP addresses and DNS data associated with them. Have an asset system that can understand the metadata and associated context for objects is crucial.

Any platform should be acquired with an eye toward “future-proofing” the network and the related infrastructure provisioning workflows. This means:

  • The provisioning platform GUI must be built natively on its own web service REST API.
  • The software should run on non-proprietary operating systems and database architectures.
  • Most critically, IPv6 and DNSSEC support should be integral to the software and not simply provided as a “bolt on” or a static field.  This includes support for auto-subnetting and integration of policy administration into the management interface.  The software should provide tools to define, log, and track policies as defined by the administration for a distributed operations team.
  • The Regional Internet Registries (RIRs) should be fully integrated because they are a key component of provisioning that normally involves yet another manual process that delays provisioning, and they provide a simple interface with the upstream regulatory bodies.

Benefits of Network Automation Software

An automated infrastructure provisioning system offers service providers numerous benefits including:

  • A dramatic reduction in the time operations personnel and network administrators must spend provisioning network infrastructure for IP-based devices.
  • The near elimination of address assignment and device configuration errors during the provisioning process.
  • Centralized network infrastructure provisioning for simple integration across multiple departments and functional groups.
  • Full integration of IPv4/IPv6 with DHCP and DNS allows administrators to dynamically obtain IP addresses by defining, deploying, and managing IP ranges and metadata – from the aggregate to the host level.
  • Integration of entire address allocation and configuration process into a GUI based workflow or automated via integration with existing provisioning tools.
  • Global audit trail for all provisioning changes, providing full visibility into who changed what and when with real-time exporting to third party logging systems.
  • Discovery and inventory tracking of all network-attached, IP-enabled devices via existing distributed network-monitoring tools and ProVision Connectors.
  • API-based vendor agnostic provisioning layer for flexibility and reduced vendor lock-in
  • Increased provisioning data accuracy, including RIR SWIP/inetnum objects
  • Network optimization based on a complete view of the network and policy-based network configuration.
  • Accelerated service rollouts and faster time to market for new, value-added service offerings as a result of greater staff productivity and a streamlined provisioning process.
  • Substantially lower operating costs due to productivity gains and equipment savings.
  • More profitable growth based on a lower cost structure, less revenue loss due to service interruptions, and the rapid introduction of new, high-margin services.

What to Look for in an Automated Provisioning Solution

These are some important attributes to consider when evaluating the different automated provisioning platforms on the market today:

A flexible platform: Seek a solution that provides a flexible, adaptable platform that can conform to the service provider’s provisioning requirements and processes. This ensures a more rapid deployment and avoids a “force fit” situation in which people and processes must adapt to the new tools.

Vendor-agnostic software: Look for a vendor-agnostic solution that allows current systems to remain in place “as is.” This helps keep deployment costs low by minimizing the need to invest in new systems and allows service providers to deploy best-of-breed systems going forward without fear of vendor “lock-in.” If a Connector based strategy is used, that implies that the software is able to easily expand functionality and grow with you.

Comprehensive support for IPv6 and DNSSEC:  Choose a solution that provides more than simple address tracking.  Look for functions such as auto-subnetting, which simplifies configuration issues and eliminates common problems such as double assigning the same IP address, and address block tracking, which can replace ad hoc address assignments based on immediate operational requirements with address allocation policies based on service and customer priorities. Make sure these IP data sets are tied to DNS and DHCP systems for the most accurate provisioning workflows.

Support for non-proprietary operating systems: Select software that runs on non-proprietary operating systems such as LINUX on x86 hardware.  Other open standards should be supported too, including open APIs such as REST. This ensures that the provisioning suite can support the broadest possible array of devices and network configurations now and in the future.

Rapid provisioning: Only consider automated provisioning systems that reduce the time needed for common tasks, such as assigning a block of IP addresses, by a minimum of 80 percent.  This will maximize your productivity gains.

SaaS and local service options: Work with vendors whose software can be deployed as either a hosted, SaaS-based service, or locally, behind your own firewall. Either way, make sure the software can be deployed quickly—in a matter of minutes, not months. This gives you maximum latitude, thus allowing you to choose the model that best supports your own financial and operational requirements.

Data analyst support: Seek out a provisioning vendor that includes access to a team of data analysts in your service package.  These experts can provide quick, efficient support for common implementation problems such as identifying redundant address assignments, normalizing data sets and other issues which can greatly expedite your roll out.

Usage-based purchase terms: Choose a software provider that allows you to procure the software based on usage, adjusting the terms up or down as requirements change. This means you won’t be forced to purchase more capacity than you actually require and aren’t trapped by legacy “per IP” charge models. Ideally RFC 1918 space is not factored into pricing as well.

ProVision: Best of Breed

ProVision’s automated network provisioning and control platform, embodies the features and functions described above.  The software dynamically and holistically provisions all the network control factors required to initiate and operate network and data center elements, including IP addresses, DNS zones, DNSSEC implementation, and DHCP pools, by taking into account VLAN and device-level information.  Available as either a highly scalable cloud or an on-premise solution, ProVision automatically controls these factors across distributed or separate physical and virtual networks through it’s intuitive GUI or robust REST API.

Built from the ground up to support the transition from IPv4 to IPv6, including dual-stack implementations, the ProVision toolset includes: 

  • REST API to simplify integration with the widest possible range of applications. Extensive documentation and numerous code samples are available with the API being used natively within the ProVision application.
  • Multi-tenant Capabilities are built-in to the ProVision platform for delegating administration to downstream customers or internal functional groups.
  • Connectors provide on-demand expandability to accommodate both legacy provisioning environments and the latest SDN/NFV technologies – ProVision can communicate with objects via SSH, API and everything in between.
  • Context-aware Resource Management that can store information on all physical and virtual network assets in real time.  The module builds hierarchies tied to provisioning data using an unlimited number of custom fields for classifying an unlimited number of asset types.
  • IP address management,which includes complete IPv4 and IPv6 support for everything from subnet management to hosts.  The IPAM tool manages both internal and external address assignments and reduces the time required to provision a block of IP addresses from 45 minutes to an astonishing 15 seconds. 
  • DNS and DNSSEC management that supports multiple DNS servers utilizing different DNS technologies.  The tool supports existing DNS architectures by importing existing BIND zone data and outputting it to the DNS server.  DS keys are generated with a single click. 
  • DHCP server management,including DHCPv6 support, maintains uptime without sacrificing performance or security.  The module supports even advanced DHCP server functions by utilizing the intelligence of your existing DHCP infrastructure and providing you a single management GUI for control or via API.
  • Peering Manager uses a combination of workflow automation and Connectors to  provide one-click BGP session configuration across multiple exchanges. This module uses data from the service provider’s routing infrastructure, peeringDB and exchange points to generate peering request lists based on service provider criteria.

[1] See “A Simple Way to Estimate the Cost of Downtime,” University of California, Berkeley, 2002
[2] See “Global Mobile Data Traffic Forecast Update,” Cisco Networks, 2012
[3] “Internet Transit Prices–Historical and Projected,” Dr Peering International, 2010
[4] See “North America Lags Behind on IPv6 Readiness,” Synergy Research, 2012
[5] See the Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2012–2017

Get in touch with us, we can help you find the right solution for you.

Schedule a Demo