Intermittent failure is the bane of the car owner. You take it to the garage, explain the problem, they make a few adjustments and assure you there is nothing wrong, and a few days later the engine is again misfiring intermittently. You rely on your car, but cannot trust it on a long journey…

The network manager has a better option – to build redundancies into the system with automated switch-over a fraction of a second after failure. It’s a great solution, but it does add a layer of complexity. At a certain point, ”workarounds” need to be stopped to end the growing complexity problem in today’s networks.

A major high street bank discovered this when their system crashed and thousands of critical transactions were lost, with damage to confidence and reputation that took time to heal. They, of course, had a fully redundant network with passive systems throughout poised to take over immediately on failure.

But, it was later discovered, one element had been upgraded months earlier – it was correctly installed and tested but a small error in the setting meant it was not in sync and so it did not respond to the failure. No-one had noticed because, as a passive element, it simply lays there – a disaster waiting to happen.

Human error was the cause, as it is in sixty to eighty percent of all network failures according to customers we have questioned. Naturally, the bank was on the lookout for such ”digital landmines” hidden beneath its smooth operation and, like most large organisations, it regularly employed specialists to test the system exhaustively and locate any such errors before they surfaced as problems. Even if this were done every month, however, the fact remains that networks are being adjusted and upgraded all the time.

This problem is becoming so serious that many big retailers actually prohibit administrative changes to the network for several weeks before the Christmas and New Year shopping season. They have learnt the hard way that peak performance is so critical, and complex systems so vulnerable to human error, that they cannot risk any administrative changes at that time.

Automation is one way to reduce human error. Not only because it replaces a manual with a mechanical operation, but also because it frees the operator from the mind-numbing repetitive tasks that lull people into error. Already some two hundred of the global five hundred top companies use Infoblox solutions to automate core network services, including domain name resolutions (DNS), IP address assignment (DHCP) and IP address maangement (IPAM), but that does not mean that only the very largest organisations can justify this solution.

Growing network complexity, accelerated by the rise of virtualisation, means that automation is increasingly being adopted by smaller organisations. The good news is that it does not need a massive system upgrade, but can simply be plugged into the existing structure.

The need to automate core network services

So many finance, administration, security and communications functions in any organization have been automated in recent years, and this has largely been done using the corporate network to link the parts and functions. And yet the network’s own core services remain a last bastion of manual labour, with IP addresses and their naming performed by legacy systems and a web of scripts, operating systems and software. Management functions are still being performed manually in most companies, with details held in spreadsheets or even recorded on scraps of paper.

The rule of thumb was that if you had less than a thousand IP addresses to manage, then you might as well do it manually. But the number of addresses has been exploding of late. A move to VoIP phones in an office more or less doubles the number of addresses at a stroke, and many office staff now also have a smartphone, laptop and iPad too for business use. As enterprises become more distributed, the intranet of PCs becomes an intranet of people moving between locations, and each mobile device may call up further addresses as it hops between branch offices, home offices, hotels, and airports.

It is not only the surge in individual’s addresses, but also other systems such as building control systems, surveillance and secure entry systems, vending machines, fire detectors and other devices that used to be manually controlled but now become part of the corporate network and often involved in automated, machine to machine communications.

An interesting example comes from the Swedish truck company Scania: it has some half million vehicles on the road all round the world, and all the newer vehicles can be wireless-linked to keep in touch with the corporate HQ, so that each vehicle’s position, performance and service data is available in real time.

So, even if your network does span less than a thousand IP addresses, how long will it stay that way? In a recent survey, more than 85% of IT managers anticipated a IP address growth in 2011 which has proved to be the case.

Today’s networks are not only increasingly complex, they are increasingly opaque. Network managers often do not know what is happening in the network and virtualization exacerbates the problem. Virtual networks are nearly invisible to traditional management tools.

The answer is to automate these core functions using the latest network service management tools. The new devices, rather than just serving a single IP address to a host, allow the entire IP address space of an organization to be centrally managed in terms of network resource allocation – giving IT managers and CIOs a whole different perspective.

Address management is no longer a tedious housekeeping chore, but rather a powerful tool for security, capacity planning, availability and growth management. Automation does not simply remove the human element, it positively helps people, by applying policies in a consistent, documented manner and increasing visibility across the whole network.

Good automation addresses not only the underlying technology but also the people and the business processes. This is the key to scalable, smooth operation, and an important enabler for virtualization. It helps a company to globalize and manage the complex address space making applications available to increasingly scattered offices and mobile users, even across multiple carrier networks.

When the IT manager is asked to deploy many extra servers for some new application, there will be no need for emergency re-building or re-partitioning the network. IP address registration and allocation can be planned in advance, not under battle conditions.

The added pressures from virtualisation

The problem of the steady expansion and evolution of any network has been outlined, but virtualisation accelerates it beyond all bounds. The network is now dynamic, change is its very nature and, although human error is not directly invoked by these automatic processes, they are more likely to be tripped by these errors. As virtualization gathers momentum, automating network changes will be the only way to keep pace with network requirements such as VLAN configurations, ACLs and firewall settings.

According to industry analyst Jim Frey of Enterprise Management Associates: “There is little if any hope for manual processes to keep pace with the rate of change introduced by server virtualization and cloud services – the only reasonable answer is automation. In this case, network managers could benefit greatly from tighter automation and control around IP address management as an essential aspect of maintaining a highly functional, highly performing network.”

If it takes days to reconfigure the network in order to move workloads to different data centers, cloud computing will never be a workable option. What is needed is highly automated systems that approach self-managing networks. For example, our network change and configuration management product can automate network changes, provide a window into the impact of changes on network health, manage network configurations and meet a variety of compliance requirements. It offers an automated way to isolate health and configuration issues before they cause problems.

Integrating IP address management (IPAM), a real-time network data management system, and network change and configuration management (NCCM) provides the automation, visibility and control over many traditionally manual IT tasks. This is the way forward, the only way to realize the full potential of virtualization initiatives – increased business uptime, reduced costs and increased IT efficiency.


Automating core services does not mean a major rebuild or significant complexity, it can be achieved with the addition of straightforward tools. By making IPAM as easy and graphic as iTunes you have not eliminated all possibility of human error, but you have put intelligence back in control – instead of numbing it with repetitive tasks under pressure. This is the only way forward.