3 Takeaways From AutoCon0

by Drew Conry-Murray

The inaugural AutoCon conference took place November 13th and 14th in Denver, CO. Developed and launched by Chris Grundemann and Scott Robohn, the conference, along with the umbrella organization Network Automation Forum, aims to build a community of practitioners to help advance the state of the art in network automation. Packet Pushers was a media partner of the event, and Ethan Banks and I attended. We were joined by just over 300 other attendees and speakers, along with a handful of vendor sponsors. Here are three impressions I took away from the conference.

1. There is a hunger for network automation

If infosec has a reputation as the Department of No, I think networking has a reputation as the Department of Slow. For about as long as I’ve been covering the industry (more than 20 years), a common complaint from other IT teams and the business side of the house is that networking is the laggard when it comes to standing up new applications and services. The rise of virtual machines and then public cloud, each of which accelerated app deployment, has only cemented that reputation. Compute can be summoned with a few clicks, but networking (particularly on prem) often requires tickets and emails and questions and wait times that can stretch from hours to days.

Networking teams know they need to automate to keep pace. They want to automate! It hasn’t happened for reasons too extensive for this short post. What AutoCon0 clearly demonstrated is that what’s not lacking is desire.

2. Adoption roadblocks are cultural, technical, and budgetary

While the desire is there, the roadblocks are significant. Cultural issues include engineers who don’t want to abandon the CLI for reasons including significant professional and financial investment in the CLI, a dislike of programming, and a legitimate concern that executives see the word “automation” and start salivating about staff reductions.

Technical issues include the ever-moving hockey pucks of languages, tools, and platforms (Python, Ansible, Terraform, Netbox, Nautobot, Nornir, Git, and who knows what comes next), a lack of conformity around data models, a reasonable unwillingness to try to build and maintain automation tools in-house, and gnarly brownfields em-barnacled with rules and configs that, like Jenga blocks, may or may not topple the whole network if you mess with them.

On the budgetary front, many companies seem unwilling to invest the time and money to train their networking staff or allow for the risk-taking required with new automation projects that might result in errors that impact the business. More can be said about these roadblocks, but I’ll move on.

3. Lots of networking orgs want vendor tools!

There’s a definite DIY vibe to a lot of network automation projects. Many are built around open-source tools and projects. That’s great for individuals with an interest in this work and teams at forward-thinking companies that will invest in and support home-grown efforts. But that’s not most companies.

Most companies want vendor-supported tools that will actually help them be more efficient, reduce human error, and increase the velocity at which the network team can support new apps and services.

The problem is that you can’t just buy a “network automation” product. Network automation requires coordination across almost innumerable devices and systems, each of which performs a critical function that has to be reliably triggered in the right order with the right information. There are APIs to link up, data models to rationalize. There are Sources Of Truth to be identified and maintained. There are issues around visibility, monitoring, management, and resource consumption, not to mention policy and compliance.

Given all this, there are significant opportunities for vendors. What’s more, network automation is a heavy lift that no one vendor can manage. There’s lots of opportunities to go around. However, vendors aren’t known for working well together. This means networking organizations have to very careful and deliberate about the vendors they choose, and it can take significant time and effort to parse real capabilities from press release buzzwords. In many cases companies may be stuck with deeply entrenched “partners” that have little incentive to sing Kumbaya with competitors or other players. But the need for real partners is there, and network engineers must make their demands known.

I was encouraged by the energy, ideas, and enthusiasm swirling around AutoCon0. There are a lot of benefits to a tightly-focused conference. I hope this community continues to grow. I also hope to see AutoCon1 on the calendar for next year.

THIS WEEK’S MUST-READ BLOGS 🤓

How to set channel widths in Aruba Central (Nov 2023) - MAC-WIFI
This post exemplifies one of the reasons the entire community benefits when individuals write tech blogs. Andrew found the Aruba Central user interface very frustrating when he needed to use it to set channel widths. He writes “...no amount of Googling could find the answer in HPE Aruba’s documentation or anyone else’s. So here I am writing it up hoping this saves someone else the hour I spent searching, clicking and sighing.” If Andrew’s post saves you some time, whether now or a year from now when this post shows up in your search results, let him know. - Drew

Running one's own root Certificate Authority in 2023 - Wejn.org 
Michal Jirků explains why and how he built his internal-only root CA, starting with generating a X.509 cert for the CA itself, X.509 certs for the services, and then building the service. He glosses over the “you gotta import the ca.crt to every browser” part, which is somewhere between no big deal and painful depending on your intended scope. The guide is otherwise thorough. - Ethan

I'm going CCNP emeritus - Daniel Teycheney
Daniel writes a thoughtful post about the role of certifications in professional and career development; the sometimes-overlapping and sometimes-conflicting motives of certification providers, employers, and IT professionals; and his own calculus for measuring the value of continued certification. As with any cert discussion your mileage will vary, but it’s a good piece to read if you’re on the treadmill. - Drew

Internet Artifacts - Neal.Fun
Neal Agarwal makes things. One of those things is this gallery of Internet artifacts. Includes the original Arpanet map, the origin of emoticons, IRC, where LOL started, the dancing baby, and lots of other exhibits. A worthy browse down memory lane. - Ethan

Antidepressants or Tolkien?
In this game, you guess whether the word is the name of a Tolkien character or an antidepressant. Harder than you think. Much harder. Yes, even if you’ve read the Sil. - Ethan 

_{Questions about your cloud spend? DoiT is here to help.}

You’ve got questions about your cloud costs, and DoiT’s technology makes it easy to get the answers. Ensure you’re spending what you should be – and stop overspend in its tracks.

From cost optimization to cloud migration, machine learning and CloudOps, DoiT is here to make the public cloud easy — without the costs.

Learn why DoiT is trusted by thousands of digital natives at DoiT.com.

TECH NEWS 📣

OpenAI confirms DDoS attacks behind ongoing ChatGPT outages - Bleeping Computer
The popular ChatGPT tool suffered outages after coming under a DDoS attack. Bleeping Computer reports that a collective known as Anonymous Sudan has taken credit for the attacks, and has claimed that it used the SkyNet botnet to smother ChatGPT with bogus requests. Botnets vs. AI makes me feel like I’m living in the future. I had hoped there would be more jetpacks and replicators in this future, but you get what you get. - Drew 

Investor Relations - CISCO REPORTS FIRST QUARTER EARNINGS - Cisco
Cisco’s share price fell by up to 12% after telling investors that they will miss previous 2024 financial predictions by approx 10%. The story offered is there was a large COVID backlog that has now been cleared but enterprises are delayed in installing product and are suspending/delaying purchases while they work through the backlog. Nearly 50% of Cisco revenue is now recurring from subscriptions. Long term, Cisco says revenue will return to pre-COVID levels with low growth but they have improved gross margin to 67.1%. If you are negotiating a largish deal with Cisco in the next two quarters, push hard for extra discounts - they are more sensitive to revenue and less on profitability. - Greg

FOR THE LULZ 🤣

Shared on X by @KevTechSupport

RESEARCH & RESOURCES 📒

Explore GPU advancements in M3 and A17 Pro - Tech Talks - Videos - Apple Developer
This is a thirty minute video from Apple that is direct and accessible on the GPU features in its latest M3/A17 Pro CPUs announced a couple of weeks back. GPUs in enterprise data centers will be commonplace for AI/ML/HPC so it’s handy for looking intelligent when people make mouth noises about it. What Apple highlights is roughly transferable to other GPU/AI co-processors and particularly the relationship with CPU and memory processing. - Greg 

Automating Config Generation with NetBox, Nornir, and GraphQL - Packet Coders on YouTube
Rick Donato describes this hour long webinar as follows. “Learn how to use a Source of Truth to build automated network configurations, quickly and easily using Nornir, NetBox, and GraphQL!” That’s a short description, but promises a lot. The GraphQL aspect is especially interesting to me, as it addresses the problem of an API that gives you back a ton of stuff you don’t care about just so you can get the one bit of data that’s important. - Ethan

Monaspace Font Family
Self-described as “an innovative superfamily of fonts for code”, Monaspace isn’t just more fonts. There is a great deal of intent put into the Monaspace font family, both in how they were designed and how they are meant to work together. The big idea seems to be expressing important things about the code by using different members of the font family, while having all the family members remaining compatible when used together. The web page describing this is meticulously illustrated & educational. Worth a visit, even if you’re not that into fonts. - Ethan

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Wordfence Launches Bug Bounty Program to Fund WordPress Security Research and Showcase Researchers - Wordfence
Wordfence, which provides security software for WordPress sites, has announced a bug bounty program. Wordfence will pay researchers who uncover and responsibly disclose vulnerabilities in WordPress plugins and themes. Wordpress is one of the most popular platforms for hosting blogs and other Web sites, so a more secure WordPress is good for the Web as a whole.  Check out the link for more details on the program and the disclosure requirements. (BTW, thanks to Steve Puluka who surfaced this on Bluesky. If you’d like to get on Bluesky, I have invite codes. You can hit me up in the Packet Pushers Slack channel.) - Drew

NVIDIA Fast-Tracks Custom Generative AI Model Development for Enterprises  - NVIDIA Blog
How enterprises will use AI is not yet clear. Many startups are offering API-as-subscription which enables them to rapidly iterate on expensive off-prem cloud infrastructure and build an income stream. They have to build revenue before their funding runs out with high underlying costs. So when  NVIDIA announces “AI Foundation Models — a curated collection of enterprise-grade pretrained models — to give developers a running start for bringing custom generative AI to their enterprise applications” it’s interesting. Nvidia could be a stable supplier and offer a wider range of solutions to build a strategy around including the additional in-house generated models that extend the these foundation models to be specific to enterprise. Note that brand vendors like Dell and HPE are offering products that bundle opensource models like Huggingface as an alternative. - Greg 

Join us in the global fight against DDoS - Nokia
IDDOS was a ‘managed problem’ for the last decade or so but has returned in force recently. Increased upload bandwidth at the edge, IOT botnets, and state actors are seen as key issues. Nokia Deepfield provides DDOS protection for carriers and MSPs and now uses AI/ML to detect and respond to new events. What’s interesting is that Nokia is asking its own customers to opt-in to data sharing  while other companies will only opt-out on request. But also third-party companies can choose to share their data with Deepfield forming a coalition similar to various threat intelligence orgs (Cyber Threat Alliance, Threat Intel Coalition etc ). Nokia will use the data to improve its training for Deepfield.  - Greg

Investor Relations - Cisco Enhances Partner Program to Drive Partner Differentiation and Profitability - Cisco
Cisco relies heavily on resellers to move its goods into the lower end of the market. In recent years, they have walked back from direct account sales as the pressure on profitability has led to cutbacks in sales headcounts. Cisco has been building an AI sales tool for a number of years to closely monitor customer activity to replace direct sales. The collection of extensive data via subscription-based integrations means that Cisco can now monitor customer engagement and direct resellers on what activities are expected of them. Equally if a reseller is not performing effectively they can expect to be replaced in an account or when deals come up for deal pricing. There is also a major shakeup in ‘incentives’ for partners that likely will impact existing business. I don’t know how this will turn out but I suspect that there will be fewer resellers as the large resellers have resources to work out how to game the AI to get the best margins and deals. - Greg

LAST LAUGH 😆