Human Infrastructure 373: Will AI Replace Network Engineers?

AuthorAuthor

Drew Conry-Murray & Ethan Banks
October 10, 2024

WILL AI REPLACE NETWORK ENGINEERS? 🤖

Since automation came on the networking scene, engineers have felt endangered. "Wait, if the automation tool can push the configs I used to push by hand, what am I gonna do with my time?" And we found out. Now some network engineers build and maintain automation systems.

But what about AI? AI feels different than automation. Automation is the codification of infrastructure and processes. There's no intelligence there aside from whatever logic an enterprising human builds into the code. On the other hand, GenAI and machine learning are bringing fresh capabilities to network engineering.

So, is AI impactfully different from automation? Will network engineers eventually lose their jobs to an AI robot?

On balance, I don't think so. It depends. Here are some early opinions not fully formed...

  • Companies are frugal and cost-conscious these days, attempting to push profits ever-higher. C-suites don't yet know where the tradeoffs are between laying off humans and deploying GenAI & ML, but they're aggressively trying to figure that out.

  • Vendors makes things that companies want to buy. That's how business works. Vendors aren't there to keep you employed at your company. If they can make an AI tool that can demonstrably reduce headcount, they'll be happy to sell it to your company.

  • IT engineering isn't driven by industry-recognized standard processes or frameworks. Companies are free to create whatever IT stack & network they like, constrained by costs, practicality, tribal knowledge, and whatever else works for them.

    This state of network engineering affairs is not good for AI as a replacement for a network engineer, because AIs like predictability. How can you train a model to design & build networks when the variables & constraints vary widely from org to org?

However, AIOps as a tool holds promise for network engineers, just like automation did and does. I believe that in the near-term, AI augments engineers. That is, head counts won't increase. But AI will be brought to bear to make network engineers capable of doing more in the same amount of time.

As I said, these opinions aren’t fully formed. AI tech is changing rapidly. If you have feedback on where my head is at, send me a follow-up. If I’m wrong, tell me so (and why). I can take it. - Ethan

THIS WEEK’S MUST-READ BLOGS 🤓

Pat Allen is back with a new post, this time on network automation in the big 3 public clouds. He outlines essential network automation tools offered by AWS, Azure, and Google; and describes use cases for why you’d want to automate in the first place. A good resource for network engineers just getting into public cloud. - Drew

Would you like to know what happens when your cell phone comes up on the network? Mat takes a lengthy stab at explaining. There is a lot to this excellent guide. - Ethan

The country code top level domain (ccTLD) .io might be going away. Far from a sure thing, but it’s a possible outcome of the British government releasing sovereignty of the Chagos Islands in the Indian Ocean. Some think it highly unlikely that .io will ultimately cease to be, so we’ll all have to wait and see. The ball is in the IANA’s court right now. - Ethan

The biggest pipes in the world can’t overcome latency. This piece discusses some common causes for network latency, and recommends solutions for problems that can be overcome, such as bufferbloat. Along they way, the piece mentions LibreQoS. We did a show on LibreQoS a while back if you’re intrigued by this open source effort aimed at improving Quality of Experience. - Ethan

Daniel Dib is writing a series on building a homelab around Cisco Identity Services Engine (ISE). He notes that when he was learning ISE, he wasn’t able to find a lot of resources online, so he decided to share. He’s building the lab using CML and ESX. He also writes: 

“Having a lab with ISE only is not going to get you very far. At a minimum, I think the following devices are needed in a network authentication lab:

  • Cisco ISE.

  • Active Directory Domain Services.

  • Public Key Infrastructure (PKI) such as Active Directory Certificate Services (ADCS).

  • Network Authentication Device (NAD) such as Catalyst 9000.

Dive in! - Drew

If you’re interested in free training about Python from Cisco, here you go. The Cisco U Programming for Network Engineer (PRNE) track helps you learn Python basics. Cisco’s promoting this track by making it free until 22-November-2024, and giving you 24 Cisco Continuing Education credits once you finish. Thanks for the heads up, Jerome Tissieres! - Ethan

Selector.ai

Discover how AIOps plays a crucial role in mechanizing network operations at Lumen, a global telecommunications service provider. Watch Selector's upcoming webinar, "The Incredible Automation Journey at Lumen," on October 15 at 3PM. Host and network engineering expert Dave Siegel welcomes Lumen VP of Network and Customer Transformation Greg Freeman to explore how Selector’s powerful AI/ML helps automate hundreds of workflows within the Lumen ecosystem, improving network resiliency as well as customer experience.

Gain valuable insight into automation technology and techniques. Plus, find out how your organization can accelerate productivity and enhance customer outcomes by taking the first steps towards automation.

TECH NEWS 📣

Attackers associated with a nation state have reportedly developed two different toolsets for compromising air-gapped devices—that is, devices with no connection to the public Internet. When I first read the headline I was expecting something cool, like maybe a tiny scanner that can read faint electromagnetic emanations from a CPU, or even a bonkers “Mission Impossible”-type attack that uses quantum entanglement to exfiltrate data.

Instead, what’s described is basically a USB stick that gets compromised while it’s plugged into an Internet-connected computer, and then steals data when the same USB stick gets plugged into an air-gapped device. Yes, there’s still a lot of skill and planning that would have to go into executing this attack, but at heart it’s a plain old sneakernet exploit. I guess the classics never go out of style. - Drew

This isn’t a quantum computing attack, but honestly I could see this showing up in a Mission Impossible movie because it’s so cool. A hardware hacker figured out how to use a piezo-electric cigarette lighter to cause a bit flip on a laptop, and then wrote an exploit to get from that bit flip to root access on the device. The article linked above has a good summary, but you can get all the gory details from the original blog post that describes his research.  - Drew

We’re still in the early part of the game, the game where monopolies argue they aren’t and governments decide whether or not they’re willing to break up the behemoth. Thus, this 32-page filing against Google doesn’t say what’s going to happen. Instead, the filing is a toe in the water of what might happen as the back-and-forth legal process churns on. Still. Google might actually lose some of its stranglehold on much of the Internet. Eventually. Someday. Maybe.

Oh. Were you wondering what Google has to say about all of this? It’s not overly hyperbolic to say that they are concerned about the egregious damage any change to their business model would inflict upon mankind.

As an aside, I have been a paying customer of the Kagi search engine for months (over a year?), and am very happy with it thus far. - Ethan

There was USB4. And now? There’s USB4 2.0, faster and able to deliver lots o’ watts. USB4 2.0 “yields the connector 80 Gbps of data bandwidth per direction, and 60 W of power-delivery (PD). Power delivery for USB4 2.0 can be as high as 240 W (48 V, 5 A).” Useful for bleeding edge monitors, too. USB4 2.0 cables made by Elecom reportedly “support DisplayPort passthrough for up to 8K @ 60 Hz (7680 x 4320 pixels).”

I just hope we someday end up with a way to, at a glance, determine the capabilities of a cable. All my USB-C form-factor cables look the same. It’s nice the plug fits universally, but that’s about all you can count on. A loss for consumers. - Ethan

Each year we ask for your feedback. It’s that time! Please take a few minutes to fill out this survey. We want statistically significant data, so your input is welcome. Please note the survey will close at the end of October, so if you’ve been meaning to help us out, now would be a good time. Thanks in advance!

FOR THE LULZ 🤣

Shared by @QuinnyPig

RESEARCH & RESOURCES 📒

Researchers dig into how Smart TVs profile viewer activity by capturing content on the screen and sending it out for analysis. This paper breaks down what’s called Automatic Content Recognition (ARC) and examines how and whether privacy controls on Smart TVs work. - Drew

From the README.md. “aioquic is a library for the QUIC network protocol in Python. It features a minimal TLS 1.3 implementation, a QUIC stack and an HTTP/3 stack. aioquic has been designed to be embedded into Python client and server libraries wishing to support QUIC and / or HTTP/3. The goal is to provide a common codebase for Python libraries in the hope of avoiding duplicated effort.” - Ethan

Michael Horowitz maintains this collection of best practices around securing routers. The site has no ads and is simple, text-centric browsing. Beyond best practices, Michael posts current news, security advisories, and more related to router security. Michael also maintains a Defensive Computing Checklist site. Sites like this are the way the Internet used to be. Glorious.- Ethan

From the README.md. TCPing is “a cross-platform ping program for TCP ports inspired by the Linux's ping utility. This program will send TCP probes to an IP address or a hostname specified by you and prints the results. It supports both IPv4 and IPv6.”

Pouriya has announced version 2.6.0 with bug fixes and two new flags:

  • -D to display date & time in a human-readable format

  • -h to display help

Enjoy! - Ethan

From the website. “The WiFi4EU initiative provides free Wi-Fi connectivity in public spaces across Europe. Our new app is designed to make it easier than ever to find these hotspots. With the WiFi4EU app, you can access high-speed, reliable Wi-Fi at thousands of locations throughout Europe.” - Ethan

Pythonistas wondering what’s most important to be aware of, here you go. “The biggest changes include a new interactive interpreter, experimental support for running in a free-threaded mode (PEP 703), and a Just-In-Time compiler (PEP 744).” Many other improvements and changes are listed. - Ethan

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

From the press release: “Broadcom’s 50G PON solution delivers 40x speed and lower latency than current gigabit solutions, significantly enhancing consumer broadband experience such as smoother video calls, better live streaming, and faster gaming responsiveness. The greater bandwidth empowers new applications including 5G small cell for autonomous driving and network slicing for capacity optimization in enterprises. With a high level of integration in low power 7nm technology, the BCM68660 and BCM55050 deliver significantly lower power than current solutions, addressing the relentless drive for more efficient energy consumption operators are pursuing.” - Drew

The bigger news is that Juniper has greater ambitions to do for its security portfolio what Mist originally did for WLAN: provide AI-driven recommendations and then automated actions based on data and telemetry collected from security devices and analyzed in the Mist cloud. That’s still the future, but Juniper is setting up the conditions to make it happen.

The TL;DR on this is that Juniper Networks is now bringing its security portfolio under the Mist AI umbrella. The first set of features being rolled out are…fine. You can deploy SRX firewalls and SSR SD-WAN gateways with pre-configured templates to speed up day-zero deployments. You can also monitor some basic information in a Security Assurance dashboard.

If you want more details, I wrote up a briefing I got with Juniper on this announcement, with some broader commentary on industry efforts to get customers to adopt a single platform for AI-enhanced networking and security. - Drew 

Extreme Networks surveyed 200 CIOs on their priorities and investment plans. The results show a strong desire to integrate networking and security, and that securing the network remains a top concern. 

The survey also asked about AI. The following comes from the press release:

“Though most organizations are prioritizing AI implementation, several factors, including network bandwidth, employee readiness and security concerns, are common barriers to success.”

  • 84% of respondents have started to integrate AI into their tech stack; 40% cite that their biggest concern with AI is keeping data secure.

  • During AI implementation, 49% of respondents encountered network bandwidth challenges and 30% said they lacked proper guidance and training for employees.

  • 32% of respondents said they had not yet seen significant ROI from AI investments nor efficiency improvements post-implementation.

You can get the full report here in exchange for your contact info. - Drew

TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳

LAST LAUGH 😆

Aelxis Bertholf has a good slideshow on LinkedIn of IT-themed Halloween costumes. If you need an idea for that office party or trick-or-treating, check it out.