Deanna Darah of TechTarget wrote an interesting article: “Reasons to Build and Buy Network Automation Tools”. We agree with her that most organizations will end up with both – once they reach a mature state of network automation. But at BackBox, we recommend flipping the approach so that you buy and then build.

A good way to frame this is by thinking about where your company is on its journey to network automation. If you’re at the more mature end of the spectrum and have the capabilities to do deep integrations with your IT service management stack, joining off-the-shelf products with custom workflows and leveraging open source tools, that’s one thing. But most organizations aren’t there yet. While 96% of network teams say that scaling the business is impossible without automation, more than 65% of enterprise network activities are performed manually, and only 18% of network automation initiatives are a complete success. 

First, Buy the Foundation

To get started, we recommend looking at a product like BackBox, a network cyber resilience platform that allows you to accomplish 80% or more of your network automation needs out-of-the-box, including:

1. Reliable, validated backups and single-click restore
2. Compliance audits and configuration remediation
3. Device onboarding, discovery, and continuous maintenance 
4. OS updates based on vulnerability intelligence

When you can quickly cover these four basics that usually have to be done during maintenance windows and off-hours, teams get back their nights and weekends and eliminate mundane work. Additionally, instant restore unlocks other automation use cases because if you can reliably roll back, then when you do more enhanced automation, and if you encounter a problem, you can recover quickly.

Buying first also frees up time so you can focus on the things you are interested in and want to learn more about. For example, solving the automation gaps you still want to address.

Then, Build

To extend automation – whether that’s another 20% or 5% of tasks – you have multiple options.

• Use BackBox no-code automation options. BackBox provides a no-code approach to customization. There’s no need to learn or manage any scripting language. API-driven integration makes connecting with complementary tools like IT service management easy.
• Contact BackBox’s Network Automation-as-a-Service team. We can create automations for you, often as part of your service contract. For more extensive needs, we may refer you to one of our certified partners.
• Consider specialty services shops. These providers have the expertise to stitch together multiple automation tools for complex multi-step automations but usually require a substantial services agreement.
• Leverage open source tools. If you have the expertise, solutions like Python, PowerShell, and Ansible provide a solid way to weave in custom-built network automation with off-the-shelf network automation solutions.

Here are a couple of typical use cases we help customers with that require connecting custom code with off-the-shelf products:

Automate post-change validation. For example, you send a change request to ServiceNow, which flows to BackBox, and BackBox pushes the change out to the network. Now, you want to kick off a process to validate that the network is working the way you think it should be working after the change. If so, close the ticket and update ServiceNow. If not, roll back the configuration and send an error report to ServiceNow for investigation. This may require stitching together three products: BackBox, ServiceNow, and IP Fabric.

Update network device status in a configuration management database (CMDB). Say you want to put a new customer on a specific port of a switch, or issue an IP address, or assign a VLAN. Before you make a change, you want to validate availability through an API. BackBox is your source of truth for network devices, validating network devices and their status, which satisfies the first part of the workflow. The second half is porting that information into a CMDB. As you build out a more mature network automation strategy, you can extend that automation further and port asset data stored in different systems into the CMDB.

Don’t Think DIY

A final word of caution. Sometimes the term “build” is used interchangeably with “DIY,” but this is a misnomer. DIY implies a kit that comes with instructions, tools, and parts, and it’s intended that you do it yourself. Like a desk from IKEA, there are no special skills required.

Building entirely new network automation capabilities is not like this. There are no instructions. It requires whittling and shaping to your exact specifications so that it fits your environment precisely. Network engineers are typically experts in managing specific devices, not writing and managing code. Finding someone who knows network engineering, network security, and custom development is extremely rare. Many people with this combination of expertise work for consulting companies or large network automation vendors and are focused on generating service revenue. This is not our customers’ core business.

Focus on Your Core Business and Rapid ROI

The point Deanna made is there is a reason to build and buy. I agree that it’s not separate or one or the other. Most organizations should do both. But the order should be to buy, implement, and extend through building. That’s the path forward to move from manual to automated network tasks and ensure successful automation initiatives. You gain rapid ROI with limited investment without sacrificing customization, and you can add extensions as your automation initiatives mature.