Capability: Network Optimisation

Five strategic steps to optimise vendor consolidation

Posted on: 13 May 2025
Five strategic steps to optimise vendor consolidation

Managing multiple vendors has become a logistical nightmare for many businesses as the tech landscape evolves. Between ballooning vendor lists, overlapping services and spiralling costs, the need for effective vendor consolidation has become greater than ever. 

Vendor consolidation isn’t just a trend, it’s a strategic move that empowers businesses to optimise their systems, reduce operational inefficiencies and drive meaningful cost savings. If your business is looking to achieve cost optimisation and streamline operations, this blog outlines the five key steps CACI recommends taking to successfully execute vendor consolidation. 

What is vendor consolidation and why does it matter? 

Over the past decade, IT innovation has led to an explosion of niche solution providers with expert capabilities. With the number of tech vendors increasing tenfold from 2012 to 2023, multi-vendor models that have worked in the past now introduce complexities, redundancies and inflated management costs. By consolidating vendors, businesses can: 

  • Simplify vendor relationships 
  • Improve service integration 
  • Strengthen security postures 
  • Reduce shadow IT risks 
  • Achieve significant cost efficiencies. 

However, rushing into consolidation without a thoughtful approach can create more problems than it solves, which is why a strategic framework is essential. 

CACI’s five key steps to perfecting a vendor consolidation strategy 

Define your vendor consolidation goals 

The first step to successfully consolidating is clearly defining what the goals and desired outcomes are. 

Are you aiming to: 

  • Lower operating costs?
  • Streamline vendor management?
  • Reduce security vulnerabilities?
  • Improve service quality? 

Before taking action, identify your pain points, consider future growth strategies, assess regulatory compliance requirements and prioritise your goals. Your consolidation efforts must align with broader business strategies, not just short-term savings. These factors will then guide the entire process and help measure success once the consolidation is complete. 

A clear vision will provide a roadmap to measure success once the transition is complete. CACI works across multiple verticals and is well placed to advise on and provide industry best practise. We can complete a requirements assessment to support this step to align with a business’ goals and provide a strong foundational step for consolidation. 

Assess your current vendor landscape 

Before you optimise, you must diagnose. 

Large and varied vendor estates often result from aggressive growth periods, prioritising expansion over efficiency. This leads to underutilised software, overlapping services and unmanaged contracts, complicating the accurate measurement of the value being brought to the business. 

A strategy must therefore begin with assembling a detailed inventory of: 

  • Vendors 
  • Products/services 
  • Service-level agreements (SLAs) 
  • Contract expiration dates 
  • Internal stakeholders. 

Once the full landscape has been mapped, a deep analysis of how each product is performing should be completed and each vendor should be evaluated through both objective and subjective lenses: 

Objective evaluation: 

  • SLA performance 
  • Incident history 
  • Service costs versus delivered value 
  • Service duplication across vendors 
  • ROI and proven cost savings to date. 

Subjective evaluation: 

  • Strategic importance to your business 
  • User experience and training support 
  • Vendor flexibility, transparency, and reputation. 

Gathering this information and conducting interviews with key users will help build a holistic vendor profile. Knowing who truly delivers value and who doesn’t will guide strategic decisions. Considering security architecture will further impact strategic decision-making. Firewalls, for example, are vital as the first line of defence against cyber threats. However, businesses can often manage a diverse array of firewalls from multiple vendors. This flexibility can complicate security and compliance due to organic security policy growth from new applications and services, rapid deployment of policy changes to meet project deadlines, temporary fixes to address immediate issues which are not revisited and more.  

To remedy this, CACI’s network automation experts have developed a Firewall Optimisation Assessment to generate actionable insights, analysis and remediation suggestions for network security appliance configuration. With over 20 years of operational experience in network security engineering across many businesses, we undertake assessments across leading security device vendors including Palo Alto, Fortinet, Cisco and Checkpoint.

Are you confident that your firewall configurations are consistent and easy to manage? That there are no security weaknesses such as overly permissive policies or insecure protocols? That the rulebase is necessary and not leftover from testing? That the policies are configured according to industry best practice? If not, CACI can help.

Our Firewall Optimisation Assessment offers many benefits, including:

  • Identification of security weaknesses
  • Increasing operational efficiency
  • Eliminating the need for reworking firewall RFC change requests
  • Scaling your firewall for security posture
  • Validating your security posture against known assessment criteria
  • Progressing towards implementing governance-as-code.

Communicate your goals and priorities to vendors 

Transparency with current vendors is crucial. By communicating goals, priorities and current challenges to vendors, more information can be gathered on the full capabilities of what each product and service can offer. Through this, opportunities for expanded partnerships or service integrations can also arise. Key areas to examine include: 

  • Managed services experience 
  • Industry expertise 
  • Service range and frameworks 
  • Innovation capacity 
  • Governance standards 
  • Global and local resource presence. 

Often, a single vendor may offer additional services you currently purchase from others. At CACI, we regularly uncover these overlaps, offering clients enhanced solutions across network services, logistics, and mar-tech platforms. 

Tip: Use third-party analyst reports like Gartner Magic Quadrants to benchmark vendor capabilities against the broader market. 

Develop and implement a transition plan 

With insights in hand, it’s time to build your strategy. 

Prioritise vendors that: 

  • Can cover multiple service areas 
  • Maintain high standards of quality, security, and support 
  • Offer strategic partnerships, not just transactional relationships. 

At this stage, address critical risk factors: 

  • Contractual obligations and penalties 
  • Regulatory and compliance impacts 
  • Potential downtime risks. 

Perform a thorough ROI analysis, weighing financial metrics alongside strategic benefits like increased agility, improved compliance posture, and enhanced integration. This risk assessment will significantly improve the efficacy of the transition plan and prevent new challenges from emerging during the consolidation process. 

Best practice: Phase your transition for minimal disruption. Pilot smaller changes before scaling consolidation efforts across the business. 

Continuously monitor and optimise 

Vendor consolidation isn’t a “set it and forget it” process. Ongoing monitoring and tracking is key. 

Establishing clear KPIs and SLA benchmarks to measure vendor performance will contribute hugely to the successful management of ongoing, optimal operations. Conduct annual evaluations to: 

  • Identify new consolidation opportunities 
  • Validate vendor alignment with business goals 
  • Maintain cost and performance optimisation. 

Regular reviews foster a culture of continuous improvement, ensuring your vendor strategy evolves alongside your business.
CACI offers both shared and dedicated managed services which can provide 24/7 monitoring, helping businesses continuously improve, develop and innovate to achieve optimisation goals. 

Common pitfalls to avoid during vendor consolidation 

While consolidation offers powerful benefits, be mindful of these common mistakes: 

  • Over-consolidating: Diversification can mitigate risk. Avoid relying solely on one provider for critical systems. 
  • Underestimating transition complexity: Budget time and resources for integration, training and risk mitigation. 
  • Ignoring stakeholder input: Early engagement with users ensures buy-in and identifies potential friction points. 
  • Focusing only on cost: Strategic value, security posture and service quality must weigh heavily in decisions. 

By navigating these challenges thoughtfully, you can realise maximum benefits without unintended setbacks. 

How CACI can help you master vendor consolidation 

At CACI, we understand that vendor consolidation is more than an operational exercise — it’s a strategic transformation. Our team partners with businesses to: 

  • Map vendor ecosystems 
  • Identify strategic partners 
  • Design transition roadmaps 
  • Mitigate consolidation risks 
  • Drive operational efficiencies.

Ultimately, any consolidation exercise needs to enhance a business’ capabilities, increase efficiencies and drive agility. If, based on these considerations, your business is ready to move forward with strategic vendor consolidation, CACI is working with multiple clients to explore and implement strategies to optimise their systems, improve operational inefficiencies and drive cost-effectiveness. Ready to elevate your vendor consolidation game? 

Contact CACI today to learn more about our tailored vendor consolidation strategies and how they can help you streamline operations, enhance resilience and position your business for future growth. 

Navigating the technical challenges of cloud.microsoft

Posted on: 2 December 2024
Navigating the technical challenges of cloud.microsoft

Transitioning to cloud.microsoft is not just a superficial change; it requires intrinsic technical adjustments that may affect your network’s security and performance. So, according to CACI’s network security experts, what are the technical challenges that may arise with this transition and what solutions are available to businesses to ease it? 

Identifying & resolving the technical challenges

  • DNS configuration and management: Transitioning to a unified domain requires meticulous DNS configuration. Therefore, you must ensure your DNS settings are correctly aligned with the new domain structure for uninterrupted access to Microsoft 365 services. This involves updating DNS records, modifying conditional forwarders, checking root hints, or even changing DNS resolvers in your network to cope with the new .microsoft root TLD and correctly route all subdomains.
  • Proxy and firewall adjustments: Adjustments to proxy settings and firewall rules are necessary with the new domain. This includes updating allow-lists and ensuring traffic to and from cloud.microsoft is filtered and monitored correctly. Implementing robust proxy configurations will be necessary to maintain secure and efficient access to Microsoft 365 services through the transition period.
  • Code and API integrations: The unified domain offers a more streamlined approach for businesses leveraging custom API integrations with Microsoft 365. Ensuring that all scripts, code, API gateway and native API calls are updated to reflect the new domain is essential for maintaining functionality and security in any collaboration integrations.
  • Security protocols and compliance: The cloud.microsoft domain’s enhanced security features necessitate a thorough review of your existing security protocols. This might include implementing advanced threat protection, ensuring compliance with industry standards and leveraging Microsoft’s security tools to monitor and mitigate potential threats. 

Challenges and solutions

  • Firewall reconfiguration: Shifting to a new domain will cause existing firewall rules and policies to be updated, which can be a complex and lengthy process, particularly for large organisations with extensive firewall configurations. CACI can assist by conducting a thorough audit of your current firewall settings with our Firewall Optimisation Assessment, identifying necessary changes and implementing these updates to ensure seamless access to Microsoft 365 services.
  • Proxy PAC file updates: Proxy Auto-Configuration (PAC) file logic will need to be updated to reflect the new domain, which involves modifying the scripts that determine how web browsers and other user agents can automatically select the appropriate proxy server. CACI’s NetDevOps experts can help rewrite, optimise and test these PAC files to ensure they are correctly configured, minimising disruptions to your 365 network traffic.
  • DNS reconfiguration: Updating DNS settings to accommodate the new domain structure will be critical. This includes modifying DNS records, resolver chains, forward lookup zones and conditional forwarders to manage the new subdomain and root TLD routing. CACI can provide comprehensive DNS management and optimisation services, ensuring that all changes are correctly implemented and that your DNS infrastructure remains secure and efficient.
  • Network infrastructure adjustments: Beyond firewalls and proxies, other network infrastructure components such as load balancers, VPNs, SDCI (ExpressRoute) and intrusion detection systems may also require reconfiguration. CACI’s team of expert network security engineers can assess your entire network setup, identify areas that need adjustment and implement the necessary changes to ensure compatibility with the cloud.microsoft domain.
  • Compliance and security: Adhering to industry standards and compliance regulations will be paramount for your network. The transition to cloud.microsoft offers enhanced security features, but these must be properly configured and monitored. CACI can help you leverage these security enhancements, implement advanced threat protection measures and ensure that your network remains compliant with all relevant regulations. 

How CACI can help

As a trusted advisor with deep network and security expertise across sectors from finance, through telco, media, and government, CACI is uniquely positioned to help your business leverage the full potential of Microsoft 365 and the new cloud.microsoft domain.  With over 20 years of experience in cloud services and a deep understanding of Microsoft technologies, CACI can provide tailored solutions that meet your specific business needs. Our team of experts will ensure a smooth transition to the cloud.microsoft domain, minimising disruptions and maximising efficiency. 

CACI offers a comprehensive range of services, from initial consultation to ongoing support, ensuring you get the most from your Microsoft 365 investment. Our Managed Network Services help maintain your network and security, all while prioritising compliance and utilising the enhanced security features of the cloud.microsoft domain. Book a consultation with us today to discover how CACI can support help your organisation navigate the  Microsoft system change requirements here. 

How building a network automation content library accelerates efforts

Posted on: 19 September 2024
How building a network automation content library accelerates efforts

CACI  has a rich heritage in network engineering, IT infrastructure, delivery assurance and network automation, including NetDevOps practices such as network coding, CI/CD pipeline optimisation, network lifecycle management and more. Our network automation experts engage in a variety of activities for our clients, a few of which include:

Telco (ISP)

  • Build out of a NetBox NSoT (Network Source of Truth) and modelling of an ISP lab environment that allows for seamless network inventory management, such as VLANs, VRFs, IP linknets, cabling, chassis-to-blade mapping and more.

Telco (ISP)

  • Build out of a Python Flask-based application (including frontend, backend and API) “LabDash” to enable management of changing Telco inventory, such as line cards, SFP transceivers, patching – within a lab environment used for Telecommunications (Security) Act 2021 (TSA) testbed and network build-out activities.

Finance

  • Build out of a customised observability solution to complement in-flight NMS, OSS and BSS tooling, with customised metrics around specific values of SNAT count, TCP session count and related for a complex load-balanced application solution.

Defence

  • Build out of IaC blueprints to deploy complex NVA router, NVA firewall, Load Balancer ADC and other centralised infrastructure as part of an Azure landing zone deployment.

In everything we do, we always follow DevOps and software development practices, most notably being “DRY” (Don’t Repeat Yourself). As such, we are building a library of automations and network code that can benefit future clients through a faster delivery of NetDevOps solutions – leading to a flywheel of network affects, meaning the more we do for clients, the more we learn and can apply our shared learnings – and code libraries, modules and approaches – to accelerate network automation efforts for future clients.

Automation library

Giving back to the network automation community

We know that we can’t do this alone, and equally to ensure we  attract and maintain top-quality NetDevOps talent and network automation consultants, we give back to the wider network automation community by building several tools within our public GitHub Repository. These include:

PAC File Performance Comparer 

PAC File Performance Comparer is intended to be run on an ad-hoc basis to allow for a quick comparison using the Pacparser to calculate both the time difference (i.e. performance optimisation gain of the JavaScript PAC code refactor) and conformity against a test set of URL behaviours (i.e. proxy or direct) for a “before” and “after” PAC (Proxy Auto-Configuration File) refactoring exercise.

Azure JSON IP Feed to Juniper SRX Checker

Azure JSON IP Feed to Juniper SRX Checker is intended to be run on a periodic (i.e. daily) basis to check for updates, changes or deletions made by Microsoft to their Azure IP Address Ranges as per the Microsoft-published Azure IP Ranges and Service Tags – Public Cloud JSON feed and convert into Junos SRX-compatible security policy syntax/configuration.

Adding to our sandpit

Whenever we develop a module, code, artefact or solution for a client, we always ensure that we contribute any non-sensitive elements of this network code back to our “sandpit”, which is a growing area of internal “scraps” of code and approaches that we use internally to accelerate our development of solutions for clients. This enables our NetDevOps engineers to accelerate their developments into clients’ environment and build on shared learnings within our wider network automation practice.

Below is just a small sample of some of the things we’ve already done and can do faster again – perhaps to help you if your NetDevOps is feeling more like NetDevOops:

  • ajax-code-snippets
  • azure-f5-bigip-ha-cluster-cfe-do
  • azure-natgw-azlb-stress-tester
  • azure-zscaler-ip-lookup-csv
  • caci-ns-employee-profile-tools
  • certificate-automation-python
  • credly-certs-badging
  • cytoscape-network-topology-viewer
  • gartner-market-vendor-scraper
  • hostnames-geoip
  • megaport-api-provisioner
  • network-weathermap-visualiser

Ready to turn your NetDevOops into NetDevOps?

At CACI, we’re well-versed across all areas of IT infrastructure – be that IT, delivery assurance, cloud, network or DevOps and systems administration. Our expert consultants have worked across a large spectrum of clients in varying stages of digital transformation, some with adherence to more agile-led delivery lifecycle, others with adherence to more waterfall-led delivery lifecycle – and have experience across a plethora of industry frameworks, from TOGAF to SAFe to more traditional ITIL deployments.

Get in touch and let us help you assure and stabilise your cloud, IT or network infrastructure to fulfil the four key DORA DevOps metrics in your company (or ask us what they are if you don’t already know) and accelerate your NetDevOps and SRE success!

How to successfully navigate the opinionated NetDevOps stack

Posted on: 17 September 2024
How to successfully navigate the opinionated NetDevOps stack

Getting to NetDevOps and network automation is hard – sure, there may be plenty of free tools and resources available, but knowing which tool to use in certain situations can complicate the process. The often-complicated naming conventions of these tools and resources don’t exactly make matters easier. See for yourself whether you can spot the fake tool or protocol among these:

  • gNMI
  • Batfish
  • Parafidgeon
  • Pandas
  • BaHalmAI
  • Nornir
  • Flask
  • DuncanO
  • Suzieq
  • Pytest
  • Scrapli
  • BookPie
  • pyATS
  • Netmiko
  • AutoM8

(Answer: Keep reading to find out!)

Building with Open Source also has its risks – do you want this to be your network automation stack when it’s in production supporting your mission critical, CNI or other network Infrastructure concern?

Opinions, we’ve got a few

At CACI Network Services, we’ve been doing everything from network infrastructure, telco, delivery assurance, cloud and DevOps infrastructure and more for nearly two decades – just enough time to formulate some opinions on what is good, what actually works, and when to use it in your technology stack. Our mission as a trusted advisor is ultimately to benefit your IT network infrastructure to grow greater than the ever-growing sum of our deep network engineering expertise – where we’re increasingly finding the best way of conveying this to be through articulating which technology to use in which aspect of NetDevOps, depending on a client company’s size, maturity, culture and budget.

Enter the “opinionated stack”, or more concisely, one of the below DevOps mobius loops, with some added context on which tool to use, in which situation and why:

Profiling isn’t always a bad thing

To help direct our clients to the right opinionated stack, we’ve found that profiling our customers across the following three dimensions has helped us gain deeper insight into their network operations behaviours:

Size

  • Small – <100 nodes (routers, switches, NVAs, firewalls, etc.)
  • Medium <1,000 nodes
  • Large >1,000 nodes

Maturity

  • Nascent – mostly ClickOps, box-by-box, limited or no CI/CD or network automation ecosystem
  • Developing – pervasive ClickOps, box-by-box with some or trialling CI/CD or network automation ecosystem
  • Practicing – ClickOps by exception, box-by-box in emergency with strong CI/CD and growing NetDevOps ecosystem

Culture

  • Engineering-led – organisations that value in-house engineering as a primary driver
  • Financial-led – organisations that value minimisation of OpEx as a primary driver
  • Risk-led – organisations that value minimisation and risk mitigation as a primary driver

Want a preview of our work for your organisation? Take a look at our IP Fabric Partnership and forthcoming announcements in this space to see how we can help.

Getting answers

We did promise we’d tell you which were the real tools in network automation, so here goes:

  • Batfish
  • Pandas
  • Nornir
  • Flask
  • Suzieq
  • Pytest
  • Scrapli
  • pyATS
  • Netmiko

How CACI Network Services can help 

If you’d like to know more about these tools, what they can do for your network infrastructure and how we deploy, operate and maintain them for our clients in finance, defence, government, utilities, media and beyond, get in touch to see how we can help demystify them into actionable insights for your IT network infrastructure estate.

How to determine whether your network is ready for AI

Posted on: 13 September 2024
How to determine whether your network is ready for AI

You’re busy, and so is your network. Or if it’s not, it’s about to be. AI workloads are coming for your network, and to remain competitive in a world where AI-enabled applications and workflows become the norm, it must be embraced. 

Networks are collectively facing their next pivotal moment of transformation and must therefore equip themselves with the necessary network automation and NetDevOps practices to sufficiently operate and enable AI. 

What steps can be taken to prepare a network for AI?

As organisations strive to control the power of AI, it’s crucial to ensure that their network infrastructure is prepared to support these advanced technologies. 

In our experience, AI has two key implications to network environments: 

Changing the operation of the network 

  • AIOps fundamentally changes some monitoring approaches such as the Network Management System (NMS) trap and poll of yesteryear towards observability approaches, leveraging streaming network telemetry 
  • Finding signal in the noise of network alarms shifts from “hard” to “impossible” without the assistance of AI that AIOps brings. 

Changing the deployment of the network 

  • AI workloads are fundamentally different to traditional IT workloads, requiring network topologies that can sustain low flow entropy, high flow burstiness, elephant flows and near-100% bandwidth utilisation 
  • Stock Ethernet isn’t the only player on AI networks, often utilising RDMA-approaches and protocols such as RoCE and InfiniBand, which require differing abilities to design, deploy and operate. 

By taking the following proactive steps, businesses can not only enhance their operational efficiency, but also position themselves as leaders in the AI-driven future. 

Evaluate the current infrastructure for AI compatibility

To ensure your network is ready for the AI era, start by thoroughly understanding and evaluating your current infrastructure for AI compatibility. This includes assessing the following areas: 

  • Link bandwidth utilisation 
  • Average end-to-end latency 
  • Interconnect and Edge capacity 
  • SFP compatibility with known GPU and TPU hardware 
  • Consideration for Smart NIC and DPU offload. 

Just because your current network topology can run an AI workload or cope without AIOps doesn’t mean it will when your business starts deploying AI workloads at increasing pace. 

Modify IT operations practices 

AI comes from a world of software engineering backed by DevOps practices which might be at odds with your current IT service management approaches. Ensure cultural differences of AI workloads and tooling have been considered, such as: 

  • Continuous Integration with Continuous Deployment (CI/CD) pipelines for end-to-end infrastructure operation and deployment 
  • Governance via self-service approaches such as pull request (PR) and merge 
  • Infrastructure as Code (IaC) for self-documenting infrastructure, topologies and design validation 
  • Observability against proactive KPIs to replace reactive capacity management processes 
  • Automated remediation based on categorised risk tolerance levels of network change activity, removing humans from the loop where possible. 

AI isn’t going to wait for an RFC before swamping a poorly-configured uplink with a deluge of elephant flows that exhaust your “deep” packet buffers. Controllerless networks are going to feel more strain, so software-defined networking (SDN) approaches should be considered to remove the need for high-touch human interaction in sustaining network operations. 

Consolidate your current IT operations tooling

In our experience, it is not uncommon for clients to have a multitude of monitoring systems that have collected over the years. No business ever intends to have more than one, but you may have: 

  • Started a proof of concept (PoC) using PRTG for some of your network estate 
  • Implemented SolarWinds for your IT server and virtualisation equipment 
  • Spun up Cisco Prime Infrastructure for your mainly-Cisco network environment 
  • Added Tufin for your firewall and network security appliances 
  • Forgotten the small Juniper Space deployment for your Juniper SRX Firewall data centre edge. 
  • Purchasing yet another monitoring tool that introduces AIOps will not help here.

Now is a good time to reassess each monitoring tool from the perceived benefit against the actual benefit it gives you. 

AIOps in conjunction with a comprehensive review of what you want your monitoring tools to add aligned to Observability pillars such of logs, metrics, and traces – and crucially aligning these to who is going to do what with each outcome – almost certainly will. 

Provide AI-oriented training

Not every team member has to be—or will be—a full-fledged engineer, and that’s okay. There must, however, be at least a basic awareness of some of the nuances of how AI operates and some common pitfalls. For example: 

  • Think in terms of context and having the outcome you want in mind at all times 
  • Work with Large Language Models (LLM) context windows 
  • A PDF export of a NMS device inventory is likely to be bigger (in data storage terms) than a comparable CSV export – therefore use more context window “tokens” when fed into an AI prompt engine.
  • Sanitise sensitive data from network configurations 
  • When using network vendor configurations across device families, the act of find-replacing a SNMP username/password might not be as easy as looking for “snmp-sever username…” due to syntax differences of the same configuration across vendors and even within similar devices from the same network vendor. 
  • Ensure you take extra time in sanitising sensitive data such as IP addresses, hostnames, SNMP username/passwords, PKI (SSH/SSL) certificate fingerprints and the like 
  • Consider AIOps an integral API that is central to your observability stack 
    • How will it process southbound data from network devices and element managers, and what protocol(s) will it utilise? 
  • Define the business logic that will help it understand the context of network deployment in your organisation 
  • Consider common fault scenarios and how these are codified into the AIOps tooling. 

The key to both AIOps and AI workloads is ensuring the upfront work is taken to assess how these will change both technology and culture within your organisation before adding them to the potentially already-full pile of half-used monitoring tools on the organisational shelf. 

How CACI can help 

CACI understands the importance of data and streamlined processing. Our team possesses over 20 years of experience in every network engineering undertaking imaginable, from architecture, design and operations to managed networks and network automation. We are trusted by some of the UK’s most successful companies in finance, telco, utilities, government and public sector to innately understand their systems, culture and industries. 

Talk to our Network Automation experts today and let us get you from network automation to NetDevOps to assure, run and manage the increasing velocity of AI workloads that are coming to network infrastructures on a wider scale. 

 

How NetDevOps transforms network management for AI applications

Posted on: 11 September 2024
How NetDevOps transforms network management for AI applications

AI – more specifically, GenAI (Generative AI) – is continuously making its presence known through embedded integration into various network applications and workloads. First, there was DevOpsa grassroots initiative to unite the fractured worlds of development and operations. Then there was NetDevOps, where network engineers joined in to complete the trifecta:

NetDevOps transformation

AI workloads with disparate and sprawling protocol interdependencies mandate something new: AIOps. Humans could previously keep pace with FCAPS processes such as SNMP Traps, Syslog Alerts, NMS Alarms and more. Now, however, the network is evolving in such a pace that manual processes won’t cut it. 

The future of network engineering is clear: network automation through NetDevOps is the only viable way to achieve a semblance of sanity in obtaining signal to noise (SNR) in the demanding, high throughput, zero-loss network utilisation that AI workloads demand. 

What roles do NetDevOps and network automation play in business operations? 

High-performing networks are now vital for business operations, as digital transformation becomes a reality for most enterprises – enabled perhaps most notably by the pandemic and compounded by technological innovations such as GenAI and the “GPT” conversational interface to the Large Language Model (LLM). In a climate of recessions, tightening budgets, decreased human workers and increased AI agents, the network simply can’t continue to look like: 

  • Ticket-led troubleshooting slowly finding the Resolver Group in Servicenow 
  • Ad-hoc configuration changes driven via vendor syntax in notepad.exe 
  • Failed firmware upgrades caused by inaccurate human knowledge of HA architectures 
  • Fragile underlays, circuits and protocols with high provisioning times driven through paper request processes and Word documents 
  • Static network architectures focused more on artificial tiers that only help network vendors sell their quota for the month. 

Where network automation focuses on the changes required to the network engineering discipline itself, NetDevOps builds on this by uniting the teams required to achieve this, turning network engineering from mastering the dark arts to coding against the well-trodden software engineering path. 

NetDevOps is essentially the enabler that speeds up automation within a network engineering department through cultural reinforcement and moving the network towards an “as a service” offering. It also aligns deployment, change and provision of the network towards platform engineering and self-service approaches as seen elsewhere in IT Service Management (ITSM) and software development. Through NetDevOps, you can achieve: 

  • Version control for network state through mature configuration management that escapes the bureaucracy of the CMDB 
  • Abstracted intent-based network configuration to achieve network vendor independence, deduplication of network coding and cross-team collaboration on previously opaque network vendor settings 
  • Operational state verification through testing approaches to bring the rigour of software development practices to the previous discipline of network engineering 
  • Expedited mass deployment using sequential means of network configuration via API rather than CLI 
  • Self-documenting infrastructure provision using Infrastructure as Code (IaC) to consistently, efficiently and universally bring complex multi-vendor NVA routing, firewall and security solutions into reality. 

What will the impact of AI be on traditional network engineering?

NetDevOps supplies one key component that traditional network engineering has fallen short on: reliable infrastructure velocity. AIOps gives operations one key component that network management has fallen short on: expedited network remediation. Finally, AI workloads give the network one key problem that previous IT workloads have not: high-throughput, lossless utilisation. 

Essentially, the impact of AI on network engineering will be twofold, becoming the cure to the problem it creates: 

  • The problem: Super-high utilisation of network capacity through continuously-bursty elephant flows, requiring near-lossless network throughput. 
  • The solution: Instantly intuitive insight, observability and remediation of network faults and capacity exhaustion through AIOps. 

AI is not just a passing trend, it is a transformative force that will reshape the way networks operate and evolve. As AI-driven applications and workloads become more complex, your network will need to handle unprecedented levels of data traffic while maintaining optimal performance and security. 

How CACI can help

We understand that every network is unique and have worked on some of the most unique and well-known network architectures deployed from Critical National Infrastructure (CNI), through to telecommunications, data centres, hybrid cloud and service provider. 

Whether you are looking to integrate AI into your existing ITSM tooling, CI/CD pipelines or overhaul your network deployment scripts, we have over 20 years’ experience across a breadth of network technologies to support you. 

Benefits of our NetDevOps services include: 

  • Eliminating manual network provisioning and troubleshooting tasks 
  • Codifying understanding of network topology in a structured data format 
  • Integrating network provisioning workflows into IT Service Management (ITSM) tooling 
  • Expediting network troubleshooting through assisted alarm and event correlation 
  • Reducing the risk of network deployment mistakes and rework 
  • Minimising costs through modularisation of network configuration approach 
  • Increasing ROI through reuse of codified Network Functions as Code. 

We understand that the network is a piece of the wider infrastructure that underpins your business. CACI manages and delivers entire technology transformation programmes – from programme management, business analysis, service design, managed services and more, we offer the full stack of IT network expertise for your business. 

Contact CACI Network Services today to find out more about how our team of experts can guide you through the disruptive AI network wave.

How AI is rewriting the rules of network engineering

Posted on: 4 September 2024
How AI is rewriting the rules of network engineering

AI is coming for your network… but not as you expect

Seasoned IT professionals are no strangers to technology transformations and weathering the storms associated with them. Artificial Intelligence (AI), however, presents different, unique challenges to your network. Everyone is talking about the changes that AI will bring to your work, but few are talking about the changes AI application workloads bring to the design, architecture and operations of your network.

What changes are coming to network engineering and automation due to AI?

The advent of AI means that now more now than ever before, the architecture, design and operational excellence of your network matters. Network automation is coming to the fore to deal with the changes AI requires of networks, including: 

  • High throughput transactions facilitated via features such as RoCE Adaptive Routing (AR) 
  • Parallelised datagram transmission through AI network protocols such as RoCE, InfiniBand and other RDMA-based approaches 
  • Dense port connectivity to interconnect numerous distributed GPU and TPU processors required for generative AI (GenAI) training and model processing 
  • Lossless packet transmission to optimise LLM training runs and prevent the need for costly retransmission that can lead to AI training data corruption 
  • Extreme bandwidth utilisation from bursty elephant flows which can flow up to the line-rate of the connected NICs. 

AI workloads such as GPT, LLM and ML have different requirements of your network to traditional IT workloads. Legacy ITSM approaches also won’t cut it for AI-enabled business applications. It isn’t just routers, switches, firewalls and cables – it’s the 24/7 backbone of your organisation’s competitive advantage. 

This is FCoE (Fibre Channel over Ethernet) all over again; only this time it’s not going away – AI is here to stay. Humans driven through ITIL don’t work 24/7 at 100% capacity like AI does, which is where automation comes in. Specifically, network automation facilitated through expert NetDevOps practices and tooling. 

How CACI can help

Embracing the power of automation will lead to a robust and agile network infrastructure for your organisation. With over 20 years of experience with all aspects of network engineering – data centre, service provider, hybrid cloud and beyond – including complimentary offerings in delivery assurance and DevOps, CACI has networked, designed automated some of the UK’s most successful companies in financial services, telecommunications, utilities, government and public sector. 

Our renowned network automation and NetDevOps services revolutionise your network infrastructure by leveraging advance technologies required for AI workloads. From configuration management to network monitoring and troubleshooting through observability, we streamline your operations, improve efficiency and maximise your network performance. 

A few of the many benefits of CACI’s network automation services include:

  • Automating network provisioning and troubleshooting: Eliminating manual network provisioning and expediting network troubleshooting through assisted alarm and event correlation 
  • Enhancing network understanding and management: Codifying an understanding of the network topology in a structured data format and integrating network provisioning workflows into IT Service Management (ITSM) tooling 
  • Improving efficiency and cost-effectiveness: Reducing the risk of network deployment mistakes and rework and minimising costs through a modularisation of network configuration approach 
  • Optimising resource utilisation and talent management: Increasing ROI through reuse of codified “Network Functions as Code” and retaining in-demand network engineering talent through use of modern network deployment working practices. 

Don’t let your network get left behind by the AI network revolution. Contact CACI today to navigate AI and bolster your network ready for the AI-enabled, LLM-led, ML-fed future. 

How to craft a network automation strategy aligned with C-suite goals: A blueprint for success

Posted on: 10 April 2024
How to craft a network automation strategy aligned with C-suite goals: A blueprint for success

In the first blog of this two-part series, we assessed the impact of network automation on a business and ways in which a successful business case can be created. In this blog, we’ll look at strategies for keeping the C-suite interested in pursuing network automation and mistakes to avoid when developing strategies. 

How to keep C-suite interested

Long-term network automation strategies will only be successful if the C-suite has consistent buy-in on its implementation and maintenance. This can be achieved through:   

  • Providing progress updates: Sharing network automation progress updates with C-suite staff will help quantify its impact on the business and keep momentum high in terms of maintaining it. 
  • Highlighting ROI for the business: Cost reductions, increased capacity or resources and overall performance are all high interest to C-suite staff. Ensuring the C-suite is aware of how network automation affects these will be critical. 
  • Demonstrating alignment with the business’ strategic goals: Highlighting the ways in which network automation consistently aligns with the business’ strategic goals will help C-suite staff visualise the long-term business outcomes. 
  • Adapting to changes: C-suite members’ business priorities are likely to change over time. Remaining flexible and willing to re-align to changing priorities as needed will ensure long-term success of network automation within the business.   

It is often the case where organisations’ focus on network automation, while well-intended, results in them biting off more than they can chew rather than breaking down more tactical, low-hanging fruit. Despite this having an immediate impact, it can be less visible to senior executives. In general, network automation should be applied to try and achieve two key areas for immediate impact:  

  1. Improve the consistency of network deployment  
  2. Reduce noise within network operations.  

4 common mistakes to avoid when developing a network automation strategy

Some of the common mistakes we see that diverge these two key aims include:

Trying to do too much too soon 

The key with any automation in winning over detractors is incremental consistency over widespread adoption. We often find that small, tactical, lower-level automations with well-scoped outcomes for low-hanging fruit can exceptionally impact the overall consistency of deployment for this element and kickstart the incremental flywheel of trust. This is due to lower-level engineers and operations staff seeing the immediate benefit of automation and beginning to organically adopt these approaches within other higher-value, business-impacting tasks. 

Successfully adopted and maintained automation efforts nearly always look like bottom-up, grassroots endeavours, where buy-in through adoption and proven time efficiency or consistency outcomes have been recognised by low-level engineering resources closest to the network who can advocate for the approach to other peers on their level to the wider organisation. Quantifiable results which prove IT’s ability to deliver are key in achieving grassroots adoption which flows up the organisational hierarchy, rather than trying to mandate this as a top-down approach. Human psychology is as big a factor in network automation’s success in an organisation as technical prowess, given the personal friction many engineers will have to automation as something which could affect their personal wellbeing or circumstances.  

Focusing on the wrong use cases (selection bias)

Use cases which resonate with the business context faced by your organisation are pivotal in creating network automations that are immediately impactful and reap actual business rewards. Executive-led automation efforts can focus too intently on senior IT leaders’ specific issues that may be perceived as higher-affecting but are often more niche and low-scale than more commodity – but wider-scale – issues as seen by engineering and deployment resources.   

Network automation should focus on the daily toil rather than the aspirational state. For example, more dividend will be yielded by automating a firewall rule request process which several of your engineers unknowingly gatekeep as a bottleneck to your application development and implementation projects than would be from, for example, automating network configuration backups, which will likely already be catered for by a disaster recovery process, no matter how human-intensive that may be.   

Tool-led strategy adoption

Network automation is a complex area of abstractions and principles built atop chains of other abstractions or fundamentals. For this reason, it can be tempting to lean on the lowest common denominator within the field – often the “lingua franca” of the tooling and framework buzzwords such as Terraform, Ansible, IaC, YAML, YANG and so on.   

While countless types and competing network automation tools exist, this doesn’t always mean they’re developed for or relevant to your business’ specific issues. It’s also worth being mindful of “resume-driven development” here– while the “new shiny” might look great to your engineering and architecture teams, it doesn’t always mean it’s best for your business context, budget or other regulatory constraints.   

Automation in isolation of process review and improvement

There’s a reason “garbage in, garbage out” is a phrase– automating the garbage to go faster doesn’t get rid of its existence. Automation often lives in the space between process and technology, so improvements in one can feedback into the other. Automation tends to inform improvements to existing business processes through its installation than for static business processes that were perfect all along.   

The mere act of undergoing an automation journey can also be an exponential value-add when focusing on and improving business processes which would otherwise not have been explored. This ensures a double win from both optimising the business process itself and enables an extended reach of that into the network and IT plane, speeding up the process and improving its efficiency. This virtuous flywheel can often become a force-multiplier that tremendously benefits the organisation for relatively little upfront effort. 

How can CACI help?

CACI’s expert team comprises multidisciplined IT, networking infrastructure and consultant and automation engineers with extensive experience in network automation. We can support and consult on every aspect of your organisation’s network from its architecture, design and deployment through to cloud architecture adoption and deployment, as well as maintaining an optimised managed network service. 

To learn more about the impact of network automation and how to sell its value to the C-suite, please read our e-book “How to sell the value of network automation to the C-suite”. You can also get in touch with the team here. 

 

Top network automation trends in 2024

Posted on: 15 February 2024
Top network automation trends in 2024

Network automation has become increasingly prevalent in enterprises and IT organisations over the years, with its growth showing no signs of slowing down.  

In fact, as of 2024, the Network Automation Market size is estimated at USD 25.16 billion (GBP 19.78 billion), expected to reach USD 60.59 billion (GBP 47.65 billion) by 2029. By 2028, a growth rate of 20% is predicted in this sector in the UK. Within CACI, we are seeing a higher demand for network automation than ever before, supporting our clients in NetDevOps, platform engineering and network observability. 

So, how is the network automation space evolving, and what are the top network automation trends that are steering the direction of the market in 2024?  

Hyperautomation

With the increasing complexity of networks that has come with the proliferation of devices, an ever-growing volume of data and the adoption of emerging technologies in enterprises and organisations, manual network management practices have become increasingly difficult to uphold. This is where hyperautomation has been proving itself to be vital for operational resilience into 2024. 

As an advanced approach that integrates artificial intelligence (AI), machine learning (ML), robotic process automation (RPA), process mining and other automation technologies, hyperautomation streamlines complex network operations by not only automating repetitive tasks, but the overall decision-making process. This augments central log management systems such as SIEM and SOAR with functions to establish operationally resilient business processes that increase productivity and decrease human involvement. Protocols such as gNMI and gRPC for streaming telemetry and the increased adoption of service mesh and overlay networking mean that network telemetry and event logging are now growing to a state where no one human can adequately “parse the logs” for an event. Therefore, the time is ripe for AI and ML to push business value through AIOps practices to help find the ubiquitous “needle” in the ever-growing haystack. 

Enterprises shifting towards hyperautomation this year will find themselves improving their security and operational efficiency, reducing their operational overhead and margin of human error and bolstering their network’s resilience and responsiveness. When combined with ITSM tooling such as ServiceNow for self-service delivery, hyperautomation can truly transcend the IT infrastructure silo and enter the realm of business by achieving wins in business process automation (BPA) to push the enterprise into true digital transformation. 

Increasing dependence on Network Source of Truth (NSoT)

With an increasing importance placed on agility, scalability and security in network operations, NSoT is proving to be indispensable in 2024, achieving everything the CMDB hoped for and more. 

As a centralised repository of network-related data that manages IP addresses (IPAM), devices and network configurations and supplies a single source of truth from these, NSoT has been revolutionising network infrastructure management and orchestration by addressing challenges brought on by complex modern networks to ensure that operational teams can continue to understand their infrastructure. It also ensures that data is not siloed across an organisation and that managing network objects and devices can be done easily and efficiently, while also promoting accurate data sharing via data modelling with YAML and YANG and open integration via API into other BSS, OSS and NMS systems.  

Enterprises and organisations that leverage the benefits of centralising their network information through NSoT this year will gain a clearer, more comprehensive view of their network, generating more efficient and effective overall network operations. Not to mention, many NSoT repositories are much more well-refined than their CMDB predecessors, and some – such as NetBox – are truly a joy to use in daily Day 2 operations life compared to the clunky ITSMs of old. 

Adoption of Network as Service (NaaS)

Network as a Service (NaaS) has been altering the management and deployment of networking infrastructure in 2024. With the rise of digital transformation and cloud adoption in businesses, this cloud-based service model enables on-demand access and the utilisation of networking resources, allowing enterprises and organisations to supply scalable, flexible solutions that meet ever-changing business demands. 

As the concept gains popularity, service providers have begun offering a range of NaaS solutions, from basic connectivity services such as virtual private networks (VPNs) and wide area networks (WANs) to the more advanced offerings of software-defined networking (SDN) and network functions virtualisation (NFV).  

These technologies have empowered businesses to streamline their network management, enhance performance and lower costs. NaaS also has its place at the table against its aaS siblings (IaaS, PaaS and SaaS), pushing the previously immovable, static-driven domain of network provisioning into a much more dynamic, elastic and OpEx-driven capability for modern enterprise and service providers alike. 

Network functions virtualisation (NFV) and software-defined networking (SDN)

A symbiotic relationship between network functions virtualisation (NFV), software-defined networking (SDN) and network automation is proving to be instrumental in bolstering agility, responsiveness and intelligent network infrastructure as the year is underway. As is often opined by many network vendors, “MPLS are dead, long live SD-WAN”; which, while not 100% factually correct (we still see demand in the SP space for MPLS and MPLS-like technologies such as PCEP and SR), is certainly directionally correct in our client base across finance, telco, media, utilities and increasingly government and public sectors. 

NFV enables the decoupling of hardware from software, as well as the deployment of network services without physical infrastructure constraints. SDN, on the other hand, centralises network control through programmable software, allowing for the dynamic, automated configuration of network resources. Together, they streamline operations and ensure advanced technologies will be deployed effectively, such as AI-driven analytics and intent-based networking (IBN). 

We’re seeing increased adoption of NFV via network virtual appliances (NVA) deployed into public cloud environments like Azure and AWS for some of our clients, as well as an increasing trend towards packet fabric brokers such as Equinix Fabric and Megaport MVE to create internet exchange (IX), cloud exchange (CX) and related gateway-like functionality as the enterprise trend towards multicloud grows a whole gamut of SDCI cloud dedicated interconnects to stitch together all the XaaS components that modern enterprises require. 

Intent-based networking (IBN)

As businesses continue to lean into establishing efficient, prompt and precise best practices when it comes to network automation, intent-based networking (IBN) has been an up-and-coming approach to implement. This follows wider initiatives in the network industry to push “up the stack” with overlay networking technologies such as SD-WAN, service mesh and cloud native supplanting traditional Underlay Network approaches in Enterprise Application provision. 

With the inefficiencies that can come with traditional networks and manual input, IBN has come to network operations teams’ rescue by defining business objectives in high-level, abstract manners that ensure the network can automatically configure and optimise itself to meet said objectives. Network operations teams that can devote more time and effort to strategic activities versus labour-intensive manual configurations will notice significant improvements in the overall network agility, reductions in time-to-delivery and better alignment with the wider organisation’s goals. IBN also brings intelligence and self-healing capabilities to networks— in case of changes or anomalies detected in the network, it enables the network to automatically adapt itself to address those changes while maintaining the desired outcome, bolstering network reliability and minimising downtime. 

As more organisations realise the benefits of implementing this approach, the rise of intent-based networking is expected to continue, reshaping the network industry as we know it. The SDx revolution is truly here to stay, and the move of influence of the network up the stack will only increase as reliance on interconnection of all aspects becomes the norm. 

How CACI can support your network automation journey? 

CACI is adept at a plethora of IT, networking and cloud technologies. Our trained cohort of network automation engineers and consultants are ready and willing to share their industry knowledge to benefit your unique network automation requirements. 

From NSoT through CI/CD, version control, observability, operational state verification, network programming and orchestration, our expert consulting engineers have architected, designed, built and automated some of the UK’s largest enterprise, service provider and data centre networks, with our deep heritage in network engineering spanning over 20 years. 

Take a look at Network Automation and NetDevOps at CACI to learn more about some of the technologies, frameworks, protocols and capabilities we have, from YAML, YANG, Python, Go, Terraform, IaC, API, REST, Batfish, Git, NetBox and beyond. 

To find out more about enhancing your network automation journey, get in touch with us today.