GigaOm Radar for Network Validationv1.01

1. Summary

With business-critical services on the line, managing the network holistically is essential for ensuring operational consistency. Many enterprises address network governance with manual checks of their designs and configurations. However, this approach is subject to the availability and diligence of network administrators and does not always identify configuration drift or potential network issues, especially at scale. It is error-prone, operationally tedious, and ineffective for validating and protecting the network. In addition, cloud environments are dynamic, with evolving security mandates and constantly changing network designs. As a result, network teams are often uncertain whether the network is functioning as designed before and after a change.

To verify that the network is connected, secure, and operating as intended, enterprises must deploy robust validation tools providing up-to-date visibility of the network configuration and state, including address assignment, device interface state, neighboring devices, and Layer 2 and Layer 3 protocol information. Network validation determines whether the configuration or reconfiguration of the network meets the design or intent of the network. It focuses on analytical aspects, such as validating the reasons for making changes and predicting the impact of configuration changes. Including automation to improve accuracy and reduce risk, network validation comprises pre- and post-deployment unit testing, functional testing, and verification.

This report provides an overview of the network validation landscape based on the following table stakes, which are mature, stable features common across all network validation solutions:

• Automated pre-deployment checks: Validation is done proactively before deploying a network change to determine whether the proposed change violates any predefined (“golden configuration”) policy before it is applied. Failed checks automatically abort the deployment process. In addition, automated validation verifies that the desired interface is selected by checking its operational state, assigned address, and connected devices before authorizing the change, which minimizes the risk of an erroneous change reaching the production network and causing an outage.
• Automated post-deployment checks: Validation is done automatically after deploying a change to the network to determine whether the change was completed successfully and verify it had the intended impact. Failed checks automatically trigger a rollback of the change and launch a subsequent test to ensure the network was restored to its pre-deployment state. Automation ensures that the change is quickly reversed, with relevant data collected for analysis against the desired state before making needed corrections and reapplying the change.
• Scheduled state validation: Network administrators must be able to schedule network state validation periodically to ensure the network is performing as intended. Since the process is read-only, the validation can be run regularly to identify potential issues that would not necessarily be flagged by the network management system (such as failure of a redundant interface), enabling teams to be more proactive. In many cases, the post-deployment validation process can be used to validate the network before any change windows open up, irrespective of the planned changes.
• Automated trouble ticketing: The network validation system must provide out-of-the-box integration with trouble-ticketing systems for automatically creating tickets when the network state differs from the existing or future state as defined in the NSoT inventory and metadata. While remediation may initially be manual, the system should be able to support increasing automation as the organization matures, including automated actions and network validation scans based on specific triggers.

This GigaOm Radar report provides an overview of notable vendors and their offerings. The corresponding GigaOm report ““Key Criteria for Evaluating Network Validation Solutions” outlines critical criteria and evaluation metrics for selecting a network validation solution. Together, these reports offer essential insights for ensuring network resilience, helping decision-makers evaluate solutions before deciding where to invest.