Cisco CCNA 200-301 – Network Automation and Programmability
1. Introduction
In this section, you’ll learn about network, Programmability and automation. So let’s have a look and see what you’re going to learn in this section. So I’ve come to the Cisco website and I’m looking at the exam topics here. To find this page, just Google for Cisco CCNA 200 Video One exam topics, and then that will bring you here. This lists out everything that’s covered in the exam listed by the domain, and you can click on Show details here to expand that out.
So I’ve done that for the Automation and Programmability section, and you can see that what you need to know is how automation impacts network management. So, looking at the benefits of programmability and automation, also comparing traditional networks with controller based networking, you need to know about the Sdn architecture, the Northbound and Southbound APIs. Comparing traditional campus device management with Cisco DNA Center, you’ll also learn about that.
Characteristics of Rest based APIs cruds http verbs and data encoding. Looking at configuration management tools, puppet chef and ansible and you need to be able to interpret JSON encoded data. So you can see there’s a lot of things in there. It’s quite a wide Topic, and this can seem overwhelming at first, but don’t worry. In this section, all of these different terms that you see here, I’m going to be breaking them down and explaining them.
So by the end of the section, you’re going to be comfortable with everything here. Now Note that in the requirements for the Exam, you don’t actually need to be a developer that’s able to write your own code for the network Programmability. Python is the programming language of choice for working with network environments.
And you see that Python isn’t even mentioned here at all. So what you’re going to learn here is really an introduction to network programmability and automation. You’re going to Learn What All the different components are and how they all fit Together. But you’re not going to actually be doing your own coding from Here, because that would just be a very steep learning Curve.
You Are, however, going to be able to implement network automation by using tools such as Ansible and DNA Center. Thought so you will be able to do your own automation. You’re just not going to be writing your own code in Python. Okay, so that’s what we’re going to be covering here. You do actually need to know some of the basic terminology around Python, so I’m going to be covering that in the next lecture.
2. The Benefits of Network Automation and Programmability
In this lecture, you’ll learn about the benefits that network programmability and automation provides over traditional network management. Looking at traditional network management first, the way that that is done is by configuring your network devices, your routers, your switches, fireballs, etcd. One at a time using SSH to the A command line. So if you’re a network administrator and you have to configure five routers and five switches right now, what you’ll do is you will connect to them separately and you will configure them each individually, one at a time. And copying and pasting a config from a text file is the usual way of doing things as well as the command line. GUI tools have also been available for a long time. They let you work on routers and switches and firewalls one at a time, but they are typically very slow to use, which makes them inefficient.
So network administrators will usually use the command line. There are also NMS network management systems such as Solar Winds and Cisco works that used to be available quite a long time ago, and Cisco Prime Infrastructure. They use protocols such as SNMP and NetFlow to gather information from the network devices and report on the state of the network. SNMP was originally proposed in 1988, so it’s been out for a very long time.
As well as being able to pull information from network devices, SNMP can also be used to push configuration to them as well. But it’s got limited functionality there, so it’s used more commonly for pooling information and reporting rather than for pushing configuration. Those solutions can be complex to implement and operate, and SNMP also has some security concerns as well. So looking at the issues with traditional network management, configuring one device at a time is time consuming and inefficient.
Obviously, if you have got 30 devices that you need to configure a day, it’s going to be a lot quicker if you can push the configuration to them all in one go, rather than logging in and configuring each one one at a time. By configuring each one one at a time, that also increases the likelihood of typos and other mistakes as well. So maybe you do one configuration on device A, you accidentally do a different configuration on device B. Individual edits to multiple devices by different network engineers over time with little version control also leads to configuration drift where you’ve got non standardized configurations. So the first network engineer might configure a particular feature in one way, a different network engineer might configure it in a different way.
Having those nonstandardized configurations and accessing one device at a time is also inefficient for troubleshooting. So let’s look at network automation now and the benefits that it can bring. Automation can be used for device configuration. Pushing your configuration to your devices also, the initial device provisioning when it first comes from the factory, you can use it for software version to control to make sure that your devices of the same types are running the same software version on there. You can use it to collect statistics from devices and report on those.
You can also use it for compliance verification, so you can take your knowing good configuration that the device should have and use automation to check that that is what is actually configured on the device. It can also be used for troubleshooting as well because automation can provide an organization wide view of the network, which means that you can do system wide troubleshooting rather than having to do one device at a time. Network programmability enables the automation and that reduces human to machine interaction. When you’ve got a machine that’s doing the work, it’s going to do exactly what you tell it to do. Machines don’t make mistakes, so if there is a mistake, it will be because you have misconfigured the machine.
So by having a machine do that work, that greatly reduces the chance of human errors such as typos. Modern programmability and automation tools have been built with monitoring, configuration and troubleshooting in mind. And it’s much more scalable when you can use automation to manage multiple devices at the same time rather than doing them one at a time. Network programmability can provide configuration version control.
She can use that to look at the history of what changes have been made. It’s also very easy to roll back to a previous version if that is required. And as well as the configuration version control where you’re checking what changes are made to the configuration on device. It can also provide software version control where you check that the operating system on your different devices is the one that it should be. Troubleshooting is more efficient with a system wide view. That way you can correlate events between your different devices all in one global view, rather than trying to do it the old manual way of one at a time. Events and error codes can be acted on programmatically, so you can automate your response if there is a problem.
And improving configuration and troubleshooting efficiency obviously reduces your operational expenses. Automation also provides shutts which can ensure devices have a standardized configuration. It can also provide reports on and correct any exceptions to that. It provides correlation between events on different devices for that easier troubleshooting and it can take corrective action on events and error codes. Okay, so that is the benefits that we get from automation.
Which automation method should you use? Well, it depends on your particular environment because there’s lots of different ways, lots of different software tools that you can use to implement this, such as Python Scripts, NETCONF Restcont, Ansible, Puppet, Sdn, Cisco DNA Center, et cetera. We’re going to be talking about all of those different options. You’re going to learn about them all in this section. Now, not all of those methods are supported by all devices.
So which one you’re going to use depends on what is supported in your environment, what is most suitable for your environment, and also the skills that you have as well. So maybe you’ll be able to use Ansible, because it’s very simple, but you don’t have Python skills right now. Well, in that case, ansible would be a better choice for you. Don’t worry about all of the different methods you see there, because you are going to learn about them all in this section.
Okay, before I wrap up here, I want to show you automation in action, so that you can visualize this and get an idea of how useful it is. So, something you’ve seen before, it is configuring a virtual machine in Amazon Web Services. So you can see here, I’ve logged in to my AWS account and I want to configure a virtual machine here. So first off, I choose the operating system that I want the virtual machine to be running.
So I will select that. Then on the next page, I select how powerful I want this virtual machine to be, how many virtual CPUs it will have, and how much memory. And then I click next on there. And then on this page, you see I’ve got all the networking details. So I select the network that I want to use here, the subnet, if I want it to have an IP address, et cetera. Then I configure the storage, the type of storage I want this virtual machine to have, and how much it needs. I can add tags, which makes it easier to manage. And then I configure the security group, where it’s, where I configure the firewall rules. So you see, that the way that this works is there’s a web based front end that will then talk to some software behind here, which automatically configures the virtual machine with the settings that I requested here.
Now, the old traditional way of doing this, if you wanted a new server, is you would talk to the different It teams, you would have to speak to the server team, also the storage team and the networking team as well. Everything would be done manually. It would maybe take a few weeks to get this server up and running. With automation, the server can be running in 15 minutes. Now obviously, when we put these settings in, it’s not being done manually by people over at AWS.
This is all being automated through software and it would be impossible for AWS to do this manually. Their business model would not work. So you can see, when we’ve got a very large environment, the benefits of automation are very obvious. If you’re in a small environment though, you can still get benefits of automation as well. So if you’re just configuring five devices, it’s still quicker to do five at a time, and it is one at a time.
And also with the troubleshooting, with the system wide view you can get with network programmability, you’re also going to get big benefits there. So network programmability and automation, it’s actually a relatively new thing. We’ve been working on our network devices at the command line for decades. Automation is really just taken off in the last few years. It’s been driven first of all by large organizations and cloud providers and service providers.
But the benefits are going to trickle down to smaller organizations as well as more software tools become available. Now if you’re worried that automation is now going to mean, well, what’s the point of being a network engineer now then if everything can be done automatically, there’s not going to be a job for me anymore.
Well, with this automation, the people that are going to be configuring this, you still need to understand how networking works. So everything that we’ve learned earlier in the course about what all the different networking technologies are and how to configure them, you still need to know that information. So you’ve got up that baseline information now you can now take it and improve on your working practices by using automation. Okay, that’s everything I needed to tell you here. See you in the next lecture.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »