10 things you need that HP Network Automation cannot offer
Security Network Automation Network Compliance 5 min read

10 things you need that HP Network Automation cannot offer (1/3)

Picture of Wim Gerrits

Wim Gerrits on September 16, 2020

Organizations that chose solutions like HP Network Automation (HP NA) in the past already have a lot of experience with network automation. But when Microfocus took over HP’s software business in 2017, there were doubts about their future direction and vision. In addition, the market has developed immensely and although HP NA was once the market leader, it lacks a lot of functionality customers ask for today.

Network automation and compliance is booming and new solutions are popping up. "Organizations that automate more than 70% of their network change activities will reduce the number of outages by at least 50% and deliver services to their business constituents 50% faster…”, says Gartner.  Intent-based networking is one of the top 10 technologies for 2020 that can transform network operations and security. With all these developments, you can’t afford to sit still; you have to think about network automation innovations, network compliance and how to keep your organization secure. In this blog I will talk about the 10 things you need that HP NA cannot offer you.

Worry about support and lack of innovation

When we speak to HP NA users, they mainly worry about two things: Support and Lack of Innovation. Let’s take a closer look at what they mean by that. Customers tell us they want accessible customer support, preferably local, that is eager to work with them. One customer told us that whenever they want something out-of-the-box, support isn’t available. However, the main issue is the lack of innovation: customers don’t get a warm feeling when they see the roadmap; it’s not clear what is going to be the focus for the coming years. Companies are looking for a partner that helps them navigate the booming network automation landscape.

Let’s zoom in on the innovation aspect and address some of the key functionalities that customers are asking for these days.

Key functionality you need (and don’t have in HP NA)

1. Dynamic config generation

The method that HP NA uses to generate configs results in configuration drift: it copies the last version of a config to create a new one, causing variations of deployed configurations all over the place. A better method is dynamic config creation. You can do this by using the inventory as a source of truth resulting in full standardized deployments. This puts companies back in control and as a result, networks become highly stable, scalable, secure and flexible. 

2. Flexible integration through API’s

Organizations want to be more flexible in their choice of solutions, and you need an open system that can support this. For HP NA, due to limited proprietary API functionality, custom development is necessary to integrate with 3rd party systems like IPAM, CMDB, and others. You’re basically locked in.

3. Support for open source libraries

The availability and innovation of open source software makes it an attractive add-on for organizations to include these free tools in their organisation. HP NA, as an enterprise solution, does not support any integration with the current existing open source community products.

4. Dynamic compliance capabilities 

When compliance policies need to be adjusted, HP NA requires manual changes to their static policies. This is no longer enough; network devices have dynamic configurations, for instance access lists on firewalls that need to match the company's policies. The risk of unauthorized access is simply too high. When ACLs keep changing, you need a compliance solution that can handle this via dynamic compliance capabilities.

5. Multi-node validation

Traditionally, compliance validation is done on a single device configuration or a specific show command output. While this works for many cases, it is crucial for security and availability to compare multiple devices and config blocks to each other. Redundant load balancers or firewalls are good examples. For this to work in HP NA you need a combination of HP OO and custom development.

6. Handling complexity with ease

It should be easy to configure devices and automate changes without having software development knowledge. This is also true for compliance validation; network designs become more and more complex and as a result design validation can be difficult and time consuming, while it should be simple and straightforward. Within HP NA you can create scripts (Perl based) but you need to train yourself or be a developer to know how to script. 

7. A network source of truth

Companies report that a source of truth is essential for them to integrate with other systems, but also for security, time to market and reliability. A network source of truth will contain a variety of data such as configurations, device state metrics, IP addresses, device inventory information, policy rules, and more. This information rarely coexists in the same database. What you need is a comprehensive database that seamlessly integrates with other databases. Otherwise, you'll be stuck in coding and the custom development of APIs. 

8. Fast and controllable migrations

Whether you want to upgrade existing hardware, replace it with a new vendor or migrate from a physical to a virtual network, migrations need to be executed in an automated and controllable way. HP NA's focus is on automating jobs and monitoring, not dynamically generating configs, making migrations very hard to execute. Only when you know exactly how your network is configured, meaning you have a way to prevent configuration drift, it becomes easy to migrate services, devices, vendors, etc. 

9. Scripting for both engineers and developers

HP NA specified the way they think you should automate. The moment you want to go beyond their logic by using different vendors, alternative logic or specify a workflow, you need a perl developer. At the same time network engineers need more simplified languages to work with. Scripts must be easy to adapt and maintain, and they should be reusable, or called upon from other scripts. You’re looking for a solution that combines simplified scripting for network engineers with advanced capabilities for developers.

10. Fast fast fast!

You want a system that is fast. And let’s be honest, the feedback we get from HP NA users is that it is very slow. Apparently, the GUI is slow, each click is taking 5 seconds. Upgrading existing HP NA systems can be a daunting task taking roughly 4-6 weeks (versus 1-2 days with other systems) due to separate databases, systems and the need for testing. 

Next steps

In summary, you should be thinking of your next steps when it comes to your network availability, agility, and security. You now have an understanding of the functionality you’re currently lacking and will need for the future. However, it’s not these issues that are the most important; what we hear is that customers lack a network automation partner. A partner that is invested in their future and is available when they need them.

In my next blog, I will list the best replacement options for HP NA users for network automation and compliance. Make sure to get the next blog by subscribing below.
After that I will explain how Rabobank migrated from HP NA to NetYCE and why. In the meantime, I am curious what your experience is. Let me know via wim.gerrits@netyce.com

Can't wait?

Just schedule a meeting with me! I love to hear about your specific questions.

Book your meeting now

 

Picture of Wim Gerrits

Wim Gerrits

Founder & Chief Network Automation Advocate Wim drives NetYCE's strategic vision while overseeing all aspects of the company's operations. Since 1995 Wim is helping customers with business-critical networks to lower their TCO and mitigate risks. His passion is to translate complex things into simple business terms.