Hello and welcome. My name is Tyler McMinn. I'm an Aruba Certified Instructor with Computer Data and this is Aruba Network Automation Essentials. This is a short series of webinar videos that will total about three or four hours with zero prerequisites to introduce you to network automation and specifically, what are the tools that we utilize in network automation when working with platforms that are available through Aruba. These are all standard network automation concepts and techniques and then you're going to see a real-world implementation of those on Aruba platforms such as Aruba CX switches, Aruba ClearPass, AirWave, AOS 8 for Mobility Conductors and Controllers, as well as even Aruba Cloud with Central. Let's get started. Taking a look here first, we're going to break this up into two parts. The first half will introduce network automation, what it is and what are the benefits of scaling your network automation, where you would actually use that. Python and Ansible as a quick introduction because we're going to be utilizing examples with Python scripting and Ansible as a popular management tool or platform that's available through Red Hat Linux and is free as a community-driven project. Very, very useful in most modern network management deployments. Part 2, we'll explain how to use network automation with Aruba products and actually show you some practical hands-on demonstrations. In this first half, we'll look at network automation examples, different options for automation that exist, what exactly REST APIs are, what's an API, what is REST. Essentially APIs are the reason why we're even having this course and the direction and where networking is going these days is towards this scaling with REST API calls. Aruba platforms that are ready for automation of our modern platforms, and even some of our older ones like AirWave and ClearPass which have been around for a while, are being constantly updated and tuned to support more REST API calls. Python as a scripting tool for automation, although there are many, and Ansible for automation as a server platform that can use REST APIs as well as SSH commands in HTTP but we'll take a look at that in the demonstrations. Network automation, some examples of it. If you're talking Day 1 or Day 0 provisioning, you want to rack and stack your switches and get those up and running across multiple vendors. You may want to generate a base configuration to get these guys set up and working in production. Those configs need to be pushed to the devices, which could be 10 devices, 100 devices,1,000 devices. That type of workflow, you want to make sure it's tested, vetted, consistent, and validated on each client device when it receives this push from a scripted solution. Day 100, you might want to do regularly scheduled configuration backups, audits of change management, data validation, or traffic flow validation to make sure your traffic is actually working the way it should or doing regular updates of firmware. Then migration, backing up a current configuration, deploying a new configuration. These are examples where scaling really can save you time, not just in deploying the config, but in deploying it correctly and consistently and minimizing human error in the process. That means some scripting or tool to be used. Here's a more down to earth use case. Let's say you've got Jim who arms the security system every Friday night after 6:00 PM and the branch office is closed. While it's closed, we may want to save a little bit of electricity and more importantly, secure wireless access so someone on the street can't try and break into the branch network. Well, this security system can either send a message to an orchestration platform, such as a scripting platform or Ansible or whatever, or that platform could query the system to discover that, yes, the security system has indeed been armed. Upon that discovery, it could reach out to a list or an inventory of known switches such as CX switches from Aruba and call upon their established REST APIs to not only turn off the ports that APIs are plugged into but to first discover which ports actually have access points that are alive and drawing power over Ethernet so it can react to which ports meet that criteria and issue the commands through the API to essentially down those interfaces. While you could in some cases issue the actual CLI, the command line that CX on this version, on this switch, on this vendor requires, we're going to be utilizing modeling language that is standardized across the industry. Theoretically, these APIs that you're issuing or these calls that you're making should be generally accepted across any vendor of switch. On Aruba CX, there is a really cool addition that it has free of license known as the NAE or network analytics engine. This engine runs on all versions of our CX switches and it runs all the time and it's license free. What it does is it monitors the current state database of the switch and monitors any function that the switch is performing not just CPU and RAM usage and things like that, but not just commands that are issued, but things like your link aggregation states or your routing states or your neighbor states for OSPF or BGP or whatever it is. In this example, we're looking at link aggregation and it can monitor the forwarding state of the LAG itself, and look for conditions where it might transition to a block state due to some networking issue that occurs. When that happens, the network analytics engine every five seconds checking the status of your switch, can issue an action either simply indicating a critical alert, which could mean an email, a LAG message, or even issuing local commands to the switch involved to reroute traffic. Then when the link aggregation comes back up after that five-second period if at most, the network analytic engine scripting can react to this and say, things have returned to a normal state. Let me issue these other actions like rerouting traffic back across the link aggregation, changing the critical alert to a normal alert, sending a notification, whatever it is that you want to do. With just simple, normal Python commands, you can instantiate scripts that run as what we call agents on the network analytic engine all the time and monitor and save state information over long periods of time for each one of your switches.
