The Intentionet team is joining AWS. We thank our customers and the open source community for their support over the years. We are proud of the technology and the community we have built, and we are excited to continue, under a new umbrella, our mission of transforming how networks are engineered. Visit batfish.org and join our Slack channel to stay abreast of ongoing developments.

Stopping Network Outages Before They Start

How do you detect buggy network configuration changes?  My guess is that you use post-deployment checks and monitoring systems. And you should!  But if that’s the only thing you’re doing, then you are unnecessarily risking network outages, breaches, and more. Those tools help you cure incidents after they occur, but they do nothing to prevent…

Read More

Incrementally automating your network

Network automation can significantly benefit your organization. Gartner found that automating 70% of the network changes reduces outages by 50% and speeds service delivery by 50%. But achieving these results is elusive for most organizations—-they never get to the point where a substantial fraction of changes are successfully automated. A key hurdle is creating a…

Read More

The networking test pyramid

An automated test suite is the key to continuous integration (CI), the DevOps practice of rapidly integrating changes into mainline. The test suite is run on every change to check that individual modules and the full system continue to behave as expected as developers add new features or modify existing ones. A high-quality test suite…

Read More

Closing the loop on testing network changes

Test automation is key to minimizing the chances of change-induced network outages. This article describes “closed-loop test automation” that makes the change process highly resilient and catches problems as early as possible, by testing changes both before and after deployment.

Read More

Automating the long pole of network changes

When it comes to automating network changes, most network engineers want to start with automatic config generation and deployment. It just feels like that is the heart of the challenge, and it certainly feels like a fun thing to do. But assume for a moment that you’ve automated config generation and deployment. Have you now…

Read More

Test drive network change MOPs without a lab

Imagine that you could predict and test the full impact of every single change to the network. Imagine also being able to do this within minutes, for the production network itself (not a small-scale replica), and without having to set up and maintain a test lab. Will this capability enable you to reduce the risk…

Read More

Network test automation: Rock, Paper, Scissors, Lizard, or Fish?

When building a network automation pipeline, one of the most important questions to consider is: How do you test network changes to prove that they will work as intended and won’t cause an outage or open a security hole? In a world without automation, this burden falls on network engineers and approval boards. But in…

Read More

Don’t be afraid of (network) change

Companies large and small crave agile, resilient networks. They crave infrastructure that adapts rapidly to business needs without outages or security breaches. But changing the network is a risky proposition today, be it adding a firewall rule or provisioning a new rack. 50-80% of network outages are caused by bad network configuration changes. This high…

Read More

Validating the validator

Batfish provides a unique power to its users: validate network configurations before pushing them to the network. Its analysis is production-scale—unlike with emulation, you don’t need to build a trimmed version of your network. It is also comprehensive—considers all traffic, not just a few flows. These abilities help network engineers proactively fix errors that are…

Read More

Lesson from a network outage: Networks need automated reasoning

In the afternoon of October 23, within a few minutes of each other, two friends sent me a link to the recently-released “June 15, 2020 T-Mobile Network Outage Report” by the Public Safety and Homeland Security Bureau (PSHB) of the FCC. Given what Intentionet does, the report sounded interesting and I started reading it immediately….

Read More

Three ways to break a network (and one to save it)

When people mention network configuration bugs, the first thing that comes to your mind is likely typos–or if you prefer technical terms, “fat fingers”.  Of course, if you are an experienced network engineer, you know there is more to config bugs than keyboard gremlins. At Intentionet, we work on a network validation engine called Batfish…

Read More

Pre-deployment validation of BGP route policies

A common culprit behind some of the biggest outages in the Internet is misconfigured BGP route policies. For example: BGP Leak Causing Internet Outages in Japan and Beyond How a Tiny Error Shut Off the Internet for Parts of the US Telia engineer error to blame for massive net outage   Such outages typically occur…

Read More

A practical approach to building a network CI/CD pipeline

Continuous integration and continuous deployment (CI/CD) is the practice of automatically packaging, testing, and deploying code, generally in small increments. This modern DevOps practice has made software development agile and reliable, and it holds the same promise for networking as more environments transition to the infrastructure-as-code (IaC) model. In this post, we’ll outline a practical…

Read More

Network-model-based security: A new approach that blends the advantages of other leading methods

Effective network security is largely based on a central challenge: making sure that only authorized communication among security principals (users, systems, or groups) is allowed. But meeting this challenge has gotten harder as security methods grow more granular and complex. As organizations deploy microsegmentation and move from coarser methods like subnet-level security to finer-grained controls…

Read More

Come and get your free Batfish Enterprise Cloud View trial for AWS

As your company moves applications from on-premises datacenters to the cloud, your network toolchain can become a bottleneck. Simply visualizing your cloud infrastructure can be a challenge. And forget about using traceroute as a mechanism to see where packets are being dropped when machines in the cloud can’t talk to each other.   With our…

Read More

Network as code: From hype to substance

Last week, Arista and Cumulus hosted webinars on building CI/CD pipelines for the network (see Arista Webinar, Cumulus Webinar). Both webinars communicated a vision that included generating configuration (changes) automatically, pre-deployment validation, and automated deployment,  followed by post-deployment validation.  I found these webinars exciting for two reasons. The first was the emphasis they placed on…

Read More

Announcing Ansible modules for Batfish

We are excited to announce Ansible modules for Batfish. Now, network engineers can invoke the power of Batfish within Ansible-based automation workflows. Network automation is like a car with a powerful engine— it may get you places quickly, but does not guarantee that you’ll get there safely. Safe driving requires advanced collision prevention systems. Similarly,…

Read More

Announcing AI-ML

We are proud to announce Batfish AI-ML®, our latest product. Batfish AI-ML, or Automatic Intent Mind Link, is the industry’s first and only automatic intent extraction solution. It works seamlessly across all networks, be they data centers, enterprise campuses, service provider networks, or hybrid and multi-cloud deployments. Why Batfish AI-ML? Network engineers have told us repeatedly that the…

Read More

Designing a Network Validation Pipeline

The networking industry is on an exciting journey of automating tasks that engineers have historically done manually, such as deploying configuration changes to devices and reasoning about the correctness of those changes before and after deployment. These capabilities can tame the complexity of modern networks and make them more agile, reliable, and secure. Success on…

Read More

The what, when, and how of network validation

When historically tasked with configuring and managing a computer network, engineers have been forced to do almost everything manually: generate device configurations (and changes to them), commit them to the network, and check that the network behaves as expected afterward. These tasks are not only laborious but also anxiety-inducing, since a single mistake can bring…

Read More

We made networks work. Now let’s make them work well.

A few decades ago, car odometers were designed to roll over to zero after 99,999 miles because it was rare for cars to last that long. But today cars come with a warranty for 100,000 miles because it is rare for cars to not last that long. This massive reliability improvement has come about despite…

Read More

Network Engineers: Time to Restock your Tool Chest

At Future: Net 2017, our CEO Ratul Mahajan introduced a new network engineering workflow. Designed to evaluate the operation of ever more complex and scaled networks, this workflow aims to eliminate misconfigurations that can lead to a downward spiral of outages, security breaches, and other failures; and to make networks less of a long pole…

Read More

Plug the hole in your network automation — validate changes before you deploy

We are excited to announce the release of pybatfish, an open-source Python SDK for Batfish. Batfish is an open-source, multi-vendor network validation framework that enables network engineers, architects and operators to proactively test and validate network design and configuration. It is being used in some of the world’s largest networks to prevent deployment of incorrect configurations…

Read More

Automation without validation: Risky operation

To err is human; to really foul things up requires a computer. — BILL VAUGHAN If you run a large, complex network, you have either already heavily invested in automating key management tasks or are about to. Network automation is a great way to reduce human errors and accomplish those tasks with consistency and speed….

Read More

Intent specification languages – simplifying network configuration

The growing scale and complexity of today’s networks have outpaced network engineers’ ability to reason about their correct operation. As a consequence, misconfigurations that lead to downtime and security breaches have become all too common. In his keynote presentation at Future: NET 2017, Ratul Mahajan, the CEO of Intentionet, introduced a new network engineering workflow…

Read More

The New Network Engineering Workflow – Formal Validation

At Future:NET 2017, hosted by VMWare in Las Vegas on August 30th and 31st, our CEO Ratul Mahajan gave the keynote presentation. Ratul spoke at length about how we can help network engineers and operators make their networks highly agile, reliable, and secure by adapting proven approaches employed by hardware and software engineers. Ratul observed that…

Read More

Learn more

Write us today to learn more about Batfish Enterprise and what we can do for your company!

Contact us