Network Automation

A key principle of network automation is abstraction — hiding complex implementation details behind a simple, high-level service definition. Instead of managing every technical parameter manually, engineers interact with an abstract model that exposes only the essential inputs — often just a unique service name or a few parameters.

Automation then takes care of generating all necessary configurations and values behind the scenes. These details are stored and used consistently, without requiring human intervention.

Designing effective abstractions often requires customization to match the specifics of your network environment.

Example: Virtual Network Abstraction

Consider a service that provisions a Virtual Network. It may involve creating a VRF in an MPLS, setting up firewall connections, and provisioning MPLS sites. With a proper abstraction, the user only needs to provide minimal input — such as a name or a list of sites.

The automation system handles the rest: allocating route targets, assigning IP addresses, and generating configurations. These low-level details are abstracted away and don’t need to be touched during routine operations like adding or removing virtual networks.

Beneath the abstraction layer, it's essential to define a detailed intended state of the network — a complete, vendor-agnostic model of how the network should operate.

This intended state forms the foundation for generating configurations and provisioning devices. It’s typically maintained in a Single Source of Truth (SSoT) system and serves as the reference for all automated workflows.

What the intended state includes:

• Network devices and their interfaces

• Physical and logical connections between devices

• Subnet-level IP address plans

• IP assignments for individual interfaces

• VLAN identifiers

• Autonomous System Numbers (ASNs)

• ...and more, depending on the use case

The intended state of the network is translated into vendor-specific configuration formats, tailored to the capabilities and interfaces of each device platform.

Support for automation varies between vendors. Some offer robust APIs and tooling that integrate well with automation frameworks. Others may require custom development or workarounds to achieve the same level of automation.

The final step in network automation is deploying the generated configurations to devices. This stage includes data validation, error handling, and change management to ensure safe, predictable rollouts.

Before deployment, pre-checks can be performed to validate planned changes. Configuration pipelines can also be integrated with simulated environments or digital twins to test changes in advance — reducing the risk of unexpected disruptions in production.

As with other areas, vendor support varies. Some platforms offer built-in tools that handle parts of the deployment process, while others require more customized solutions.