Apstra entered the enterprise networking scene in June 2016 with its intent-based operating system, which promised an innovative way to improve network agility and availability.

Less than a year later Gartner named Apstra a 2017 “cool vendor for enterprise networking.” The report said key benefits from its software include not only improved agility and availability, but also reduced capital expenditure and operating expenditure “through support of mixed-vendor configurations and optional disaggregated, fit-for-purpose switch hardware and software.”

The analyst firm forecast that by 2020 more than 1,000 large enterprises will use intent-based networking systems, up from fewer than 25 today. It also said an intent-based networking system can reduce network infrastructure delivery times by 50 percent to 90 percent, while also reducing outages — both the number of and duration of — by at least 50 percent.

Although it’s a young startup, its founders are all industry veterans: Apstra CEO Mansour Karam worked at Arista and Big Switch, CTO Sasha Ratkovic was an engineer at Juniper Networks, and Apstra chief scientist David Cheriton is the former founder of Arista and a first investor in Google and VMware.

Earlier this month Apstra updated its flagship product, called the Apstra Operating System (AOS). The new AOS 1.2 allows users to customize every aspect of AOS, including the intent model, tracked telemetry, and vendor-specific device agents.

SDxCentral recently caught up with Karam to talk about intent-based networking and the company’s plans for the future. This interview has been edited for clarity.

What was your vision when you started Apstra?

Karam: With Apstra, the vision we had was to deliver on what we call a self-operating network. In networking, and specifically in the data center, operational aspects haven’t been addressed to the extent that they need to be. For every dollar spent in capex, companies spend $3 to $5 in opex. Eighty percent of it is spent on manual operations. I like to say wasted on manual operations because everything that could be automated and that we’re not automating is indeed wasted.

With the network becoming increasingly important as an asset to support the business needs of an organization, we really need to focus on the operational aspect. So this was really the vision of Apstra in that we wanted to deliver an operational model that is fully autonomous. The network configures itself, defends itself, and is also self-compliant, meaning it audits itself.

If you look at the evolution of the industry, we believe this is the right time to do this. This problem existed before, but the urgency hasn’t been as high as it is today. And because of that, we have an ecosystem today that would support an independent vendor coming in and delivering on a solution for this problem.

What is driving that urgency and why is now the right time for intent-based networking?

Karam: If you look at my background, I’ve been in data center networking since 2006 when I joined Arista. Even in the very early days of Arista we saw the cloud companies, what we call today the hyperscalers, coming in with new requirements. The requirements were around building infrastructures that were larger than any infrastructures that were built before with new requirements on the operational side. We were involved in those, with those customers, and I was intimately aware of those requirements.

The hyperscalers pushed the industry toward APIs, we can’t just operate our networks, box per box, using the specific CLIs [command line interfaces] for those devices. In fact, they built their own teams to build out the automation that was required to deliver on those requirements.

Fast forward 10 years, these requirements are not only those of the largest hyperscalers, but now are spreading to essentially any organization that wants to participate in today’s trends, whether it’s IoT or machine learning. Data centers require networking like never before and these organizations need to beef up their networking — now they have the same requirements that hyperscalers had 10 years ago. This is not only the case for webscales but also large banks, large insurance companies, large retailers, they need to beef up their networking.

Customers really compelled the vendors to provide APIs, and now, across the board, vendors have indeed opened up their APIs. They’ve published them, so now we have what I like to call a programmable infrastructure across vendors.

Now that you have this programmable infrastructure, we now have the conditions that allow for software like AOS or an intent-based networking system to exist, leveraging those APIs and delivering on the vision of a self-operating network.

What’s the scope of control of intent-based? An area, an entire enterprise? Does a whole network turn over human control to an algorithm? How far does this extend?

Karam: Intent-based is a notion. It’s the notion that the user describes what they want; they describe the desired outcome. You can apply it to many different use cases. We’re starting with networking, and data center networking, so user intent usually can be described in terms of connectivity requirements, in terms of isolation requirements, multi-tenancy requirements. It also can be described in terms of performance requirements.

Once we’ve built that platform, it isn’t only applicable to networking, it can be applied to adjacent areas like compute and storage. It doesn’t have to be only applicable to the data center networks, it could be applicable to the campus networks. It’s just a matter of adjusting the intent.

A lot of the machinery underneath essentially is the same around intent-based, closed-loop, vendor-agnostic automation.

Does this work across any sector, say healthcare, hospitals?

Karam: With intent-based networking you get reliability and availability that can’t be matched using manual systems. A lot of outages or infrastructure connectivity problems are the result of a user making an error. In a lot of cases, humans are causing those errors. It’s true with driving on the highway; it’s also true with networks and infrastructure.

Intent-based networking systems massively improve the reliability of your infrastructure. In fact, Gartner mentioned in their report that an intent-based networking system improves reliability and availability by at least 50 percent and reduces outage durations by at least 50 percent. Especially for mission-critical applications, having an intent-based networking system would dramatically improve reliability and availability.

The Gartner report also says, “Apstra faces the difficult task of changing how enterprise network teams think about the build and operation of their data center networks, via the use of algorithms to supplant human insights.” Are network CIOs ready to give up control to a machine?

Karam: To be quite honest, I don’t see this as giving up control to a machine. Ultimately the engineers and the architects are really in control. They’re the ones that do the engineering work of figuring out what they want from their infrastructure. The intent-based networking system essentially takes care of all of the manual steps, it takes care of automating all of the manual steps. It really allows them to focus on being engineers and architects instead of spending their time doing the mundane manual stuff. It’s not that the system is taking control, you’re programming the system. A computer doesn’t get tired. It can work 24-7, so now the system is now taking care of delivering on your design.

For example, our system runs through tests that gather telemetry. Through this real-time analytics, it ensures that the network is behaving as per your intent. Essentially this is what a network engineer would do to troubleshoot the system. They would have to run all of these tests manually. But an intent-based networking system can run through these tests continuously, 24-7. When it’s done with the last test, it starts again with the first test.

Having a system take care of those tests really relieves the end user from having to do this themselves. At the same time, they are the one that initially designed those tests.

Let’s go back to the use cases.

Karam: Today we support use cases around data center networking, leaf-spine network designs, which are typical in the data center today. Customers that are migrating from legacy, three-tier architectures to newer leaf-spine designs can use our products turnkey. We’ve programmed in those use cases so that they can be used out of the box.

In the context of leaf-spine designs, we have L3 underlays, we have L3 underlays with L2 servers on top within the rack and across racks.

We also have a use case that we support around container networking. If you are building a network that supports containers, where containers are the endpoint, and you want to connect these containers using L3 all the way to the container, then through a combination of agents running on the servers themselves and agents running on the switches, AOS ensures that this connectivity across these containers is indeed delivered on.

To recap: leaf-spine, both L3 underlay and L3 underlay with L2 servers on top and then container networking.

Who are your customers?

Karam: We have a wide range of customers. I like to say that anyone with a data center can take advantage of our technology. But in terms of the customers that have been early adopters for us, there are three categories: the large enterprises— large banks, large financial, large insurance companies. We have telcos, but in the context of the data centers they are building. And then webscale companies, both on the west coast and internationally.

Can you give me any names of customers in these three categories?

Karam: We’re not telling names right now. Hopefully we’ll be able to share names soon.

You recently spoke at a panel on disaggregating the data center and that is certainly getting a lot of attention. What do you think of disaggregation?

Karam: When I think of disaggregation, I think of going from what traditionally has been vertically integrated architecture to a horizontally layered architecture. Horizontally layered architecture means you have different components, or different software or devices at each of those layers that are interchangeable, and that you have essentially APIs between those different layers.

To me, disaggregation is closely related to abstraction, where by having these APIs you’re abstracting the layer underneath to the layer above so now you can interchange between various components. This is a very powerful concept. It allows customers to really adopt a best-of-breed component approach at those various layers.

For example, if you want to deploy switches that have an ASIC with the lowest level of latency, you’ll be able to do that. And if you need buffers for storage, you can do that as well. You’re not locked into one specific device or one specific architecture — that is the power of disaggregation.

For us with Apstra, AOS is leveraging this disaggregation and sitting on top of this infrastructure. AOS is interfacing with devices through the networking operating system on those devices, through these published APIs.

For Apstra to succeed, does the network layer have to be open? Can it succeed if incumbents like Cisco dominate the market?

Karam: We support Cisco today, we leverage their published APIs. We work with both established vendors and newer, more recent vendors. For us, if you look at our 1.2 product, we support Cisco, Arista, Juniper, Cumulus and SnapRoute. We also have agents that run on Ubuntu servers.

Looking into your crystal ball: 10 years down the road, where is Apstra?

Karam: When I think of where we are heading, the alternative world that I see a few years from now is a world where network engineers are no longer using box-by-box CLI to operate their network. Gartner estimated that 85 percent of networking teams today use CLIs, the primary method to operate their system, but they say that by 2020, that will go down to 30 percent. And that will result in massive untapped value.

As I mentioned, 80 percent of operational costs are spent on manual operations. We’re going to get massive efficiencies through [intent-based] that. We can really unleash the power of the infrastructure and support the needs, the requirements of the business.

I read somewhere that there are going to be 50 billion devices connected because of IoT in 2020 — just consider how much networking is required. And every organization that wants to participate will have to change their operational model. For us we see so much opportunity in the future with Apstra, and we’re looking forward to solving customer problems and really getting them to this Nirvana.

Taking a step back, where is the industry heading and what trends do you see influencing the industry?

Karam: I think we’re going to continue seeing programmability, we’re going to continue seeing a focus on operational efficiency. We’re going to see customers wanting diversity and the ability to choose between various equipment because every type of equipment delivers on specific needs, whether it’s lower latency, or deeper buffers to support storage.

I think we’re going to continue seeing a focus on automation to provide more efficient operations and also providing a hardware-agnostic infrastructure so that operational model continues to be agnostic of the hardware choice underneath.

Generally, we live in fascinating times. The power of compute is such that there is so much that can be done. Think of IoT, think of machine learning, what Facebook is trying to do with virtual reality to the masses, self-driving transportation.

All of these trends require devices to be interconnected. It requires massive amounts of bandwidth interconnecting all of those devices. And any organization that wants to support or participate in those trends will have to build out the right network architecture, not only in terms of having the right bandwidth, having the right capacity to support those trends, but also having the right operational model so that they can really scale at the speed of their business.