Startup Forward Networks sells software that models the state of your data center network, including device configurations, protocols in use, available pathways, and other information.
The idea is to provide a software copy of the network that’s updated in near real time. This software copy can help operators understand how traffic moves through the network, verify policy intent, and test the impact of changes before they’re pushed into production.
Forward Networks has announced a freemium version of the product, as well as a Series B investment of $16 million from DFJ, Andreessen Horowitz, and A.Capital Ventures. The startup has raised $27 million to date.
Search, Verify, Predict
As mentioned, Forward gathers configuration and state information from network devices including routers, switches, firewalls and other packet-forwarding machines. (A list of supported vendors is below.) Customers load login credentials for devices to be modeled into a software client that sits the customer premises. This client then logs into devices at regular intervals to extract configuration information.
This configuration information is encrypted and sent to Forward’s cloud service, which runs on AWS. The computation required to build the model of the network is done in the cloud, though Forward also offers a full premises-only version for customers wary of sending such configuration data off site.
Forward use the model as a platform on which to offer applications. At present, those applications are Search, Verify, and Predict.
Search: Customers can query the model to find devices or device types, and see how traffic flows between end points.
Verify: Customers can check whether the actual state of the network matches the intention of a policy or a configuration. For example, a retailer may want to isolate credit card processing systems from the rest of the network; the Verify feature can help determine whether those systems are properly segmented.
Predict: Customers can test changes in the model to see how those changes affect policies and operations before they push those changes to production devices.
Forward Networks has announced a freemium version of its product called Essentials. Essentials gathers configuration state and provides basic information such as a network diagram, device and software inventory, and limited search. It does not offer the verification or prediction capabilities.
The company acknowledges that lots of other products can create network diagrams and device inventories, but Essentials is meant to serve as a wedge to open customers to more extensive (and expensive) features.
Essentials comes in two tiers: Free and Standard. The Free version collects data from up to 50 devices, and retains historical state data for a week. The Standard version works with an unlimited number of network devices and a year of retention, and provides customer support.
Two Sides To Intent
Intent-driven networking is an emerging industry category that’s being driven by automation startups such as Apstra and Anuta, and embraced by incumbents such as Cisco.
Forward Networks is also staking out a slice of the intent pie, though from a slightly different perspective.
At a very high level, intent-based networking can be broken out into two categories:
A: I want this outcome. Hey software, please program the necessary devices to make it so.
B: I want this outcome. Hey software, did I get that outcome?
Forward Networks belongs in the second category. That’s because the product isn’t applying any changes to production systems, but verifying that the actual state of the network meets the operators’ intended goals.
It seems likely to me that over time a startup such as Forward Networks, and competitors such as Veriflow, won’t exist as standalone companies. Instead, the underlying technologies behind these companies will be built into a broader platforms that will both apply and validate changes.
In the meantime I see a lot of value in state modeling and verification, particularly for complex, large-scale networks and for service providers who are moving to develop services that rely on the proper alignment of service chains and virtualized network functions.
Forward Networks tests vendor products to ensure it can properly model those products. The startup currently supports devices from the following vendors:
- A10 Networks
- Arista Networks
- Check Point
- Cisco Systems
- F5 Networks
- Juniper Networks
- Palo Alto Networks
- VMware’s vSphere ESXi