- AUTHOR Umang Agrawal
- PUBLISHED ON August 16, 2021
Automated Network Device Provisioning and Configuration through Zero Touch Provisioning (ZTP) Enablement
Managing a large network of devices has never been an easy job for the network or system administrators. It involves maintaining the uptime, defining provisioning policies, modifying user access based on user roles, frequently upgrading the firmware, and finishing the tasks within the stipulated timelines as per the service level agreement (SLA). Network administrators at customer location need an automated and centralized network configuration and provisioning framework that would bring in efficiency and agility. This blog discusses the issues related to manual network device provisioning and how the Zero Touch Provisioning (ZTP) can solve the problem. This blog also highlights the steps to perform while implementing ZTP for your network.
Key Layers of an Enterprise Network
Before we dive into the nitty-gritties of network administration, let us refresh our knowledge about the key layers of the corporate networks.
Network Device Maker
These are original equipment manufacturers (OEMs) who manufacture network hardware components. These can also be companies that sell products and services to communication service providers such as fixed line or mobile operators and to enterprise customers. Essentially, they establish the hardware backbone of device networks at customer location.
Network Service Provider
A network service provider is a business or organization that sells bandwidth or network access by providing direct Internet backbone access to internet service providers (ISPs) and usually enabling access to the network access points (NAP)s. Service providers may consist of telecommunications companies, data carriers, wireless communication providers, Internet service providers offering high-speed Internet access and cable television operators. They are the firmware layer of the enterprise network.
Problems with Manual Network Device Provisioning
Network devices are often configured by network administrators, one device at a time, through a command line interface (CLI). In large networks at customer location, network provisioning might mean thousands of devices to be provisioned and configured.
Manual configuration of such a network might easily make several expert network administrators work round the clock for days to finish the configuration and provisioning activities. Yet there is no guarantee of successful provisioning for each device of the network. It is often found that the manual configuration leads to the following network management issues:
- 80% of all network downtime can be attributed to human error during network provisioning and configuration
- Manual configuration is slow, decentralized, and prone to errors
- People and travel are expensive as system engineers need the physical access to the devices
What is Zero Touch Provisioning (ZTP)
Zero touch provisioning (ZTP) is a new feature that allows network devices to be provisioned and configured automatically, eliminating most of the efforts, time and issues arising out of manual network provisioning at customer locations. This means customers can set up devices with minimal help from trained personnel.
ZTP automates the following steps for network administration and helps enhance efficiency:
- Updating operating systems (Firmware) on the device
- Configuring the device with predefined custom configuration.
Niyuj Solution that enables ZTP
Niyuj developed a provisioning tool (for a network device maker) that enables the automatic configuration of devices, and redirects a device to the Device management software as soon as it is plugged in. There are three major components which participate in the ZTP Process:
- Device Management Software
- ZTP Server
High Level Architecture
Before we dive into actual steps of ZTP, let us look at these components. This section describes major components of the automated ZTP system.
Device Management Software
It is a software that is used to manage the networking devices. Using this software, network administrators can monitor, manage, and configure the networking devices.
This is a centralized server managed by the IT/Sales team used to identify the networking devices sold to various customers.
This is the device stationed at customer location. The device can be networking equipment like VoIP devices, routers, and switches. A network can have several devices of various types and configurations.
This section describes the implementation steps for registering a new device into the ZTP-enabled network.
Steps which requires some human intervention:
- Register the Device Management Software with the ZTP Server
- When a Device Management Software is sold to the customer the sales team registers it with the ZTP server.
- Register device with the ZTP Server
- When a device is sold to the customer the sales team registers it with the ZTP server.
- Define provisioning policies
- Customer’s Network Administrator defines the configuration and the firmware version they want to install on the new devices using the device management software.
- ‘Auto-provision’ the device
- Customer’s network administrator enters the MAC address of the device/s to be auto provisioned
- Device Management Software valides the device/s with ZTP Server.
- Customer’s network administrator selects the provisioning policy to be applied on the device/s.
- The mapping of Device/s and Device Management Software (DMS) address gets saved on the ZTP Server.
- ‘Plug-in’ and ‘Turn-on’ the device
- Network administrator plug in the device to network and turn it on
Steps which are performed automatically:
- As soon as the device gets plugged into the network and turned on, it sends a register request to the ZTP server.
- ZTP Server sends back the Device Management Software (DMS) address to the device.
- Device sends a register request to Device Management Software.
- Device Management Software registers the device
- Device Management Software, If required, upgrades the firmware of the device.
- Device Management Software, If required, applies the configuration defined in the provisioning policy on the device.
- Device Management Software sends back the register response to the device.
Device is now ready and starts sending heartbeat messages to the Device Management Software. Now, devices can be monitored and managed from the Device Management Software.