Skip to content

Chapter 1: Executive Summary

This chapter presents the business case for network automation at Abhavtech Networks, quantifying time savings and risk reduction benefits while establishing the relationship between this automation framework and existing manual deployment documentation.

What You'll Learn

Business Case for Network Automation

How automation transforms a global 19-site, 854-device infrastructure from manual configuration to repeatable Infrastructure-as-Code, including:

  • Time Savings: Reduction from weeks to hours for fabric deployment
  • Risk Reduction: Git-based audit trails for compliance (PCI-DSS, SOC2, GDPR)
  • Consistency: Eliminates human error in repetitive configurations
  • Scalability: Framework supports expansion without proportional headcount growth

Scope and Documentation Relationship

This automation framework directly maps to Abhavtech's existing documentation suite:

  • SD-Access fabric documentation → Terraform + Ansible automation
  • SD-WAN deployment guides → vManage API automation
  • ISE policy documentation → Terraform SGT provisioning
  • Webex deployment docs → API-driven user/queue provisioning

Toolchain Summary

Enterprise on-premises tools designed by network engineers for network engineers:

  • Terraform: Infrastructure provisioning (DNAC, ISE, vManage, Webex)
  • Ansible: Day-N configuration (IS-IS, LISP, BGP, 802.1X, TrustSec)
  • Python: Custom API integration (SD-WAN templates, Webex automation)
  • HashiCorp Vault: Secrets management (zero credentials in code)
  • Git: Version control and change approval workflow

Chapter Navigation

Key Takeaways

What Changes from Manual to Automated

  • SD-Access Fabric: 3 weeks → 4 hours (92% time reduction)
  • SGT Policy Matrix: 2 days → 15 minutes (95% time reduction)
  • Branch Onboarding: 6 hours → 30 minutes (92% time reduction)

Audit Trail Benefits

Every configuration change produces a Git commit showing who changed what, when, and why. The entire SGACL policy matrix (25+ SGTs, 150+ rules) becomes version-controlled with pull request approvals.

Architecture Decision

No credentials, API keys, or secrets appear in any Terraform, Ansible, or Python file. All sensitive data is stored in HashiCorp Vault and retrieved at runtime. This is non-negotiable across the entire framework.


Next Chapter: Automation Architecture Overview