Chapter 1: Executive Summary¶
This chapter presents the business case for network automation at Abhavtech Networks, quantifying time savings and risk reduction benefits while establishing the relationship between this automation framework and existing manual deployment documentation.
What You'll Learn¶
Business Case for Network Automation¶
How automation transforms a global 19-site, 854-device infrastructure from manual configuration to repeatable Infrastructure-as-Code, including:
- Time Savings: Reduction from weeks to hours for fabric deployment
- Risk Reduction: Git-based audit trails for compliance (PCI-DSS, SOC2, GDPR)
- Consistency: Eliminates human error in repetitive configurations
- Scalability: Framework supports expansion without proportional headcount growth
Scope and Documentation Relationship¶
This automation framework directly maps to Abhavtech's existing documentation suite:
- SD-Access fabric documentation → Terraform + Ansible automation
- SD-WAN deployment guides → vManage API automation
- ISE policy documentation → Terraform SGT provisioning
- Webex deployment docs → API-driven user/queue provisioning
Toolchain Summary¶
Enterprise on-premises tools designed by network engineers for network engineers:
- Terraform: Infrastructure provisioning (DNAC, ISE, vManage, Webex)
- Ansible: Day-N configuration (IS-IS, LISP, BGP, 802.1X, TrustSec)
- Python: Custom API integration (SD-WAN templates, Webex automation)
- HashiCorp Vault: Secrets management (zero credentials in code)
- Git: Version control and change approval workflow
Chapter Navigation¶
- 1.1 Business Case for Automation - ROI analysis and time savings
- 1.2 Scope and Documentation Relationship - How automation maps to existing docs
- 1.3 Toolchain Summary - Technology stack overview
Key Takeaways¶
What Changes from Manual to Automated
- SD-Access Fabric: 3 weeks → 4 hours (92% time reduction)
- SGT Policy Matrix: 2 days → 15 minutes (95% time reduction)
- Branch Onboarding: 6 hours → 30 minutes (92% time reduction)
Audit Trail Benefits
Every configuration change produces a Git commit showing who changed what, when, and why. The entire SGACL policy matrix (25+ SGTs, 150+ rules) becomes version-controlled with pull request approvals.
Architecture Decision
No credentials, API keys, or secrets appear in any Terraform, Ansible, or Python file. All sensitive data is stored in HashiCorp Vault and retrieved at runtime. This is non-negotiable across the entire framework.
Next Chapter: Automation Architecture Overview →