1. Field of the Invention
The present invention relates generally to the field of computer networks and more particularly to methods for making both manual and automated changes to network infrastructures through network automation systems.
2. Description of the Prior Art
Traditionally, a network infrastructure configuration change was made manually, either by logging into a specific device's Command Line Interface (CLI), or by using various Element Management Systems (EMS) dedicated to the devices from a specific vendor or product line. Increasingly, however, changes are being made using multi-vendor network automation systems. These systems can provision changes spanning both multiple devices and multiple types of devices in an automated fashion. In addition to automation, a network automation system offers other significant benefits, including increased security and compliance with corporate policies by enforcing defined privileges or authorization levels in the organization, and also ensuring adherence to the corporate workflow, notification and approval policies.
Network automation systems have not entirely obviated the need for manual changes, however. Many organizations prefer that an expert engineer manually implement certain changes. These changes can include those that are highly sensitive, highly timing dependent, require trial and error to determine the exact changes necessary to achieve a desired effect, etc. One common scenario is to use a network automation system to automatically provision a set of devices, for example the devices of a new branch office, and then have an engineer review how the devices have been provisioned and then to manually make one or more final changes.
Presently, no network automation system manages both manual and automated changes, orchestrates operations that involve both manual and automated changes, and achieves the process assurance and privilege level benefits of a network automation system for manual changes as well as for automated changes. Therefore, even when an automation system is adopted, Information Technology (IT) organizations are not able to achieve full assurance and compliance with defined authorization levels, policies, and processes, since changes made manually circumvent the protections of the network automation system.