Why is Automated Provisioning last on the Priority List?

Last updated: September 15, 2025

An avatar of the author
Katie Burton
areyousure

Notice: This blog post was originally published on Indeni before its acquisition by BlueCat.

The content reflects the expertise and perspectives of the Indeni team at the time of writing. While some references may be outdated, the insights remain valuable. For the latest updates and solutions, explore the rest of our blog

Key takeawaysThis key takeaway was generated through LLMs crawling the page and coming up with an overview of the content.

The article discusses why provisioning network and security resources is often neglected during migrations from bare-metal to virtual machines, highlighting that administrators prioritize task validation, availability, and security compliance over automation. It presents survey findings showing only a third of respondents use IaaS provisioning for network resources, with mixed on-site and cloud approaches, and explains benefits of automated provisioning such as faster changes, policy enforcement, compliance, breach avoidance, and resource reallocation. The piece outlines inhibitors — notably the need to document device knowledge and network interdependencies into code and to handle vendor-specific scenarios — and suggests starting by converting institutional knowledge into documented, reusable automation validated by communities like the Indeni Crowd.

Why are many network and systems administrators reluctant to automate provisioning when moving to virtual machines?

Administrators often prioritize task validation, availability, and security compliance over automation, according to the Indeni and GNS3 survey cited in the article. They focus on boosting network visibility and following vendor best practices, which they see as higher priority than provisioning. Additional reluctance comes from the complexity of documenting device-specific behavior (e.g., Check Point, Palo Alto Networks, Juniper, Radware), understanding interdependencies, and translating that knowledge into code that safely handles multiple scenarios and platform differences.

What operational benefits does automated network and security device provisioning provide?

Automated provisioning delivers several operational benefits outlined in the article: it enables faster changes, enforces policies consistently, helps ensure compliance, reduces the risk of security breaches, and allows for more effective reallocation of resources. These outcomes improve operational agility and reliability by making repeatable actions less error-prone and by enabling continuous validation that devices are configured and functioning as intended.

How should organizations get started with automating network provisioning according to the article?

The article recommends beginning by documenting the precise steps and institutional knowledge required to provision devices, because automation executes exactly as instructed and lacks common sense. It highlights converting historical operational knowledge into reusable code and continuous validation — an approach used by organizations like MasterCard, OfficeDepot, and Pfizer — and suggests leveraging crowd-sourced automation resources such as the Indeni Crowd to build, share, and validate automation workflows before deploying changes into production.

The importance of provisioning network and security resources is often times overlooked. In the course of moving Data Centers from bare-metal infrastructure to virtual machines, most network and systems administrators have opted out of automating provisioning. This article aims to articulate some of the possible reasons why, and ways to get started with automation.

Task validation is higher priority than Provisioning

According to a survey by Indeni and GNS3, operations and engineering are focusing more on ensuring the availability and security compliance of resources. Tasks that focus on boosting network visibility and observing vendor best practice were found to be higher on administrators’ priorities than provisioning. When asked if they use IaaS provisioning in the allocation of network-based resources, only 33% of the respondents said yes. Of these, 28% said they used onsite provisioning while just 21% use cloud-based provisioning. 51% of the administrators interviewed said they combine both methods of provisioning.

Benefits of Automated Network Security Device Provisioning

There are a number of benefits to automationing the provisioning of services to network and security devices. Some of these benefits include:

  • Make changes faster
  • Enforce policies
  • Ensure compliance
  • Avoid security breaches
  • Reallocation of resources

At the same time there are a number of inhibitors to getting started. To automate the provisioning of a network or security device, the knowledge of the device (eg. Check Point, Palo Alto Networks, Juniper or Radware) and the interdependencies of the network need to be documented, and turned into code. Questions to consider:

  • Does the provisioning rules and instructions come from the vendor?
  • If the vendor has a robust library out of the box, does that pre-built policy or workflow apply to your environment as is?
  • Are all possible scenarios considered? OK to provision changes on every versions of CheckPoint firewalls? OK to complete on virtual and physical machines?
  • What happens if X feature is enabled? Disabled?

For these reasons, and many others, administrators want the opportunity to approve a change before it goes into production.

How to get started with automated provisioning

In order to teach a machine the steps to follow, someone must document the steps in the first place. I love this quote from Donald Knuth about a computer:

These machines have no common sense; they have not yet learned to “think,”
and they do exactly as they are told, no more and no less. This fact is
the hardest concept to grasp when one first tries to use a computer.
– Donald Knuth (1968). “Preface”. The Art of Computer Programming,
Volume 1: Fundamental Algorithms. Addison-Wesley.

Many organizations, including MasterCard, OfficeDepot and Pfizer are leveraging the wisdom of the Indeni Crowd to convert historical knowledge into reusable code, and continuously validate that their devices are working as intended.

You can learn more about the findings of Indeni’s automation survey by clicking here. Ready to explore crowd-sourced automation? Learn more about the Indeni network automation.

Published on: March 15, 2018

An avatar of the author

Related content

Close-up of interlocked metal chain links symbolizing connected network objects and relationships in IPAM
Blog

How to map your network with user-defined links in Integrity X

Map your network with user-defined links in Integrity X to define and manage custom relationships, such as dual-stack and NAT environments.

Read more
Flock of geese flying in formation across a blue sky, framed by a pink graphic border, symbolizing coordinated network migrat
Blog

Automate your DDI modernization path by migrating with Micetro

Automate cross-platform DNS and DHCP migration with Micetro to reduce risk, eliminate manual effort, and modernize infrastructure faster.

Read more
Three armored figures walking toward a futuristic Las Vegas skyline with pyramids, glowing orb, and "Welcome to Fabulous Las
Blog

Your journey to intelligent NetOps begins at Cisco Live

Visit BlueCat’s booth or book a meeting now to learn more about how our solutions can help you build a network that supports constant change.

Read more
Stacked colorful wooden directional arrows on a post by a calm seaside with distant hills and blue sky
Blog

Replace BIND and ISC with Micetro DNS/DHCP Server (MDDS)

Tired of patching and manually configuring BIND DNS and ISC DHCP? Discover how Micetro MDDS appliances can replace them for modern DDI.

Read more