Showing results for 
Search instead for 
Did you mean: 
Create Post

Blueprint: The Evolution of the Network - Part Two

Level 18

If you missed Part One of this series, you can find it here.

If you’re not prepared for the future of networking, you’re already behind.

That may sound harsh, but it’s true. Given the speed at which technology evolves compared to the rate most of us typically evolve in terms of our skillsets, there’s no time to waste in preparing ourselves to manage and monitor the networks of tomorrow. Yes, this is a bit of a daunting proposition considering the fact that some of us are still trying to catch up with today’s essentials of network monitoring and management, but the reality is that they’re not really mutually exclusive, are they?

In part one this series, I outlined how the networks of today have evolved from those of yesteryear, and what today’s new essentials of network monitoring and management are as a consequence. By paying careful attention, you will likely have picked up on ways the lessons from the past that I described helped shape those new essentials.

Similarly, today’s essentials will help shape those of tomorrow. Thus, as I said, getting better at leveraging today’s essentials of network monitoring and managing is not mutually exclusive from preparing for the networks of tomorrow.

Before delving into what the next generation of network monitoring and management will look like, it’s important to first explore what the next generation of networking will look like.

On the Horizon

Above all else, one thing is for certain: We networking professionals should expect tomorrow’s technology to create more complex networks resulting in even more complex problems to solve. With that in mind, here are the top networking trends that are likely to shape the networks of the future:

Networks growing in all directions

Fitbits, tablets, phablets and applications galore. The explosion of IoT, BYOD, BYOA and BYO-everything else is upon us. With this trend still in its infancy, the future of connected devices and applications will be not only about the quantity of connected devices, but also the quality of their connections tunneling network bandwidth.

But it goes beyond the (seeming) “toys” that users bring into the environment. More and more, commodity devices such as HVAC infrastructure, environmental systems such as lighting, security devices, and more all use bandwidth (cellular or wifi) to communicate outbound and receive updates/instructions inbound. Companies are using (or planning the use of) IoT devices to track product, employees, and equipment.

The explosion of devices which consume or produce data WILL, not might, create a potentially disruptive explosion in bandwidth consumption, security concerns, and monitoring and management requirements.

IPv6 Now… or sooner

ARIN reports that they have now depleted their IPv4 Free Pool. Meanwhile, IPv6 is enabled by default, and, therefore, is creating challenges for IT professionals—even if they put off their own IPv6 decisions. (Check out this article on VPNs’ insecurity and another on how to mitigate IPv6 attack attempts.)The upshot of all this is that IPv6 is a reality today. You need to learn about it, and be ready for the inevitable moment when switching over is no longer an option, but a requirement.

SDN and NFV and IPv6 will become the mainstream

Software defined networking (SDN) and network function virtualization (NFV) are just in their infancy and should be expected to become mainstream in the next five to seven years. With SDN and virtualization creating new opportunities for hybrid infrastructure, a serious look at adoption of these technologies is becoming more and more important.

So long WAN Optimization, Hello ISPs

There are a number of reasons WAN technology is and will be kicked to the curb in greater fervency. With bandwidth increases outpacing CPU and custom hardware’s ability to perform deep inspection and optimization, and with ISPs helping to circumvent the cost and complexities associated with WAN accelerators, WAN optimization will only see the light of tomorrow in unique use cases where the rewards outweigh the risks. As most of us will admit, WAN accelerators are expensive and complicated, making ISPs more and more attractive. Their future living inside our networks is certainly bright.

Farewell L4 Firewalling

With the mass of applications and services moving towards web-based deployment, using Layer 4 (L4) firewalls to block these services entirely will not be tolerated. A firewall incapable of performing deep packet analysis and understanding the nature of the traffic at the Layer 7 (L7), or the application layer, will not satisfy the level of granularity and flexibility that most network administrators should offer their users. On this front, change is clearly inevitable for us network professionals, whether it means added network complexity and adapting to new infrastructures or simply letting withering technologies go.

Preparing to Manage the Networks of Tomorrow 

So, what can we do to prepare to monitor and manage the networks of tomorrow? Consider the following:

Understand the “who, what, why and where” of IoT, BYOD and BYOA

Connected devices cannot be ignored. According to 451 Research, mobile Internet of Things (IoT) and Machine-to-Machine (M2M) connections will increase to 908 million in just five years, this compared to 252 million just last year. This staggering statistic should prompt you to start creating a plan of action on how you will manage nearly four times the number of devices infiltrating your networks today.

Your strategy can either aim to manage these devices within the network or set an organizational policy to regulate traffic altogether. Nonprofit IT trade association CompTIA noted in a recent survey, many companies are trying to implement partial and even zero BYOD policies to regulate security and bandwidth issues. Even though policies may seem like an easy fix, curbing all of tomorrow’s BYOD/BYOA is nearly impossible. As such, you will have to understand your network device traffic in incremental metrics in order to optimize and secure them. Even more so, you will need to understand network segments that aren’t even in your direct control, like the tablets, phablets and Fitbits, to properly isolate issues.

Know the ins and outs of the new mainstream

As stated earlier, SDN, NFV and IPv6 will become the new mainstream. We can start preparing for these technologies’ future takeovers by taking a hybrid approach to our infrastructures today. This will put us ahead of the game with an understanding of how these technologies work, the new complexities they create and how they will ultimately affect configuration management and troubleshooting ahead of mainstream deployment.

Start Comparison Shopping Now

Going through the exercise of evaluating ISP’s, virtualized network options and other on-the-horizon technologies – even if you don’t intend to switch right now –because it will help you nail down your particular requirements. Sometimes knowing a vendor has or works with technology you don’t need now, such as IPv6, but might later can and should influence your decision.

Brick In, Brick Out

Taking on new technologies can feel overwhelming to those of us with “boots on the ground,” because often the new tech becomes one more mouth to feed, so to speak. As much as possible, look for ways that the new additions will not just enhance, but replace the old guard. Maybe your new real-time deep packet inspection won’t completely replace L4 firewalls, but if it can reduce them significantly – while at the same time increasing insight and the ability to respond intelligently to issues – then the net result should be a better day for you. If you don’t do this, then more times than not, new technology will indeed simply seem to increase workload and do little else. This is also a great measuring stick to identify new technologies whose time may not yet have truly come, at least not for your organization.

At a more basic layer, if you have to replace 3 broken devices and you realize that the newer equipment is far more manageable or has more useful features, consider replacing the entire fleet of old technology even if it hasn’t fallen apart yet. The benefits of consistency often far outweigh the initial pain of sticker shock.

To conclude this series, my opening statement from part one merits repeating: learn from the past, live in the present and prepare for the future. The evolution of networking waits for no one. Don’t be left behind.


Thank you adatole‌ ! 

Preparing for the future can be a daunting task with the changes that are happening.  The biggest challenge in most shops I see is unaccounted for growth.

Capacity planning is great but if you add a large number of servers/network devices/networks beyond what was planned for, you may be pressured into new technology or vendors before you have the chance vet things out....

I'm just back from a Cisco Tech Day in Minneapolis, where I heard your concerns in detail in multiple specialty departments.  Where before it was acceptable/standard to assign VLAN's and use CLI src/dst/ports to contain security, the Cisco world has moved onto full Netflow-based flow security.  ACI and IWAN, DMVPN and TrustTec, LANCope and ISE 2.0 and PRIME 3.0--all are changing how we'll do the work.

Utilizing a full Netflow solution reportedly will give us the ability to identify secure / needed flows and build policies to allow them, while identifying history malware vectors and being able to track every device that malware flow touched within our organization, thus giving teams an efficient list of systems to visit/touch/remediate, and also showing which systems were not touched.

Just like DNA analysis used to require grams of material, and now can be done accurately with amounts of DNA too small to see, so will we be able to find and resolve problems using Netflow with less and less work.  Well, OK, that's the Kool-Aid.  I'll believe it when I see it, but apparently it's here already, and coming to my organization in the future.

I'm interested in managing tomorrow's networks with easier and simpler tools, such as I saw happen in a demo where a BR at a DC was given a fat pipe into a cloud, and BR's at branch sites automatically tied into that DC BR across multiple media--T1's, MPLS, Broadband, and G3/G4 cell phone wireless.  Then, using drag & drop, flows identified from Netflow (VoIP, medical images, EHR, etc.) could be dragged & dropped onto those Border Routers' interfaces, provisioned automatically with appropriate QoS, and set to use any or all of the available paths into the cloud.

The result was fast failover, lower WAN costs than bundling more and more T1's, and an ability to assign flows per path and technology.

CLI commands that were required to do this five years ago ran up to a thousand lines.  Two years ago they'd been pared down to a hundred lines.  Today it's just ten lines.  Plus it can be done via GUI (but CLI remains available for those of us to trust it more than Cisco GUI's).

It's a lot of change, and new ways of thinking about things.  I'm up for it!  I'm glad adatole‌'s right on top, keeping us pointed in the right direction, making us aware of changes in the air.  And that SW isn't sitting back twiddling their thumbs while the world leaves others behind.

Level 14

I must admit that I work in a different environment than most.  I work in network defense for the Department of Defense.  Since the Internet originated as a DARPA project, we still have control of 25% of all IPv4 address space.  We won't be running out of space soon.  So, adoption of v6 has been slow.

As for L4 firewalls, I agree whole completely.  However, L7 firewalls have their limitations.  Predefined proxies generally will do deep packet inspection, but if you need to create a proxy, deep packet inspection is limited or non existent.

Above all else, one thing is for certain: We networking professionals should expect tomorrow’s technology to create more complex networks resulting in even more complex problems to solve.

For years, I have always viewed networking as a very mundane, repetitive role.  However, whether I was right or wrong, looking at all the cool new things that are being implemented by our network admins, this is an exciting time to be a network admin.

Level 8

Thanks so very much, Mr Adato, for sharing your 50,00-foot flyover on this topic.  Really great reality check for all of us!  And planning help of course.  I'd like to comment a bit further but just re-did my tasklist; have too much to do

Level 12

history of network.....

Level 17

Great Series!

About the Author
Network administration at a small college in New England.  Carreer-changed into IT from civil engineering 16 years ago.  You folks are FAR MORE FUN than the very serious folks in my previous life!