Oakland County was stuck in a cycle of manual break-fix until it adopted network automation.
For organizations striving to stay responsive to users, legacy infrastructure is a nemesis.
IT teams need to accommodate quick turns in business. But they can’t when infrastructure is cloaked in a 20-year-old legacy network design.
Oakland County, northwest of Detroit, Mich., was dragged down by its older network infrastructure. The county provides IT support for its own agencies but also for nine other counties in the region. As a result, its network has a broad geographic footprint, provides many services and accommodates myriad devices including an exploding Internet of Things (IoT) landscape.
But as it considered a network switch upgrade, it faced 5,200 man-hours to manually migrate workstations to new IP addresses based on best practice designs. Its network customizations and large geographic footprint presented a daunting migration challenge.
“It was going to take a tremendous amount of labor”—and cost—to redesign network segments and re-assign IP addresses to workstations, said Guy Compton, chief of technical services in Oakland County.
“Our IT environment is very complex,” he emphasized; the county’s IT supports courts, water resources, parks and recreation, and other municipal services. “Networks don’t stay pristine for 20 years, and you develop a lot of customized solutions to solve networking problems.”
Oakland County needed to improve network management efficiency by introducing network automation and analytics to proactively monitor systems.
These kinds of transformation projects have been on tap among enterprises that need to modernize. A recent Enterprise Strategy Group (ESG) survey found that 77% of organizations had established or were in the process of these kinds of digital transformation initiatives. Further, 55% of respondents have turned to digital transformation to become more operationally efficient.
“The IT environment has become so much more complex, with so much more data and devices,” said Bob Laliberte, senior analyst and practice director at ESG. “You don’t want to be stuck doing repetitive tasks. You want to be more focused on value-added services.”
In the old days, hardware-based network migrations could take weeks or months, as network engineers would have to apply manual changes device by device.
“Networks don’t stay pristine for 20 years.”Guy Compton, chief of technical services, Oakland County
By contrast, today’s software-defined networking (SDN) minimizes complexity of network management by abstracting hardware-based resources into software. As a result, changes can be established and made repeatable through software policy, then be applied to a series of devices—in minutes rather than weeks and with far less error than manual changes bring.
Intent-based networking (IBN), extends this automated network configuration to bring data insight to network management. IBN also articulates business priorities in network policies. As a result, networking pros can use analytics to identify performance and security issues and work proactively to manage the network based on data, and in accordance with business units’ needs.
So, for example, if an organization has field technicians who need access to certain data-intensive apps between 10:00 a.m. and 3:00 p.m. most intensively, network administrators can set policies to prioritize this traffic during these hours and can be alerted if policies don’t have the desired effect.
Oakland County’s manual challenges echo recent market data on the persistently tactical nature of network management today.
According to the Cisco 2020 Global Networking Trends Report, 73% of respondents spend more than half their time maintaining the status quo of networks, not on providing value-added services.
Oakland County turned to intent-based networking to free itself from tactical network management.
In Oakland County, manual configuration and network workarounds had developed. The county had customized network configurations to comply with federal CJIS (Criminal Justice Information Services) security requirements. The result was a Winchester house of network management practices.
“We were struggling with policies and inconsistencies in implementation, which downstream causes instability in the system,” Compton recalled.
It also resulted in undesirable network management practices, such as Internet of Things (IoT), devices sharing the data network without the necessary security measures applied.
“The right thing to do is to separate your IoT devices into a different network,” Compton said. “That’s a lesson learned.”
In 2017, Compton and the IT team began using intent-based networking, which enabled the team to configure its network in software through repeatable, standardized policies.
With Cisco DNA Center—Cisco SD-Access' controller to implement intent-based networking—Oakland County’s IT team can configure network access policy through a centralized console and determine policy according to user identity (enabling greater granularity and simplicity) rather than via IP address, which can change in a mobile world.
“You don’t want to be stuck doing repetitive tasks. You want to be more focused on value-added services.”Bob Laliberte, senior analyst and practice director, Enterprise Strategy Group
Centralized management, the ability to automate security policy and the ability to extend these standardized policies en masse to the campus have been huge wins for Oakland County. The team has been able to migrate sites without any downtime—exceedingly valuable for services that are expected to be up and running 24/7/365.
“The single pane of glass is the most valuable component as well as security,” Compton said. He noted that using a Cisco-certified network transition hybrid switch enabling the team to smoothly migrate 10 counties between an existing legacy regional network and a new SDN regional network. This approach significantly reduced risks and limited downtime to critical applications during the migration.
Further, the county can better prioritize services on the network. It can, for example, prioritize video traffic on the network, better enabling video arraignment of prisoners at the jail where they reside rather than requiring them to be transported to a courthouse for arraignment, which is costly and potentially a safety risk.
And all this provides the county with insight into the activity on its network so network administrators can act in advance of problematic events.
“Because we have visibility into the whole picture of the network transport, it allows us to respond more rapidly to incidents,” Compton said.
It’s clear that network modernization boosts productivity, improves security, reduces errors and enables IT to align better with business objectives.
But IT pros acknowledge that the IT skills gap looms large in incorporating new network management practices such as IBN and SDN.
According to Cisco 2019 trends survey, 27% of respondents indicated that a lack of in-house skills prevents IT teams from transitioning to advanced networking, and 25% indicated that a reactive operational mind-set posed challenges to IT modernization.
Oakland County recognized its own skills gap and addressed it head-on to move to IBN and SDN principles. The county used the Cisco learning portal and also enlisted the Cisco Advanced Services team as well as its managed service provider, Presidio, to learn IBN principles.
According to the Cisco global trends report, IT teams are clamoring for various skills, including cloud architecture (51%), network architecture (46%) and big data and analytics (43%) and DevOps (27%).
Part of bringing new skills to IT teams involves change management and evangelizing for the benefits of automation for jobs.
While some IT pros are skeptical about network automation because they fear it will steal jobs, Compton said that his team has an altogether different view.
“Today, we spend more time being proactive rather than reactive,” Compton said. “We can spend more time being forward-looking on projects that affect the end user.”
Compton said the team made the connection between training and providing better service.
“It’s not so much that people have been automated out of a job,’ he said. “They are doing their jobs better, more effectively and providing better service to the customers . . . we work for.”
“It's not that people have been automated out of a job. They are doing their jobs better.”Guy Compton
Lauren Horwitz is the managing editor of Cisco.com, where she covers the IT infrastructure market and develops content strategy. Previously, Horwitz was a senior executive editor in the Business Applications and Architecture group at TechTarget;, a senior editor at Cutter Consortium, an IT research firm; and an editor at the American Prospect, a political journal. She has received awards from American Society of Business Publication Editors (ASBPE), a min Best of the Web award and the Kimmerling Prize for best graduate paper for her editing work on the journal article "The Fluid Jurisprudence of Israel's Emergency Powers.”