Enterprises can better achieve business objectives through a network infrastructure upgrade, says a Cisco business solutions architect.
As IT organizations ponder upgrades to network infrastructure, they are understandably concerned about costly migrations and management headaches.
An overhaul, after all, diverts time, dollars and IT skills from other projects. To become more agile, though, an enterprise should consider investments in network virtualization and other technologies.
If the goal is move application data back and forth to the cloud or to learn more about shoppers' behavior in a store, software-defined networking, network analytics, and secure-access tools can help.
This move to software-defined access (SDA) of the network can bring major business benefits. Analytics gathered from the network helps companies learn about customer habits or identify configuration errors that create latency problems.
Further, to step into a modern era of intelligent networking, though, companies may also need to jettison current technologies and migrate to new systems. Tools from companies like Cisco – including its networking platform Digital Network Architecture (DNA) and its new line of Catalyst switches -- are designed to help customers cross the chasm and modernize for the cloud, secure mobility and billions of Internet of Things (IoT) devices. That can be a tough sell for companies with tight budgets and strapped IT departments, but the upgrade may enable new business capabilities. And, in some cases, modernization can prove more cost-effective than continuing with in-place systems.
Cisco.com sat down the Jason Gooley, a technical solutions architect for sales at Cisco Systems, to discuss the business potential of DNA, a collection of technologies designed to virtualize, automate and monitor the network and how prospective customers can realize those benefits.
Cisco.com: What is Digital Network Architecture, and why is it important?
Jason Gooley: The way I often describe it is that utilizing the network, we can gain more insight and analytics while accomplishing tasks more quickly. This allows customers to achieve their business goals faster.
A lot of it has to do with sheer size of the data coming in. We have more data coming in from the edge [of the network]: from connected devices, IoT in manufacturing, guest wireless networks. How can we use this information to better our business and get better insight into it?
So, for retail store locations, I can look at specific areas of my store, use network analytics to see specific patron walking patterns, and I might be able to use that information with product placement to get the customer in and out faster. So, we’re using things like digital network architecture to get more out of [the network data we already have].
In the past, I just needed a network to connect things. Now we can do so much more to enable the business when we connect these pieces.
So data is at the heart of what’s different about these technologies?
That’s right-- 100%. Customers don’t want to backhaul all the data back to their data center, but actively do something with the data where it sits—whether it’s push a coupon out to a customer, enable an interaction in a hospital room or another task. They don’t want to have to massage the data; that takes too much time. It’s best if you can make the data actionable where it sits, versus having to bring it back to an enterprise data center to make use of it. If we can make data actionable for the customer immediately, we’re addressing their need.
You mentioned features like security and network segmentation have been around for some time. But you’re saying they are easier to use with Cisco DNA?
Yes, exactly. Part of DNA is bringing together elements that have been around for some time and making them easier to use. For example; Cisco ISE [Identify Service Engine, a secure network access tool] has been around for a long time, but it hasn’t been exactly simple to implement. When you start talking about network automation, you have a single place to see your whole network. Imagine being able to use your network as a whole system versus as a collection of devices. You can now signify your intent of what you want to do and set polices to achieve it.
We also have features to segment traffic. So, for example, I don’t want patient data talking to hospital room data, or I don’t want my wireless network in a retail store talking to finance servers back in corporate office; you want to segment these networks from one another. You can signify you don’t want those connections, and tools like DNA will abstract all these relationships automatically. And you can configure these relationships much quicker. You can do things in minutes now and get immediate business return.
One healthcare contact center is in an early field trial for the Catalyst switches. It shares a location and equipment with other medical institutions as a co-op. So how can they share a phone system but not have that phone system talk to anything else on the network, especially from a HIPAA [Health Insurance Portability and Accountability Act] compliance perspective? DNA and these switches were the answer to a lot of issues in this organization’s network and need for secure segmentation and automated management.
Many network administrators seem to be concerned about network automation. Why?
When you start talking about programmability, network administrators almost immediately think they are going to get programmed out of a job.
Configuring VLANs [virtual local area networks] over and over again isn’t useful to the business. The business side may want you to plan the next five years, meet business needs, not just keep the lights on. If we can automate what common tasks you do daily, there are benefits for you. If something goes down, you might not have to wake up at 2 a.m. to fix it.
When you talk about programmability, network administrators often think it means application development: develop for SAP or Oracle. But in reality, you’re talking about scripting mundane tasks that you do on a daily basis. People fear they have to become application developers, and that’s not the case.
But the reality is that networking pros will have to get some new skills.
Certainly. If you don’t enhance your skills as things evolve, you’ll get left behind, so to speak. You might not be the first person somebody calls in the new world of networking. With DevNet, our developer network, there are so many tools that enable people to learn these things.
What are we talking about in terms of programming language? Often the most common language is Python. It’s the easiest to read You can follow along with it. I am going to this URL, which is DNA Center [the Cisco management console for DNA], I can see that it’s asking you to do this command. Really, what you’re just learning a new syntax in those terms. It’s much like following along in command line of a Cisco router.
In addition to retraining and reskilling, what other changes might these technologies bring?
If you use a network as a whole system, versus a collection of devices; think about the troubleshooting example. Imagine trying to stop an attack. Now, you have a controller that can see a network as a whole and stop those threats with a click of a button-- or automatically where you don’t have to click a button.
Instead of going manually through all these different logs -- and that’s usually after you’ve been compromised. Now, you can use the intelligence of the network and see it as one enhanced system. We couldn’t do that previously—nobody could. You had to go to all these different devices and piece together a story. Now, because we have software-defined capability, we have intelligence in switches that can automatically detect and block malicious traffic inside encrypted traffic without decrypting it. Tying that all together and figuring out how security plays a role is key.
But the reality is that many customers use Cisco tools and other vendors. Doesn’t this patchwork make it harder to get a cohesive view?
It does. The analogue I use is this: Would you want 50 doors on your house? Or would you want just two or three? You would have to secure and protect 50 doors. The same is true for your business.
So, yes, whether it’s Cisco or any vendor, the more vendors at play, the more complex the network and the more you’re going to have to do to get those pieces to talk to each other.
So how can customers navigate if they have a multivendor environment?
Our technology is open—there are APIs [application programming interfaces] and ways that you can programmatically ease that burden. So technologies need to be open and programmable so we can partner with other companies. Cisco has done this well, maintaining this open mentality. We understand that our customers may not be 100% Cisco.
How do these new technologies represent a shift in mentality?
We’re used to a world where a device has this location, this IP address. With the explosion of devices, we have to get out of that mentality. I can take a device from one location and go to another without having to worry about changing IP addresses, without losing connectivity.
As enterprises move workloads between multiple data centers or move devices, as they use bring-your-own-device policies or guest wireless, there is a need to keep things consistent but not have to worry about IP addresses and guess-access lists. All these things were very manual in the past and time-consuming.
With SD-access, all of these issues go away because you have the ability to do it in more of an automated fashion. The whole industry is driving toward this. We need to make it simpler and easier for our customers because that’s what they need to succeed.
Lauren Horwitz is the managing editor of Cisco.com, where she covers the IT infrastructure market and develops content strategy. Previously, Horwitz was a senior executive editor in the Business Applications and Architecture group at TechTarget;, a senior editor at Cutter Consortium, an IT research firm; and an editor at the American Prospect, a political journal. She has received awards from American Society of Business Publication Editors (ASBPE), a min Best of the Web award and the Kimmerling Prize for best graduate paper for her editing work on the journal article "The Fluid Jurisprudence of Israel's Emergency Powers.”