Home > Postapocalyptic Networks

Postapocalyptic Networks

Just imagine the current situation continues well into the foreseeable future—let’s merge reality with a little fiction. The apocalypse is over, but life has changed permanently. This means we’re going to wear masks in public transport, shops, and restaurants and follow sports events on television instead of in the stadium. But hey, beer is much cheaper at home anyway. Office jobs are outsourced, but not into countries with cheap labor—they’re outsourced to our own homes. What does this mean for designing new networks, adapting to change, or already planned investments? Let’s start at the office. Look at all the empty space! No more queues at the coffee machine! There’s loads of access infrastructure collecting dust now. The Wi-Fi access points on the ceiling turn into objects of modern art, and the switches in the room and the gear on each floor are bored and consider joining a union. But there’s already one advantage: the monitoring system says everything is green and there’s zero bandwidth issues. Isn’t this a dream come true?

Do We Still Need It, or Can It Go?

In this scenario, we identify the existing access infrastructure as mostly obsolete. At the very least, we should turn the devices off to reduce the electricity bill. If the hardware is leased, a contract renewal isn’t necessary. But there’s definitely no case for further investment in swapping or scaling up. Bottom line: this can go. Let’s move up in a traditional network and have a look at the core layer. This is where the on-premises infrastructure sits—including all the servers—and big changes are neither required nor expected. As long as the resources stay where they are, anyway—more on this in a bit. The most significant changes happen at the distribution layer. Its main tasks are routing, inter-VLAN routing, bandwidth management, and site-to-site connections in larger organizations.

Watch This Space

Now we see more of a merge between the access and distribution layers as all the connections of employees (who work from home or elsewhere) arrive and need to access resources inside the company. In Q2 2020, IT teams around the globe worked literally day and night to process what usually would have needed months of planning, and they enabled the workforce to work from outside. New hardware had to be acquired, but sometimes it was just about picking up the phone and ordering new licenses to allow more simultaneous connections using the existing gear. To save time, many organizations routed all traffic from external endpoints into the internal network to keep the security solutions busy while maintaining a few important checkboxes. Who knows, the next security audit might be just around the corner. In Q3 2020, we saw the badly needed optimization of data traffic.

But Who’s Accessing What, and From Where?

So, folks are now sitting at home and working from their laptops. The companies who already changed to software as a service (SaaS) are fortunate. But if all the crucial resources are still on-prem, there’s a whole collection of questions to ask. Would a cloud-based solution be advantageous? If yes, what could be a possible roadblock? What would a migration look like? How much would such a project cost initially and later during operation? For many international organizations, the concerns are clearly about losing the sovereignty of data. And as long as “local” attempts like the GAIA-X project in Europe aren’t available, these concerns are valid. Simple private clouds in local data centers are merely shared storage spaces, but this is fine for teams and prepares the road for more advanced deployments. For example, sensitive data could be stored and encrypted in private clouds, but processing happens at one of the big two public cloud providers with their endless resources and latest technologies. Decryption takes place at the end devices in front of the employee. With a little effort, such a construct could be safe and compliant.

Innovations Help

This is where we come back to the network. With all this tunneling in a multi-cloud environment, it’s not trivial anymore to make sure those tiny data packets arrive safely at their destination. The distribution layer is a good place for investment, and growth is expected for this particular part of networking even after optimization is complete. But ways of connecting and communicating need to be smarter and more open to deal with the change in requirements. This could be a nice playground for some form of artificial intelligence (AI)—right from the start at the endpoint, for example. The system can decide how to connect to a resource based on factors like availability, reliability, speed, security, and cost, of course. Now, let’s talk some serious cost.

What Happens to Our Investment in SD-WAN?

We can also find SD-WAN in the distribution layer, and it’s quite possible many organizations spent significant money on a solution just a few months ago. The idea was to save money and optimize traffic facing outwards. Is this now obsolete and a wasted investment? Not at all. In most networks, the backbone is causing most of the traffic and not the employees. And some SD-WAN solutions will become more useful than ever in a more distributed network (and with multi-cloud environments in particular, which offer their own ways of communication but don’t always work well with each other).

Who’s Taking Care of the Wi-Fi at Home?

Disconnections, video freezing during a conference, problems accessing a resource—these are typical cases for opening a ticket with IT while working in the office. But while working from home, it’s not always easy to get people to understand the conditions aren’t the same as in the office. To make it worse, even management might say “Make sure our folks stay productive while working from home” without understanding the challenges. The boundaries between supporting corporate IT and home networks are blurry, and even though it’s not the IT team’s job to fix home Wi-Fi, each IT pro knows the usual suspects causing trouble at home. Yes, the kids’ gaming consoles consume bandwidth, even in standby. The parents’ gaming consoles do too, by the way. 5G could help in the future. A USB dongle plugged into a work laptop can create a dedicated connection, which makes the device independent of the home network. This can improve troubleshooting and security, which we’ll talk about next.

Any Changes to Security?

Distributed systems with various access limitations sound more complicated than they are. Two-factor authentication should be the default, and permissions management is the bread and butter. The network is also a part of it. But in some organizations, the way they plan and execute measures needs to change. Thinking in a perimeter is outdated and has been replaced with the zero-trust model, where everyone and everything is a potential risk. This is even more important when considering factors like insecure Wi-Fi connections or internet of things (IoT) devices capable of sniffing on the wire—sorry, the waves. This makes the vacuum cleaner a villain. Many dogs and cats already knew this. These are interesting times for network admins, and more change is required. But there’s no reason to panic, and not all these changes are challenges. In many corporate networks, access protocols already exist for contractors, and the knowledge gained through setting them up and maintaining them is a solid base for dealing with an increasingly remote workforce. But the scale is different and will continue to require attention. And who knows? Maybe someday we’ll go into stadiums again and enjoy overpriced beer and hot dogs.
Sascha Giese
Sascha Giese holds various technical certifications, including being a Cisco Certified Network Associate (CCNA), Cisco Certified Design Associate (CCDA), Microsoft Certified Solutions Associate (MCSA), VMware…
Read more