Five steps to modernize your enterprise network

The business value of the network has never been higher, driven by digital transformation. Due to the COVID-19 pandemic, enterprises have accelerated their digital transformation process by as much as seven years. This has had a profound impact on enterprise networks, and most enabling technologies such as cloud computing and the Internet of Things are network-centric.

This intense focus on digital transformation has exposed many flaws in traditional networks. They require many manual processes and lack the flexibility and intelligence to meet the needs of digital business. If enterprises are to maximize their investments in other technologies, they need to make network modernization a priority. Here are five steps all enterprises should consider when modernizing their networks.

Software Defined Everything

In traditional infrastructure, the data and management planes are tightly coupled, so when changes occur across the network, every device must be reconfigured. This can result in months of time to make changes, which is too long for digital enterprises. Software-defined systems decouple the control plane from the data plane, centralizing the control plane. This allows engineers to make modifications from a centralized location and propagate throughout the network in near real-time. The move to software-based systems is fundamental to network modernization.

It’s important to note that the original definition of SDN was associated with the data center, while SD-WAN was later used as part of WAN modernization. The underlying technology shift for SDN and SD-WAN is the same, but the implementation is very different, which is why the vendors in these markets are different. For most companies, the team that runs the data center is different than the team that runs the WAN; other than simplicity, there’s no real incentive to buy both SDN for the data center and SD-WANs from the same vendor. It makes sense to start with SD-WAN because the ROI is typically much greater and the architecture used to build the existing WAN may be 20 to 30 years old and in need of an update. SDN for the data center should be pursued as part of a larger data center modernization initiative, such as a move to a private cloud.

Embrace AIOps

Today's networks are much more complex than they were in years past. At the same time, they are also more important from a business perspective, as a network outage or even a poorly performing network can cost a business a lot of money. To help network engineers better manage their networks, most vendors provide real-time telemetry data. The problem is that the volume of data can be too large for even the best engineers to interpret quickly and accurately.

AIOps systems, on the other hand, are always watching and can alert network operations teams to the smallest anomalies that could create performance issues.

Once trust in the system is earned, changes can be made automatically, but don’t expect instant perfection, as AI systems need to learn. The threshold for justifying AI is that it does a task better than a person, an achievable standard considering that human error is the biggest cause of downtime. Start by adopting AI in the most challenging parts of the network, Wi-Fi and SD-WAN, and then expand from there.

Harness the power of the cloud

The cloud has transformed every part of IT except the network. Compute, storage, application development, and even security all leverage the cloud to provide better scale and agility. Now, it's time for the network to follow. Decoupling the software from the underlying hardware allows the network to be centralized. Early in the software-defined cycle, software was centralized in on-premises controllers, but most vendors also offer cloud options, which can provide many benefits. First, all data from the entire network can be centralized, providing a larger, end-to-end network view.

Because storage requirements across the network can be enormous, field controllers typically limit the data collected to a single location. In addition, cloud technology can handle computationally intensive tasks such as artificial intelligence at scale.

A unique capability of cloud management systems is that vendors can compare one enterprise's metadata with that of other organizations, enabling network engineers to understand how their environment compares to other enterprises. Because only metadata is used, sensitive or proprietary data should not be used in the comparative analysis.

Upgrade to Wi-Fi 6, Wi-Fi 6E, and 5G as needed

Wireless networks were once thought of as convenient networks, while wired networks were the ones that provided the best performance. This is no longer the case today, as there are many mission-critical services that are wireless, such as medical, manufacturing, and warehousing. The rise of 4K video has also put tremendous pressure on traditional Wi-Fi networks.

Wi-Fi 6 builds on Wi-Fi 5 but brings in many features from the cellular world to reduce congestion, improve battery life, and extend range. Wi-Fi 6E uses 6Ghz spectrum and offers even faster access speeds than Wi-Fi 6, but is not forward compatible with Wi-Fi 5 and earlier versions. Private 5G uses standards like CBRS to bring Wi-Fi speeds to cellular networks.

They each serve different application scenarios. The general deployment model is to mix the three together, where Wi-Fi 6 is used for general-purpose connections. Areas with higher customer density can be enhanced with Wi-Fi 6E. Private 5G will be used for mission-critical use cases, such as manufacturing workshops.

Make security an inherent attribute of the network

Historically, network and security technologies have been deployed independently, with the latter usually overlaid on the network. This isn't ideal, but it works well enough to stop most intrusions. Network engineers design the network, while security experts deploy security tools at each entry point.

One of the challenges today is that there are hundreds or even thousands of entry points, from SaaS applications to VPN tunnels to guest access on Wi-Fi networks. Even if an enterprise had unlimited funds, it would be impossible to deploy all the necessary security tools to defend every point.

Another complication is that the number of security tools is ever-increasing. In the past, firewalls and IDS/IPS systems were sufficient to protect an enterprise. Modern security includes these, but also includes zero-trust network access (ZTNA), secure web gateways (SWG), cloud access security brokers (CASB), endpoint and network detection and response, and other tools.

A growing approach to ensuring enterprise security is to embed security into the network as a cloud service. This is often referred to as Secure Access Service Edge, or SASE, and it enables enterprises to deploy enterprise-grade security anywhere in the network, including workers' homes. The success of SASE depends on bringing security and network operations teams together. This can be a challenge, but it is necessary for any organization that wants to modernize its network.

Skills for Network Professionals

It is worth mentioning that today's network engineers need to be software engineers because modern network equipment can be managed, configured, and programmed through software APIs and developer interfaces.

A few years ago, there was a push to have network engineers become developers to take advantage of these software systems. However, this created a lot of resistance in the networking industry because most network professionals had little to no interest in becoming developers.

In reality, network professionals don’t need to be developers, but they should be familiar with how to use software. Performing a task by calling an API is much simpler than using a command-line interface, and it greatly reduces the chances of error. While network hardware has been equipped with software interfaces for years, adoption has been slow. If networks are to be modernized, the skills of the people who run them must also be modernized.