Tag Archives: Infrastructure

SD-WAN vs. MPLS: MPLS Isn’t Going Anywhere Anytime Soon | IT Infrastructure Advice, Discussion, Community

Gartner says software-defined WAN (SD-WAN) will grow to become a $1.3 billion market by 2021, growing at a 59 percent compound annual growth rate (CAGR). At the same time, the overall branch office router market will take a steep drop, according to the analysts. A quick scan of the headlines these days reveals a lot of chatter over the benefits of replacing legacy Multiprotocol Label Switching (MPLS) services with more flexible MPLS alternatives such as SD-WAN.

While it is true that SD-WAN is an appealing technology that delivers branch-office connectivity in a simplified and cost-effective manner compared with traditional routers, it is not likely to replace MPLS entirely. Given the rapid rise that SD-WAN has seen in just the past few years, this claim may come as a surprise. 

Without a doubt, the key driver for SD-WAN is the emerging dominance of cloud-based applications, data storage, and compute. As branch traffic flows shift from the headquarters data center to the cloud, it’s inefficient to backhaul all traffic through the headquarters. Concurrently, many organizations are embarking on digital transformation initiatives. In many cases, this comes with the need for intelligent management platforms and advanced analytics to ensure optimal support for both back-office and customer-facing workloads. And let’s not forget the growing adoption of the Internet of Things (IoT), which requires dynamic, high-speed networking between devices, the edge, the cloud, and the data center.

With all that is taking shape, where does an older networking solution such as MPLS fit in?

The key thing to remember is that this is not a stark choice. There are pros and cons to both MPLS and SD-WAN. A common enterprise network configuration will be one in which each solution supports key workloads based on their service requirements. In fact, the most common scenario has SD-WAN augmenting MPLS to provide a healthy mix of flexibility and reliability, as well as scalability and cost savings.

MPLS was designed for and is deployed in a hub-and-spoke topology that backhauls branch data to a centralized data center. MPLS typically provides better performance for workloads that are sensitive to latency in packet delivery and demand high reliability. These include critical real-time applications such as voice, video, and collaboration. With countless services now firmly entrenched in the cloud, this approach has become expensive and cumbersome. For all its reliability and performance, MPLS is a costly option. That’s why so many organizations are transitioning to hybrid WAN solutions that de-emphasize MPLS in favor of SD-WAN.

This doesn’t mean that all use cases will shift to MPLS alternatives such as SD-WAN. Even within companies that are heavily dependent on Software-as-a-Service (SaaS) and cloud computing workloads, there are strong reasons for them to keep at least some of their legacy MPLS network in service. Many organizations will continue to maintain MPLS in the local data center to support basic network domain and server services. Authentication, DHCP, and DNS services are prime examples.

Complicating the issue is the fact that the line between critical or non-critical data and higher priority or lower priority traffic is not always clear. Video conferencing may be mission-critical, and demand assured quality of service for one organization, while for the next, it may be considered entirely dispensable. In general, organizations can expect to support critical workloads and some non-critical ones for them in the data center. Headquarters and large branch sites may connect over MPLS, while smaller branches will use MPLS alternatives such as SD-WAN offerings riding on a mix of business and consumer broadband Internet connections.

Organizations should take the following steps to differentiate SD-WAN and MPLS workloads and needs properly:

  • Conduct a thorough survey of all data flows and applications on current WAN infrastructure and then set appropriate policies to allocate traffic to the proper solution

  • Consider non-broadband Direct Internet Access (DIA) circuits for SD-WAN deployments that support high ratios, critical cloud-facing workloads, and real-time applications

  • Explore “over the top” MPLS alternatives that offer performance and reliability over broadband

  • Employ priority-based path selection and other SD-WAN tools to improve throughput for time-sensitive applications

  • Potentially maintain MPLS networks at the data center, critical off-site locations and in areas with poor or emerging infrastructure

Geography can potentially come into play, as well. When dealing with remote users, the best broadband just isn’t always available. Exurban and rural regions are still lagging in broadband connectivity and probably will continue to do so for some time. As a matter of course, networking executives should rank each remote site not just by the type of services needed but also by what flavor of broadband is available.

 Related Network Computing articles:

Futureproofing the Branch Office

Include the CISO in Your SD-WAN Planning Strategy

The Best Ways to Determine How Much Bandwidth Your Data Center Needs

Source link

5 Steps to Get Ready for the 5G Highway | IT Infrastructure Advice, Discussion, Community

With the recent arrival of the first wireless 5G services, we’re now all officially on the highway to adoption. By delivering wireless connectivity up to 100 times faster than anything that has come before, 5G will create new opportunities and new markets and will power the nascent IoT world – signaling the birth of entirely new industries.

Its impact on business and society is expected to be profound – the World Economic Forum predicts it will “be as revolutionary as electricity or the automobile, benefitting entire economies, and entire societies.”

As the rollout of 5G progresses, and service providers gradually launch their offerings, it will coexist alongside 4G LTE – a familiar technology that has enabled people worldwide to work, relax, and connect in ways not possible in the legacy 3G world. 4G LTE has been steadily evolving to connect faster than ever before. It has played a pivotal role in creating entirely new digital industries, such as social media while providing the likes of Uber with the means to disrupt traditional markets.

So, this is a good time to be planning ahead, and businesses need to be looking at the opportunities a wireless and 5G-powered wide-area network (WAN) strategy presents, and how to get there. They can make a solid start by following these five foundational steps:

Step one – Create a wireless networking roadmap

As businesses adopt more cloud, mobile, and IoT technologies, the volume, variety, and velocity of WAN endpoints are exploding, and the need for non-stop cloud access grows. As a result, businesses should assess their WAN requirements and roadmap to determine where they can benefit from 4G LTE today, including the replacement of legacy wireline technologies. Not only will organizations reap the benefits that only wireless can bring, but they will gain valuable experience with expanded use of LTE today to prepare them for 5G in the future.

Step two – Gain speed with Gigabit LTE

Since 4G LTE and 5G are designed to coexist for a very long time, LTE is evolving to intersect with 5G in terms of faster speeds and lower latenciesGigabit-Class LTE uses technologies that will be foundational components of 5G, and as such, can help transform business operations now and provide a baseline wireless WAN in the future.

Gigabit-Class LTE, along with the arrival of unlimited, “no overage” data plans, represents the missing link for many organizations that have been thinking about replacing wired T1 or internet broadband links for rapid deployment and reliability of wireless at their edge locations. LTE has already carved a valuable role as the go-to connection for failover and Day-1 connectivity. But now, it is a viable option for primary WAN connectivity as well. This allows organizations to ‘cut the cord’ and replace cable and DSL providers – often hundreds that are stitched together to provide a nationwide branch network – with just one or two wireless providers. In doing so, they can also realize a significant reduction in operating costs while experiencing an improvement in WAN uptime.

Step three – Develop a deployment regime

As 5G arrives, it won’t be a big bang that makes it available everywhere companies and individuals need it. Nor will there be one universal form of 5G different carriers will have different versions leveraging low, mid, and high (millimeter wave or mmW) bands that all have different characteristics in terms of speed, propagation abilities, and proliferation rates. This means that there will be multiple on-premise deployment models for 5G depending on the flavor. For example, mmW will provide the most performance 1 to 5 Gbps and beyond, but it will require line-of-sight installation on the outside of a building in most cases since even e-glass can significantly impair reception. Mid-band solutions, which are commonly referred to as Sub-6, give up some performance for longer propagation. These can usually be installed inside a building but require placement close to windows for optimum signal reception.

Developing a 5G deployment strategy for the different modalities will be important to ensure cost-effective installations and optimal performance. Additionally, organizations that desire the performance advantage of mmW will want to ensure their wireless network edge provider supports both inside and outside mounted modem solutions.

Step four – Deploy 5G when and where available

As highlighted above, 5G will come in different flavors with different characteristics, each having different rollout timelines from carriers. Therefore, network planners should expect to have a hybrid LTE and 5G WAN for some time and plan accordingly. The good news is that the leading wireless network edge solutions will support LTE, Gigabit-Class, and 5G equally, making the building and management of a hybrid wireless WAN easier, and the transition between different wireless modalities more transparent.

Businesses especially those with highly distributed and nationwide branch or store footprints need to map carrier 5G rollout plans against their remote locations to determine their own rollout plans. Where it is available, test the different variants of 5G to understand the real-world potential before rolling it out at scale.

Step five – Measure performance levels
For most businesses looking to leverage 5G for Fixed Wireless Access (FWA) use cases, it’s all about price, performance, agility, and availability over wireline alternatives. Therefore, it’s important to implement a wireless WAN performance management capability that ensures the installation is optimal, that the company is using the right LTE or 5G connectivity at each site, and that the business is getting what it has paid for from its wireless WAN and 5G.

These are exciting times as 5G is slated to deliver the biggest communications transformation since the internet. Maybe even bigger. But on this journey to a faster future, it’s important to prepare for it now by starting to build a wireless WAN with LTE. Gigabit-Class LTE already delivers much of the value that most enterprises are looking to 5G for today – a high-performance that is faster than OC-3 fiber connection but more pervasively deployed. For anyone building a WAN strategy today, being on that wireless highway to 5G can help ensure they are ready for the future.

Related Network Computing articles:

Is 5G Fixed Wireless Access the New ISDN?

5G Is More Secure than Wi-Fi…Right?

5G Is Coming, but When?

Source link

How the Concept of a “Hacker” Has Evolved in Recent Years | IT Infrastructure Advice, Discussion, Community

Picture this, the stereotypical hacker: black hoodie, hunched over a laptop festooned with stickers, in a dark bedroom.

That’s not what the hackers I’ve met look like. In fact, quite a lot of hackers look a lot like information security professionals. They have the same training and share the same interests.

In some cases, they are even the same people: security professionals enjoy penetration testing, for instance, in which they essentially ‘pretend’ to be a hacker to find vulnerabilities.

In addition, plenty of security pros started out hacking, and only later got a respectable job. The older generation of network analysts often started out ‘phreaking,’ hacking phone systems, before graduating through black-hat hacking, white-hat pen testing, and finally to network security analysis.

Types of Hackers

That said, there are significant differences between different types of hackers. The clearest way to define these different types is to look at their motivations for hacking. By doing that, we can break hackers into several groups:

  • Black hat hackers are the stereotypical hacker, interested in financial gain or just infamy.

  • White hats, by contrast, are hackers who have authorization to try and breach a system and then report back on any security holes they find.

  • In between, we have gray hats. Typically, these hackers are not interested in destruction, but neither do they have authorization to test a system. Instead, they can be motivated by trying to raise awareness of how insecure public systems are by posting vulnerabilities to message boards. These hackers, for instance, have recently taken aim at city governments and aimed to convince them to improve cybersecurity.

  • Hacktivists and Red Teams are generally ‘ethical hackers,’ who use illegal means, but do so in a way that they believe will improve the world (or at least the security of a particular system)

  • Then we have spy hackers and state-sponsored hackers, who are paid by corporations or governments to obtain secrets. These hackers are generally the most sophisticated and dangerous because they have the most expertise and a huge level of resources. This allows them to use advanced social engineering techniques and huge amounts of computing power.

  • Lastly, there are the script kiddies, inexperienced hackers looking to cause havoc. Though not as dangerous for well-protected corporations, these kids can still mess with your home network, and potentially steal personal data from poorly-protected individuals.

Personality Traits

Whatever their motive or level of expertise, it’s interesting to note that research on Hacker Personality Profiles Reviewed in Terms of the Big Five Personality Traits has found that all hackers share a remarkably similar type of personality.

Specifically, this research shows that hackers are unusually open to new experiences in comparison to the general population. In practice, this personality trait is manifested in the fact that hackers love a challenge, and that personal infamy is often as important to them as monetary gain.

Some security firms have attempted to use this trait against hackers. The use of decoy systems, for instance, relies on giving hackers what appears to an achievable challenge and then identifying those who take it up.

A second personality trait of hackers is the high level of neuroticism among the group. “Neuroticism”, here, doesn’t mean ‘neurotic’ in the everyday sense. Instead, the concept of neuroticism is closely akin to that of emotional stability: hackers, in other words, tend to be emotionally reactive, and tend to seek the adulation of their peers.

This trait has also become an important part of systems that aim to identify hackers. Some systems scan message boards for emotionally intense language, which can be an indication of someone who will try and cause harm to a system. This can help in identifying potential hackers before they have a chance to do any real harm.

Hardening Your Defenses

In order to defeat network hackers, it pays to think like them. It’s worth noting that many hackers are just as motivated by fame as money. This means that scanning message boards for mentions of your company can be an effective way of identifying risks. You should also make sure that you are clear about just how many systems you have that are vulnerable to attack: it’s no good securing your email systems if your VOIP system offers up gaping security holes to whoever wanders past. 

It’s also worth trying to hack your own system, and this is the basis of white hat pen testing. If you were going to try to get into your own network from the outside, how would you do it? Think like a hacker. Pay particular attention to services that are so much a part of your daily routine; they seem innocuous. Even the most-highly recommended web hosting services, ones who should know better, can slip up when it comes to hack-proofing their product. The same goes for your email system and any marketing tools you have installed. Compile a list. Check it twice to make sure you close any security holes. You can also have a look at our four tips to make your network security worse, and make sure that you don’t take those tips!

It’s also worth thinking about the wide range of hacker types and making sure that you are protected against all of them. While preventing sophisticated corporate espionage might be your priority, don’t forget that a kid sat in their bedroom can also be a real nuisance. They might not do any real damage, but even if they manage to shut your system down for a day, that equates to a lot of lost revenue. Often, for this type of low-level hacker, scaring them off is the best approach: make a decoy system, and then tell them that you can see them trying to hack it.

The Bottom Line

Ultimately, the stereotype of the hacker might not be very useful. Rather than looking out for cybercriminals in hoodies, security pros should realize that the average hacker looks a lot like them.

This makes them harder to spot, of course, but also comes with a huge advantage: it makes it easier to think like them and to anticipate how they will try to attack your systems. Armed with that knowledge, you can protect your network before an attack even begins.

Source link

How to Build an Agile Future-Proof Network | IT Infrastructure Advice, Discussion, Community

Embracing digital transformation is essential for forward-thinking businesses, and an agile network is crucial for organization-wide digital transformation. Network agility is all about having an infrastructure that can respond to your business needs based on human or technical triggers, such as network congestion and changing customer trends. Today’s software-defined wide-area network (SD-WAN) technologies with APIs are key components of agile networking, as they enable you to make policy-based changes to your network, and switch links in near-real-time to tackle congestion. 

Upskill to meet the needs of the business

Today’s IT professionals must upskill in APIs and SD-WAN to deliver agile networking. Many of them have grown up using tickets to respond manually to the requirements of different lines of business. In that old world of IT, it has been completely normal and acceptable for the roll-out of a new application to take a couple of weeks.

But now, lines of business expect to have secure and reliable access to that new application in a matter of hours, or even minutes. If IT can’t do that, lines of business will find their own way of doing things. This can lead your organization down the slippery slope of shadow IT, where IT projects are managed outside of the IT department. That is why it is so crucial that businesses upskill their IT teams, and if needed, seek the help of networking experts to get them trained up on agile networking technologies. Programming and SD-WAN skills are a must to enable IT teams to respond more quickly to the constantly growing needs of the business. 

SD-WAN: not a quick fix

Some think that it is possible to achieve network agility by simply slapping an SD-WAN on top of a traditional Multiprotocol Label Switching (MPLS) network. While SD-WAN offers businesses greater control and visibility over any type of network, SD-WAN on its own won’t boost capability and capacity – the two key enablers of network agility. 

If the current enterprise network is already choking due to limited bandwidth, putting an SD-WAN on top will just cause performance to falter even more. This is because SD-WAN can take up to 20 percent of bandwidth for the management of traffic. So, if you have a 2MB link, putting SDWAN on that link means that you will have less than 1.6MB left for users – leading to much worse application and network performance than they had to begin with.

That is why it is not possible to achieve network agility just with SD-WAN, without upgrading the underlying network first.

Lay the groundwork

To build a future-proof, agile network requires a rethink of the network foundations, combining the public internet and private networks for maximum scalability, security, and cost-effectiveness. Starting small, in one region, for example, is often a less disruptive approach than a complete global network overhaul.

To illustrate, we deployed a network like this for Carlsberg in just five months – a year less than the industry standard – and did this during the FIFA World Cup, which is one the busiest times of the year for the brewer. As the growing use of cloud-based applications has led to 70 percent of Carlsberg’s network traffic being on the internet, the new agile network has given the brewer ten times more bandwidth, reduced costs by 25 percent, and halved the occurrence of network incidents.

Well begun is half done

Whether you want to start in one region like Carlsberg or do a global overhaul, you must evaluate the capabilities and performance of your current network before implementing SD-WAN to boost network agility. Furthermore, while SD-WAN and APIs help eliminate the manual effort needed to respond to business needs, these technologies also call for a renewed focus on measuring performance to ensure that your applications and the underlying network perform as they should. 

So, to achieve network agility requires a bottoms-up review and redesign of your network. The key points to address are: what does good enough look like for your business? How quickly are you able to respond to application migration requests? How quickly are you able to deploy new links for backups?  How quickly can you boost capacity at critical times to help the business react to rapidly changing market conditions? 

The right mix of technologies, the right skills to deploy and manage them, and a step-by-step approach will help businesses turn their legacy WAN into an agile network. It will enable them to respond more quickly to business needs as market conditions change or new opportunities emerge and accelerate organization-wide digital transformation.

Related Network Computing articles:

Include the CISO in Your SD-WAN Planning Strategy

 The Best Ways to Determine How Much Bandwidth Your Data Center Needs

Source link

Think Twice Before You Modernize Storage with Cloud | IT Infrastructure Advice, Discussion, Community

Many businesses are looking to break free from yesterday’s on-premises storage solutions and embrace a cloud-first mentality. It’s no wonder why: legacy storage hardware has increasingly become a burden to manage, is difficult to upgrade, and in many cases unable to keep up with growing workload demands.

While the decision to modernize your storage environment is a shrewd one, the idea of going cloud-first requires deeper thought. That’s because not every workload is well suited to run on the public cloud. In recent years, some businesses have made cloud-first their standard, simply because they could – and not because they deemed the workload an especially good fit for the cloud. Consequently, many of these businesses have experienced pitfalls that limit – or altogether negate – the benefits they were hoping to realize from migration.

The Challenges of Running Apps and Data in the Cloud

Excessive costs: While the cloud is generally viewed as a way to save costs, many experience the opposite. The combination of virtually unlimited scale and extensive automation encourages customers to store unprecedented amounts of enterprise data in the cloud. These capabilities, however, make it easy to lose track of how much data you’re storing, leading to sticker shock when the first bill arrives. Ingress/egress fees and the use of hot storage when cold would be acceptable for a given dataset also add to these costs.

Provider lock-in: Public cloud providers don’t deliver on-premises replication for data stored on the cloud, meaning the data is locked into the cloud environment. This forces customers to leverage third-party ISVs to replicate data to their physical environments, which is needed to run a consistent hybrid cloud or repatriate data on-premises.

Poor data visibility: Once data resides on the cloud, native public cloud tools often fail to deliver the visibility that IT professionals expect. According to a 2019 study conducted by Dimensional Research, less than 20% of respondents reported that they had the data needed to properly monitor their public cloud environment (compared to 82% who had the proper resources on-premises).

Performance: Because cloud provider data centers are located around the world, customers are forced to pull the results of the queries they run across massive geographic distances. This results in significant latency that can limit the overall performance of their applications. Furthermore, cloud providers tend to leverage commodity hardware that doesn’t provide the performance applications need.

Taking a More Thoughtful Approach to Storage Modernization

Businesses should take a more thoughtful approach to storage modernization. Rather than committing all applications and data to the cloud regardless of their fit, customers should assess which applications are good candidates. Those looking to achieve lower costs, greater agility, or less complexity can leverage a combination of physical and virtual technologies from established storage leaders, like HPE, Dell EMC, and NetApp, to best complement their workloads:

  • Solid-state arrays (SSA, also referred to as “all-flash”) for apps in need of the highest levels of performance, like data analytics, database infrastructure, and AI/ML.

  • Hyperconverged infrastructure (HCI) to run your traditional on-premises workloads, such as file service.

  • Public cloud storage to support less critical use cases, like backup and application development environments.

Modernizing Your Storage Environment

To ensure a smooth deployment and on-going management, it can be helpful to leverage a storage consultant who can provide a service that streamlines your modernization efforts. Areas where help is often required include:

  • Assessment: Assessing your existing environment to help you understand what kinds of data you store and determine the optimal blend of storage resources. During this phase, you need to identify redundant, obsolete, or trivial data – which can add up to as much as 70% of your footprint – to right-size capacity and reduce costs.

  • Installation expertise: Look for teams that have the highest level of certifications offered by Dell EMC, HPE, and NetApp (which represent 46% of the storage market). Also, look for expertise in data migration, data center consolidation, and complementary competencies like Microsoft, data analytics, and security. This streamlines your setup so you can more quickly derive value from your storage environment. 

  • Managed services: Once you have your storage environment installed, look for help with 24x7x365 monitoring and support to effectively manage your new hybrid environment.

Detailed reviews and recommendations on storage modernization options can be found here.

Source link