Reduce Cost and Complexity With SD-WAN and SDN
Matthew Earley
Tell me WHAT YOU WANT TO BUILD - I'll Design, Vet, Build then Teach YOUR Team to Run. I AM a Hybrid Cloud Architect and Engineer Lead Offering Expertise in Networking, Security, AI Utilization, ML and DL Infrastructure
As a network and security engineering consultant I have been cast into many roles, through necessity and desire. Changing hats is expected in a start-up, and something that you more often have to pursue through various means in an enterprise environment. Either way it is necessary to demonstrate value, else you lose the hat. This is where I thrive, envisioning success on the horizon while avoiding the pitfalls of finding the wrong solution too many times, which some brand as “failure”.
When it comes to implementing best practices and adhering to internal and external governances we are often faced with the challenge of re-engineering and existing solution vs the risk of leaving that solution in place with work-arounds. Rearchitecting an enterprise network segment is a monumental challenge encumbered not only by the technical execution, but also the possible interruption of business continuity and flow where the expectation of a service is more often than not, 100% up-time. The coordination to change existing infrastructure can be daunting, requiring implementation from multiple departments and contributors from each. Complexity and time drive costs beyond the threshold, causing a delay or cancellation of the required security implementation.
Traditional Approach:
Still, often as engineers we are required to implement new VLANs, subnets, ACLs and firewall rules to provide access to, and protect an asset as it evolves and changes its position and place in the network from dev to test to prod, and so on. As a business there is no choice, change or die. As an internal IT business-partner we are often constrained by traditional networking topologies and management tools. We then encounter well-known inefficiencies that lead to the above mentioned complexities and costs.
Reduce cost and Complexity:
Fortunately there are ways to rearchitect an integrated system without having to disturb the underlying connectivity, instead relying upon a logical reassignment through a software-defined access and segmentation. These solutions can often be put into place without forklifting the existing solution and interrupting data and business flow by the implementation of policies, often automagically.
In coming articles I’ll explain how the SD-WAN and SDN technologies can benefit an organization by providing a dynamic policy driven environment that places security at the forefront rather than as an afterthought. Add to this the cost savings in time, impact to the business, and WAN connectivity costs, and you have in the very least, a direction in which to point your next technology refresh.
Baked-in Security:
Secure dynamic policy-driven networking that places security at the top of the list, how do we go about achieving such goals? Where do we start when our vantage-point is a traditional network topology with border, host and security-overlays such as IPS? Fortunately there is a process that relies on fundamentals to take a network from where it is now, to where it needs to go. These fundamentals, when adhered to provide a solid foundation on which to build the next generation network to support your applications and services, placing your internal and external customers first.