How is cloud impacting modern networking and security? Maybe it’s time to start from scratch… No, really.

John McAdam, Outgoing CEO of F5 Networks
John McAdam, Outgoing CEO of F5 Networks

Some time in the past year, at an F5 event, I was listening to John McAdam’s view on the disappearing data center. He said that it’s all going to the cloud, which will drastically shape the way we design IT infrastructures from now on. It’s a little funny because we’ve come to think of the cloud message as almost a parody of itself.  This cloud is some vaporous thing out there that we’re supposed to be moving to, but nobody knows how.  The fact, though, is that he’s 100% right. It’s happening.  Every mature IT department I work with has a cloud initiative, of sorts.  Some are taking an application or two.  Some are taking a whole data center.  Some are building DR in the cloud.  Some have moved all collaboration to a managed or cloud service – whether that be documents and email or phone systems. Some believe we can simply load our data centers up into vCloud Air and, “voila!” it’s done. That may be the case for some smaller enterprises, but, as a seasoned architect, I still have a difficult time swallowing an SAP infrastructure’s existence in the cloud.. and I work cloud stuff every day. Imagine the questions a CEO might have about that.  In fact, if we step into those shoes for a moment…

The plight of an IT executive in the cloud age…  If I were an executive, responsible for an IT department, I’d have some questions about all this cloud stuff’s impact on my data center.  I guess I can understand the simplicity of moving customer facing applications out to the cloud. We don’t cross-pollinate our directories (If you’re reading this and you do, please, let’s talk), so there’s a little silver lining there.. as long as regulatory compliance and certifications can be maintained.  (Spoiler alert…they can.) But what about files my employees share with each other? Sensitive internal documents, customer proposals, Is there really a solution for replacing my local file server? Employees need collaboration to be effective, right?  How can I maintain authentication and access controls around my sensitive data?  Do I need to learn a whole bunch of new vendors?  And where does this stuff actually exist?  Where does it reside, physically?

Let’s say somehow, I magically manage to resolve these issues with my data center leaving.  What about the enterprise?  If I suddenly have no humongous core routers and switches and firewalls that came along with my data center to protect me, I might not have need for a large IT staff.  I might settle for lesser caliber networking professionals. How can I have a quality enterprise network without spending a lot of money on expensive equipment and manpower, now that the cloud service providers have hired up all my best engineers?  What will my NOC look like? Truly, these are scary questions for a CEO.  The good thing is that there are answers.  In fact, with a good strategy, we can actually get there exceptionally fast.  How?  Follow me.

images
Open me in another tab (and skip the ad)!

The golden path…  So we have to look at some of these projects and maybe try to prioritize a bit. Also, we need to level-set our expectations – for instance, spending a boatload of effort visualizing your massive SAP or PeopleSoft infrastructure might not be the way to start this whole process.The organizations I’m watching make this transition successfully are starting with manageable chunks and gradually biting off more over time. MORE IMPORTANTLY, they are understanding that there may not be one blanket solution. In fact, sometimes the blended cloud solution is just as diverse as the on-prem data center, if not more so.

Start easy.  Anything customer facing.. just throw it into the cloud.  What does that mean?  The easiest approach, since so many data centers are heavily virtualized, would be to use a service like vCloud Air, which can migrate your existing vSphere infrastructure with fairly minimal effort.  If the budget is there, you might consider an approach similar to our bandwidth providers at the data center.. “carrier diversity.” Sometimes, having a second data center in the same cloud isn’t good enough.  What if that whole cloud implodes? Rather than risk that by making your second data center part of the same cloud, use F5 just like you do today (if you do the 2 data center no downtime thing already) and balance between clouds.  F5 has a virtual edition for ESXi, KVM, Xen, AWS and Hyper-V.  Thanks to Mr. McAdam’s vision and persistence, they fit comfortably in every cloud.  What about compliance? Would it shock you to learn that the most sensitive health information in this country is sitting in the cloud? The good cloud providers all have guaranteed segregation agreements available and all of them are hard at work on every compliance from PCI to HIPPA.  Shop wisely and you’ll find it.

Now that the easy stuff is done, what about those enterprise monsters?  AD, SAP, Exchange, etc. With the SAPs of the world, I’m saying managed service or SaaS.  That is the direction we should be looking.  AD, your fileservers, Office.. we need to start thinking Office 365 here.  Even typing in your iPads has become easy.  It is a process to get there, but it is achievable.  Microsoft has made it clear that they’re in agreement with Mr. McAdam and they’ve made it attractive to get there from a price perspective.. with migration services, to boot!

Now, the part that’s got me excited these days..  What about the network?  With BYOD and enterprises moving away from PCs at an almost alarming rate, our enterprise network is also forced to evolve.  Can we take that to the cloud?  We sure can.  We can even get the NOC there!  Ever heard of Meraki?  What if your whole network was managed from a browser – with no command line?  What if your network devices automatically identified themselves for control from that web page just by plugging them in?  Can we expect a cloud solution to trunk?  Use LACP?  POE? Support QOS for VOIP?  How about seamlessly integrating wireless access points into this central management console, as though they were other switches with a coverage map and integrated heat maps for saturation?  And it’s got NGFW capabilities and MDM?  All of these things are the case.  To top it off, this is an affordable solution that automatically upgrades itself off hours and goes low power when not in use, too.

All that and a bag of chips??
All that and a bag of chips??

To me, Meraki is a unique and somewhat awe inspiring beast.  It completes the picture for getting an enterprise to the cloud.  Maybe the toughest part, even.  Their firewall leaves some to be desired versus the other big players in that market. The MDM is nowhere near as capable as something like Airwatch, but it also isn’t a bank breaker.  Meraki has a very low cost of entry for that technology.  For smaller and even medium enterprises, this should be an absolute no brainer for how to start your journey to the cloud.  It instantly brings the enterprise network into this century. More importantly, Meraki sets a standard for cloud based networking that other companies will be chasing as we see more and more of our big data centers disappear.

Summing things up… This cloud thing doesn’t really have to be all that hard.  Just make sure you’re choosing manageable chunks, leaving the hardest bits for last.  As you go through the process, you’ll get much better at identifying the pitfalls.  You’ll have an idea of how the tougher security and networking challenges are overcome by the time you get to the bigger pieces.  If you’re really lost, of course, I’m happy to come whiteboard with you at any time.

Thanks, John McAdam, for inspiring me to think like this. You will be sorely missed in the technology marketplace.. especially as we all continue on and up into the cloud. Congratulations on retirement. You’ve earned it!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s