How Network Technology Has Evolved to Meet Changing Needs
The future of work demands networks that deliver control, visibility and security.
The changes that businesses have made over the past year-plus have created new demands on networks. Organizations rely on their networks more than ever before to support remote work, cloud services and Internet of Things deployments. However, as they have become more reliant on networking, many organizations have struggled to maintain control, visibility and security.
These challenges are now not unusual, nor are they likely to be temporary. They have become the norm — defining features of the future of work, an environment which is decidedly a hybrid of both remote and in-person models.
It remains true that the vast majority of network configurations are done manually. That is quickly becoming untenable in the dynamic, complex landscape in which organizations now operate. The footprint has become too large and too sprawling. The solution, automation, will advance rapidly over the next few years, offering more opportunities for organizations to integrate a variety of new technologies, including artificial intelligence and machine learning, into their networks.
SD-WAN is compatible with 21st-century workflows in a way that traditional WANs are not. Unlike the old hub-and-spoke model, SD-WAN has the ability to elevate performance by allowing microbranches to connect directly to the application, cloud or data center they need. These solutions directly address the connectivity challenges organizations face in relation to mobility, cloud computing and the Internet of Things (IoT).
Greater demands on networking, combined with increased complexity of management, often move organizations toward software-defined solutions that can better accommodate these requirements. Centralized control lets administrators establish policies and manage an entire network from a single, unified tool. Simplification and streamlining enhance efficiency, agility and accuracy. Equally important, SD-WANs improve performance by utilizing multiple transports, routing traffic in the most efficient way based on customized application and performance policies.
The prioritization of critical application traffic also improves the user experience. When users are dispersed, SD-WAN’s centralization makes it easier to deliver high-quality connectivity. System-level policies can be pushed down to microbranches, with traffic among work sites, clouds and data centers flowing along optimal paths.
The percentage of business continuity professionals who said IT resilience contributed the most to the success of their organizations’ pandemic response
Source: The Business Continuity Institute and FortressAS, “The Future of Business Continuity and Resilience” (PDF), September 2020
Increasingly, the defining features of network management are dynamism and complexity. As organizations identify opportunities to shift away from manual processes, they will find that automation of end-to-end network policies enhances the security posture and alleviates burdens on IT staffers, who can then focus on other work.
Software-defined networking (SDN) leverages automation to simplify and standardize network configuration, with administrators deploying policies and best practices across network devices. Establishing network policies at a high level gives administrators more consistency in network performance and control, while allowing the solution to handle the bulk of repetitive implementation work.
Intent-based networking (IBN) leverages automation in a similar way, gathering telemetry data from the various network components to create an in-depth view of network health and performance. With the added application of machine learning, IBN can analyze vast amounts of telemetry data to measure the effect of network and security policies on applications and the end-user experience.
IBN is well-suited to remote work because it brings an AI-driven, data-informed approach to performance: measuring certain types of traffic and identifying patterns to optimize the user experience. These controls, and the resulting insights they provide, help administrators deliver consistent, business-enhancing performance in a constantly changing environment.
Network automation is especially valuable in multicloud environments. Automation effectively raises the ceiling on the network efficiency and performance that organizations can achieve, allowing them to take full advantage of the attributes of the cloud. From a security perspective, network automation adds consistent control and improved visibility to provide secure access between the cloud and end-user devices.
Together, SDN and IBN improve network and security policy management, while providing validation that the network is performing to expectations.
Device density has become a driving force on par with or greater than the focus on wireless coverage. When looking at the latest wireless networking standards, 5G and Wi-Fi 6, it’s important to recognize that they are not either/or propositions. For many organizations, 5G and Wi-Fi 6 are complementary, with use cases suited to both. High-density environments, such as healthcare, higher education and manufacturing, will see the most gains in performance and efficiency.
Organizations that have tried, without success, to fix performance by adding wireless access points (APs) may find the answer in Wi-Fi 6. Often, the problem with wireless is efficiency, not speed. Wi-Fi 6 has three key features that make it a better fit for today’s high-density environments:
- Multi-user, multiple input, multiple output (MU-MIMO) allows an AP to communicate with several devices simultaneously, rather than sequentially, via separate spatial streams.
- Orthogonal frequency-division multiple access (OFDMA) also facilitates multiuser access, subdividing channels to allow more devices to communicate at once.
- Target Wake Time (TWT) reduces power consumption and extends battery life by enabling APs and stations to “sleep” at designated times.
Wi-Fi 6 aligns with the mobile-first model that is shaping lines of business, if not entire organizations. Healthcare providers, for example, anticipate a long-term expansion of telehealth, which will require wireless connectivity that can handle data-intensive transmission of sensitive images, video and patient records. Wi-Fi 6 also offers better security for operations like these: WPA3, the newest security standard, provides better encryption and authentication.
Wi-Fi 6E will change the game further by significantly increasing the number of available channels. Organizations seeking to take advantage of Wi-Fi 6 and 6E will need to understand where they will and won’t be able to do so. For instance, Wi-Fi 6E capabilities extend only to devices that are compatible with the 6GHz spectrum. In addition, while 6E will add even more bandwidth, compatible wireless access points may also be more expensive because they have more radios.
Careful alignment of device and infrastructure upgrades, particularly with an eye toward opportunities to maximize specific operational areas, can position organizations to achieve the desired outcomes at the right time.
Organizations that rely on outdoor connectivity, video-intensive applications and IoT will see major gains with 5G mobile broadband. High-speed connectivity, expanded bandwidth and ultralow latency will improve existing use cases and facilitate exciting new ones, from augmented reality to remote surgery.
While IoT devices allow for more efficient and sophisticated workflows, they also deliver one of the most valuable assets an organization can have: data. As 5G pushes IoT to new heights, organizations will be able to leverage new types of data-driven analysis and deploy automation in new ways. Private 5G deployments can enhance indoor wireless coverage for manufacturing and warehouse applications and provide another failover option for wired connections.
Citizens Broadband Radio Service (CBRS) will expand the options even further, allowing organizations to establish private 4G/5G networks on the 3.5GHz spectrum.
The percentage of organizations that increased their investment IT infrastructure to secure virtual connectivity
Source: pwc.com, US Remote Work Survey, Jan. 12, 2021
Even before the pandemic, the traditional IT perimeter had expanded to such an extent that the analogy of a “perimeter” no longer fit. Now, the focus is on the edge and zero trust. Segmentation and identity-based access enforce policies and determine who can get to certain types of data, while preventing issues in home and business networking environments from affecting each other in undesirable ways.
Secure access service edge: SASE is an architectural framework that finds the edge at the device-to-cloud intersection and protects users, endpoints and data wherever they are located.
SASE brings together several core technologies, such as network security functions and software-defined networking, in ways that allow for continuous, responsive oversight. SASE’s dynamism, for example, lets IT teams modulate access based on contextual, granular insight into users’ behavior. Real-time identification of behavioral anomalies, paired with appropriate data governance, enable security to remain consistent even as users engage with mobile- and cloud-first environments.
SASE does require solid data management and governance programs. Defining security in terms of data and users means that organizations must be clear on which data assets exist, where they reside and who should have access — the latter based on least-privilege principles.
Software-defined perimeter (SDP): Organizations may also implement this approach to secure remote access to both cloud-based and on-premises applications, using a unified platform to manage security policy.
For remote work, SDP offers more precise, granular control than broader-based solutions, such as VPNs, segmenting network access based on identity and device. It also delivers a better experience on mobile devices. For organizations pursuing a zero-trust approach, SDP is an essential component, requiring stronger authentication and limiting exposure.
Next-generation firewalls: NGFWs bring powerful analytics to inbound and outbound traffic both in the data center and on the network edge. Organizations require advanced tactical defenses now more than ever given the massive surge in attacks that has accompanied the pandemic. Centralizing NGFW management by deploying the same firewall engine across the network increases consistency, streamlines change management and facilitates visibility and response as administrators manage events, analytics and reporting.
Cloud-delivered firewalls (CDFW) as a Service: CDFWs bring capabilities similar to those of an NGFW into the “as a Service” model, which enables organizations to protect users, endpoints and data with the same level regardless of location. Connecting a CDFW service to an SD-WAN branch enables organizations to scale their security efforts without the need for expensive security hardware at multiple, smaller locations.
Multifactor authentication: Finally, organizations should be integrating MFA throughout their networking environments. A periodic review of critical business applications to ensure they are secured by MFA is warranted, particularly in light of recent operational changes.
To learn more about getting the most from your networking investments, read the white paper “Networks Evolve to Support a Changing World” from CDW.