Enterprise IT infrastructure: Outsource or upgrade for CIOs?
Intent-based networking and other emerging technologies offer new approaches to enterprise IT, but some CIOs are seeking innovation in cloud computing.
CIOs can choose from a range of new technologies designed to help legacy enterprise IT infrastructure meet the demands of today's end-user applications.
The list includes software-driven approaches such as hyper-converged infrastructure (HCI) and intent-based networking, storage technologies such as non-volatile memory express (NVMe), and application delivery entrants like containers and microservices.
But infrastructure upgrades may not be top of mind for organizations still sorting out hybrid IT and settling the question of which internal or customer-facing applications belong in the cloud and which should remain on premises.
Indeed, the best infrastructure may be someone else's.
Consider the example of Cary, N.C. This town of 162,000 people had been maintaining a primarily on-premises IT infrastructure. Over the years, however, the town's IT environment had become fragmented as numerous siloed systems grew up to support individual departments. A new employee would have to navigate a number of such systems just to come on board. The situation was no different for city residents. Getting something done might require contacting multiple departments and handoffs were awkward due to the lack of unifying IT infrastructure.
Leading with the cloud
Improving the end-user and citizen-customer experience didn't require an infrastructure upgrade. For Cary, the appropriate choice was to move as much IT to the cloud as possible. The town's migration began about four years ago with its adoption of Samanage's IT service management offering and has continued with Salesforce Service Cloud, Microsoft Office 365 and other as-a-service applications.
Peter Kennedy, CTO of Cary, said the town used "a wide range of disparate systems" prior to the cloud shift. Those included six work order management systems from six different vendors. Local government agencies use such systems to track resident issues and coordinate projects such as fixing potholes.
In light of the fragmented systems, the town lacked a simple way for residents to request services. Similarly, new town employees had to carry a folder containing more than a dozen pages from department to department to sign up for benefits, IT gear and handle other aspects of onboarding.
"There was no one-stop shop," Kennedy said.
Peter KennedyCTO, town of Cary, N.C.
The town's still-ongoing cloud transition aims to change that. Cary's adoption of Samanage for Salesforce will create one place for both residents and internal personnel to go to conduct business. For residents, the vision is to have a single portal through which they can handle tasks from paying bills to signing up for classes. Internally, Samanage for Salesforce will handle the new employee process and the town plans to deploy DocuSign for digital signatures.
The town will first work on citizen-facing services and then focus on employees. A top priority is a public works system, to be built using Salesforce Service Cloud, that will take in calls from residents, create a case and route the case to the appropriate department or departments. Kennedy said GPS-enabled iPads will be distributed to all public works employees so service requests can be routed to the correct service-providing employees based on their location.
Kennedy said getting out of the infrastructure business lets the town focus on applications. The transformation has changed the nature of IT.
"It goes from keeping commodity services running to becoming a broker of IT services," he said. "We're getting out of the traditional IT mindset."
Enterprise IT infrastructure: The future state
Katherine Johnson, director of research at Trace3 Inc., an IT services provider based in Irvine, Calif, talks to CIOs and tech startups as part of her job. CIOs, she said, are more concerned with investigating the future state of their data centers as opposed to investing heavily in individual technologies. The role of the cloud, in particular, is keeping them occupied, she noted.
"They are focused on the hybrid state -- what goes in cloud and what doesn't," she said. "These emerging infrastructures are not on the radar," she said in reference to such technologies as software-defined storage and NVMe, a protocol that aims to speed up data transfer over storage networks.
Yet, experimentation with emerging infrastructure technologies is underway in some IT organizations. Intent-based networking, for instance, is beginning to generate attention. This software-driven approach, championed by vendors such as Apstra Inc., Cisco and Veriflow Systems Inc., aims to create networks that are more responsive to change and easier to segment for security purposes. Gartner calls intent-based networking "the next big thing on the networking horizon."
Scentsy Inc., a fragrance company based in Meridian, Idaho, is an earlier adopter of Cisco's intent-based networking entry. Cisco's technology builds upon the vendor's Digital Network Architecture (DNA), a software-based network architecture for digital business.
At Scentsy, field trials with Cisco's technology began about eight months ago and the company plans to conduct a pilot in a limited production environment. Kevin Tompkins, network architect at Scentsy, said the testing includes Cisco's Software Defined Access (SD-Access) offering, which became available in August 2017. SD-Access automates the task of network segmentation, which IT departments undertake to control access and boost security.
Tompkins said Scentsy already uses Cisco's Catalyst Access Switches across the company's campus. Layering on Cisco's intent-based networking technology "is going to let us … move away from what has been considered traditional networking for the past 20 years," he noted.
In a traditional network, network policies revolve around an access list that a network administrator applies to an individual switch. Tompkins called that method rigid and static. With intent-based networking, a policy is written in one place. In Scentsy's case, that one location is Cisco's DNA Center, a single-pane-of-glass network management interface. The policy defines which groups of users will be granted access to which particular servers, file shares and network locations. The security policy is pushed down to network devices through security group tags, which are applied at the switch, Tompkins explained. Cisco's Identity Services Engine (ISE) profiles users and the groups to which they belong. So, when a user connects to a switch port or wireless port, ISE identifies the user and the switch applies the appropriate security group tag to his or her network session and opens access to the authorized networking resources.
Tompkins said this dynamic application of network policy, based around a user's identity, stands to improve the organization's security and efficiency.
"The method for securing your network and creating segmentation between different groups of users today is pretty cumbersome and it doesn't allow for a mobile workforce, which is increasingly prevalent," Tompkins said.
Scott Sinclairsenior analyst, Enterprise Strategy Group
Policies defined in an intent-based network, however, can follow users from their corporate desktops to meeting rooms or remote offices where wireless devices come into play. He said users in a traditional network may lose access to resources as they move from one security domain to another. The intent-based approach provides a consistent experience regardless of where the user is located, Tompkins said.
Another early intent-based networking adopter is Jade University of Applied Sciences in Lower Saxony, Germany. Henning Bohlken, technical engineer for the school's Cisco DNA project, also cited security and a reduction of administrative burdens as benefits of this networking method.
"We think Cisco DNA makes the administration of a network … easier, less time-consuming," he said. "We think security is also improved by this, especially with the new assurance part of Cisco DNA."
Bohlken said the intent-based networking approach simplifies the task of rolling out a new network environment such as a virtual LAN, IP address pool or access lists. He added the user experience is slightly better.
"If a user changes his office and plugs in his network device, it automatically connects through his user ID," he said.
The school's Cisco DNA project is at an early stage, he said.
What other emerging enterprise IT infrastructure technologies are edging their way into enterprise projects? Trace3's Johnson said she views intent-based networking as more of a repackaging of existing capabilities, rather than an entirely new development. But while the ideas behind the approach may not be novel, intent-based networking departs from conventional networking in that software is used to make networks more automated in nature, she said. "This allows the network to be agile and flexible to the ever changing and growing demands placed upon the network."
As for other technologies, Johnson said she has seen few companies embarking on new storage approaches such as NVMe. However, she is fielding more questions from CIOs on container technology and what it means with regard to microservices.
"There is a high level of interest in containers," she noted.
Scott Sinclair, senior analyst at Enterprise Strategy Group Inc., suggested the uptake of any new enterprise IT infrastructure technology depends on how it affects an IT organization's budget.
"When I talk to CIOs, it all comes down to basic math," he said. "It all comes down to the cost of infrastructure."
Sinclair said the company's research shows, year in and year out, that storage decision-makers cite hardware costs, the data growth rate and data protection as top concerns. The task for IT managers, he added, is to keep capital expenditures, operating budgets and headcount under control, while still managing the rising tide of data.
Technologies that make enterprise IT infrastructure more efficient and easier to maintain are the ones most likely to grab the IT managers' attention, Sinclair suggested. That's particularly the case for IT shops attempting to take on an enterprise's digital transformation initiatives. Organizations need people to make digital business happen. But those enterprises will struggle to find sufficient resources if technicians are tied down with infrastructure management demands.
"If you are going to go down the digital road, you are going to accelerate demand on the IT organization more than in the past," he said.
Against this backdrop, emerging infrastructure technologies must demonstrate an ability to reduce the cost of managing data. Software-defined storage and HCI could help organizations maintain hardware with fewer resources, Sinclair noted. Traditional data centers require specialized server, storage and virtualization administrators to manage each tier of technology. Software-defined technologies and HCI simplify hardware management and reduce the need for specialist help.
Software-defined storage, for example, simplifies storage management tasks such as upgrading new hardware, adding capacity or adding performance, he said. HCI, for its part, lets an IT organization's virtualization team manage and provision storage without requiring the support of a dedicated storage team, he added. Sinclair said the ability to have fewer IT generalists manage infrastructure means CIOs can redeploy resources for digital pursuits.
"You need to free up those guys to look at analytics or net new IT projects," he said. "Your infrastructure has to be more efficient."
Read more about enterprise IT infrastructure amid cloud computing
Learn about the choices IT managers have with respect to big data infrastructure
Gain additional insight into intent-based networking technology