Networking professionals are seeing their worlds collide with cloud, security and automation, whether they're ready or not.
This reality of converging IT roles was evident throughout the ONUG Fall 2022 conference in New York City last week. Users, vendors and analysts alike spoke about the growing overlap in priorities and challenges for modern enterprises.
Cloud adoption has become commonplace, but network teams have to handle the resulting complexity that comes with architecting a network that can support cloud environments. Meanwhile, network pros are increasingly obligated to consider security risks and compliance in their jobs. Additionally, network pros may feel pressure to embrace automation -- but some aren't sure why they should or if they have time to learn.
Networking and the cloud
Everything that goes into the cloud starts with the network, said Guruprasad Ramamoorthy, vice president and global head of network architecture, engineering and operations at S&P Global, during an ONUG session. But it's not practical to expect network teams to simply copy and paste configurations to migrate on-premises applications to the cloud, he said. Cloud adoption introduces complexities with networking, connectivity and security that many network teams are forced to triage.
Susan Tlacil, network architect at Chart Industries, experienced cloud complexity firsthand. Tlacil leads a three-person network team at Chart, a global manufacturer of natural gas and clean energy, based in Ball Ground, Ga. When upper management said they wanted to adopt cloud, she said she knew a little about Azure and AWS but didn't have the time to become an expert in each provider's infrastructure.
"There's a huge skills gap, and we're being pushed to learn the technologies," Tlacil said. "Our bosses will say, 'We're going to the cloud,' and we'll say, 'But we don't know cloud.'"
While Azure and AWS are quick deployments, connecting them to the network isn't as easy, she said. As Chart moved Active Directory and other applications to the cloud, Tlacil said users in their India offices complained about latency. Additionally, she said they had to rearchitect their cloud design three times in two years because their cloud providers' upgrades caused issues when the team tried to add virtual networks.
Tlacil and her team turned to Alkira, a multi-cloud networking vendor, to help abstract cloud complexity and ease the process of adding company locations and associated cloud resources. Now, when Tlacil's team needs to add a network and connect it to the cloud, they can point and click from the Alkira portal and turn up a new cloud provider instance in any region. Alkira automatically applies the necessary security profiles, policies and traffic segmentation.
"Now, we can connect any resource in any cloud and connect into the SD-WAN [software-defined WAN] simply with Alkira, and we don't have to redo our segmentation because it's already there," Tlacil said.
Currently, Tlacil said Chart runs SAP on premises but has its business intelligence apps, drawing software and licensing services running in multiple clouds.
Networking and security
Brian Gilbert, vice president of technology and chief technology advisor at World Wide Technology, noted how all segments of IT are now forced to realize the importance of security in their day-to-day jobs.
"The amount of language that has shifted to cybersecurity and risk is a big change," Gilbert said during a session on multi-cloud connectivity. "It's a big thing to train for that and get yourself up to speed."
A large element of that shift is realizing how the traditional perimeter has changed, said Evan Marks, director of enterprise architecture and strategy at Raytheon Technologies. The perimeter is now where an organization's data and users are. Companies need to connect their users with that data, secure and authenticate data transfer, provide scalable security and manage all those elements centrally, he said.
Many organizations are responding to these requirements by implementing zero-trust strategies, Secure Access Service Edge and software-defined access. For most IT departments, those initiatives require more communication among traditionally distinct IT teams.
For example, Tlacil said she started working more with Chart Industries' security team as it implemented zero trust and her team deployed additional network security products. She said they discuss policies, contracts and segmentation rules that meet Chart's cyber insurance requirements.
Joe Richardson, senior director of product management secure networking at Comcast Business, said the relationship between networking and security has morphed from almost adversarial -- with occasional partnerships -- to a converged relationship.
To best address that convergence, Richardson said IT pros should weigh the following areas:
- Know the business. How does the business function? What's the typical day like? How does the company generate revenue?
- Know the rules. What's the HR policy for the network? What does the procedure and governance look like? How can that translate to zero trust?
- Balance. How do teams evaluate risk versus cost? How do those factors affect cyber insurance requirements?
Networking and automation
While some network pros embrace network automation with vigor, others aren't convinced of the benefits or feel they don't have time to learn proper automation strategies.
Before Tlacil hired the other two members of her team, she said she had been solely responsible for 700 devices over 40 sites. Automation with Cisco DNA Center was a way she could avoid working 80 hours a week.
"I could push a button and upgrade 10 switches, and I didn't have to sit there and babysit it," she said.
Now, her team uses automation for its network security implementations. She's also learning how to program and build Azure architecture and use Python to create templates for Chart's global field engineers who need to turn up new stations. But learning Python wasn't something Tlacil prioritized until it was something she had to do.
Many IT pros are reluctant to learn automation, wondering if it might replace their jobs or add more to their workload because of training. Kevin Walsh, director of technical business development at AMD Pensando, said automation doesn't remove jobs, but helps staff see the most important events, while the machines do the mundane tasks.
While network and security operations teams might ignore the thousands of event alerts they receive each day, automation, AI and machine learning tools can constantly watch the systems and flag network or security discrepancies.
"The network is usually telling us how it's behaving, but we're not listening," Walsh said. "A human might look at a chart every once in a while, but a machine can constantly look at the stats and provide advanced notice."