4 July 2014 – The IT landscape has witnessed rapid change and developments in recent years, with growth in consumerization of IT, Bring Your Own Device (BYOD), and adoption of cloud computing.
Implementing changes, such as onboarding new applications (apps) or equipment upgrades, is difficult on a network not equipped to meet the needs of advanced compute and storage virtualization solutions. These networks may even complicate and convolute the entire IT implementation, impeding enterprises from reaping the true benefits of the cloud.
Unlike compute and storage layers, the vast majority of datacenter networking gear is app-unaware – blindly forwarding packets amongst user, apps and other networking services. More intervention is required by network administrators to manually deploy, configure and maintain networking infrastructure to support a myriad of demands from hundreds of apps.
Network fragilities make change management challenging in today’s app-driven environment. To reduce network fragility, network configuration models have to be app-aware in order to be app-driven. Mark Micallef, Area Vice President of Citrix ASEAN, shares key steps organizations need to break barriers of network fragility to securely maximize enterprise cloud efficiency.
Step 1: Leverage Software Defined Networking (SDN) and equip IT with app-driven control
IT is all about delivering applications. Hence, the first step towards smarter next-generation networks is to create an app-centric and app-aware automated network environment. One way to do this is to separate the control panel and the data-forwarding panel, and abstract the control panel from the network hardware and implement it in software instead – offloading its functions to a centralized controller. This way, IT is equipped with a convenient interface to program the network to create more efficient and automatic network management and provisioning. With the centralized controller, IT can also allow other applications to control network resources and influence forwarding decisions in order to find the optimized route to delivery network services.
In addition, app-centric networking gear, such as application delivery controllers, next-generation firewalls and mobility gateways can also be leveraged to help control delivery of application services. These devices maintain information such as app state and resource requirements that can be intelligently mined to optimize overall app functions. This will help enterprises build an app-aware platform they truly need, one that unifies advanced network services while preserving the ability to select best-in-class functionality.
Step 2: Consolidate automated delivery and orchestration of apps
By centralizing network management into a single intelligent control entity instead of having distributed controls embedded in each individual network element, administrators can define policies tied to a specific application. IT is able to simplify intial deployment by pre-packaging network services and their associated topology according to the unique requirements of individual apps. Authorized IT personnel will also be able to easily allocate resources and balance bandwidth. The end-to-end network visibility, full network-policy and service-chain automation optimizes the network.
Furthermore the open and programmable nature of the network facilitates service integration. This provides organizations with an extensible, elastic and scalable virtualization framework that supports seamless and secure onboarding of additional services, while retaining full isolation and independence between these services.
Altogether, this increases the value of existing network computation resources, giving organizations the ability to promptly adapt and scale network behavior and characteristics to suit ever-evolving needs of customers which are constantly susceptible to volatile changes.
Step 3: Tighten security with granular security and control policies
With change comes uncertainty, and the transition to unfamiliar grounds might seem like opening a can of worms in terms of security management. However, when approached the right way, SDN helps boost network security. The high level of automation in SDN improves security postures through virtualization, by mitigating or even eliminating human errors. This gives IT better visibility, as well as a more streamlined, orderly and optimized policy deployment process
Deploying a network-wide policy architecture can create, distribute and monitor security rules based on a contextual language, such as who, what, where, when and how. The security enforcement includes blocking access to data or devices, and initiating data encryption. For instance, when an employee connects to the corporate network from a smartphone, the network identifies the device and user, as well as the privileges granted them. The policy engine not only establishes policies for the device and user, but also shares these policies with all points on the network, and instantly updates information when a new device appears on the network. With just one flick of a switch, businesses can intelligently redirect network traffic to enforce granular security and control policies. By better defining app requirements, SDN becomes a security solution instead of a security problem.
A smarter network for the virtualized world
As apps take center stage in the business world today, the new enterprise IT landscape, which includes cloud services, mobility and BYOD, calls for a change in network architecture as network traffic and bandwidth requirements have progressed to support richer workloads with lower latency. In order to fully embrace cloud-based apps and services, organizations need smarter network solutions to deliver quality services for their business.
The future of next-generation networks lies in app-aware SDN. With the right governance and usage policies in place, enterprises could find themselves with a fully automated, broadly dynamic network infrastructure, capable of accommodating virtually any requirement users throw at it.