The Winter Olympics are almost here. As an ice hockey fan I have been waiting eagerly for it since the last winter Olympics.
There's an interesting parallel with enterprise networks. It takes a combination of various winning attributes to be considered Olympic-worthy these days and such is the progress towards physical fitness that what used to be regarded as a medal-winning performance no longer cuts it: world records are constantly being bettered.
As a network security consultant, I know the same is true of networks. Systems that were running perfectly have been overwhelmed by new demands placed on them. Technologies such as virtualisation, DNSSEC and IPv6, have put immense strains on enterprise infrastructure.
IT departments have poured money into adding capacity and making their networks faster and more streamlined. However, just as the strength of muscles and balance alone cannot predict a gold-medal-winning Olympic performance, the raw speed of your network infrastructure cannot predict how efficiently business gets done on your network.
The speed of your network is limited by its slowest link: the human effort required to run it. Trust me, it's not just you, I see it every day. Sure, your networks are equipped to transfer terabits of data in a matter of seconds; however, does this speed translate into acceleration of your business processes? As the infrastructure becomes more dynamic, IT processes dependent on human intervention and action cannot keep up with the demands. A lack of network automation, efficient change processes and delegation keep even the fastest networks from performing like a champion.
Nine signs that your network is not able to keep up with your business velocity:
- Your ERP team is deploying a new application and needs to make some DNS changes; they wait for hours or days to get those into your DNS server.
- A new network needs to be created for the new branch office; multiple large spreadsheets are reviewed and several senior network engineers are consulted to ensure that there are no conflicts. Possibly a lengthy in-person meeting of Senior Staff is needed.
- A new printer needs to be installed near the marketing department; the request for provisioning an IP address touches three or more hands and takes longer than a day.
- A switch needs to be taken offline for maintenance; again you have to break out the spreadsheets to figure out what servers and other equipment will be impacted.
- It takes several days or weeks to plan and implement DNS security patches since they need to be applied individually on each server and downtime may affect business processes.
- Upcoming DNSSEC deployment will change networking life as you know it and you are already planning the additional headcount it would require to create key pairs, roll over keys and provide expertise to other departments.
- You wonder how you will memorise the IPv6 addresses of important servers and networking equipment like you do today, and how large your IPAM spreadsheet would be with the enormous IP address space IPv6 offers.
- The network team has lost visibility and control of all DNS and IP address usage within the virtualised infrastructure.
- Your entire DNS, DHCP and IP address management (DDI) infrastructure depends on the knowledge and skills of a few employees who have coded the scripts, and would crumble if they left the company.
If you're still not sure, you can always check if your network is up to the task by taking this authoritative test created by DNS expert Cricket Liu.
Automation of DDI is key to ensuring that your network is relevant in today's dynamic environment, keeping your network competition ready. With servers being provisioned and de-provisioned rapidly, manual processes to manage DNS, DHCP and IP address space will be a major hindrance to adoption of virtualisation, or worse yet it will disappear into a new set of spreadsheets managed by the server administrators.
Several industry analysts recognise this and have published reports on the topic. Gartner has even created a separate category for these products: DDI (DNS, DHCP and IPAM), and have published a MarketScope, where "controlling, automating and managing the domain name and address space" is a key theme.
Vendors, like Infoblox, are captaining the charge by providing core network services platforms that automate the delivery and management of critical DNS/DNSSEC, DHCP, IPAM and other core network services. By eliminating layers of routine tasks and manual processes, networks are more available, more secure, more flexible and less costly to operate; a network that operates and performs like a gold-medal winner.
Robert Nagy is founder and CTO of DeepDive Networking
Find your next job with techworld jobs