Cisco's on to Something with Borderless Networking

(Welcome back to blogging. The month off was needed.)

You might say I'm a bit late to commenting on Cisco's new Borderless Network Architecture, but when Cisco initially launched the campaign I wasn't ready to comment. Most of my focus was on the ISR G2 launch which accompanied the Borderless Networking launch. After some research, I think Cisco is on to something with Borderless Networking. It may be something we all knew, but could never put words or structure to. Cisco is doing that with Borderless Networks; putting structure around something that was hiding in plain site. We all could see the traditional "borders" of our internal network being broken down, but we were stuck thinking the only "border" that mattered was that big Internet link with a firewall in front of it. If I just brainstorm the different points of access into an environment:

  • Open cubes in the office
  • Conference rooms where external parties come in
  • Wireless
  • Mobile clients
  • Extranets with customer/vendors/partners
  • DMZs for anonymous user access to applications
  • Internet access
  • Employee VPNs
  • Phone proxies
  • Cloud Computing
  • Lobby IP Phones
  • Traditional exploits on end-hosts (bots, viruses, Trojans, etc)

The truth is no business could operate normally without these. Going to block all iPhones and Blackberries? Sure. What if you have a lean supply chain and 24/7 access to suppliers and vendors via an extranet goes down? Extranets at my company have become particularly critical in the last few years. We have connections to outsourced call centers, manufacturing, development, IT support, and even video conferencing management. An outage of our extranet is a major event; similar to a core internal application going down. That is why we now have dual extranets at diverse data centers dynamically tied into our global BGP routing architecture. Cisco's point in all of this is to stop trying to build walls (borders) and realize you have to operate in a borderless world. If you do that, you can begin to think differently about how to secure your environment and your data. Now, this is a not a call to get rid of firewalls. It's a call to think smarter about using security. A firewall is just a tool, not a solution. A firewall is not going to prevent access from that lost iPhone. A firewall is not going to stop people from plugging into your conference room jacks. When you realize there are too many points to protect with a single device and it makes you think differently. However, Borderless Networking is not just about security. It's about enabling your network to connect to external groups, providing mobility, and enabling the business. This isn't something we always used to focus on. We worried about making the internal network route correctly, added some QoS, and made sure there was a default route for Internet access. That changes when the primary traffic path is beyond traditional borders. Now what do you need from routing and switching to ensure simple interaction with third parties? A completely dynamic routing protocol design with scalability is probably first. How do you use QoS to protect critical applications between third parties and clouds? One of the areas my team is working on now is extending VoIP to third parties through our extranet using SIP trunks, phone proxies, Call Manager Express, and traditional PSTN. Data connectivity was easy over an extranet compared to all the complexities VoIP introduces, but it's needed. Video will be next. I am drawing diagrams right now to show high-level traffic flows to external Cloud Computing vendors (blogs on that forthcoming). I was watching a Cisco TechWiseTV episode about Borderless Networking and Rob Boyd started off with a good couple points:

  1. Borderless does not mean secure-less
  2. Borderless networks are an opportunity

Both are succinct summaries of borderless networking. This architectural concept will be driving network strategies and roadmaps for the next few years.

More >From the Field blog entries:

Taking Some Time Off From Blogging

Cisco ISR G2s - Just Another 3700-series?

Streaming My Hava Media Player to my iPhone via Verizon MiFi

New Cisco Integrated Service Routers (ISRs) to be Released Soon?

Cisco Releases IOS 15.0

ANXeBusiness Plans Private Networking for Cloud Computing

  Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2010 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)