• United States
John Edwards
Contributing writer

Smart network upgrades to consider before the next pandemic

News Analysis
Jun 30, 202010 mins
Enterprise StorageNetworkingSD-WAN

COVID-19 is driving enterprises to evaluate technologies that can improve network availability and agility, such as SD-WAN, SASE, and network automation.

Abstract network connections conceptually layered with a city skyline and a virtual globe.
Credit: cofotoisme / Getty Images

With little warning, COVID-19 forced large numbers of employees to leave their offices and begin working at home, where they expected fast, reliable access to enterprise services. IT managers had to scramble as the pandemic revealed weaknesses in network infrastructure, planning and management.

“The sudden surge of workers from known, planned and centralized locations to random far-flung corners of the Earth laid bare a litany of cut corners, deferred upgrades and short-sighted choices we had made in our respective networks over the years,” says John Annand, a research director specializing in technology roadmapping at Info-Tech Research Group. As a result, flexible and adaptable network technologies, capable of improving network availability and agility during a pandemic, such as SD-WAN, secure access service edge (SASE), and intent-based networking (IBN), weren’t available to many organizations.

Enterprises were able to accomplish the formidable feat of allowing teams of employees, spanning multiple business areas, to remain productive. Now, however, these same teams face a fresh challenge: handling the potential new security and privacy risks created by the rush to get remote workers connected. “The next few months will be critical as companies try to mitigate those risks without disrupting the remote working capabilities that employees are now accustomed to,” says Mike Kavis, chief cloud architect at Deloitte Consulting.

Rethinking network architectures

One weakness the pandemic revealed is that most current network infrastructures are designed with the assumption that workers are based in a central location—the office. “With many companies requiring workers to work remotely, they found that their networks had bottlenecks … and their workers were not able to access the resources they needed to do their jobs,” says Kowsik Guruswamy, CTO of cybersecurity technology provider Menlo Security. “In some cases, they weren’t even able to get to the Internet reliably because all their traffic had to go through a centralized security stack that did not have enough capacity.”

Enterprises were forced to connect to large pools of remote workers through networks that were never designed to accommodate such high traffic loads. “VPNs and the network infrastructure have been strained or unable to cope,” says Charles Nebolsky, network practice lead for enterprise consulting firm Accenture Technology. “This is a good time for enterprises to evaluate their network architecture,” he adds.

Adding to the problem is a sudden uptick in the use of bandwidth-hungry technologies, particularly video streaming. “This means you need reduced latency; you need no jitter,” observes Rohit Mehra, vice president of network infrastructure at research firm IDC. “You obviously want a good streaming experience if you’re doing live video calls or are watching training videos and the like. You want the streaming to be perfectly normal.”

That often wasn’t the case, however. A surge of constant, unanticipated traffic highlighted shortcomings in many once highly dependable enterprise network architectures. “To meet the urgency, many corners were sometimes cut in order to keep the business running,” Kavis says. There was, for instance, little time to test whether the existing network was architected, or properly configured, to securely accommodate so much traffic for so many hours each day.

Enterprises that had already invested in SD-WAN and SASE solutions were generally able to connect with dispersed employees in secure and manageable ways. “The ones that didn’t make these investments are likely looking into it now,” Kavis notes.

Bob Laliberte, a senior emerging network technologies analyst at research firm ESG, says SD-WAN is a key technology for organizations that require better-than-VPN performance and security. “The ability to centrally manage environments and ensure distributed enforcement of all corporate policies to every employee is a significant advantage, plus the company can ensure its employees have prioritized application performance,” he says. Laliberte also notes that SD-WAN can be tightly integrated with security technologies, allowing adopters to utilize both on-premises and cloud-based security functions to provide holistic coverage.

Not everyone is as bullish on SD-WAN as an option for connecting home-based employees, however.

“Not only is it too expensive to put an SD-WAN solution into a home, the need to optimize traffic or increase networking connectivity for each employee isn’t on the same level as improving WAN resiliency for a grocery store or acute care center, where link outages or degradations have a direct effect on revenue or customer experience,” explains Andre Kindness, a Forrester principal analyst specializing in infrastructure and operations. “Basically, the solution, implementation and operation costs would be a magnitude or more than any return in value if SD-WAN was put into private homes for each employee that is working from home,” he says.

As an alternative to SD-WAN, Accenture’s Nebolsky suggests considering SASE, a network architecture that offers cloud-native security functions such as secure web gateways, cloud access security brokers, firewalls and zero-trust network access. “An important area to focus on is SASE’s inherent ability to scale up and down in the cloud,” Nebolsky says.

Already vendors in the SASE space are seeing a dramatic increase in interest from enterprises looking to better secure their telework arrangements. Sanjay Uppal, senior vice president and general manager of the VeloCloud business unit at VMware, told Network World that use of the company’s SASE network went up five-fold after the pandemic hit, for example, and Versa Networks’ CMO Mike Wood said remote user traffic spiked by 800% to 900% in late March. (See related story, COVID-19 response: SASE could bolster security for remote workers)

Agile, automated networks

The COVID-19 crisis has taught IT leaders that they need to be both agile and adaptable, since there’s no way of knowing when routine operations may be thrown into chaos. “These core traits will need to be applied to every aspect of business, including the data center teams who are managing today’s increase in workflow,” says Mike Perera, general manager, technical support services, for IBM Services.

Perera advises bringing more automation into the data center as a way to reduce or even eliminate the need for technicians to physically enter data center sites to build out capacity or perform routine tasks during a pandemic lock-down. “From the support side, this can include the implementation of remote augmented reality (AR) tools,” he notes.

End-to-end automation—hyper-automation—is the holy grail of IT automation, harnessing multiple technologies, such as artificial intelligence (AI) and machine learning (ML), to make enterprise systems run more smoothly while reducing the need for on-site personnel. “Hyper-automation also accelerates a company’s existing automation investments to make systems more resilient,” Nebolsky says. “It does so by eliminating application and infrastructure bottlenecks and freeing up human resources to focus on higher priority issues.”

Nebolsky reports that he has seen an increase in enterprises moving to the cloud, as well as an uptick in automation being applied. “By doubling down on automation, companies can now jump-start an ultra-compressed innovation cycle if they want a shot at leading in the future,” he explains. What IT leaders thought would be a decade-long journey is now a sprint for the next three years. “In this new, post-COVID world, capturing the market means getting to it first.”

Enterprises should also begin exploring ways of simplifying their data centers, advises Jason Viera, CTO at Carousel Industries, an IT, cloud and managed services provider. “Going down the hyperconverged path can help them accomplish that.”

Hyperconvergence was gaining traction long before COVID-19 arrived. Now, a growing number of IT leaders are coming to the realization that building hyperconverged infrastructure (HCI) may be the best way of ensuring uninterrupted operations in a world where IT staffers may be forced to work from their homes for long periods of time. HCI allows enterprises to deploy a streamlined data center that’s primarily software-defined, featuring tightly-integrated computing, storage, networking and virtualization resources that can be accessed anytime from virtually anywhere. “Virtually all software- and network-related maintenance [can] be done remotely with proper tools,” observes Paul Lariviere, technical director at cybersecurity advisory firm Security Compass.

Using a fully managed cloud environment, such as AWS Outposts, can also lessen the burden on IT teams, as well as reduce the need for on-site personnel. “Public cloud services like AWS … allow you to reduce the operational aspect of managing physical equipment, and you can reallocate those resources to ensuring that your software and services are running properly,” says Menlo Security’s Guruswamy.

With the arrival of new technologies and methodologies, it’s becoming apparent that data-center operating models will need reevaluating to match an updated set of realities. Network service deals, in particular, will need to be revisited. “When we almost instantly go from 10% of our workforce connecting from remote locations to 80%, we find that a single host-to-network connection technology doesn’t scale very well,” Annand says. “We find ourselves locked into services by the capacity assumptions made when signing a five-year contract that got us a price break.”

To replace cumbersome VPN-based connections, enterprises are looking to make their perimeters software definable, Annand says. “A zero-trust architecture, where users are redirected to a cloud edge for authentication and resource authorization – this approach gives the enterprise the flexibility and scale required to respond to drastic changes in network traffic patterns.”

Remote work for data center, network teams

Most IT leaders are now studying how to prepare for future challenges. “I expect that as organizations revise their business continuity plans to accommodate global pandemics, the goal will be to enable those responsible for data-center activities to be able to do as much remotely as possible,” Laliberte says.

Some activities, such as installing hardware, making connections and replacing defective equipment, will continue to require a physical presence at the data center. “When the dust clears on the pandemic, I think we will look at new ways of working and combining on-location and remote capabilities to perform tasks,” Kavis says.

To maintain data center operationality and performance levels, remote IT team members will need access to management tools that allow them to view the entire network environment, preferably on a single pane of glass. That will take some work, however. “Keep in mind that few employees have an operations center at home, and physical screens are probably limited to two or three at best,” Laliberte advises.

On a positive note, Kavis believes that a mostly remote employee team—IT or non-IT—may be able to function more efficiently in some areas than its pre-crisis, on-site version thanks to increased adoption of messaging, videoconferencing, collaboration and other online tools.

For IT, that means it’s time to adapt to a new reality. “Organizations have done a great job reacting very quickly to a rapidly changing environment, and employees have stepped up and learned how to use collaboration tools and to be productive at their jobs when working from home,” Laliberte says. “The big question will be, for many businesses: will they want to go back?”