Network Stability Through Resilience Engineering
Let’s talk about complex network technologies and how they affect your business.
On the plus side, some complex technologies can automate functionality to large scale, and provide the prospect of reduced support staff. Other forms of complex technology may be technically necessary, in support of business requirements.
On the minus side, complex technologies can increase risk of outage / downtime. Complexity increases the chance of operator error or failure to understand interactions with other network or security components.
Graphical interface-driven automation is a power tool — providing great productivity when used well and causing wide-spread problems when a mistake is made. Automation does generally provide more consistent configuration, which reduces errors and troubleshooting effort.
Complex technologies tend to increase network staffing skills. Headcount impact is likely mixed. Complex technologies may reduce the need for less-skilled staff. However, for any critical or complex technology, it is advisable to have at least two staff with solid skills in any given technology to protect against key person unavailability. Increased scalability usually also increases criticality.
As an example, when VoIP came in years ago, it shifted costs but did require obtaining in-house or contracted expertise to manage it. Cisco ISE is another example: it scales access control and user segmentation well, but when it is down, users may lack network access and be unproductive / unable to work. So, ISE is very useful but requires appropriate skills.
Complex technologies require deeper expertise, which takes time to develop or hire, costs more in compensation, and may preclude the relevant staff from handling other complex technologies. Put differently, each complex technology may drive up headcount by two, with increased compensation as well. If such highly-skilled staff can double up on complex technologies, comp may increase correspondingly — and they will be harder to replace, should they move on.
Technology vendors compete by adding features in response to perceived customer needs, which could also be marketing-focused. Technical staff can be seduced by “the latest cool technology”.
This is where a third-party independent opinion can help evaluate need versus “nice to have”, taking your business requirements into account. While NetCraftsmen is a Cisco VAR (and VAR for other vendors as well), we always try to put the customer’s best interests first.
When NetCraftsmen assesses or redesigns your network, we start with your business goals and technical requirements, and your future plans.
We then work with you to identify the right balance of technology, complexity, and sustainability for your organization. We can provide analysis of pros and cons of various design approaches, including estimated costs and staffing impact, cost versus benefit.
If a complex technology is under consideration or already in use, and your organization is struggling a bit with it, there are alternatives.
One is design. Is the technology being used optimally, or is the design creating problems?
If the technology is deemed overly complex for your requirements, there might be a simpler alternative technology. Or you might find a way to externalize support.
For example, for Voice over IP, you might go with an external call server and managed service. Alternatively, you might keep the call server in-house for reliability or other reasons and get assistance or outsource managing it.
NetCraftsmen has several customers where we provide 1 or 2 days per week of expertise in a specific technology area. For even more occasional needs, we can provide part-time staffing with flexibility of area of expertise.
Another great way to hold costs and complexity down is to consider the Cisco Meraki product line. Internet-based graphical management means no in-house control software to maintain. Fewer “nerd knob” features and GUI management hold the line on skills. Organizations with small technical staffs may find this helpful.
Even large organizations may find cost benefits, especially for deployments involving large numbers of low-cost devices (e.g. points of sale or presence, small offices, parking payment stations, etc.).
Even when there is a clear ROI with a complex technology, there may be other facets to deploying it. Generally, technology products are sold as solving all your related problems. That may be so, but generally there are better and worse ways to deploy and use such products. With great power comes the ability to dig yourself into a hole more quickly!
Solid documented design before deployment rather than deployment on the fly, and standards for use both can also make a big difference. As an example, Cisco ACI provides powerful automation for big data centers. It also offers administrators different ways to implement things, which can lead to cumulative complexity as different staff do things in different ways.
Legacy application requirements, such as Layer 2 between datacenters, often create the need for network complexity.
In such cases, dialog with server, application, and security teams can suggest a path towards future improvements, perhaps shifting applications closer to “cloud-native” functionality.
Many of the newer Cisco network tools are graphical interface tools that automate your network. They have a learning curve, and they are also quite powerful tools. Where that power clearly pays for itself and the accompanying learning curve is if your datacenter or campus network has or needs many devices, many security segments, and / or rapid change.
Any of these tools by itself will likely not bring a full set of benefits. Having a good (and documented) design, and standardizing how you use the tool, are both major factors in long-term success.
On a smaller scale, more classic approaches may suffice. NetCraftsmen can help you determine what you really need or don’t need!
The key business outcome here is attaining a cost-effective and reliable network.
This is achieved by understanding your business and technical requirements and designing for the right degree of simplicity in your network, aligning that with staffing headcount and skills.
NetCraftsmen has helped numerous organizations stabilize or improve their network. We focus on making things better, not just selling hardware.
NetCraftsmen can design or redesign your network to be as simple as it can be. Our assessments look at how well the network (or wireless, or security, etc.) has been designed and implemented.
We can also help with staffing (hiring, part-time or full-time staffing) and managed services.
When NetCraftsmen deploys a new technology for you, we prefer to build in time for knowledge transfer, to work with your staff to make sure they can use the technology after the project is done.
Comments are welcome, both in agreement or constructive disagreement about the above. I enjoy hearing from readers and carrying on deeper discussion via comments. Thanks in advance!
Hashtags: #CiscoChampion #TechFieldDay #TheNetCraftsmenWay
Did you know that NetCraftsmen does network /datacenter / security / collaboration design / design review? Or that we have deep UC&C experts on staff, including @ucguerilla? For more information, contact us at firstname.lastname@example.org.
Network Stability Through Resilience Engineering
Cloud Security 101
BGP Traffic Engineering
Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.