If you were told you had a serious health problem, you’d probably get a second opinion. Why? Money, risk, consequences.
Well, before spending a lot of money on a network refresh, you should probably also get a second opinion, and for the same reasons.
NetCraftsmen frequently sees bills of material that were built by in-house staff and a vendor, without considering what has changed in networking technology, performance, or alternative approaches. All too often, the approach is “replace this box with the new faster equivalent from the vendor.”
Here are some reasons a second opinion might help:
- Few enterprise tech staff stay current on technology and design. Most don’t have the time. Consultants have to, despite being tight on time.
- Design techniques and management approaches change. In-house staff may not be aware of all that. Consulting firms have staff who see a lot of sites and designs, and work with varied technology. They generally get early hands-on time with new technologies, or work with leading-edge customers. If your consultants don’t do that, you need new consultants who do.
- In-house staff may not be experienced with design or aware of all the alternatives. Lately, we have seen over-segmented security designs, or ones where the right NAC solution, or perhaps Cisco ISE, might have used fewer firewalls and cables, and provided less complexity. Admittedly, sometimes new approaches just move the complexity elsewhere, some make it more manageable; it never really goes away.
- Vendors want to sell you their hardware. We see occasional vendor-driven designs that either:
- Use way too many devices or oversized devices where not needed, driving cost upward.
- Push their latest cool proprietary technologies, which may be immature, or may bring. complexity and fragility to your network, or vendor lock-in. Or all of those. You probably want what’s right for your network and Ops team.
- Vendor push vision, which ignores the cost and robustness of their devices and code. Many are not really enterprise-caliber players. Sorting out what to believe and which products have a proven track record is not something the vendor is going to do.
- Having said that, asking vendors for their recommendations is another form of second opinion — one that is likely to cost you little, other than time. Can’t hurt, despite the motto “free opinions are worth everything you pay for them.”
- A good consulting firm (which is not at all the same as a VAR) tries to represent your business’ best interests.
As an example of where “get a second opinion” might come into play: NetCraftsmen runs into sites replacing wireless APs 1-for-1 all the time. That ignores the fact that in the last five to seven years, the technology has changed vastly, the user expectations and application requirements (like Skype for Business or Jabber VoIP over WLAN) have changed, and the original site survey was probably thinner on throughput and coverage than is now appropriate.
Another variant of this is, “We’ll save money and mount the AP ourselves.” It’s not that simple. I keep seeing APs strapped to HVAC ducts or ironwork, or with the wrong orientation, which really degrades the signal. (Serious metal nearby causes RF reflection and multi-pathed signal, reduces the signal-to-noise ratio.)
There are some skills and experience lurking there! Getting it done right, with a post-installation gap survey and placement adjustments, is more likely to produce the best results.
Please note I’m not saying consultants are always right, either (well, except for NetCraftsmen, of course). Consultants are a resource, a second opinion. That opinion should be backed up with analysis of pros/cons/issues and justification. But a design review with alternatives need not be all that costly, especially compared to the costs of getting it wrong.
Here are areas of rapid technological change where your consultant should do some analysis:
- WAN, IWAN, or SD-WAN — what’s best, what are the other implications?
- Shift (or not) from a datacenter-centric WAN network to a colo-based regional strategy?
- How best to be agile and secure with growing numbers of cloud and SaaS connections, dedicated or over the Internet? Low latency for SaaS and hybrid cloud?
- Wired or wireless as the primary user connection method?
- Datacenter: Two “big” switches versus a “fabric” versus ACI/NSX or other controller-based approach.
- Campus: Use Rapid Spanning Tree, MLAG, or a fabric/overlay? Tie in NAC technology to automatically determine the appropriate VLAN/VXLAN? Use ISE for Security/Scalable Group Tags?
- How do I monitor and manage all this?
Some additional thoughts on this topic can be found in a prior blog I wrote about 18 months ago.
Comments are welcome, both in agreement or constructive disagreement about the above. I enjoy hearing from readers and carrying on a deeper discussion via comments. Thanks in advance!