Most major network suppliers including Cisco and HP have taken up the concept of the Software-Defined Network (“SDN”), intending to move to a full-blown Intent-Based Network (“IBN”) in the future.
Simply put, an SDN reduces the capital and operational costs of network infrastructure by automating the basic configuration and management of the network. This moves a long way towards establishing a self-configuring and self-healing network.
The network is split into two planes, the hardware plane, where SDN software automates the configuration of equipment, and a software plane where AI systems assist the network specialists with software configuration of such items as routes and routine performance measurement.
In the future, an IBN will continue the AI-assisted process with the objective of creating self-configuring, self-healing and self-maintaining networks.
However, migrating from a conventional network to an SDN is not an easy task. It may appear so, but there are pitfalls hidden in the process.
Here are three common pitfalls to avoid.
Woods and Trees
Unfortunately, network specialists tend to focus on the technical details of network architecture and miss out on the big picture. Network design is a lot more than just the placement of equipment and cables and the implementation of management software.
The first and biggest question is whether to adopt an in-house or a partially or completely outsourced solution. One compromise solution is to outsource the basic network tasks such as cabling for desktop equipment installation, leaving the detailed higher-level management to internal staff. If outsourced, the outsource partner must be involved in the migration planning.
The design and evaluation process must also include the required network metrics of response times, traffic patterns, traffic growth, and any longer-term issues, for example, moving to a hosted Cloud solution or the introduction of VoIP.
That will allow the preparation of the financial budgets that will be required, both Capex for any new equipment and software that will be needed, and Opex elements such as salaries and maintenance and license fees.
One particular solution is taking a NAAS, “Network As A Service” approach, to the SD-WAN environment rather than using a traditional design approach.
Most organisations have some form of online presence, even if it is only a company information website. Attaching your network to the Internet opens you up to all sorts of potential security issues, which, hopefully, are countered by an existing security environment.
It is important that preparation for introducing an SD-WAN includes a full evaluation of the security capabilities of the SD-WAN equipment and software. This allows identification of any new and revised security software, appliances and procedures.
The review should investigate if existing security technologies can be merged into the new environment and those which need enhancement or replacement.
Related areas include DRP and backup/recovery policies and procedures. Recovering from a malware attack, for example, DDoS or ransomware that cuts off access to the network or Internet is often best accomplished by going back to bare metal and restoring all systems and data from scratch from a known good backup. There may also be a legal requirement for data retention for some time.
Backup Policies and procedures need to be assessed for the SD-WAN environment, and to be sure, provides an opportunity for revision and improvement.
In a similar way, DRP policies and procedures need to be reviewed and revised to incorporate the SD-WAN.
Comprehensive Implementation Plan, including a risk analysis
The move to SD-WAN will affect the entire organisation and all staff need to be fully aware of what is happening and to be fully onboard.
The first and one of the more important decisions is whether the transition should be a big-bang or incremental approach. That will fundamentally affect the roll-out plan.
Without a proper project plan, you are likely to run into project delays, some of which could be costly. For example:
- Will all the existing network equipment such as switches and routers work in an SD-WAN environment?
- Will non-standard equipment including modems, alarm systems, fax machines, multi-function printers, and the like work in an SD-WAN environment?
- Is the upgrade to be department by department, site by site, or route by route?
- How will external interfaces be managed?
It might be apple-pie and motherhood, but the preparation of a proper project plan, with an emphasis on risk, must be prepared and adhered to. Other areas that need attention include communications with stakeholders to keep them onside with the roll-out plan.
No plan or an incomplete or ill-thought-out plan means that the roll-out will not proceed properly. Applications will be affected, or not work at all. In a multi-site or campus network, some areas may lose connectivity. Project Plans and Backup or roll-back plans are a necessity.
Transition to an SD-WAN is on the face of it, an easy task, but as always the devil is in the detail. It needs careful planning and management.