Three-tier networking shows its limitations in a world where more companies are shifting to a cloud-ready environment and embracing software-defined networking (SDN) architecture.
Thiani Naicker, BD lead at Westcon-Comstor Sub-Saharan Africa
While not inherently flawed, the traditional approach does not provide the agility and flexibility companies need to adapt to the rapidly-changing landscape where work from anywhere has been normalised. Instead, it is the software-driven approach that delivers a more holistic management environment, bringing granular security and the ability to repurpose existing hardware investments, thereby significantly extending their shelf life.
SDN systematically designs networks from the ground up based on centralised control over forwarding elements. Such an architecture is directly programmable, centrally managed, and programmatically configured using vendor-neutral open standards.
From a business perspective, SDN delivers the architecture needed for designing networks that reduce operating expenses by centralising control that configures and extends all network data path elements and services. In effect, this physically separates the network control and forwarding functions. And by gaining the ability to program network control on a software level, an organisation can ensure the performance of applications and network services are optimised.
Of course, SDN is not a new thing. Companies began experimenting with the architecture almost a decade ago. But it is only since 2017 when widespread interest was piqued as businesses started focusing more on private cloud implementations. It became the logical choice for turning traditional networks into an agile, programmable set of connections suitable for supporting the more volatile environment that is any type of cloud, including private.
And while this has been an ongoing process, events of the past year have given fresh impetus to the importance of migrating workloads to the cloud and developing cloud-native applications. With employees working remotely, it has become a business imperative to equip them with the means of securely accessing corporate data and systems.
But even within the context of a widely distributed worker base linking to the corporate network using personal devices and connections, mission-critical applications will likely continue to reside on-premises for the foreseeable future. Deploying and maintaining a mix of cloud and on-premises applications will continue to be a careful balancing act for the IT teams of organisations. As mobile devices try to access back-end systems surges, decision-makers have turned to Zero Trust security architecture to enhance SDN further.
Fundamentally, Zero Trust is a security concept based on the notion that companies, and their employees, should not automatically trust anything inside or outside its perimeters. This overrides many years’ cybersecurity training that taught users how to identify suspicious links and URLs while assuming that links and documents within the network parameters would be safe.
Today, SDN needs to deliver an integrated solution capable of adopting Zero Trust across all its applications, whether on-premises or hosted in the cloud. Furthermore, administrators need tools to ease access management and configuration of these applications.
One of the ways to achieve this is through BIG-IP, a collection of hardware platforms and software solutions providing services focused on security, reliability, and performance. Recently introduced, F5 on Azure is a completely software-driven offering that combines five BIG-IP virtual editions (VEs) for Microsoft Azure and making it available as one solution.
Because it is software-driven, no hardware must be installed to affect business change. It is a case of purchasing the software needed and then scaling it according to how network demands might change over time.
Such a software-driven approach results in the immediate delivery of an environment that ensures security across physical and virtual stacks regardless of where employees are accessing systems from. Companies can therefore move their business-critical applications into the cloud without the worry of data compromise.
This is vital given the continually expanding attack surface targeting workers operating outside the relative safety of the corporate network. The reality is that cloud-based systems must be protected from the likes of SQL injections, L7 denial of service (DoS) attacks targeting the application layer, as well as unknown and zero-hour threats. Having SDN solutions in lace that integrates with Azure while providing customisable security settings and comprehensive application and security compliance is critical in the modern business landscape.
Being cloud-ready is as much about leveraging SDN as it is about ensuring the security of this access whether to on-premises or virtual applications and services. Employees must remain productive regardless of where they are accessing systems from. And companies must keep the safety and integrity of their data in place to mitigate against the risks of attack or falling foul of compliance requirements. When combined with the right solutions, SDN can deliver this and more.