Mathias Rosenthal - Fotolia
When it comes to IT teams ensuring network security and enabling network transformation, the view on how to get there may be cloudy.
Three networking bloggers recently explored the role of cloud network services on network transformation, network planning and network security. Overall, cloud network services can be transformative and introduce disruptive technologies, such as software-defined perimeter (SDP), but IT teams should have solid plans in place in case of failure.
For transformation, cloud network services -- carrier cloud, in particular -- are the way to go. Yet some telecom operators may be too late to the cloud party, according to Tom Nolle, president of CIMI Corp. The adoption of carrier cloud didn't occur as quickly as some experts predicted, Nolle said, which slowed several other revolutionary facets of networking, including service lifecycle automation's profit margin, Opex reductions and an organization's ability to decrease spending on network equipment.
While cloud services could reduce Opex, Nolle said operators already fell behind schedule on his transformation model of carrier cloud opportunity drivers, so catching up wouldn't be easy. However, organizations could measure their level of transformation success by their moves from network device investments to carrier cloud investments. While organizations may be behind in this transformation timeline, a 15% Capex shift to carrier cloud could corroborate successful transformations, Nolle said.
"Opex low apples have been picked, and even if the telcos were to suddenly realize that they needed only to employ cloud measures and concepts to reduce Opex, decisive changes aren't available today at the same high ROIs that were available five years ago," Nolle said.
Read more of Nolle's thoughts about carrier cloud's effect on network transformation.
Create clear context for cloud network services
On the path toward constant improvement and transformation, IT teams may lose sight of a project's actual plan or purpose. Teams can prevent this technological existential crisis with contingency plans, according to network engineer Russ White. Teams can develop these plans to effectively react to a potential future event, including centralized service failure, among other issues.
Cloud network services can benefit organizations, but investing in them without a solid contingency plan prevents teams from reaping those benefits. Many teams may assume cloud network services are consistently more secure and agile than other technologies, White said, but these services can fail -- and teams must prepare for that. Teams should understand any potential risks built into their networks so they can respond accordingly and prevent massive failures if something goes wrong.
"The point is not that we should not use cloud services," White said. "The point is that systems should be designed so any form of failure in a centralized component should not cause local services, at least at some minimal level, to fail."
Explore more of White's thoughts on constructing coherent context in cloud contingency plans.
Cloud network security from the SDP
In the world of cloud-based network security, SDP is like sunshine on a cloudy day. Cloud Security Alliance developed SDP, which is already seen as a disruptive technology, according to network architect Matt Conran. SDPs are similar to zero-trust networks, as all endpoints must go through authentication and authorization processes before accessing the network.
SDP is a naturally cloudy network security framework: It creates two-way encrypted connections so potential bad actors can't see beyond the connection and perimeter. Because SDP restricts user access to networks, it minimizes a network's attack surface and, therefore, the amount of damage bad actors could cause, Conran said. While SDP has its flaws, this framework could address several common network security issues.
"The steps that software-defined perimeter proposes are needed," Conran said. "Today's network security architectures, tools and platforms are lacking in many ways when trying to combat the current security threats."
Learn more about Conran's thoughts on SDPs.