Traditional network architectures are inherently fragile, often relying on a single transport type to connect branches, production facilities, and data centres. The imperative for networks to maintain resilience has grown significantly, particularly due to the delivery of customer-facing services at branches and the increasing reliance on interconnected machines in operational environments. The cost of network downtime can now be quantified in terms of both lost customers and reduced production.
Distributed Enterprises Face New Challenges
As the importance of maintaining resiliency grows, so does the complexity of network management. Distributed enterprises must provide connectivity under challenging conditions, such as:
- Remote access for employees using video conferencing
- Local breakout for cloud services to avoid backhauling
- IoT devices left unattended in public places
- Customers accessing digital services at the branch or home
- Sites in remote areas requiring the same quality of service
Network managers require intelligent tools to remain in control without adding any unnecessary burden to end users. The number of endpoints and speed of change has made it impossible for human operators to manage without assistance from AI.
AI-Enhanced Network Management
Modern network operations centres are enhancing their visibility by aggregating data from diverse systems and consolidating them within a unified management platform. Machine learning (ML) and AI are employed to analyse data originating from enterprise networks, telecom Points of Presence (PoPs), IoT devices, cloud service providers, and user experience monitoring. These technologies enable the early identification of network issues before they reach critical levels. Intelligent networks can suggest strategies to enhance network resilience, forecast how modifications may impact performance, and are increasingly capable of autonomous responses to evolving conditions.
Here are some critical ways that AI/ML can help build resilient networks.
- Alert Noise Reduction. Network operations centres face thousands of alerts each day. As a result, operators battle with alert fatigue and are challenged to identify critical issues. Through the application of ML, contemporary monitoring tools can mitigate false positives, categorise interconnected alerts, and assist operators in prioritising the most pressing concerns. An operations team, augmented with AI capabilities could potentially de-prioritise up to 90% of alerts, allowing a concentrated focus on factors that impact network performance and resilience.
- Data Lakes. Networking vendors are building their own proprietary data lakes built upon telemetry data generated by the infrastructure they have deployed at customer sites. This vast volume of data allows them to use ML to create a tailored baseline for each customer and to recommend actions to optimise the environment.
- Root Cause Analysis. To assist network operators in diagnosing an issue, AIOps can sift through thousands of data points and correlate them to identify a root cause. Through the integration of alerts with change feeds, operators can understand the underlying causes of network problems or outages. By using ML to understand the customer’s unique environment, AIOps can progressively accelerate time to resolution.
- Proactive Response. As management layers become capable of recommending corrective action, proactive response also becomes possible, leading to self-healing networks. With early identification of sub-optimal conditions, intelligent systems can conduct load balancing, redirect traffic to higher performing SaaS regions, auto-scale cloud instances, or terminate selected connections.
- Device Profiling. In a BYOD environment, network managers require enhanced visibility to discover devices and enforce appropriate policies on them. Automated profiling against a validated database ensures guest access can be granted without adding friction to the onboarding process. With deep packet inspection, devices can be precisely classified based on behaviour patterns.
- Dynamic Bandwidth Aggregation. A key feature of an SD-WAN is that it can incorporate diverse transport types, such as fibre, 5G, and low earth orbit (LEO) satellite connectivity. Rather than using a simple primary and redundant architecture, bandwidth aggregation allows all circuits to be used simultaneously. By infusing intelligence into the SD-WAN layer, the process of path selection can dynamically prioritise traffic by directing it over higher quality or across multiple links. This approach guarantees optimal performance, even in the face of network degradation.
- Generative AI for Process Efficiency. Every tech company is trying to understand how they can leverage the power of Generative AI, and networking providers are no different. The most immediate use case will be to improve satisfaction and scalability for level 1 and level 2 support. A Generative AI-enabled service desk could provide uninterrupted support during high-volume periods, such as during network outages, or during off-peak hours.
Initiating an AI-Driven Network Management Journey
Network managers who take advantage of AI can build highly resilient networks that maximise uptime, deliver consistently high performance, and remain secure. Some important considerations when getting started include:
- Data Catalogue. Take stock of the data sources that are available to you, whether they come from network equipment telemetry, applications, or the data lake of a managed services provider. Understand how they can be integrated into an AIOps solution.
- Start Small. Begin with a pilot in an area where good data sources are available. This will help you assess the impact that AI could have on reducing alerts, improving mean time to repair (MTTR), increasing uptime, or addressing the skills gap.
- Develop an SD-WAN/SASE Roadmap. Many advanced AI benefits are built into an SD-WAN or SASE. Most organisations already have or will soon adopt SD-WAN but begin assessing the SASE framework to decide if it is suitable for your organisation.
Cyber threats are growing in volume, intensity, and complexity and are here to stay. Basic endpoint attacks are becoming intricate, multi-stage operations. Cybercriminals are launching highly coordinated and advanced attacks. This evolving threat landscape affects businesses of all sizes, jeopardising data, operations, and finances.
In the face of massive data leaks, costly ransomware payments, and an ever-expanding and complex threat landscape, the need to strengthen digital defences has driven significant advancements in cybersecurity.
Read on to find out how organisations, governments, industry associations and technology providers are evolving ways to combat cybercrime.
Download ‘Securing the Future: Cyber Resiliency in the Digital World’ as a PDF
“Cloud is universal – everything is going to be on the cloud soon! If you are not moving to the cloud, you are going extinct! AWS, Microsoft and Google are going to rule the world!” This has been the hyped narrative for some time now. But watch out New World – the Old World is fighting back!
Traditional vendors like HP Enterprise, Cisco, and Oracle are all deploying strategies to remain relevant in the new world. For these vendors – especially for HPE and Cisco that come from a predominantly hardware background – the future is hybrid. They picture a world in which the data centre – either on-prem or in a co-located facility – thrives on, in tandem with the cloud. This is a reasonably good bet. For most large enterprises with a huge repository of applications and data sitting in the data centre, migrating everything to the cloud is a nightmare – fraught with risk and very expensive.
Ecosystm research shows that 32% of organisations have deployed containerisation – and this percentage will only grow. The ability for firms to toggle between data centre bare metal based applications and completely on-the-cloud ones is becoming more manageable by the day. This enormous flexibility allows a firm that has large compute needs to keep some stable workloads in a data centre, whether on-prem or co-located, while simultaneously using cloud-based workloads, optimising spends and performance.
Here is a glimpse into the strategies of three key vendors.
HPE’s ‘as-a-service’ Messaging is Spot on
Two years ago, Antonio Neri boldly went where no HPE CEO had gone before, promising that HPE’s entire portfolio would be available ‘as-a-service’ within 3 years. At the recently concluded HPE Discover event, there were a flurry of announcements to showcase that GreenLake is indeed on its way to meet that ambitious goal in 2022.
HPE’s recent announcements show customers that GreenLake is an end-to-end solution for managing their IT infrastructure moving forward. It ticks all the boxes: providing flexibility and scalability; the advantage of using both data centre and cloud; and high manageability and security with a full suite of applications.
Examples are the partnership with Azure Stack HCI, to add to earlier ones with leading vendors like SAP, Citrix, and VMware. HPE is building a platform that provides customers with the comfort that they can adopt GreenLake and pretty much have access to any application they may choose to implement – offering full coverage from the Edge to the Cloud. It is extremely interesting that GreenLake allows the option of switching on and switching off processor cores as needed, and the customer pays based on usage. This is surely a first for the industry!
Another example is Lighthouse, which allows the customer to rapidly configure, and provision workloads based on dynamic needs. While all the hyperscalers provide similar services when the workload is on the cloud, Lighthouse allows the same flexibility and speed for cloud services which can be run in the data centre, on-prem, co-located, or even at the Edge.
A third example was the announcement of Project Aurora which will add an additional security layer from validating the input data all the way to verifying the workload at the start and then as it is running. It appears to use an AI/ML system that checks for unexpected behaviours to detect any kind of malware.
It makes good sense for HPE to push GreenLake and move to offering ‘everything-as-a-service’. As one of the incumbent enterprise hardware business leaders, this is a good response rather than to watch one’s business continue to shrink YoY. GreenLake is HPE’s way of futureproofing themselves and making sure they stay relevant in the new cloud world.
Cisco Secures the Hybrid Workplace
Cisco has been active launching Cisco Plus earlier this year, as their bridge to the as-a-service model with a network-as-a-service (NaaS) offering. Somewhat like GreenLake, Cisco Plus offers flexible consumption for compute, storage, and networking. They are committed to offering most of their portfolio as-a-service over time.
Cisco has shown some resilience in terms of revenue but has still been struggling to grow. After a steady growth since 2017, the revenues dropped by 7% in 2020 almost as a direct impact of COVID-19. The post-pandemic world has the potential of being a bigger threat for Cisco. Many estimates show the number of people working from home is likely to go up dramatically and Cisco’s key networking offering could rapidly become redundant. However, at Ecosystm we believe that the hybrid work model will be predominant.
Cisco is also betting on a hybrid world. No matter where one works from, there are networking needs. Cisco’s focus, therefore, is on security – this will be on the mind of virtually any enterprise as it chalks out its future strategy. With a hybrid environment, making everything secure becomes more complex while continuing to be vital. Cisco has a heavy emphasis on Secure Access Service Edge (SASE) – the idea that the security envelope now has to be a flexible form that has a presence everywhere that the enterprise needs to be. This will make a lot of sense to most enterprises as they tread the hybrid path.
Cisco will offer a portfolio of tools to make it increasingly easier for customers to use multi-cloud, multi-vendor environments, offering the best of both worlds.
Oracle Incentivises Cloud Migration
Oracle has a different approach because they are trying to solve a different problem. They are competing with the hyperscalers, while fully acknowledging a hybrid world. However, as a company with less legacy in hardware, it makes sense for them to focus on migrating to cloud rather than on hybridisation. Oracle has just announced that they will subsidise existing customers who add cloud workloads with them, by providing discounts on the existing licensing fees that the customer is paying Oracle. This discount appears to be around 25% to 33%. In essence, this means that if a customer spends about USD 100k with Oracle on licensing and decides to start moving workloads to the Oracle Cloud worth somewhere between USD 300-400k, they can potentially write off the entire license fees they are currently paying!
Conclusion
There is a strong effort from every vendor right now to retain and consolidate their customer share and build a vision that convinces the customer that they are the way to go. For the traditional hardware players that vision is of a hybrid world – attractive to today’s large enterprise. For the likes of AWS, Microsoft, Google, and Oracle it is all about moving the customer to their cloud. The assumption of course is that moving someone to your cloud will lead to more of your apps being used by the customer. For the hardware vendors like Cisco and HPE, it is all about moving the customer to their own platforms which empower hybridisation. In all cases, a necessary component is to offer ‘everything-as-a-service’ upending the traditional models of selling.
In my opinion, with time the IaaS portion of the cloud is likely to gradually devolve into something like a utility. There will be a lot of upheavals and market disruption before we get there, but eventually, software and other services are likely to stand separate from the infrastructure provider. All the vendors are therefore depending on capturing the customer at the platform-as-a-service (PaaS) level, but even this is likely to get commoditised over time. Eventually, the winners will be disparate providers of the best applications for different functions. Meanwhile, we are in for an extremely interesting ride as we see all the vendors jockeying for space!
Last week AT&T announced a partnership with Fortinet to expand their managed security services portfolio. This partnership provides global managed Secure Access Service Edge (SASE) solutions at scale. The solution uses Fortinet’s SASE stack which unifies software-defined wide-area network (SD-WAN) and network security capabilities into AT&T managed cybersecurity framework. Additionally, AT&T SASE and Fortinet will integrate with AT&T Alien Labs Threat Intelligence platform, a threat intelligence unit to enhance detection and response. AT&T has plans to update its managed SASE service during the year and will continue to bring more options.
Talking about the AT&T-Fortinet partnership, Ecosystm Principal Advisor, Ashok Kumar says, “This move continues the trend of the convergence of networking and security solutions. AT&T is positioning themselves well with their integrated offer of network and security services to address the needs of global enterprises.”
Convergence of Network & Security
AT&T’s improved global managed security service includes features such as secure web gateway, firewall-as-a service, cloud access security broker (CASB) and zero-trust access, which provides security teams and analysts with unified capabilities across the cloud, networks and endpoints. The solution aims to enable enterprises to create a more resilient network bringing the core capabilities of the two companies that will reduce operational costs and deliver a unified offering.
Last year AT&T also partnered with Cisco to expand its SD-WAN solution and to support AT&T Managed Services using Cisco’s vManage controller through a single management interface. Over the past years multiple vendors including Fortinet have developed comprehensive SASE solution capabilities through partnerships or acquisitions to provide a unified offering. Last year Fortinet acquired Opaq, a SASE cloud provider to bolster their security capabilities through OPAQ’s patented Zero Trust Network Access (ZTNA) cloud solution and to strengthen SD-WAN, security and edge package.
The Push Towards Flexible Networking
Kumar says, “The pandemic has created a higher demand and value for secure networking services. Enterprises experienced greater number of phishing and malware attacks last year with the sudden increase in work-from-home users. The big question enterprises need to ask themselves is whether legacy networks can support their evolving business priorities.”
“As global economies look to recover, securing remote users working from anywhere, with full mobility, will be a high priority for all enterprises. Enterprises need to evaluate mobile SASE services that provide frictionless identity management with seamless user experiences, and be compatible with the growing adoption of 5G services in 2021 and beyond.”
The Top 5 Telecommunications & Mobility Trends that will dominate the telecom industry to watch out for in 2021. Signup for Free to download the report.