Tsunami of Cloud? Four Steps to Retake Your Branch

By Dave Chen, Senior Product Marketing Manager
Share Post

Aruba is presenting and exhibiting at SD-WAN Summit Paris to tackle a big shift in branch architecture that is disrupting IT left and right. We've seen tremors within the networking industry over the past decade, especially as mobility and Internet of Things (IoT) signaled a change in how IT managed, secured, and onboarded devices that business units themselves brought into the corporate arena. This added complexity and spurred networking innovation with advanced RF automation and policy management, e.g. ClearPass, to help accelerate employee productivity. The compromise that IT made was to cede the primary role of connectivity from wired to wireless access, and adopt SD-WAN to manage hybrid connections.

SD-WAN itself brings many benefits and advancements to the wide area, yet its importance to the larger branch network is understated. SD-WAN signals a greater need to rethink branch architecture across all of its components. Today, IT continues to deploy wired and wireless access, AAA and NAC services, and Quality of Service through disparate workflows. To best address branch-wide challenges and, as Keerti Melkote says, tackle the inherent complexities of operational silos, I'll dive through four key steps that IT must consider:

Screenshot 2017-09-23 11.57.46.png

Architecting a solution that prioritizes end-user experience

As end-users continue to bring in their own devices (BYOD) and business units adopt their own technologies (cloud services or IoT), IT needs to react quickly to changing behavior. The traditional notion of a security perimeter no longer applies in an environment where users within a traditional business group interact with the network with different devices, in different locations, and using different applications. By re-architecting the network to emphasize roles, we can apply greater granularity to Quality of Service (QoS) requirements such as prioritizing video streams over voice streams based on user information, and extend this control from the WLAN to the LAN and WAN. In effect, this means that user, device, location, and application are key metrics that the network gathers to enhance the overall experience.

Integrate contextual awareness with Network Access Control

We then take these metrics and apply security actions through ClearPass's Network Access Control (NAC). This enables IT organizations to establish deeper policy controls and ensure end-users are abiding by corporate regulations. For instance, we can permit, limit, or deny access to a specific application, such as YouTube, based on the key metrics I mentioned previously. This serves to automate network and policy management with a much simpler approach that requires no manual changes. Being context-aware is the key to designing a more secure, stable, and simple network.

Designing networks for greater performance and capacity

Screenshot 2017-09-23 12.21.32.png

The number of connected devices is projected to grow to 30 billion IoT devices by 2020 and over 75 billion by 2025, and cloud services spending continues to grow, with projections forecasted at $127 billion by 2018.

With increasing focus on user role and behavior, IT can gain greater insight just as traditional infrastructure is reaching capacity. Enterprises can stay ahead of these disruptions to the business by planning for network capacity. Adopting the latest wireless standards with 802.11ac, multi-gigabit wired with 802.3bz, and Software-defined WAN can help IT grow the intelligence they gain from all components of the network and improve user experience end-to-end.

Combine LAN, WLAN, and WAN with common management

The last point here is about cost and complexity. As IT continues to operate on limited resources and simultaneously manage increasingly complex infrastructure, the ability to plan for new network requirements diminishes. By unifying management and policies across LAN, WLAN, and WAN, IT can dramatically simplify the network and reduce the burden on deployment and configuration for both enterprises large and small.  In effect, Aruba uses software-defined controls provided by AirWave and ClearPass. Taking wireless as an example, ClearPass can simplify SSID management by applying context-awareness to users and segment traffic dynamically.

Screenshot 2017-09-23 12.19.42.png

There are many ways to deploy these attributes into your network, so if you have questions, please drop a comment! You can also visit our website, for more information into policy management and user behavior.