Before going to understand network & security trend in 2019 onward, let’s understand how the network & security design and requirements changed over the years. Once we will be able to virtualize this concept, we can easily say where the trends are going and focus on what all technology.
In Early 1990 there was a tradition of using MONOLITHIC servers which has large numbers of CPU, it has Propriety OS which has a very high cost and takes more space, Power in DC. These servers were also called First generation data center servers. At that time there was a concept of frame relay and X.25 WAN services which are based on virtual circuits and were very slow. At that time also there was a very large number of storage device like magnetic disk used, for desktop floppy drives were used.
Now as time grows and technology becomes advance and at early 2000, commodity servers comes in picture which has few CPU and is based on X86 Platform, it has commoditized OS and is mapped with One application per Server, with this mapping it also contributes to high cost and Power, it also takes very large Space but respectively lesser than Monolithic servers. These type of Infrastructure servers are called second generation data Centers. In 2000 our WAN also changed to MPLS based circuit which works on label switching was readily fast and supported high-end multimedia and application. From a security point of view by that time we were able to use various security products from various vendors like Cisco – PIX, ASA, Checkpoint, Dell firewall.
Even though we were progressing that time, security was a great challenged in terms of branch security, Datacenter Perimeter Security along with threats which were being developed these days.
With respect to these challenges there were other challenges also which are discussed here:
High-Availability: All the component of Datacenter and making it High-Available with respect to network availability, Compute, Storage and Application availability across DR site were a great challenge and was costly due to less number of available resources.
Low latency: There were challenges of low latency of application access, WAN, computer, storage due to not such advancement of technology.
Scalability: Scalability of a data center, a design should be such a way that a number of users’ increases, Datacenter components must be increased as per requirement.
These challenges were additional challenges apart from the above discussed in the 2000 year.
As the technology becomes more advanced, by 2007 we reach to a capability to design more reliable, a scalable data center with three-tier architecture were developed with the advancement of high-end Firewall for threat management, identity management, content management and feature like IDS and IPS, antivirus management etc.
With this, we were able to achieve our goal, but with this approach, to design and integrate any application it took approx. 90 days or more, with more configuration overhead on each device in between source and destination. Due to this these causes more operational cost.
Now advancement of storage and computer were done, as it made vendors developed high configured blade servers with high CPU and RAM for fast processing, In storage areas SAN was developed which runs on FC protocol and based on block level storage.
As advancement made on computer and storage is done, by 2014, software-defined networking evolved which made a paradigm shift in network & Security approach. By SDN it not only solved the three-tier Architecture approach but also provided the orchestrated approach towards network and security due to which a network is made ready based on demand and all the network and security information was contained on the controller and it was controller who programs the network base on demand and endpoints connection.
There were various OEM which provide SDN feature as next-generation design approach in DC LAN side. Some of them are discussed here.
- Cisco: ACI
- VMWARE: NSX
- Juniper: Contrail
Like, in Datacenter, SDN capabilities were developed, on WAN side also automation and orchestration were done in terms of intelligent routing. In WAN side it started with MPLS then IWAN and then SD-WAN technology which dynamically select the route or path to the destination based on the following parameters:
- Policy configured
On SD-WAN side there are also various OEM which has provided SD-WAN solution:
- Cisco: viptela
- VMWARE: Velocloud
- Juniper: Contrail –WAN
- HP: SD-BRANCH
Insecurity also OEM have developed various next-generation products which can be easily integrated with SDN solution in form of service chaining. These products are in form of physical appliances or virtual appliances like ASA, Palo Alto etc.
Slowly and slowly we are moving towards cloud platform, which can be private, public or hybrid. Now trends are going towards public clouds like AWS, Alibaba, AZURE, Google, where all DC application is integrated into this cloud and users can easily access their application, which not only reduces the opex cost but also the capax cost, achieving the same level of latency. All the network and security components can be easily integrated on a cloud platform to achieve the same level of security and resiliency.