2017 has been a year of incredible progress and change for Enterprise Networking at Cisco. We redefined networking this year with the world’s first intent-based networking system. We believe that intent based networking is the future of networking – fundamentally changing how we think about networks and empowering IT to deal with disruptions caused by cloud and IoT.
2018 promises to be an equally dynamic year for Cisco and for the networking industry. Here are a few thoughts on trends I see as we enter the new year:
- Next gen network analytics goes mainstream – Network assurance powered by next-generation analytics will move from a mostly wireless-only focus to a more holistic view.
Where we’re at: 2017 saw the start of next-gen analytics being applied to help customers operate wireless networks. However, this is way too narrow of a lens and not reflective of customers’ actual needs. Analytics engines need to be able to source and analyze telemetry from a broad spectrum of assets.
Where we’re going: 2018 will see the expansion of next generation analytics being applied to more domains such as switching and SD-WAN to provide 360 degree views of the network, user, and application. As we move through 2018, the above combined with the application of simulation, machine learning, and AI to these new data sets will enable IT to move from a reactive to a proactive stance. These changes will drive network assurance into the mainstream and out of the niche.
- SecOps and NetOps lines blur – IoT will take the #2 slot behind Ransomware as a top area of corporate and public concern. This will ultimately force companies to reevaluate their security architectures and drive SecOps (Security Operations) and NetOps (Network Operations) teams closer than ever before.
Where we’re at: It took years for Ransomware to build into an epidemic, but some of the infrastructure that ransomware campaigns rely on, such as Bitcoin, Tor, and malware developer communities, are now common place and can be reused by IoT attackers. We have already seen the first wave of massive attacks leveraging unsecured IoT devices starting back in 2016 with Mirai. The OS security posture of most IoT devices is very weak, and while many companies we work with are already very aware of these weakness, every day they awake to yet more and more of these unsecure IoT devices on their networks. Simultaneously, core business processes are becoming increasingly dependent on these devices and their availability. Historically, IT shops had to secure a finite set of OS variants, with MacOS and Windows being the dominant ones to focus on. With IoT, the number of OS variants an enterprise must secure goes up exponentially. Meanwhile, IoT devices can’t host a security agent, can’t perform a multi-factor authentication to prove identity, and often can’t be easily patched.
Where we’re going: The classical security model will need to be rethought and the network will need to play a greater role in both detection and segmentation than ever before bringing security operation and network operations teams even closer together.
- Finding balance between security and privacy – Selective or intelligent decryption will grow as a requirement.
Where we’re at: With the rise of cloud and SD-WAN we are seeing dramatic increases in encrypted application traffic. Today, most web proxies or other security devices that break into the middle of traffic do so in an all or nothing manner for large swaths of network traffic. This is not optimal for privacy, scale / cost, and user experience reasons. For instance, in SD-WAN topologies often the fastest path to a cloud service is now closer than ever to the branch as most of the major SaaS providers continue to push their content closer and closer to the user. Routing that traffic to a central inspection point for decryption does not always make sense, especially for trusted applications as the added latency can adversely impact user experience and increase costs. In addition, this creates tradeoffs with user privacy as a user’s personal traffic and corporate traffic will likely be decrypted as part of the inspection.
Where we’re going: In 2018, we will see more companies realize the need to be more selective in what they inspect. Decentralized techniques that inspect a flow or DNS connection for signs of malicious activity before deciding to decrypt will be increasingly favored vs the traditional model of a centralized proxy. This model requires the network to be more agile and be able to both provide the necessary telemetry and to dynamically redirect flows for increased levels of inspection as required.
- Automation as a competitive differentiator – Automation of IT across the enterprise network will become a key competitive differentiator for companies.
Where we’re at: Today, IT administrators perform many tasks manually and thus the ability to roll out a new digital service or make changes to respond to changes in business conditions is measured in weeks or months.
Where we’re going: With Intent Based Networking (IBN), IT administrators can begin to respond in near real-time to business needs. This creates a better and more productive environment for users and also creates first-mover advantage for companies who are fast adopters of automation and use it to accelerate their company’s digitization journeys. Additionally, as these IBN systems are interconnected with other IT systems via open APIs the impacts and benefits of this automation can be further multiplied. Many businesses already understand this connection between automation and their company’s digitization goals. Those that are aggressively pursuing automation will begin to pull away in 2018 as they drive new waves of productivity in their IT shops enabling more sophisticated use cases and better agility for their companies.
- Computing is pulled to the Edge – Distributed computing traction will continue to grow.
Where we’re at: For years, routers and now increasingly switches have been shipping with extra x86 compute embedded in the platforms. At the same time, increasingly, we are seeing full-server like platforms such as Cisco’s ENCS be used at branches with virtual network functions. Additionally, frameworks are coming to market like Cisco Kinetic or serverless compute models from major IaaS vendors that make it simple to distribute and manage workloads. This combination creates a large, easily enabled supply for distributed computing. However, only recently have we seen these resources start to be used in earnest and IoT is likely the key use case to drive the demand side.
Where we’re going: Given the amount of telemetry from IoT sensors and the need to make real time distributed decisions with low latency, IoT lends itself very well to a distributed compute model. 2018 will be the year where we see the number of these use cases begin to grow dramatically and new waves of innovation be created that make the network an integral part of the compute fabric.
There is so much more we could discuss and debate, and I would love to hear your thoughts on where 2018 will take us. I couldn’t be more excited for the year ahead and thank you for all the support in 2017.
Excellent Blog Scott and it's great to see Cisco leading the charge in all of these areas! Happy New Year and looking forward to a stellar 2018!
A concise and well thought out overview. Good direction-setting for all of us in IT as we roll into 2018. Thank you.
Great blog Scott..It was all about getting right insights from the network telemetry, next step is around taking actions to close the loop – automatically and in real-time.
I believe a big one is missing
With SDX technologies appearing, people will have to change their old habits, as anyone can deploy a WAN, a DC network.
No need anymore for CCIE, training, which are always needed to recoup with new versions.
Simplicity makes deployment easy, and people focus more on Apps..and indeed security
Forget the last 25 years of ways of configuring networks!
Excellent post. Very interesting note about trends for 2018. Thanks.
Comments are closed.