Please stay with me on this one, it’s a slightly boring topic, but I’m sure if you’re involved in buying, designing, maintaining or looking after IT Servers, Networks, Cloud Systems or something similar, then you’ll take something of use away from this read.
The emphasis today is really on the design and structure of your network and how the future world differs to how things have been done in the past.
In years gone by, when someone wanted a new application or service, the IT team would spring into action and likely either do one of two things. They’d order a new server/deploy a virtual server to install the application and store said server within the company datacentre or server rack. In some instances, this server might be deployed in a partner datacentre that was just an extension of their network.
This worked perfectly well at the time though it did have a bunch of pros and cons. The pros were generally once an application was deployed on the network, it was easy for everyone to connect into (assuming network standards had been followed!). The downside of course, not for all networks, but for the vast majority is that the application was poorly isolated from either other applications, or from the users computers. Wrongly, the LAN was treated as a trusted area. As we know, computers aren’t always doing what their users want them to, occasionally, code is ran on computers which is running with malicious intentions against your business and customers. In this design, once an attacker was on the LAN, they could happily roam around talking to other machines and exfiltrating data via other machines or gleaning more information from the wider network. Looking at things like WannaCry and other recent attacks, the idea of flat VLAN networks, or overly open networks doesn’t really seem like such a great idea.
The upside of this design (there had to be one!) is that it was very flexible and allowed systems to talk at high speed and with minimal setup.
Cue the future. Like it or not, more and more services are either moving to the Cloud or a Partner Datacentre which lets traditional servers work and be accessed in a more controlled manner. In this model, the “on-premise” network starts to become little more than an Internet connection to connect into third party services or company hosted services.
This very change in usage represents a seismic shift in the way that Office networks should be designed an operated. It presents an opportunity to bolster security with minimal fuss to users.
You can start to ask questions like “If everything is hosted in the Cloud, do devices on the LAN really need to talk to each other anymore?”. How about “If it’s just an internet connection, what other options of connectivity do we have?”, or “How should we authenticate people against our internet connection and what can they see from there onwards?”.
At a fundamental level, this change is more important than ever. You might have some exceptions of course, but they can be securely designed in. For the most part however, no computers should need to cross communicate on the LAN.
What’s the benefit of this? Imagine one computer gets infected with the latest Cryptolocker virus, it should only affect that computer and user which starts to minimize the amount of damage an attack can deliver. Segmenting devices be it laptops, desktops, printers or anything else with an IP Address is never going to be a bad idea. Lots of Wireless vendors support this out of the box and the same can be done easily with wired connectivity on Managed Switches. The advantage to your business is making it harder for sensitive data to leave, making it harder for hackers to have hooks into your network and making it harder for security breaches to lead to things like GDPR related fines.
Re-architecting a network in this way also has many other benefits. Imagine you cannot get physical access to your office (say a Gas Leak, Train Strike, Power Cut or other event has occurred) you immediately have some level of BCP DR by default. You’ve cut dependency on a physical location and you can allow your users to access the network from wherever you want.
This leads onto the other point of this article. The imminent arrival of 5G Networks. This will utterly change the world of business connectivity as we know it – and for the better!
Right now, as a business, you assess how many staff are based at a location, how important it is to the business, you assess what network access options you have and hope that you can get something better than an ADSL circuit! If you’re in luck, you’ll be very near an exchange and a not so expensive leased line option will be available. If you’re not in luck, you’ll be stuck with either poor connectivity or expensive specialist options. Either way, they’ll both take considerable time and investment to get up and running.
One alternative some businesses have gone for in the short term has been 4G connectivity. The biggest limiting factor for 4G however has been its nigh on impossible to get either unlimited data plans or very high use data plans. This means at best, 4G has been either a temporary solution, or a solution with significant drawbacks due to the transfer limits.
With 5G that looks like it’ll change. Imagine a world where you can order a useable 300-500Mb/s circuit to anywhere in the country and have it up and running within 24/48 hours? That really does change the world we live in and what we can do, and It’s coming sooner than you might think.
The downside to this of course, is that to get the best out of a 5G network, and to make implementing that as straightforward as possible, you need to have an architecture aligned to tomorrows network rather than yesterday’s network.
This change will come around relatively quickly and will greatly improve the reach and access of all your locations. In that guise, it can significantly change how you, your teams and your cloud services work. The change to the network is relatively minor, but pays off in a big way if you can get it right.
From a business perspective, more businesses will be able to compete differently from their existing physical locations due to a surge in connectivity throughput, it’ll enable new industries and ways of working. Make sure you’re ready to be a part of it!
At Factory Internet, we provide vendor agnostic guidance, implementation, migration and operation on Cloud, Connectivity, Computing and IT Services. If you want one of our experts to help assess how your network, cloud systems, connectivity or IT services work and direct you towards a better future, get in touch!