Based on an interview for the Living on the Edge Podcast
You’re at the register, ready to pay. You swipe your payment card…and….you wait. You wait, because the POS system is authorizing the transaction.
Well, if you’re Michael Wynston, you’re actually counting off the seconds in your head. Why? Because Michael is Director of Global Network Architecture for Fiserv, one of the world’s largest Fintech companies. And they play a critical role in many banking and credit card systems, including POS processing.
On the Living on the Edge podcast, Michael shared his views on training and certifications; Network Function Virtualization (NFV) and SD-WAN, amongst other things.
“We try to always like the best of breed technology. One of the things that we really try to emphasize is no shiny object syndrome, I’m not buying something because the vendor said it’s what you need.”
Never Stop Learning
Just as networking technology continues to evolve, it’s important to keep expanding your level of understanding. Michael’s a believer in the value of ongoing education. “Part of that mindset of never stop learning is to not pigeonhole myself into one particular type of infrastructure. It’s not only about the network, it’s not only about the compute, not only about security. You have to really make sure you understand all the layers to really be a subject matter expert in any one of them.”
He sees Cisco’s CCNA/CCIE program as a valuable foundation for any network engineer, even if their organization isn’t fully focused on Cisco gear. It’s the only program that embraces the full end-to-end process – and once you have that basis, you can broaden your skillset into any area that interests you. And to truly add value, a network engineer should also focus time on developing interpersonal skills. “It’s really hard to find the person that you can put in front of a customer or a consumer or the end-user, the requirements team, and actually communicate with them in a way that they understand”
Network Resilience Means Adaptability
Adaptability is an important concept for Michael and his team at Fiserv. Since the network infrastructure is constantly changing, the features and functions of that network must be able to adapt, and so that means not necessarily doing something today, simply because that’s the way you did it yesterday.
The idea of relying on redundancy also doesn’t thrill him “because quite often redundancy wastes money. You’re building something only in case of fire. I like to build infrastructure so that in case of emergency, resiliency comes into play, rather than dedicating something to just sit and wait for something else to fail.” In other words, design a network that has an inherent layer of resilience, rather than relying on a secondary set of gear – an approach that may work in the data center, but just isn’t cost effective at smaller remote sites.
Opengear’s own solutions align nicely with this. An out-of-band management network can be used as an independent management plane to manage critical devices on a daily basis, not just for emergency access.
Network Function Virtualization
Another approach to adaptability is the use of NFV to provide a flexible and cost-effective network, minimizing abandoned or outdated infrastructure. As Michael explained “we really looked at network function virtualization, not because we wanted to get rid of all of the routers and firewalls and load balancers, but because we wanted to decouple the function that they provided from the actual hardware that you use to provide that particular function.” The NFV approach ensures a more dynamic network, and also allows them to continuously evolve and improve the functionality, while reducing the reliance on a single vendor.
The Pandemic and SD-WAN
Michael has been interested in SD-WAN since the early introduction of the technology. SD-WAN’s initial claim to fame was improving the efficiency of branch locations and reducing the cost of dedicated MPLS lines. But in the last few months, with the sudden pivot to Work From Home, Michael sees a shift from some vendors to address public cloud connectivity, while others are approaching the home office market, with “executive VPN” solutions. It’s another example of how networks and networking vendors must be able to constantly adapt.
And that bring us back to the subject of Shiny Objects: “If you’re just starting to look at SD-WAN, make sure that you start with the understanding that you need a minimum viable product and feature set, to deploy for your first SD-WAN deployment…. There are so many features and functions, and if you try to deliver all of them on day zero, you’re going to end up delivering nothing, simply because it’s just too much to consume.”
Let’s face it. When the world is waiting on your network to let them checkout at the store, avoiding those distractions makes everyone happier.
Hear the full interview here: Avoiding Shiny Objects: Talking SD-WAN, NFV and CCIE
To find out more about Opengear solutions for the Financial Sector: https://opengear.com/solution/financial/
Wherever there’s IT gear, a 4G signal and no local network engineer, Out-of-Band usually follows. So with NASA’s announcement that they’ve picked Nokia to establish a 4G network on the moon, how long before they call Opengear?! We’ve been deployed at the bottom of the ocean, a mile deep in a mine – so why not a few hundred thousand miles over our heads?
Nokia’s CTO, Marcus Weldon said “Reliable, resilient and high-capacity communications networks will be key to supporting sustainable human presence on the lunar surface.”
Isn’t that a textbook definition of why you’d need Out-of-Band? When you can’t easily get an engineer to site, when repairs are difficult and time consuming; when downtime is not an option – that’s when an independent management plane based on local console servers is worth its weight in gold (although with the moon’s gravity, I guess that’s not quite as much as on earth).
The announcement goes on to state ”The network will self-configure upon deployment and establish the first LTE communications system on the Moon.” That immediately brought to mind the idea of the Mars Lander application that was described by Marcio Saito (now at Google), when we launched the new NetOps Console Server. The appliance has an embedded TPM chip, a 4G cellular modem, and is capable of running NetOps tools such as Docker containers and Python scripts. This allows it to be shipped to a remote site – often a hostile environment with no WAN established, and no network engineer available – and when powered up, it performs a Secure Provisioning routine via the 4G Cellular network and Lighthouse management software. Wouldn’t that be useful on a remote planet?
We’ll be waiting for NASA to give us a call. But until then, take a look at the power of the NetOps Console Server. It may not be rocket science – but one day, it might get a ride on one.
At Tech Field Day Cisco Live, delegates saw a demo of Lighthouse 5, showing off the capabilities of Opengear’s brand new Centralized Management software. Each of the delegates is an enthusiastic participant in the wider tech community, and several of them live-tweeted throughout the session, giving an instant view of their reactions.
Marcio Saito, CTO of Opengear, set the stage with an overview of out-of-band management, and the evolution of console servers.
The needs of network engineers have changed as IT infrastructure moves toward hyperscale deployments. With a more cross-disciplinary NetDevOps role, along with a looser coupling of the hardware and software components, companies are looking for less complex design, with low touch and less vendor-specific technology.
Rob Waldie, a Distinguished Engineer at Opengear, then described how the new Lighthouse 5 platform will help users not only with ongoing network resiliency, but also in simplifying the automation and provisioning of their IT infrastructure. With the Lighthouse VPN, Zero touch enrollment, and support for third-party console servers, the capabilities of out-of-band now go beyond monitoring and remediation. Smart Groups and Tagging mean that one instance can now be used to manage thousands of nodes, in hundreds of locations.
But delegates really got excited when he revealed the RESTful API that comes along with Lighthouse 5.
To show the flexibility that this brings to console management, Rob demonstrated a zero touch enrollment of a virtual data center using Slack. With the help of a Lighthouse chatbot, he walked through the provisioning, configuration, discovery and enrollment of a number of virtual devices, all within the Slack channel.
The demo highlighted that Lighthouse 5 is a Centralized Management platform that’s been designed and built specifically for NetOps. The RESTful API lets advanced users tap in to any existing application in their current workflow, and manage their infrastructure within the toolset they are familiar with.
We’ll leave the last word to the delegates:
For more details on Lighthouse 5 Centralized Management, and the full video of the TFD demo, click here
Thanks to the team at Gestalt Media for setting up Tech Field Day – Tom Hollingsworth @networkingnerd and Stephen Foskett @SFoskett.
And to the delegates: Ryan Adzima @radzima; Amy Arnold @AmyEngineer ; Teren Bryson @SomeClown; Jeff Fry @fryguy_pa ; Jordan Martin @bcjordo; Scott McDermott @scottm32768; Richard McIntosh @802Tophat; Eric Stover @Eric_Stover
An IT engineer on contract to an enterprise data center disconnects and then reconnects the power supply. He isn’t authorized to do so. Whoops. No big deal, right? Wrong.
Last month such a scenario played out at a British Airways data center near Heathrow Airport. A power surge then damaged servers providing major applications for online check-in, baggage handling and customer contact systems.
The resulting outage caused the cancellation of 479 flights and impacted 75,000 customers. Estimated cost to British Airways: 100 to 150 million Euros. Estimated damage to British Airway’s reputation: sky high.
Today, many people in data centers have physical access to all sorts of equipment. Locking it down and enabling remote, out-of-band (OOB) management by trusted personnel is a great way to secure it from intentional or accidental misuse.
Human Error is No Longer a Viable Excuse
Following the British Airways debacle, industry experts weighed in to criticize the excuse that the outage was the result of human error. The Uptime Institute’s president, Lee Kirby, said human error is “an overarching label that describes the outcomes of poor management choices.” He pointed to the redundancy requirements in Tier 3 data centers as an antidote to this kind of mishap.
But increasingly, especially with the growth of edge networks serving the Internet of Things, out-of-band management is gaining in popularity as a way to securely and cost-efficiently control infrastructure wherever configurable network devices exist.
Remote Management in Action
Providing out-of-band access to critical infrastructure for reconfiguration or repair isn’t new. It was introduced in the 1980s. Terminal servers and routers with serial ports were used to access infrastructure remotely. Later, reverse telnet and reverse Secure Shell (SSH) enabled administrators to access gear via serial over Ethernet redirection with CLI and terminal access to device consoles.
How can out-of-band access provide secure and cost-effective management in the data center? Cloud hosting provider Secura provides a great case study in the Data Center Journal. With infrastructure in three different Tier 3 data centers in the U.K., the company needed access to it 24 x 7. Sending engineers out for every update, patch or configuration change would have been inefficient and costly. So the company chose console servers with Smart OOB technology.
The out-of-band gear provides monitoring, diagnostics and remediation features to maximize network uptime through efficient recovery from any infrastructure fault condition. Secura has since reduced onsite visits by several days each quarter, more than paying for the solution. If problems arise, the out-of-band management solution is already deployed to quickly help troubleshoot devices.
What OOB Management in the Data Center Can Provide
With more and more workers meeting, working and accessing company resources remotely, it’s no wonder that out-of-band management is becoming ever more popular. Add to that security concerns within the physical data center and in edge networks and the benefits of secure OOB management are clear.
For more information on Out-of-band management in the data center, check out Opengear’s eBook “How Resilient is Your Data Center.”
The forces of globalization have disrupted the network lab big time. No longer are engineers and product developers reliant on being in the room or down the hall. Thanks to the latest generation of Out-of-Band (OOB) management products, they can be working from home or on another continent, running tests on all kinds of equipment at any hour of the day or night.
How can the newest console servers lower your TCO, enhance lab productivity and delight the dev/test staff within your organization? Read on.
Make it Simple
The rising complexity of multi-layer, multi-vendor, multi-architecture WAN and data center environments has led to a backlash. The result? The growing popularity of software-defined networking. Layers of abstraction and automation above all of the complexity now let you get away from manual coding and cumbersome workflows.
The network testing lab has similarly become ever more complex. It’s packed with more and more equipment and software from diverse vendors. So, in a trend towards simplification, the newest OOB management platforms emphasize ease of configurability and automation. Look for zero-touch provisioning for the device setup. Expect to be able to quickly and easily deploy and configure new, multi-vendor environments in the lab.
Have you been using homemade systems and spreadsheets to keep track of lab equipment and connection topologies? Has it been a few years since you’ve looked at what’s running the backbone of your facilities? Are your console servers providing the features and functionality required to keep up with demand?
Perhaps it’s time to take another look.
Always-on Fast Access
Today’s testing lab never sleeps. It must be available to your staff 24 x 7. If your company develops network infrastructure, the combination of components that must be tested can number in the thousands. So you don’t want a management platform getting in your way. It must be highly available and fast.
Remote testers must be able to swiftly reboot, reconfigure and load different versions of software, and recover from error conditions. Or quickly power cycle a device if it locks up. Or provide a relentless battery of tests to try to reveal vulnerabilities and flaws.
Out-of-band management consoles provide this kind of robust, high-performance and always-available functionality. And their embedded memory allows multiple firmware and other configurations to be stored, alleviating the need to upload them each time.
Concurrency and Scale
By any measure, the digital world is growing. There’s more of everything. And in the lab there are dozens and dozens of diverse types of hardware products and software. Different combinations of these result in thousands of possible configurations that sometimes must be tested.
So the OOB management solution you use must be able to keep track of everything so that remote testers can spin up and take down different configurations, as needed. The solution should enable and manage concurrent tests by different personnel, even on the same gear. It should be able to monitor equipment utilization and reservations and to alert administrators if equipment is sitting idle.
Out-of-band consoles now feature lots of high-density ports―as many as 100, which allow a wide variety of configurations―to let you manage more devices. They have powerful CPUs that let you run multiple sessions in parallel. Some of the newest console servers also provide both serial as well as USB console ports in acknowledgement of more and more devices introducing USB connections, due to the smaller form factor and its plug-and-play capability.
OOB of the Future
In the future, look to the Internet of Things to further transform OOB management in the lab. With dev/test teams working from different locations, one of the remaining hurdles to full, virtual remote control is the need to physically move or re-cable gear. So in the future, perhaps robotic equipment will play an increasing role.
And web cams could also contribute to testing, verifying through visual observation if a fan is spinning or an LED panel is blinking.
But there’s no need to wait for the future. Opengear console servers for out-of-band management in the testing lab are a good example of how far the industry has advanced. Perhaps it’s time to take a fresh look at what’s possible.