Don't Leave Network Virtualization to Server Admins
October 21, 2013
Network virtualization is great for server admins. Even if they don't fully realize what the impact of a product like NSX means for them, they soon will. It means their traffic can be completely contained and controlled in their virtual world.
The release of NSX and other network virtualization platforms is the culmination of a trend that will, from the perspective of server admins, commoditize networking and change how they use the infrastructure. Network virtualization liberates their workflow from the organizational silos in an enterprise, particularly the networking and security silos. Server admins can finally compete with the public cloud that developers seem to be using more frequently.
- Client Windows Migration: Expert Tips for Application Readiness
- Thwart off Application-Based Security Exploits: Protect Against Zero-Day Attacks, Malware, Advanced Persistent Threats
- Best Practices for Security and Compliance with Amazon Web Services
- Why a New Business Model is Needed for SSL Certificates
- State of Cloud 2011: Time for Process Maturation
- SaaS 2011: Adoption Soars, Yet Deployment Concerns Linger
It also puts network teams on notice. Server admins can now say to network teams, "Be nimble or be gone, because all we need is fire in that wire." The server team can take care of the segregation, security and compliance itself. No more begging, no more waiting, no more wading through service request processes so cumbersome it makes the federal government seem agile.
Meanwhile, the network teams are still trying to understand what VXLAN and software-defined networking is, failing to realize that they are about to be as extinct as the Dodo bird.
[Get a visual overview of competing SDN models in the slideshow 10 Software-Defined Networking Architectures.”]
As for security teams, most of them barely understand any network overlay technologies, much less the impact of VXLAN and SDN. In many cases, they see server virtualization as an annoyance, something they only use for malware sandboxes. It's an inconvenience when attempting to perform digital forensics or trying to gain insight into the virtual switching environment. They're still trying to figure out how to gain visibility and often demand for the traffic to be tromboned out to some security appliance.
Does this bode ill for virtualization and software-defined networking? Not at all. Sure the neo-Luddites will try to obstruct and block shifts in technology, even though it's better for the business. They'll do it because it means change--and humans hate that.
But if the business sees benefits--faster response to developer requirements, more projects up and running more quickly, less money spent on physical network and security hardware--the business will push obstructionists aside.
Network and security teams don't have to be pushed aside. But they do need to be proactive. Learn to talk outside your comfortable little silo. Grab hands and sing Kumbaya with the server folks. Bring value to the table, not roadblocks.
These inevitable changes in data center technology will grind down obstructionists. They'll be unemployed, but still trying to prove there's value to managing switches via CLI, or that good security comes from having a firewall and an IDS.