BARCELONA--This week at Cisco Live EMEA, Cisco Systems announced it was extending its Intent Based Networking (IBN) solution to the internet of things (IoT) edge. Prior to the IoT era, the network edge was fairly well-defined as wiring closets and branch offices.
IoT plays havoc with the network, because the network edge now extends to the last connected device. This could be a warehouse, parking lot, oil rig, heart pump, autonomous truck or anything else that’s connected. The expansion of the edge causes network operations a number of headaches that need to be resolved if IoT initiatives are to be successful. The top challenges are listed below:
- Lack of visibility into what’s connected. In the pre-IoT era, the IT department had tight control over what was connected to the network. With IoT, many devices are connected by the operational technology (OT) group, lines of business or other department, without network operations being kept in the loop. An interesting factoid from ZK Research found that more than half of IT departments had no or low confidence that they were aware of everything connected to the network. There’s an axiom in networking: “You can’t manage or secure what you can’t see.” How can IT be expected to secure IoT devices they don’t even know are connected? They can’t!
- Increase in security risks. In general, more connected devices means a bigger attack surface to protect. Now add in the fact that many IoT devices have no inherent security capabilities, are in insecure locations and are often running older operating systems that are in dire need of a patch, and it’s easy to see why security is such a big barrier to IoT adoption. How big? Huge! A 2018 ZK Research survey found that 68 percent of respondents cited security as the top IT challenge with respect to IoT.
- An increase in complexity. To understand how IoT increases complexity, I’ll paraphrase Dorothy from “The Wizard of Oz”: “Devices, compliance and protocols, oh my!” IoT will add orders of magnitude more devices to the network. I discussed the security challenge above, but keeping track of them, network change management and other tasks just took a step up in difficulty. They can also connect over a wide range of protocols further increasing complexity. WiFi, wired, 4G, 5G, Zigbee, Bluetooth and more are all possible in an IoT world. Now, for good measure, let’s toss in compliance requirements and the challenges created in keeping data private, and it’s enough to give even the savviest network manager cause for concern.
To help combat these issues, Cisco announced some new network products to help solve these problems. At the show, Cisco introduced the Catalyst IE3x00 series of switches and the IR1101 I Integrated Services Router (ISR). These are ruggedized devices specifically designed for harsh environments, so they can be mounted in trucks, on an oil rig, mounted to a pole or anywhere else connectivity is needed.
What’s unique about these products is that unlike most ruggedized network devices, which have dumbed-down operating systems, these run Cisco’s IOS XE operating system, which has become the de facto standard in the industry. Also, these devices, like all newer Cisco devices, are managed by DNA Center, the control center for Cisco’s IBN strategy. That means all the rich features available to secure and manage the internal network can now be extended to IoT endpoints.
This provides businesses with the following benefits:
- Complete visibility. DNA Center automates the finding and identification of endpoints and tracks their behavior. Cisco uses machine learning-based techniques to turn the data into actionable information that can be used troubleshoot problems faster and remedy issues before they become a problem. Many IoT projects fail or are completed late because IT “doesn’t know what it doesn’t know” until the project is under way. The increased visibility from DNA Center lets IT stay on top of things at every point in the deployment cycle.
- Improved security. Cisco has a broad range of security products and security features integrated into its network products. These can now be applied to IoT deployments. For example, Cisco’s software defined segmentation can be extended to the IoT edge. Also, Cisco has a feature called Encrypted Traffic Analytics (ETA) that can find malware in encrypted traffic. Many cybersecurity experts are predicting a rise in IoT-related breaches, and ETA can help catch these before they become business damaging.
- Future-proofed deployments. The switches and routers were designed to be modular making it easy to add new features. For example, many customers will outfit the IR1101 with a 4G module for wireless connectivity. When 5G is made available, customers can upgrade with a simple module swap.
- IT–OT alignment. In verticals such as oil and gas and manufacturing, the majority of IoT endpoints are managed by the operational technology (OT) team. As more of these devices get connected to the IT network, it’s important that IT and OT have a common view of the environment. DNA Center was designed to ensure that all responsible parties–IT, security operations and OT–can work closer together.
In addition to the new network devices, Cisco announced three new Cisco Validated Design Guides (CVDs) to help accelerated deployments. These are validated blueprints that often include third-party products to help customers deploy solutions faster. These have been very popular with customers, with topics spanning from data center design to the access edge. The new ones are targeted to IoT deployments and include “Distribution Automation CVD” for utility grids, “Industrial Automation CVD” for manufacturing, utility substations and energy markets and “Remote and Mobile Assets CVD” for connecting fixed location and mobile assets.
Also as part of this launch, Cisco announced a number of new developer tools. Cisco’s developer program, DevNet now includes net tools to enable customers, partners and ISVs to innovate at the IoT edge. Ecosystem partners now have a consistent way to build and manage applications at the edge and enable the extra flexibility required to enable better business outcomes.
There’s no question that trends like mobility and cloud have made the enterprise network more complicated to the point of being chaotic. IoT exacerbates this problem because it not only erodes the traditional network edge, it pushes it to new places that are typically outside the purview of IT’s control. This causes new challenges in the area of troubleshooting, security and even day to day operations.
IBN is the solution that can solve many of these new problems. The vision of a self-operating network may seem like science fiction, but it’s necessary for long-term IoT success.