An enterprise network serves as the foundation for reliably connecting users, devices and applications, providing access to data across local area networks and the cloud, as well as delivering crucial insight into analytics.But in the wake of a year that was no doubt shaped by COVID-19 and the disruption it brought to the industry, how have enterprise networks been impacted, and what are the requirements moving forward?

What were previously technology nice-to-haves and future infrastructure intentions, are now swiftly becoming business imperatives.

In this blog, we’ll explore our top 10 predictions for network infrastructure in 2021.

1.   Cloud Application Delivery

The traditional office-based-model has no doubt permanently changed and flexible working arrangements brought forward by the pandemic will continue. A Boston Consulting study from last year found that 63% of employees want a hybrid model whereby they continue to work from home part of the time.

Organizations will further turn to the cloud for application delivery, placing an investment in remote connectivity and new security functionality

2.   Businesses Turn to Big Data and Analytics

The requirement for businesses to be agile, change and adapt is more prevalent than ever, and decision-makers need to identify trends and ultimately stay ahead of the curve through outcomes-based strategies.

Big data is becoming an imperative tool in every organization’s arsenal, though its presence is superfluous without the appropriate means to disseminate and analyse it.

We predict this will drive the recruitment of data professionals and further, the simplification in data management through self-service means, accessible to non-data-professionals.

“It’s really about democratizing analytics. It is really about getting insight in a fraction of the time with less skill than is possible today.” – Rita Sallam, vice president and analyst at Gartner.

3.   The Year of Mass Adoption for Cognitive / Artificial Intelligence

With big data, comes big responsibility and moreover – big processing requirements, which is where AI will be heavily recruited.

2021 will be the year of mass adoption for AI, as businesses of all levels have experienced a paradigm shift into a digital-first model. Corporate networks have been tested through remote working arrangements, uncovering major reliability issues and security threats. IT leaders are looking for a set and forget solutions that automatically provide optimization and security, which is where software such as Opmantek’s NMIS, opEvents, opConfig and Open-AudIT can assist.

“Opmantek software is a key system used by IT operations teams across all industries — it acts as the dashboard of a car and tells them how fast everything is going and lets them know when something is faulty. It even predicts future faults, and that’s a big part of the AI. The longer you run our software, the smarter it gets — it learns about your IT Infrastructure and starts to automatically manage it better and deliver better information to the IT operations team.” said Danny Maher, Chairman of Opmantek .

4.   Hybrid Clouds in High Demand

Agility, speed, security, scalability and compliance are all considerations for IT decision-makers.

Though, there’s never a blanket / one size fits all solution for every business use case, and so the demand for hybrid cloud environments will continue to grow. The traditional model of cloud providers is that of a one-stop-shop. However, we predict as demand grows; cloud market leaders will introduce greater interoperability and further allow users to introduce cloud tools across their existing on-campus networks. Collaboration between cloud providers may even be on the cards as users demand greater flexibility.

5.   Networking Virtualization

Network virtualization offers many benefits by automating and simplifying processes, including network configuration flexibility, improved control over-segmentation, speed, increased security and cost savings.

According to research by Spiceworks, 30% of businesses currently use network virtualization technology — and an additional 14% plan to use it within the next 2 years.

6.   Unified Communication And Collaboration Tools Are Here To Stay

End-user adoption is often one of the greatest barriers for IT professionals looking to implement new software. However, seemingly overnight, employees were catapulted into a reality where unified communications as a service (UCaaS) was no longer just an occasional collaboration tool, but rather a necessity of the employment.

We have changed our habits and the way in which we do business. Even as the workforce begin to transition back to office or hybrid office/work from home environments, there’s no doubt that UCaaS is here to stay. Providers will introduce new functionality and continue to diversify their offering to accommodate hybrid working in 2021.

7.   WiFi Gets an Upgrade

Businesses and consumers alike want things faster, easier and more efficient, and WiFi is no exception. Enter WiFi 6e.

6e not only offers new airwaves for routers to use, but it doesn’t require overlapping signals.

One of the major benefits of 6e is a reduction in network congestion, specifically in areas where users are closely spaced.  As the pandemic continues to unfold, rush hour and crowded spaces are less of an issue, so it may be a waiting game as to when in 2021 we realise 6e’s true potential.

8.   IoT (Internet of Things) – More than just Alexa

As digital transformation is on the rise, so is IoT and its use cases. A SecurityToday article forecasted that by 2021 there would be 35 billion IoT devices installed worldwide.

IoT is already revolutionizing the way key industries do business, however, healthcare will double down in 2021. Reduced access to face-to-face medical contact has accelerated the need for remote care, and according to Allied Market research – the global internet of things in the healthcare market is expected to reach $332.672 billion by 2027.

9.   A Focus on Cybersecurity

In light of recent high profile cybersecurity attacks which infiltrated private companies, state and federal organizations by inserting malicious code into trusted software; cybersecurity and secure network monitoring will be paramount.

If you have data or services of value, you need to protect it properly. Keith Sinclair – CTO & Co-founder of Opmantek says, “It is critical to business continuity and data security that you have security controls in your environment to mitigate risk.”

10.    Infrastructure Management Software Leveraged

Application demands are continuing to grow and networks must respond. Network professionals must find means of simplifying these increasingly complex systems and environments. Here’s where automated network management software will be leveraged.

Opmantek Software serves to augment a network engineering or system administration role. As well as emulating actions that network engineers take within a network management system, it can also perform advanced maintenance tasks, assist in the interpretation of network data and communicate effectively with other digital systems in order to categorise, resolve and escalate potential network issues.

For more information about Opmantek and the services we provide, get in touch. Our network engineers are available to chat through specific issues you may be facing within your own network environment.

Opmantek, one of the world’s leading providers of Automated Network Management Software, has advised the Network Management Industry to lift their game.It’s evident to any CTO, IT Manager, Head of Network Operations or Network Engineer that anything that has centralized access to the network or contains centralized information is at risk from any actor, foreign or domestic. When your security is breached the cost to your business will be high! At very least, you’ll activate your security plan and work through your checklist and fix the problem or at worst you’re done. You may lose all your customers, and revenue will decline, goodwill lost, reputation tarnished and get sued. In some countries, you may need to answer for privacy breaches. It is all so much worse if you’re a government agency.

 

As Danny Maher, Chairman of Opmantek, said of the Solarwinds Orion Hack, “Imagine being an MSP and having to shut down your business because of this.”

 

If you have data or services of value, you need to protect it properly.

 

The opportunities to harden UNIX and LINUX based systems are well known. These operating systems are secure and harder to attack. Furthermore, backed with a robust network design, secure perimeter, enforced processes and trained staff, you become a difficult target.

 

A lab environment for testing the rollout of any platform, patches, updates or the like is key to understanding nuances, new features, interoperability etc. Confirmation that it does everything the documentation says and nothing more before you deploy should be the standard operating procedure. Only roll out patches and new versions if they offer you something you need, or if it’s recommended by the trusted vendor.

 

Craig Nelson, CEO, says that “Many customers come to us from a Windows environment due to the concerns that they have over the security of their network management platform and how many ways it can be infiltrated. We’re seeing more SaaS customers come to us too for the same reason.”

 

Keith Sinclair says, “The benefits of using Linux is that you have control over everything. It is critical to business continuity and data security that you have security controls in your environment to mitigate risk.”

At Opmantek, we use our own software heavily for monitoring our production and development systems, solving our own IT Operations challenges that we know our customers share, it also helps us to develop the products faster in real-world environments through early testing.

We have been using Amazon’s Web Application Firewall (WAF) to help protect our web-facing infrastructure. One of the issues with the out-of-the-box solution is how does one monitor the firewall’s logs as part of your overall IT operations and how do you perform analysis of those logs, with context, to the workloads they relate to.

Firstly to help check newly implemented rules are working as intended and secondly, to provide quick diagnoses in the event of attack.

We first tested a 3rd party product to help visualise the logs and hopefully provide out-of-the-box insights into the data, but we found the TCO of this solution was much higher than using the extensibility of the Opmantek products.  The results from the out-of-the-box solution would also have been isolated from the overall network health visibility.

Our WAF is set up with the rules sets provided by the AWS marketplace as well as internally developed custom rules sets with reputation / ip blacklists that are constantly evolving.

Our Architecture follows:

• AWS Web Application Firewall (Layer 7 Firewall)
• AWS Kinesis Delivery Stream (durable real-time data streaming service)
• Opmantek Kinesis Log Service (Kinesis stream receiving transformation service)
• opEvents ( Centralised logging and Event Management)

Our WAF is set up to send all logs through to our Kinesis Delivery Stream.

AWS kinesis delivery stream is set up to deliver batched requests over HTTPS to a specified endpoint within your own environment. We developed a small HTTP service in GoLang to securely ingest the batched logs from AWS, and we provide this AWS ingestion service to customers on request.

Our GoLang service also remaps JSON keys before writing the file out to disk.

To see what AWS publishes in its logs you can find them – here.

opEvents jsons_log service listens for filesystem changes, reads them, and runs the event through the opEvents Engine.

We have added a new property country which is the ISO country code of the request.

Element: is mapped to the Requestor’s  IpAddress.

Node: is the name of our WAF in AWS.

Description: is the WAF action, WAF rule which was triggered, ipAddress and country code. This gives opEvents unique enough data to create rolled up event counts for WAF actions. Through opEvents’ dashboard you can see a quick count of clients who have made the most POST requests, or a bot trying SQL injection against your site.

We are using opEvents to store metadata about the WAF log, headers, requesting IP, country and which WAF rules were terminated. Using the IP address we can quickly make an assumption about the requesting origin and know if we have bots scraping us from data centres or users acting unlawfully. With this quick drill down into the event data we can make quick operational changes to implement rules to stop certain traffic or add entire subnets to our IP blacklist.

How we are using this information…

Debugging WAF rules

Implementing WAF rules can be challenging especially when you have to go back and look at access history. opEvents is storing 30 days of WAF logs which we can quickly filter to find the blocked request and debug the rule and make an exception or change how our application works for better security.

Detecting bots

Some crawlers generate quite a large amount of web traffic as they quickly scan our domains, being able to have an aggregate view of requests for an ip Address and rules being triggered it’s easy to find the block of address causing issues. We then drill down into the request metadata checking the headers, location, who owns the IP and past requests patterns. From this we can then quickly ban malicious bot IP ranges.

Website usage statistics 

With MongoDB backing opEvents it’s easy to write queries and run them through the mongo shell and aggregate usage data for more in depth reporting. Which Country Code uses this endpoint the most, Which user-agent makes the most requests.

Automated Response

Using Opmantek’s Operational Process Automation methodology when we correlate sets of WAF events we trigger automated actions into our AWS Environment to respond to the incidents and avoid issues.

opEvents engine makes it flexible to ingest any type of structured data and we could quickly integrate into our production monitoring to give us greater insight into our public facing web systems.

If you would like to know more about about using opEvents and processing web firewall logs we offer live demos with our technical team here.

Many customers come to us and talk about elements and are confused when we talk about nodes, so let’s dive in and see the difference. 

A node is a logical device such as a PC, Server, Switch, Router, IoT Device, Firewall as so forth. A virtualised server or network device would be a node and the physical host it runs on would be another node.

Each node will have items that you want to monitor. CPU, Memory, Disk, Interface, to name a few.  At Opmantek we call these elements, and big nodes have a small number of elements, but big servers and routers have many elements.

Most network management software companies also refer to these as elements.

It is likely that with each node you monitor, it is sensible to report on that node further than just whether it is up or down. You need to know more about your network infrastructure beyond whether devices are up or down. You will want to measure and instrument for thresholds such as Utilisations, Throughput, Errors, Statuses and so forth. Opmantek CTO Keith Sinclair talks about that here:

Let us look at how elements are counted:

Say you have a 48 port switch. You want to monitor the device for whether it is online, Interfaces (up/down), CPU, and Memory (RAM).

Element Count:

48 Interface Elements

1 Device up/down Element

1 CPU Element

1 Memory Element

Total = 51 Elements

Let us look at monitoring the same items as a node count:

48 Interface contained in a node

1 Device up/down contained in a node

1 CPU contained in a node

1 Memory contained in a node

Total = 1 Node

At Opmantek we license our products by node not by element. Based on the examples above, using our 100 node license for your switches would be a 5100 element license with some companies.
Also, consider that the instrumentation that you may decide to set up is also included within that node.  Other companies consider QoS, IPSLA and other types of instrumentation to be additional elements.
So there’s the difference between nodes and elements. It demonstrates how much further a node licence goes when compared to an element licence.
If you would like to see our software in action, request a one to one demonstration with our staff. It is a no-obligation demo with no hard sales push. We just want you to know what we can do, and the quickest way is to show you.