The Spinoff Network Challenge: Cloning or Rethinking?

Clean slate network design
Clean slate network design
Listen to post:
Getting your Trinity Audio player ready...

In our business, we see a common theme of large enterprises that are spinning off divisions or business units (BUs). The BUs consist of thousands of employees and numerous locations and applications that require a solid networking and security infrastructure. The CIO of the BU has basically two options: clone the parent infrastructure or forge her own path and design a new infrastructure from the ground up. What should she do?

Cloning the network: the safe option?

Cloning the parent infrastructure seems like the obvious choice. It has been used for a long time, it generally works, and even the IT staff of the BU are familiar with it. However, the current state also has its own challenges. If you would have to build a new network now, would you choose MPLS as your platform? Many organizations are replacing costly and rigid MPLS networks with SD-WAN to support cloud migration and reduce costs. The same is true for security. Current security architectures are appliance centric, while the forward-looking security architecture model is cloud-based. Ultimately, cloning the parent network may be the wrong move for a BU that is setting itself up for the future.

Rethinking the network: better TCO and ROI of the new infrastructure

It is rare for CIOs of large enterprises to have the opportunity to start from a clean slate. The spinoff represents such an opportunity. It is time to look 5 or 10 years out and assess the direction of the business and the underlying technology needed to support it.

What do we know about the future of the business? We know it is going hybrid in all directions. On the user side, hybrid work is the new normal. Users need to seamlessly transition between office and home and continue to have secure and optimized access everywhere. Applications and data are moving to the cloud, but IT will have to support distributed physical and cloud datacenters, as well as public cloud apps, for a very long time. Growth will be global, so the business and technology fabric must easily expand to where the business needs to go. The ability to adapt to changes, new requirements, new growths, mergers and acquisition, and unforeseen events like a global pandemic, all dictate a need for a very agile networking and security infrastructure.

Can the current parent infrastructure deliver all these capabilities? Most likely, the answer is no.

The Future of Networking and Security is SASE

If rethinking is what you decided to do, a new framework can come in handy. The Secure Access Service Edge (SASE), a new category defined by Gartner in 2019, represents the blueprint of the networking and security architecture of the future. SASE takes into account all the emerging requirements we discussed above: working from anywhere, using applications hosted everywhere, with fully optimized and secure access.

SASE is built around a cloud service that is deployed globally and can scale to address a wide range of requirements and use cases for all types of “edges”: physical locations, users, devices, cloud resources, and applications. These use cases include improving network capacity, resiliency, and performance, reducing network cost, eliminating security appliance sprawl, optimizing global connectivity, securing remote access, and accelerating access to public cloud applications.

While there are many ways to address these use cases via point solutions, SASE’s promise is an infrastructure that is flexible, agile, and simple. The convergence of networking and security into a single, coherent cloud-based platform is easy to manage, can adapt to business and technology changes quickly, and is more affordable than a stack of point solutions.

Before you clone, rethink.

Related Topics

Related Articles