Ask any IT executive what their mandate is.
Their answer is some version of faster and better service delivery for their customers. From DevOps and CloudOps to DevSecOps, all support a higher velocity of production. This has transformed how businesses operate as the demands put on their networks are greater and more complex than ever before.
How can IT support the transformational shift?
From NetOps 1.0 to NetOps 2.0
DevOps and CloudOps are transforming the speed and agility standards for IT. On the other hand, network operations, or NetOps, is lagging. While it takes minutes to spin up compute in the cloud, NetOps takes an archaic few weeks for a network configuration.
Andrew Lerner, Research Vice President, Networking at Gartner, coined the term NetOps 2.0 to make a statement: the way that network operations teams operate and manage their network is no longer working. To stay relevant in digital business, the very idea of network operations needs to change.
Gartner’s NetOps 2.0 concept is designed to be a set of cultural values, tools, and practices that model network operations to better support and respond to the needs of a business. In other words, NetOps 2.0 is about improving network agility and reducing complexity through maximizing the power of automation and data analytics tools.
To understand the extent of this paradigm shift consider Lerner’s prediction: by 2020 only 30% of network operations team will CLI as their primary interface. That will be a 55% decrease from 85% in 2016. The downward trend indicates businesses are applying network automation technologies and
|NetOps 1.0||NetOps 2.0|
|Technology-focused||Strategic, business-centric approach|
|Siloed operations||Collaboration across different teams|
|CLI-based and manual configurations||Automate as much as possible|
|Rigid delivery schedule||Agile delivery method|
|Tools are running in the background||Proactive use of tools|
Network Analytics: Predict, Optimize, Secure
At the center for NetOps 2.0 is network automation, and for good reason. It’s often identified as the first steps to build momentum in the NetOps 2.0 journey. Automating simple tasks is just the low hanging fruit. However, look further down the path for the bigger promise: network analytics.
The rise of big data and analytics has transformed the operations, tools, and outputs for virtually all industries. It’s no different with network operations. The use of analytics is a key part of the shift to NetOps 2.0. It should be a staple in the IT executive arsenal for better and faster decision making.
Leveraging data helps predict network behaviour, optimize performance, and better secure the network. The trio form a feedback loop to network operations teams and IT leaders to evaluate changes and their effectiveness. Those learnings further inform future decisions that can be assessed using the same model.
Find Your Baseline
The ability to predict goes hand in hand with better decision making. Data gathered for network analytics help create a baseline for network activity, performance, and behaviour. Whether you need to better leverage existing tools to collect data or deploy network tools that do, this is a critical step.
Tools like SIEMs can help aggregate data across the network and present it in a consumable format. Consolidating information about the network provides a baseline. Consider it a health check or performance review. Whatever you want to call it, the purpose is to know what you’re working with.
Equipped with a baseline of data, it is easier to optimize and secure your network.
There is a difference between what your network operations team configured and their intended results versus the actual outcome. The discrepancy found when you compare your baseline to actuals is your opportunity to optimize.
One use case for optimization is monitoring application use. Your company pays for one web conference software. Upon looking at your analytics, you discover two thirds of employees use another software instead. Knowing your investment is not put to good use, you can cut this cost and negotiate with another vendor.
This is an example of shadow IT in action. DNS data can help IT teams regain the visibility they have been cut off from, often resulting in wasted investments. As IT budgets shrink, the DNS data becomes a valuable and free resource for operational planning.
DNS query data is created by end users and their devices, revealing which web application and external or internal domains are queried. As more compute moves the network edge, having full visibility of what users and their devices are accessing is essential to combating shadow IT and managing IT spend.
Securing with Data Insights
The ability to predict how your network behaves is critical to securing and defending against network threats. Again, leveraging network analytics to establish baseline network behaviour is an essential first step. The next step is to compare incoming network data to the baseline. It is the discrepancies, or anomalous behaviour, that indicates the need for further investigation. In this case, securing means the ability to proactively act or respond to an event.
Take IoT devices as a use case. Offices are equipped with smart TVs, projectors, thermostats, and many more connected devices. What they all have in common is their scope of “normal” activity is limited. You can expect an IoT device to connect to the manufacturer’s servers for software updates or to internal servers to transport data into a relevant system. It would be suspicious to find an IoT device trying to go google.com or have several NXDOMAIN responses.
This type of data comes from NetOps and can be provided to security teams to act on. Knowing which domains are frequented and being able to determine they are safe, SecOps can whitelist those sites. For any other domains, they can be blocked which limits any IoT activity to known good sites. From another perspective, securing devices based on DNS data allows for IT to deliver services to the organization while protecting from external threats.
Since DNS powers the connectivity that all organizations rely on to operate, capturing that data tells you a lot about what’s happening on your network. For more ways to leverage DNS data for your organization, check out the 2020 Network Trends Report.
Critical conversations on critical infrastructure
Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.
SUNBURST/Solorigate Situation Briefing
BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.
React faster at the wire with BlueCat and ExtraHop
With the BlueCat ExtraHop Plugin, automatically create missing PTR records, and detect and react to security threats before they reach DNS servers.
Yes, IT should see what developers do in the cloud
Errors and outages occur when admins lack visibility into DNS and IP allocation in the cloud. With Bluecat, central DDI visibility is within reach.
Why McMaster University didn’t want another CIO
McMaster’s CTO, Gayleen Gray, highlights the importance of her unique role in a world where expectations of the CIO and CTO are colliding.