I recently took a stroll down memory lane to the good old days of networking, where it was a simpler time. We had our high performing MLS switches, like the 6500. And they were like gravy. We could just put them everywhere. We had the 6500 in the campus, the 6500 in the Wan, and the 6500 by the dozen in the data center. And life was good (right?).
Then the world turned and new requirements necessitated a change. Internet tables exhausted TCAM and required larger routing engines. Simultaneous to this, with the explosion of virtualization came a corresponding uptick in the ubiquitous requirement for 10g ethernet in the data center. This meant the $5,000 10g ports had to be driven down sharply in cost. Completely competing priorities for different domains.
This lead to a best of breed approach which has a number of advantages in their respective domain. We can have high powered internet edge devices with strong security controls, and large tables. We can have optimized data center devices with extreme density at a cost that supports their deployment. And in the campus, we can support new power over ethernet and identiy requirements to support the 26 billion IOT devices over the next year.
The fundamental issue with best of breed approaches, though, is eventually you end up running a zoo. The lion and the gazelle don’t play well together, require their own supporting infrastructure, and have to be monitored and managed in isolation. This makes the end to end viability of secure connectivity a glint in the eye of an overworked team of underappreciated architects and engineers.
The goal has been to create best of breed approaches that can work well together, and provide for consistency. I was pondering upon this on my way to Denver recently and realized it has always been right in front of us. As I boarded the lyft, to get to the train, to get to the plane, not once did I think to myself “Man, it would be smooth if this driver would just get out and fly that plane over there”.
It’s just become organic to how we do things. I never once question why the 737 doesn’t pull up into my house, thunderously blowing the shrieking children head over heels down the street with every impending takeoff. Instead, we pull together three completely separate modes of travel, each best in class, working together seamlessly to get me where i need to go. The lyft driver knowing local freeway closures and optimal path to get me where i need to go, the pilot an expert at managing interstate travel and weather patterns. It just, works.
And it works so well, because they share a common denominator for what constitutes a right of passage. Me. Well not just me, but my identity. They all inter-operate, because they share a common view of who I am. When the lyft driver shows up, we mutually authenticate each other. When I try to get on a plane, its based on being able to prove my identity. And this also applies to authorization, I can only get on My plane. My lyft driver wont take me where I’m not authorized, like onto a tarmac, or to area 51.
And this how we need to tie together these best of breed systems to create an end to end service which can provide appropriate access, to the appropriate resources, at the appropriate times. By being able to tie together and exchange information around my identity, I can have the best solutions available, and have them work together securely.
This is how we create a foundation for future developments around multidomain policy, and create simplicity from complexity.
Strongedge.io 