Five Design Principles for the Network Architect - Scalability
(#3 of 7)
Continuing
our series on design principles, the next area of consideration is
scalability. Every design guide you ever read extols the virtues of making networks scalable, but in reality what does this mean?
The
usual definition of the term relates to ensuring a network has
sufficient capacity for the current usage patterns and for projected
future growth. This works at two levels - at a micro level, this is
ensuring that we provide sufficient ports of the appropriate speed, that
we use network devices with sufficient aggregate throughput, that the
circuits we specify have sufficient bandwidth for the use cases
identified during the collection of user requirements. We monitor those
elements and carry out trend analysis to ensure the environment stays
within the bounds within which we built the network, and we can add more
capacity simply and with minimal disruption when it is required.
At
a macro level, we ensure our overall network architecture is built in a
modular fashion, and we use standard repeatable templated designs so
that sites, floors, user groups can be added/removed without impacting
any existing/remaining elements. Note that scale can work both ways of
course - businesses can grow, merge or acquire, leading to the scale up,
or they can divest or contract depending on market conditions - both
scenarios need to be catered for. An effective design allows us to add
or remove capacity with the minimum of disruption in the wider network.
Tools to help here might include good use of network summarisation, the
correct routing protocol choice, or WAN technology selection.
Another
form of scale, sometimes overlooked, is the ability to introduce new
capabilities to the network where a new application requirement is
required for the same users. The network should be easily able to
accommodate these, whether that means new VRFs, VLANs and subnets;
application segmentation and security; new user groups and their
associated rights and so on. It amounts to ensuring flexibility in the
design to be able to add new virtual functions to the existing physical
hardware without an uplift, upgrade or similar disruption where
possible. This may mean new virtual appliances which need to be
deployed to the branch offices - selecting a certain router platform for
that might mean that no extra server hardware is needed on site to
accommodate as they can be deployed as VNFs (virtual network functions).
Building
multi-purpose capabilities into the network can act as a facilitator or
an enabler for new requirements. The best illustration of that is an
example - and in my experience, there is no better example than Cisco's
Identity Service Engine product. Initially installed into networks to
provide guest portals and wireless authentication, a whole range of
extended security capabilities become possible once it is implemented.
Integration with threat detection mechanisms for quarantining
misbehaving endpoints; segmentation of traffic based on identity of the
user or of the type of endpoint rather than IP address; providing
identity context to logging information. Once these enabling
technologies exist in the network, they simply require configuration to
meet new requirements - the key element here is to look for potential
capabilities that the customer doesn't explicitly require but may be of
use to them at a later time.
Addressing
the scalability question shows that you are building with an eye for
the future and so have the long term needs of the network owner in the
forefront of your mind during the design stages. As usual, thoughts or comments are welcome!
Previous> Availability
Next> Security
Excellent content, great guidance thank you
ReplyDeleteoracle database jobs
job opportunities for oracle dba