Five Design Principles for the Network Architect - Scalability

-
(#3 of 7)

Continuing our series on design principles, the next area of consideration is scalability.  Every design guide you ever read extols the virtues of making networks scalable, but in reality what does this mean?

The usual definition of the term relates to ensuring a network has sufficient capacity for the current usage patterns and for projected future growth.  This works at two levels - at a micro level, this is ensuring that we provide sufficient ports of the appropriate speed, that we use network devices with sufficient aggregate throughput, that the circuits we specify have sufficient bandwidth for the use cases identified during the collection of user requirements. We monitor those elements and carry out trend analysis to ensure the environment stays within the bounds within which we built the network, and we can add more capacity simply and with minimal disruption when it is required.

At a macro level, we ensure our overall network architecture is built in a modular fashion, and we use standard repeatable templated designs so that sites, floors, user groups can be added/removed without impacting any existing/remaining elements. Note that scale can work both ways of course - businesses can grow, merge or acquire, leading to the scale up, or they can divest or contract depending on market conditions - both scenarios need to be catered for. An effective design allows us to add or remove capacity with the minimum of disruption in the wider network.  Tools to help here might include good use of network summarisation, the correct routing protocol choice, or WAN technology selection.

Another form of scale, sometimes overlooked, is the ability to introduce new capabilities to the network where a new application requirement is required for the same users.  The network should be easily able to accommodate these, whether that means new VRFs, VLANs and subnets; application segmentation and security; new user groups and their associated rights and so on.  It amounts to ensuring flexibility in the design to be able to add new virtual functions to the existing physical hardware without an uplift, upgrade or similar disruption where possible.  This may mean new virtual appliances which need to be deployed to the branch offices - selecting a certain router platform for that might mean that no extra server hardware is needed on site to accommodate as they can be deployed as VNFs (virtual network functions).

Building multi-purpose capabilities into the network can act as a facilitator or an enabler for new requirements. The best illustration of that is an example - and in my experience, there is no better example than Cisco's Identity Service Engine product. Initially installed into networks to provide guest portals and wireless authentication, a whole range of extended security capabilities become possible once it is implemented.   Integration with threat detection mechanisms for quarantining misbehaving endpoints; segmentation of traffic based on identity of the user or of the type of endpoint rather than IP address; providing identity context to logging information.  Once these enabling technologies exist in the network, they simply require configuration to meet new requirements - the key element here is to look for potential capabilities that the customer doesn't explicitly require but may be of use to them at a later time.

Addressing the scalability question shows that you are building with an eye for the future and so have the long term needs of the network owner in the forefront of your mind during the design stages. As usual, thoughts or comments are welcome!
Previous> Availability

Next> Security

Comments

Post a Comment

Popular posts from this blog

The CCIE is Dead? Long Live the CCIE!! And CCNA! And CCNP!

-
Image
So ... on 10th June 2019, Chuck Robbins in his keynote at Cisco Live US announced the biggest shake-up of the Cisco Certifications programme ever.  What had gone before was swept away under a tidal wave of SDN and programmability.  Or was it?  Let's take a bit of a look under the hood of those announcements and see what they mean for the engineers and developers on the street. Disclosure: as a member of the CCIE Advisory Council , I have been lucky enough to have had some insight into these changes as they have been developed over the last two or so years.  The Council is a group of 30 or so invited long-time CCIEs who are there to represent the voices of the Network Engineer and Network Architect in the development of the CCNA/CCNP/CCIE programme.  We have been closely involved with Learning@Cisco in developing the structure of the updated programme, and our feedback has helped shape the policy around it. The keynote serves as the announcement that Cisco are serving notice on
Read more

Five Design Principles for the Network Architect - Availability

-
(#2 of 7) In the first post in this series , I shared a summary of my fundamental design principles which I try to apply to every network design I am involved in.  The follow-ups to that summary post will discuss these at greater length - this one addresses Network Availability. The network exists to provide the transport for endpoints to be able to consume services in a "remote" location.    Whether the endpoints are application servers in racks in a DC trying to consume database entries, wireless clients accessing an application in the data centre, sensors collecting data and dropping that data into storage, and regardless of location of the services themselves - public cloud, private cloud, co-lo DC - the fundamental measure of success of the network is availability of the service to the endpoint and thus the user. Clearly then availability can't be considered a simple measure of the network as a whole - it takes a number of capabilities and properties
Read more

Why study for a Cloud networking certification?

-
So, why study for a Cloud Networking certification? So, that was a wake-up call! Just taken my first attempt at the AWS Networking Specialty exam and it was an experience! I've been saying to my team for some time that in order to really understand the networking within cloud environments, and to get the optimum experience for customers in those environments, you need to really appreciate how applications are deployed, and the elements in AWS and Azure you need to make those applications reliable and scalable, And if ever I needed confirmation of that, I got it this morning.  The exam has 60 questions for which you're given 3 hours to complete them.  You shouldn't need that, but my goodness, it's tough and just illustrates how the paradigm shift to Cloud highlights what we have known for years - DC (and thus Cloud) networking is all about enabling application flows. If you're planning on looking into this (and as a networker you should - whether you believe
Read more