Cloud-Managed Networks–Cisco Managing Networks

Many network equipment vendors, including Cisco, are now shipping and supporting cloud-managed networks. This trend started with large-scale Wi-Fi networks but is spreading to campuses, data centers, and wide area networks. Figure 21-11 illustrates a cloud-managed network’s basic components and operation.

Figure 21-11 Parts and Operation of a Cloud Management System

There are three kinds of traffic flows in Figure 21-11:

• Traffic to Internet destinations, such as the traffic from host A to server G. This traffic is carried through the network normally.

• Traffic to internal destinations, such as the traffic from host B to server C. This traffic is carried through the network normally.

• Traffic sourced from network devices, like access point D and routers E and F. This traffic contains all the standard information a network management system contains, such as device status, link utilization, etc.

The cloud-managed service works much like a standard, locally managed NMS. Personal and corporate data is not carried into or through the vendor’s cloud management service (although sensitive metadata or data about traffic flowing through your network might be).

An engineer uses host H to connect to the cloud management service. Host H does not need to be connected to the corporate network to access the vendor’s managed cloud service. Instead, host H can reach the cloud management service directly over the Internet.

There are many positive and negative aspects to cloud-managed networks, including

• The vendor’s internal experts are watching your network for problems. Since these experts work for the vendor, they have direct access to product development teams.

• Private and proprietary information might be sent into the vendor’s cloud; operators must ensure this data is handled correctly and have plans to deal with potential breaches.

• Network management is much easier; the operator does not need to build or buy and operate a network management platform. Most of these systems rely on a graphical user interface (GUI) to manage the network, and they are intent rather than configuration based.

• Vendor-based cloud management systems can limit the operator to hardware and software from that one vendor. Many operators avoid single vendor lock-in.

• The vendor can apply custom tools like artificial intelligence (AI) to predicting, finding, and fixing problems. AI tools are more effective at a vendor level because they have the state of many networks to operate across rather than a single network.

 Cloud-based management systems are one of the most recent innovations in network management.

Chapter Review

Many organizations install a small network without thinking about how they will manage it over time: What does the network lifecycle look like? How should changes be handled?

Manual management and configuration work for very small networks, but as organizations grow, their networks grow.

There comes a point in the life of a network when it needs to be properly managed.

This chapter considered many elements of network management, starting with documentation. While network diagrams were considered in Chapter 10, other kinds of documents and what you should be documenting were considered in this chapter. The next section of this chapter considered network lifecycle—something very few network engineers think about beyond some basic change control.

Canary and chaos testing are essential tools network engineers should be using regularly. “Management Challenges”  considered the problem of observing things in a network and the intersection of the large numbers and failure rates.

There are many ways to connect to network devices, but SSH should be your “go-to” tool. Remember, you should never allow outside hosts to access routers inside your network directly.

Allowing hosts outside your network access to your devices exposes them to many attacks, increasing the size and scope of your network’s attack surface.

Finally, this chapter considered network management systems.

Even small networks can benefit from building a strong suite of network management tools from the first day of deployment.

One key to doing well on the exams is to perform repetitive spaced review sessions. Review this chapter’s material using either the tools in the book or interactive tools for the same material found on the book’s companion website. Refer to the online Appendix D, “Study Planner,” element for more details.

Table 21-2 outlines the key review elements and where you can find them. To better track your study progress, record when you completed these activities in the second column.

Table 21-2 Chapter Review Tracking