Networking Isn’t Just A Tool

BlueFiberOptic

It’s another event week for me at Networking Field Day 25 and I’m continually impressed with the level of technology that we see in the networking world. I think back to how things looked when I was still deploying the networks I built and it seems like a hundred years ago instead of a decade. More software driving better outcomes for users. Easier collection of analytics and telemetry to understand how to tune things and make them faster and better. And, honestly, more need for advanced technical people to tune everything and make it work better.

When you consider that the last year has been done over the Internet for most of us it gets even crazier. Meetings, software productivity, and even food delivery has been driven by apps running in the cloud that we communicate with over the Internet. I can remember a time when I didn’t have a mobile phone in my pocket with Internet capabilities. Today I can barely imagine not having it at my fingertips. When the network is not doing things the way we want we quickly find out how dependent we’ve become on our connectivity.

Generational Differences

My children are amazed that dial-up networking used to be a thing. I remember rebuilding Winsock stacks in Windows 98 for Gateway in order to troubleshoot 56k modems not connecting to AOL at the beginning of the millennium. Today my cable modem gets me where I need to go when I’m home and my 5G phone does the heavy lifting for me when I’m on the road. Need to look up a price on something? Or know the temperature? Or just listen to a song you remember from your childhood? It’s all at your fingertips. I can’t imagine that kind of connectivity back when it took a minute or two for the phone to scream out the song of Compuserve at my house.

My in-laws have a DSL connection that suits them just fine for their needs. It’s painfully slow for me. I couldn’t live with their slow connection and inability to run multiple things at once, like video streaming and Zoom meetings at the same time. They don’t live very far from me either. The difference in their connectivity is shocking. And yet, we just expect to be able to get online any time we want.

Remember ATTWIFI at Starbucks? Remember when your iPhone would automatically connect to give you better speeds when your 3G was overwhelmed? I can recall getting into a situation where Cisco Live in Las Vegas made my phone unusable outside of the conference. Today that situation would be unacceptable. And we’re barely a decade removed from those days.

As I keep seeing technology moving along even faster, including things like silicon photonics promising speeds north of hundreds of gigabits on the uplink side, I wonder how our next generation is going to feel about not being able to watch 8k TV shows in a self-driving car on-demand because there’s not enough bandwidth. I laugh when I remember the need to swap out DVDs on car trips so my eldest son could have entertainment. Today my youngest is happy to binge watch shows on Disney without interruption because of the networks we’ve built.

Creating Dependence

What we’ve built has created the world we live in. But we also have made it a world dependent on what we’ve built. I realized that months ago when my network connection kept going out during a winter storm. Without connectivity people feel lost. I had a hard time getting things done offline without being able to look up information or get emails sent out. My kids are beside themselves without access to anything online. Their board games were boring. They couldn’t play video games offline because all the cool features were on the Internet. By the time the connection came back it was almost Lord of the Flies around here as the minutes ticked on.

We no longer have the luxury of shrugging our shoulders when the network goes down. It needs to be treated no differently than the electricity or water in a building. If we neglect it we risk alienating our users and stakeholders. We need to be firm when we need new equipment or better designs to ensure resilience. Instead of making everything cheap and barely usable we need to remind everyone how reliant they’ve become on the network. If it’s necessary it is absolutely worth investing in. Moving to the cloud or becoming more and more reliant on SaaS applications just reinforces those decisions.


Tom’s Take

Either the network is just a tool that doesn’t need investment or it’s a necessary part of your work that needs to be treated as such. While I would never suggest unplugging anything to prove a point I think you can point to specific outages that would do the same thing without the chaos. Every time you tell your stakeholders they need to invest in better switches or new access points and they push back about costs or try to suggest a cheaper alternative, you need to stand firm. In a world where everyone is dependent on Internet connectivity for all manner of their lives you have to treat it as a necessity in every possible way. You can tell your stakeholders to spend their day working from their phone hotspot if they don’t believe you. It’ll be like taking a trip back to the early parts of the millennium when networks weren’t as important.

Cisco and OpenDNS – The Name Of The Game?

SecureDNS

This morning, Cisco announced their intent to acquire OpenDNS, a security-as-a-service (SaaS) provider based around the idea of using Domain Naming Service (DNS) as a method for preventing the spread of malware and other exploits. I’ve used the OpenDNS free offering in the past as a way to offer basic web filtering to schools without funds as well as using OpenDNS at home for speedy name resolution when my local name servers have failed me miserably.

This acquistion is curious to me. It seems to be a line of business that is totally alien to Cisco at this time. There are a couple of interesting opportunities that have arisen from the discussions around it though.

Internet of Things With Names

The first and most obivious synergy with Cisco and OpenDNS is around Internet of Things (IoT) or Internent of Everything (IoE) as Cisco has branded their offering. IoT/IoE has gotten a huge amount of attention from Cisco in the past 18 months as more and more devices come online from thermostats to appliances to light sockets. The number of formerly dumb devices that now have wireless radios and computers to send information is staggering.

All of those devices depend on certain services to work properly. One of those services is DNS. IoT/IoE devices aren’t going to use pure IP to communicate with cloud servers. That’s because IoT uses public cloud offerings to communicate with devices and dashboards. As I said last year, capacity and mobility can be ensure by using AWS, Google Cloud, or Azure to host the servers to which IoT/IoE devices communicate.

The easiest way to communicate with AWS instances is via DNS. This ensures that a service can be mobile and fault tolerant. That’s critical to ensure the service never goes down. Losing your laptop or your phone for a few minutes is annoying but survivable. Losing a thermostat or a smoke detector is a safety hazard. Services that need to be resilient need to use DNS.

More than that, with control of OpenDNS Cisco now has a walled DNS garden that they can populate with Cisco service entries. Rather than allowing IoT/IoE devices to inherit local DNS resolution from a home ISP, they can hard code the DNS name servers in the device and ensure that the only resolution used will be controled by Cisco. This means they can activate new offerings and services and ensure that they are reachable by the devices. It also allows them to police the entries in DNS and prevent people from creating “workarounds” to enable to disable features and functions. Walled-garden DNS is as important to IoT/IoE as the walled-garden app store is to mobile devices.

Predictive Protection

The other offering hinted at in the acquistion post from Cisco talks about the professional offerings from OpenDNS. The OpenDNS Umbrella security service helps enterprises protect themselves from malware and security breaches through control and visibility. There is also a significant amount of security intelligence available due to the amount of traffic OpenDNS processes every day. This gives them insight into the state of the Internet as well as sourcing infection vectors and identifying threats at their origin.

Cisco hopes to utilize this predictive intelligence in their security products to help aid in fast identification and mitigation of threats. By combining OpenDNS with SourceFire and Ironport the hope is that this giant software machine will be able to protect customers even faster before they get exposed and embarrased and even sued for negligence.

The part that worries me about that superior predictive intelligence is how it’s gathered. If the only source of that information comes from paying OpenDNS customers then everything should be fine. But I can almost guarantee that users of the free OpenDNS service (like me) are also information sources. It makes the most sense for them. Free users provide information for the paid service. Paid users are happy at the level of intelligence they get, and those users pay for the free users to be able to keep using those features at no cost. Win/win for everyone, right?

But what happens if Cisco decides to end the free offering from OpenDNS? Let’s think about that a little. If free users are locked out from OpenDNS or required to pay even a small nominal fee, that means their source of information is lost in the database. Losing that information reduces the visibility OpenDNS has into the Internet and slows their ability to identify and vector threats quickly. Paying users then lose effectiveness of the product and start leaving in droves. That loss accelerates the failure of that intelligence. Any products relying on this intelligence also reduce in effectiveness. A downward spiral of disaster.


Tom’s Take

The solution for Cisco is very easy. In order to keep the effectiveness of OpenDNS and their paid intelligence offerings, Cisco needs to keep the free offering and not lock users out of using their DNS name servers for no cost. Adding IoT/IoE into the equation helps somewhat, but Cisco has to have the information from small enterprises and schools that use OpenDNS. It benefits everyone for Cisco to let OpenDNS operate just as they have been for the past few years. Cisco gains signficant intelligence for their security offerings. They also gain the OpenDNS customer base to sell new security devices to. And free users gain the staying power of a brand like Cisco.

Thanks to Greg Ferro (@EtherealMind), Brad Casemore (@BradCasemore) and many others for the discussion about this today.