Five 2011 New Year Resolutions for Network Administrators
1. Start IPv6 Deployment
You must start moving to IPv6. I'm not kidding. The remaining unallocated IPv4 Internet addresses are disappearing faster than ever. According to the IPv4 Address Report, the projected Internet Assigned Numbers Authority (IANA) unallocated address pool exhaustion is now February 20th 2011 and the projected regional Internet registry (RIRs) unallocated address pool exhaustion date is November 11th, 2011.
Do I need to say it again? Get moving on your IPv6 conversion plans. I'll be writing more about how to go about that in future blog postings. In the meantime, start talking to your ISPs about switching over? If they're not much help start talking to ISPs like Verizon and Hurricane Electric that know their IPv6 from a fibre-optic network in the ground.
2. Switch over to 802.11n
After much too long a standardization road, 802.11n has finally emerged as the high-speed network standard. With a maximum practical data-throughput rate above 100Mbps (Megabits per second), 802.11n is posed to take the place of wired networking for ordinary desktop PCs.
To really make the switchover to Wi-Fi, you'll need to optimize your 802.11n deployment by such techniques as dropping 802.11g Wi-Fi networking. In addition, instead of designing for covering the broadest possible area with Wi-Fi, you need to start designing for capability instead. So, for example, if you have an office with several dozen workers, you may need only one AP (access point) to cover the space, but to provide reasonable performance, you'll need to add multiple APs.
3. Secure Wireless Networks
If you do elect to switch to wireless LANs for everyday office use, you also must start using real wireless security. Today, that means Wi-Fi Protected Access with Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (WPA2/CCMP) nothing else will hold up. Wired Equivalency Privacy (WEP) has been busted for almost a decade and other forms of WPA can be cracked easily enough with Rainbow Tables.
Maybe you'd thought that you could get away with not using real Wi-Fi security in the past, but thanks to Firesheep anyone can spy on open Wi-Fi networks. If you're really using wireless networks than you really need to get serious about your security.
Page 2: [Flattening the DataCenter & Supporting iPads, iPhones, and Android] »
Flattening the DataCenter & Supporting iPads, iPhones, and Android
4. Flatten the Network
It doesn't matter if you call it a private cloud or just using virtualized servers more, you probably need to simplify your datacenter network to get the best possible speed and latency. The jargon for that process is that you need to flatten your network.
That doesn't mean just pulling out your existing infrastructure and replacing it with the latest Cisco gear. It means hooking up your server racks directly to your core network with 10 Gigabit Ethernet (GigE) or IEEE 802.3b 40 and 100GigE Ethernet switches and bidding your aggregation switches good-bye. Eventually, if you do it right, the theory is you'll be able to replace your separate storage area network (SAN) fabric with dedicated high-end switches.
To really make this work well, the Spanning Tree protocol will need to be replaced. Eventually, there will be a new switching network protocol, Transparent Interconnection of Lots of Links (TRILL) standard. In the meantime, what a surprise, Cisco has rolled out its own pre-standard superset of this new level 2 way of handling switching: FabricPath; Juniper has its own answer to TRILL in Virtual Chassis; and Avaya's Virtual Enterprise Network Architecture (VENA) uses the IEEE's 802.1AQ Shortest Path Bridging standard. You get the idea: There are ways to flatten your network, but for now they all mean that you must commit to a single vendor.
5. Deal with Tablet and Smartphone Management
We have a similar situation with supporting tablets and smartphones on our networks. We have a need, but we don't have any easy, one-size fit all answer. It doesn't matter if you don't want to support iPads, iPhones, and/or Android phones on your LAN, they're coming and you need to figure out a way to manage them. So, how are you going to do it?
That's a darn good question and I don't have a good answer for it. We're going to have find one though before the year is over. There are bits and pieces out there, such as SplashID for password management across mobile devices and Symantec has a variety of products for mobile management and security across platforms. But what I haven't seen yet is a complete multi-platform mobile management program that I like.
They're coming. They'd better be coming. Because, I can assure you that while you might be able to get-by without addressing any of these other network New Year resolutions, you will have to deal with this new generation of mobile devices in your network. We're long past the point where the only mobile device we needed to worry about was the executives' Blackberries. Everyone in the office is going mobile.