Modern campus network design. It's a science and a bit of an art as well. Maybe an intuition built from a keen understanding of business objectives, network components, and the challenges of architecting good solutions. Hi, I'm Steve, talking with you from these Lofty clouds to share some high-level perspective on key design topics, starting with modern campus network design, trends, and challenges. Then I'll touch on two, and three-tier campus architectures and related topics before comparing Cloud and on-premise solutions and the advantages of a hybrid approach. You'll explore the evolution of network management systems or NMS, before moving on to a discussion of security needs. Let's jump right in and talk about trends and challenges related to modern campus network design. Come on, let's go. These are some key motivators for the new technologies, deployment methods, industry standards, and best practices to be discussed in this campus design series, starting with centralized services. The term centralized services could mean different things to different folks. From a big picture perspective, I think of a campus with multiple buildings, perhaps connected to other campuses, branch offices, and more. Our users should have a consistent experience regardless of where and how they connect. Network staff must have 360-degree visibility for network management, security, and quick problem resolution. For many, a cloud-based solution might be best. Your staff is relieved of many data center management concerns. You get a virtualized data center with compute, infrastructure, storage, and applications that you can spin up on-demand and drop during off-peak times. Cloud solutions can be used for data backup and restore, and with all data centrally stored, artificial intelligence or AI and machine learning or ML, can be used to analyze the data for a more complete picture, quicker insights, and better decisions. You can also think of centralized services at a more local level. Typical campus networks have hundreds or thousands of network devices, routers, switches, access points or APs for wireless connectivity and more. Each individually managed. We now often manage access points or APs with a centralized controller and that trend is continuing into switching and other network aspects. I'll touch more on this later. Now, all of this centralization becomes ever more vital and challenging as our user base becomes more decentralized and devices become more varied. How do you extend the campus experience out to these disparate users at home or even in their local cafe? These users must have the same experience, the same secure connectivity, and manageability. As some remote offices might have a gateway with firewall and virtual private network or VPN capabilities. Home offices may have one or more access points with a wireless LAN or WLAN for home use connected directly to the internet via firewall and a separate WLAN for business use, all securely tunneled back to the campus. Same user experience, same management visibility as if they were on campus. The same holds true of employees working from a hotel with special secure VPN solutions like Aruba's Via Client. You have users connecting from various locations using various devices, PCs, tablets, smart phones, and there are challenges here to be sure. Management solution should be able to identify these devices along with the who, what, how, when, and where context. For deeper insight in control, you can integrate with endpoint management systems, perhaps with user entity and behavior analytics or UEBA. These endpoint issues become even more challenging with the proliferation of Internet of things or IoT systems, which often consist of sensors, actuators, and controllers that help to integrate our digital, physical, and biological worlds. Sensors can detect nearly anything, water pressure, heat, smoke alarm, proximity of expensive equipment, and valuable humans, whether somebody is waiting at a traffic light or cross-walk. These systems can create a lot of data and can lack security features. As IoT systems proliferate, we must respond with the ability to efficiently handle, process, and store big data. We must keep these devices available with good redundancy and tight security. Imagine a hacker accessing some unexpected IoT device and using it as a launchpad to attack the rest of your internal systems, ouch. I like Aruba's approach to zero trust security architecture. Users and devices can be dynamically identified, assigned a role, authenticated, and given no access other than that which is absolutely required, perhaps tunneled to those resources. You get the economies of a single centrally managed infrastructure with strict logical separation of roles and resources. These decentralized users very devices and IoT proliferation has increased data loads and can also complicate our centralized cloud-based strategy. These IoT devices and certain high-performance user applications must minimize latency or delay through the network, and sometimes jitter or variations or inconsistencies and delay. Perhaps a sensor detects that some heat limit has been reached. It sends this information to some controller, a decision is made, and then signaling is sent to some actuator to turn off the gas burner, say. We can't wait for these signals to pass up through the cloud and back, we need a decision now. We still need cloud-based systems for their centralized management and data pooling capabilities. We probably want that IoT data to be stored long-term in the cloud where AI and ML can analyze all that big data and identify trends. But today's modern campus designs must also consider the need for intelligence, where the action is at the edge, where our users devices and IoT systems connect. Now I'm thinking about Aruba's Edge Services platform or ESP, which I'll talk about soon. But first, I wanted to touch on network management trends. I've seen quite a few management systems over the years, many of them quite good at what they do, but they only do so much. One system gives me great visibility into the wireless network, another helps manage switches and routers, and perhaps another system for remote branch connectivity. It's hard to be an expert in one of these systems, much less all three, and these separate silos bite us in another way as we move outside the campus to a multiple campuses, remote branches, and on into nationwide deployments. We might have a set of management systems in the North, South, East, and West campuses across the country. With separate management systems, key opportunities are lost. What if we had a common data lake for the entire deployment with AI and ML analyzing this data for trends? Perhaps we can answer questions like, why does the West Coast campus have 12 percent more End User complaints related to Wi-Fi systems, or why is voice-over IP latency higher in the Northern branch? What about security? Look what I'm asking of you so far. You have a classic campus network. Now, add some cloud services, throw in some IoT devices and accommodate Internet, branch office, SOHO, and remote teleworker connectivity. Each new requirement adds a potential weakness for exploitation, and attackers devise evermore sophisticated ways to attack us every day. Now recall the days when security meant adding a firewall to your perimeter, configuring a few dozen or a 100 VLANS, and some access control lists or ACLs to help lock things down. Then we began to realize that most attacks came from inside the network, and with all these new potential attack vectors, we need security baked into the very fabric of our campus networks. Later in this series, I'll talk about some specific solutions to consider. I wanted to finish up this first video in the series, taking a look at patterns and trends. The COVID outbreak seems to be accelerating the trend towards a hybrid workplace, often at home, sometimes at the office. Now, I'm thinking about Aruba's remote connectivity solutions to let employees work remotely while maintaining that in-house experience, security, and manageability. In the office, I'm thinking about emergent features like density mapping to help you modify floor plans when traffic patterns get risky. Spatial heat maps help reveal where users are actually working to help management see if their plan for worker distancing is really being used and adjust as necessary. Contact tracing is pretty cool. It leverages Aruba's APs, Wi-Fi, and Bluetooth tracking features. HR is notified that someone is sick and they can easily sort contacts by total contact minutes with each person. Along with location dwell times, this information can help to further optimize space usage and cleaning schedules. Stay safe everyone. This is the end of the first video in the modern campus design series. Please continue on with the next video, campus architectures.
