Page 75 - Cyber Defense eMagazine for September 2020
P. 75

The evolution of network management and automation

            In the beginning, we managed everything by hand.  Each system on our networks was a pet, loved and
            cared for, unique amongst all other systems.  Eventually, the number of systems under management
            became too large for this approach to management, and so administrators turned to scripting.  Common
            tasks were automated.  Each administrator could manage a larger number of systems.

            Eventually,  people  who  had  a  large  number  of  scripts  packaged  them  into  the  first  IT  management
            applications, and manual IT gave way to management centralization.  Scripting and #CommandLineLife
            was replaced by policies, profiles and templates.  The number of systems a single administrator could
            manage exploded, and this is where most organizations are today.

            Unfortunately, that scale thing keeps coming back 'round again.  Despite the management magnification
            capabilities  afforded  administrators  by  today's  policy-driven  management  applications,  larger
            organizations are hitting very real scaling problems.  100% of administrator time is being tied up with
            policies,  profiles  and  templates.    Worse,  in  many  cases  the  relevant  IT  teams  are  already  at  their
            maximum size: adding staff does little to increase the number of systems that can be managed.




            Holistic architect wanted

            If there is one thing I would like every single network defender to keep in mind for the next decade, it is
            that there is no network edge anymore.  The days of hunkering down behind our perimeters are long
            past.

            "Hybrid IT" and "multicloud" – including all flavors of modifying buzzwords – is no longer novel.  It is
            simply how IT is done today.  A single organization's IT can span multiple infrastructures.  On-premises
            IT blends neatly into infrastructure, software and services provided by multiple public cloud providers,
            while edge computing has quietly become an ordinary fact of life that we don't even pay much attention
            to anymore.

            That dispersed, complex vision of a modern network exists without even beginning the conversation
            about mobile and remote workers, IoT, or the intricacies of interdependence that exist both upstream to
            our supply chain, and in the provisioning of IT to downstream customers.  Unfortunately, in many ways,
            we are our own worst enemy, and we – both as IT practitioners and as vendors – create many of the
            security problems that will haunt us in the coming years.

            Our innate need to categorize, to segment and to simplify may well be looked upon as the security threat
            of the 2020s.  Our need to keep bringing complexity down to something we can fit in our brains stands in
            the way of making holistic architectural – and thus security – decisions about the implementation of IT
            across these many and varied infrastructures.











            Cyber Defense eMagazine – September 2020 Edition                                                                                                                                                                                                         75
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.
   70   71   72   73   74   75   76   77   78   79   80