The modern hybrid enterprise ecosystem is unique in the chaos it embodies. It bears a growing load of technology the burden of which is hard to glean at the snowballing stage, but inescapable once the tolls start to become evident.
In the future, artificial intelligence (AI) may present a clever way to get a grip over the pandemonium and better days may be ahead of us, but right now, we are in the thick of this chaos, and it is eroding away observability faster than a prairie fire with a tailwind.
“Managing networks is difficult especially if you’re managing on-prem and cloud in multi-cloud and multitenancy. You have limited visibility for what has been allocated and used by the cloud team,” noted Glenn Sullivan, sr. manager of Technical Marketing at Infoblox, a company that is fighting the visibility fight by engaging in development of solutions that can reinforce asset visibility through cohesive DDI management.
“Depending on how siloed you are, this problem can get worse,” he added.
According to a 2021 study by the Enterprise Strategy Group, 79% of companies report escalating visibility gaps in the environment, favoring automated asset visibility over manual processes.
“There is no central visibility for the network team or the allocations they make, and even in the CloudOps teams, there is no centralized place where they’re seeing all of the IPs across the board or how they’re being managed across the different cloud environments,” Sullivan noted, while presenting at the Cloud Field Day event in February.
Even in integrated teams, he said, “there is a primary disconnect with how networks are planned and managed, and how [they] are used in the cloud.”
Besides being inconvenient, the cost of visibility loss to enterprises is astronomical. For example, having consistently poor visibility of the digital footprint over time can lead to IP conflicts or overlaps leading to disruptions and outages.
Frequently, the network teams may run out of IPs or be using too many IPs, Sullivan said. “The network team needs to [then] reconcile some of those IPs, reclaim them for other parts of the environment. So it’s not just overlaps, it’s also wasting IPs that you’ve been given.”
Low visibility worsened by the IP sprawl culminates into more staff hours, increased cost and longer troubleshooting times, complicating time-to-market and service management.
“[Network discovery] is the way to reconcile what you’ve designed from an IPAM and DNS infrastructure standpoint to your as-built environment,” Sullivan said.
It’s a capability Infoblox has in its portfolio for many years, allowing users to regularly scale the environment and track IPs and deployed assets. But the solutions rely on additional hardware, something that does not align with the cloud operating model.
“The servers are an allergy to CloudOps teams. They don’t want to deploy a server or appliance no matter if it’s virtual or not. They want you to pull the data that they can pull with APIs,” Sullivan said.
So Infoblox delivered. September last year, the company introduced Universal Asset Insights as a core component in the new Infoblox Universal DDI Product Suite. The solution is a “very very lightweight probing infrastructure” which consolidates asset information in the cloud, improving visibility, and accuracy of IPAM.
“With previous solutions, you would have to deploy a lot of probes and condensers and a lot of things on prem to be able to reconcile all of the assets,” Sullivan said. “If I have a laptop that’s seen on one access point in one building and then, later on in the day, in another access point in another building, somewhere you have to consolidate that into a single asset. You typically would have to deploy a decent amount of either virtual or physical hardware or appliances on prem to do that reconciliation.”
“Now all of the cloud discovery that happens…happens direct API to API,” eliminating the need for installing supporting hardware, he said.
This adds the ability to interface directly with cloud controllers instead of going via servers. “The last thing I want to do as a network engineer is deploy something to talk to a Meraki or a Mist. I have the cloud services for a reason and I want to interface with those directly…We’ll talk to the Meraki controller directly via the cloud APIs,” Sullivan told.
Universal Asset Insights aims to cut through the chaos and help achieve complete awareness of IP-based and non-IP-based assets. To that end, it pulls together discovery, analytics and remediation into a centralized view across hybrid, multi-cloud environments.
“As network engineers we have a picture that we like to draw and say this is the way the network looks. Asset insights is a way to figure out if it’s the way that it actually looks.”
By sending constant updates to the IPAM inventory, it handles the equivalent of manual tracking methods, while deftly identifying unused IPs and zombie workloads in the environment that add to the operational overhead and security risks.
But, it’s “not just a flat inventory,” Sullivan says. “We’re consolidating all of the [information] into a workspace providing insights on the data.” The interface makes deeper information connected to assets available to the network team.
The primary use case is reconciling IPAM and DNS, but there’re some secondary use cases as well, he said.
Companies that currently leverage Infoblox’s Universal Asset Insights include media conglomerates, insurance giants and international power companies with millions of assets in the environment.
