One of the most exciting things to come out of the SD-WAN revolution in networking is the idea that devices can be remotely provisioned and configured from a central location without the need to have an on-site engineer doing the heavy lifting. The costs of sending a seasoned and skilled technician to a remote location can often drive up the costs of deployment to the point where the amount of money saved by moving to a new system become negligible over the long run.
That’s all well and good for the SD-WAN routers that people are deploying in proof-of-concept (POC) right now. But there are even more devices out there that are hard to configure and essentially invisible to most networks. That would be the out-of-band (OOB) monitoring infrastructure. As recent cloud events have shown, you really need to have your monitoring infrastructure isolated from your network infrastructure. How are you supposed to fix a problem with your network if the packets being transmitted to the monitoring station are riding on the same thing you’re trying to keep an eye on? If that network goes down, are you even going to get an alert?!?
Opening A Secure Path
With all that in mind, I recently had a great opportunity to listen to a great presentation from Opengear during Cisco Live 2019 in San Diego. Here’s a great overview of the problems that are trying to be addressed from Rob Waldie:
One of the things that I love the most about this video is that Rob is really talking about a lot of the things that have been getting under the skin of network operations people for a while. It’s hard to provision a box that is going to be shipped to a location and hope that it gets there safely. It’s even harder to ensure that the person on-site, that may or may not be technical, gets everything plugged in correctly and hopes that it all comes together the way that you want.
You basically have a no-win situation. You can either hope against hope that your box arrives where it’s supposed to be when it’s supposed to get there and that the person doing the work knows enough to get you the results of what you want. Or you can choose to send someone to do the work and incur hundreds, if not thousands, of dollars in extra costs to make sure it’s done right.
Opengear gives you a third option — real NetOps-style deployments. By leveraging good tools and centralizing the operations aspect of things, Opengear can safely and securely configure your devices correctly for any situation. And you can minimize the possibility that someone on-site is going to cause more headaches with their non-technical capabilities.
Let’s look at a quick example. Let’s say that you’re trying to get an Opengear OOB unit shipped to a remote office in El Paso. Rather than trying to get someone on the phone to figure out what needs to be done to get your unit on the internet, you instead choose to configure it with Opengear Lighthouse. Now, before you ship the box to the end of Texas, you simply drop in a SIM card to enable 4G/LTE connectivity. Now, when the Opengear box arrives at the location, you just tell the person there to plug it in. The LTE modem comes online and phones back to the Lighthouse server via VPN. Once everything has checked in, you can start deploying the new unit. Easy, right?
The real genius comes from what comes next in the Opengear Lighthouse framework. One of the biggest problems with OOB boxes is the “snowflake” configuration issues. Every unit is different and special because of the person that set it up or the environment that necessitated the reason for it being turned up. There’s no rhyme or reason to having these boxes online. And that means eventually you’re going to run into huge issues when you need to replace them. In most cases, you don’t even have a good backup of the configuration!
With Lighthouse, Opengear is fixing those issues. Everything is built using standard DevOps toolsets. Leveraging things like Ansible or Docker allows the operations teams to ensure that every deployment follows a predictable and repeatable path every time. Having the unit pull configuration data and software from the central Lighthouse controller means that you know where everything is coming from. No crazy hacks or weird software versions that can’t be upgraded. Everything is simple and standardized.
And that repeatability brings success in resilient configurations across your organization. This is way past the idea of just using Notepad with search-and-replace. This is configuring devices to pull config templates from repositories with correct address provisioning and setup. This is ensuring that no typos slip into the process. Ultimately it means that you spend less time figuring out what went wrong and more time being productive in turning up devices for your organization. Could you imagine how much better you would feel knowing that your device configs are going to right the first time?
Bringing It All Together
Networking is transforming thanks to the efforts of so many trying to drag the traditionalists into the modern era. Sometimes you realize that the old way of doing things just doesn’t scale properly. You also realize that having a force multiplier is necessary to keep up with all the new things you need to worry about. And you also need to reduce the amount of worry that you have that the things you’re doing in the far reaches of the world are going to work the first time without the stress of worrying. With Opengear Lighthouse you can get the peace of mind of all three of these important things. It’s a small step to get from existing complexity to OOB Nirvana.
To learn more about Opengear and Lighthouse, make sure you check out their website at http://Opengear.com