Opening Comment: Diane, you bring a lifetime of proven experience and accumulated valuable insights to our audience. Considering your impossible schedule, we thank you for doing this interview with us.
A: It's my pleasure, Stephen.
Q1: There are a high percentage of business/technology managers amongst our readers. What are your most important current roadmap-level tips involving networks and network design?
Q2: Take the prior question and apply it to the next 3 to 5 years.
A: As networks become more intelligent and an integrated part of the business, understanding the business requirements and associated metrics will become essential components of the network design process. Thus, it will become crucial for IT personnel to understand the language of the business personnel, and vice-versa.
Q3: What are your practical suggestions for improving security in networks?
A: Network security should start with developing a security policy that specifies both the requirements and responsibilities related to network security, and sets the framework for implementation. It's important to note that risks are not eliminated by network security; rather they are reduced to levels deemed acceptable to the organization. Therefore, as part of developing a security policy, a risk assessment and cost-benefit analysis should be performed.
The network security policy could be produced as a series of documents, such as an overall policy, a network access policy, an acceptable use policy, and so forth. These policies must then be disseminated to all employees (and contractors, etc); training on the policies should be mandatory for all. Policies should be written such that they are enforceable, and wherever possible automated ways to enforce them should be put in place. For example, companies should have a policy that nobody should surf "objectionable" websites. To enforce this, URL filtering software could automatically prevent users from visiting websites that have been listed as "objectionable". However, if users need to get to one of these listed sites (for work purposes), they should be able to make a special request to have that site removed from the filter's list.
Since risks, technologies, and requirements may change, the security policies should be living documents that are updated as necessary.
Network security implementation does not just mean putting a firewall on the Internet connection; security should be integrated into the network. For example, routers and switches with features such as integrated firewall, VPN, and intrusion prevention and detection are available, as are stand-alone security appliances. These devices can work together and with other devices and applications, to defend against threats both from within the network and from external sources.
Q4: Can you extract the key lessons from your latest book that would be of benefit to managers?
A: Along with the security suggestions we just discussed, here are some of the other key points from the book.
For network design methodology: Identify requirements first, assess what you currently have and how it will need to be changed to meet these requirements, and then create a detailed design. The requirements should reflect both the business and technical aspects of the network. While techies may want to start by analyzing the technical side of the network, reviewing the business aspects first will ensure that they understand what the network will be used for, why the network is being changed, what parts are most critical to the organization, and so forth.
For structuring the network: Modularize the design. For example, if you have multiple buildings on your campus, there will be many common aspects among the design of the network in each building, and they all in turn may connect to a common campus core. Network applications (such as IP telephony) tend to span many modules and are enabled by a set of common services (such as security, quality of service, and so forth).
For campus and data center design: Key considerations for campus design are the applications that need to be supported, the building locations, and the characteristics of the devices and cabling selected. Data centers are ideally evolving from server-centric to service-centric, with resources that are pooled and virtualized.
For WANs: There are a wide variety of WAN technologies available. Trade-offs are sometimes necessary when selecting which WAN to use; considerations include the requirements of applications that will go over the WAN, technical specifications (such as bandwidth), and cost.
For IP addressing and routing: The network's IP addressing plan should be hierarchical, and should easily allow route summarization (to reduce routing traffic and routing table size) and growth. This requires planning!
For voice: Although the network can view voice as "just another application", it's an application with specific requirements that must be implemented. Your voice network may be managed by another group of people; before implementing IP telephony, ensure that you have people with voice expertise on the team.
For wireless: Wireless, including wireless security, is evolving. There are various wireless architectures available, from stand-alone autonomous wireless access points, to lightweight wireless access points controlled by a centralized device. So again, before implementing wireless, ensure that you have expertise on your team.
Q5: The Industry is changing. What advice would you give to IT professionals to stay on top of what is happening in the industry in order to position them (from a career standpoint) and their organization to benefit from these trends?
A: From an individual perspective, I think that it's crucial to accept that there will be continuous change and to try to stay current. One of the ways that you can demonstrate this to your current employer (and of course to prospective employers if necessary) is by getting a certification. Sure, if you're not certified it doesn't mean that you can't do your job, but it's a good way to demonstrate your level of knowledge. And when you do get your certification, whatever it is, take note of any expiration dates! For example, Cisco career certifications (such as CCNA, CCDA, CCNP, etc.) are valid for 3 years - if you don't recertify in time, you lose it, and you're back to the beginning again. I've met a couple of people who had their CCNP and lost it… so they were painfully starting all over again.
From an organization's perspective, encourage continuous learning. Allowing employees to take courses is an obvious way to do this, but there are others: for example, start up a library of relevant books, get access to some e-learning courses, set up a lab that your employees can "play" with, etc. And, most importantly I think, give them time to read, take the courses, use the equipment...
Q6: Profile your current specific role.
A: Currently my time is split between writing and training. I have been fortunate to be involved in many aspects of both, including writing and editing technical books, teaching, course development, e-learning, management, and project management.
Q7: In your current role, what are the biggest challenges, and their solutions? How does this relate to business?
A: I think one of the biggest challenges for all of us is keeping up with the rapid changes in technologies. I try to read as much as I can, attend conferences, and talk to others in the industry.
Specific to my current role, a big challenge is thinking of ways to explain often difficult topics in a way that they will be understood. I've found that using analogies helps keeps people's interest, and gives them a different view of a topic.
Getting the facts straight is another challenge - there is a lot of "misinformation" out there! I have learnt to question, or to test the facts myself.
Q8: Please share a story (something surprising, unexpected, amazing, or humorous) from your work?
A: One thing that I find amazing is that I've never actually met any of the people that I've worked with at Cisco Press ... and I've been working with some of them, including the Executive Editor of my current book, since 1998! Our work is done electronically (with only the occasional phone call); we're using the network to write about networks.
Q9: Provide your predictions of future IT/Business trends and their implications/opportunities?
Q10: Which are your top recommended resources and why?
Closing Comment: Diane, we will continue to follow your significant contributions. We thank you for sharing your time, wisdom, and accumulated deep insights with us.
A: Thank you, Stephen.
Copyright Network Professional Association® 1994-2020. All Rights Reserved.
NPA Privacy Statement