I am working on a concept to pitch to my CTO for a modern corporate enterprise network without any routers, switches, or firewalls.
The basic framework involves all client based agents on the endpoints. Every endpoint would have a ssl forward proxy client, like zscaler, a segmentation client like Illumio, as well as a traffic monitoring agent like ThousandEyes. These would be on top of whatever basic host-based security agents you’d typically see, like your AVs.
The majority of the workforce would be remote, working from home, in what I’m starting to think of as a Bring Your Own Network (BYON) configuration.
All corporate enterprise resources would be hosted in the cloud. Either Public Cloud or direct Hosted. No on-premise servers or resources allowed (or else we would need things like switches, routers, or firewalls!)
Now this may sound like a framework that would only fit certain business models. But what about business models that require real estate (corporate offices, retail outlets, campuses, etc.) The simple solution here is to employ a carrier manager 5G solution. Ideally all corporate real estate would have viable 5G coverage, and all user endpoints would be 5G-capable devices with a SIM card ready to rock.
I’m still working out a few kinks. Printers are a big issue. Corporate enterprise networks tend to use printers. Printers tend to require things like switches (and routers!) for connectivity. A solution like 5G-ready, cloud-based IoT printers is a bit too fringe. I’ve no doubt something is out there that fits the bill, but would it be affordable and scalable? An ideal work-around would be an all-digital business culture (no printers/scanners/faxing—its all email or secure web portal repository.)
There are other obstacles like the typical IoT and SCADA equipment we have on our networks—IP Cameras, Door Controllers, HVAC Controllers, etc. Any number of these devices necessitates the need for on-prem network infrastructure.
Basically the framework works only for certain business models right now, but it achieves infinite scale, zero trust architecture, I mean you basically don’t have a NETWORK. This goes even further beyond the CTO dream of not having a Data Center.
What do you guys (and gals!) think? Please feel free to share your comments, critiques, and opinions. Feel free to tell me I’m crazy or why this would be a bad idea, or a good one.
Thanks!
No comments:
Post a Comment