Cisco UK & Ireland Blog > Enterprise Networks

Enterprise Networks

Network switches, past, present – and an exciting future

Manish Behal (mbehal
March 11, 2019

A Catalyst for evolution

I’ve been fortunate enough to have spent much of my professional networking career helping customers find the right networking solution that befits their corporate’s networking requirements. I’m therefore well aware of the vital, yet often uncredited role the humble network switch plays in our always-connected world.

Switching might not sound terribly exciting compared with emerging technologies such as Artificial Intelligence, Smart Communities or Cybersecurity, but it’s actually a fast-moving, dynamic technology. So, given Cisco’s established and rich history in this area, this brief overview of switches past, present and future, reminds us of their importance in our increasingly digital existence.

Times past

Technology – and how we use it – has changed beyond measure in a relatively short space of time. Not long ago, landline telephones were the dominant method of contact, with important business communication and documentation delivered by conventional post or fax.

In the early days of the Internet, when hardly any of us had home access, local area networks (LANs) were mainly confined to single buildings, with switches used almost transparently to literally wire devices together.

Catalyst for change

Cisco’s early Catalyst switches provided layer 2 network connectivity, sending packets of information to a single switch port, based on a specific destination Media Access Control (MAC) address. Before long however, our internet use and networking requirements grew in complexity as organisations started communicating beyond their physical locations. This meant multiple network support was required.

In response, we added layer 3 routing, which allowed packets of information to be sent to specific IP addresses. Meanwhile, virtual local area networks (VLANs) segmented the LAN into groups, enabling an organisation’s devices to connect to each other automatically. Interfaces could also be configured based on end-user requirements, e.g. the marketing department’s VLAN would have different characteristics from the finance VLAN, and although physically connected, might not need to communicate with each other.

Bigger and better

These ever larger, more diverse environments necessitated more sophisticated switching and a hierarchical design that divided enterprise networks into three distinct layers; Core, Distribution and Access. This model was entirely flexible to suit individual needs and served us very well for many years.

However, things started to change a little, so this model needed to adapt too.

New threats require innovative solutions

Inevitably, as we spent more time online and a vast volume of devices were injected consistently and regularly into our environment, the threat of malicious activity also increased.

Network security had traditionally consisted of a choke point firewall to protect most of what was south of the top layer. Added in was BOGON filtering and control, plus additional layers of security to guard end-users, primarily with a signature based anti-virus solution.

For many security network architects this was a well-trodden path that often resulted in a reasonable amount of control.  Again, this approach worked for many years.

But as connectivity became more varied – tablet, smartphones, sensors, etc – the threat surface level grew, along with the sophistication levels of attackers. More advanced firewalling techniques were therefore added to networks, while advanced malware protection replaced anti-virus protection.

Present day – resolving the security paradox

As we all know, encrypting sensitive information is mandatory across many sectors; health and care, central government, etc. Unfortunately however, while encryption protects data, it can also compromise network safety, making it difficult to differentiate between authentic and malicious encrypted data entering the network, as their superficial behaviour might appear to be the same.

Enter Cisco’s Catalyst 9000 family of switches. Its integrated security learns and adapts to threats, reducing the attack surface and helping stop attacks before they start. Integrated segmentation and encrypted traffic analytics (ETA) analyses traffic as it enters the network, checking for unusual activity that if encrypted – as the trend seems to be these days – would otherwise go undetected, helping reduce the likelihood of a breach that could have severe brand and financial implications.

The Future – delivering a more agile, responsive solution

Security is critical. Of course. However, this is not the only demand on the network. The number of devices and things that we will need to connect is growing exponentially. It is predicted that there will be one million new devices online every hour by 2020. Those devices will be on networks. With a traditional manually configured network, there is a typical ratio of one network engineer per 200 connected devices.

As this new device explosion accelerates, to continue managing the network in the same way would create a rate of recruitment for network engineers that could not possibly be achieved or be affordable. We therefore need a new approach that will allow a new ratio of one network engineer to up to 1 million connected devices. Cisco’s Catalyst 9000 family of switches has another string to its bow. It is part of the Cisco Digital Network Architecture. A software-defined approach to deploying and operating the network that delivers this scalability that will be required by every network on the planet, in every type of organisation.

The future

So, what’s next?

We’ve already come a long way from the days when little more was required of switching than network plumbing, and as a result of our work in this area, it has become a major component of network security. It has also become easier to deploy, manage, assure and operate.

With large volumes of internet traffic moving through Cisco’s networks, it’s not surprising that we’re always one step ahead. And in terms of what will happen next with switching, I’m sure the best is yet to come, with more rich features that not only solve today’s problems but also those of tomorrow.

Find out more about the newest innovations in switching technology, designed for today’s requirements of security, agility, automation and scale: https://www.crn.com/slide-shows/data-center/crn-s-2018-products-of-the-year/12

• Agility
• Catalyst 9000 Series Switch
• cybersecurity
• Digital Network Architecture
• Enterprise Network
• Enterprise Networking
• network
• networking
• security
• switches