Research networking may not be top of mind for every CIO, but Jerry Sheehan, vice president and CIO at Montana State University, views this aspect of campus computing as analogous to bird dogs on a hunt: In other words, it’s the early indicator pointing in the direction the enterprise will eventually go.
Sheehan discussed the role of intent-based networking for research computing in “The Digital Alchemy of Intent-Based Networking” on Wednesday at the EDUCAUSE 2018 conference in Denver.
Academic research is no small matter at MSU, which has $126.5 million worth of sponsored research. The campus community includes 20,000 student and faculty users, served by three networking staff members and two who support high-performance computing and data storage.
Researchers wanted networking to support data-intensive projects, IT leaders wanted to keep networks secure and staff capacity was limited. Together, those factors made intent-based networking an attractive option to consider, Sheehan says.
“Networking is as personal as computing, but we haven’t thought of it that way in the past because we haven’t been able to deliver at scale,” Sheehan said. “Intent-based networking allows us to deliver at scale, and that’s why I think it will be transformational.”
MSU was already a Cisco shop, so it chose Cisco Software-Defined Access and Digital Network Architecture to support its journey to intent-based networking. Cisco DNA offers a software-based way to automate, provision and secure networks in a way that can be more closely tailored to users’ needs. In Sheehan’s words, the solution makes the network both scalable and personal.
Software-Defined Networks Boost Efficiency, Security for Research
Previously, Sheehan said, research networking at MSU posed a common security challenge. Researchers built computer-based scientific instruments that were great at performing academic computing, but they were powered by older systems that weren’t capable of meeting current patching requirements. Often, he said, institutions addressed that security concern by keeping the systems off the network or putting in a firewall.
Another option, segmenting the network, was a big drain on IT staff, taking approximately 50 hours of work and a response time of roughly eight months as they tried to fit the work in around day-to-day responsibilities. The Cisco solutions, on the other hand, reduced that workload to approximately 12 hours of work and a one-week turnaround.
“The first thing we saw with intent-based networking was an increase in the flexibility that we have to deliver resolution to problems for users,” Sheehan said.
He saw a similar improvement when modifying the network to accommodate faculty changes. Rather than setting up physical networking support, such as a high-capacity Ethernet connection in a certain office or a mini-data center in a lab, a new network can be provisioned quickly and easily in the software.
“In each of these cases, we were able to take a utility and turn it into something that met the personal needs of the researchers that we had, because we understood the intent of what they were trying to do,” said Sheehan.
Being able to respond to users quickly also bolsters security, Sheehan said, because users then have less motivation to pursue their own solutions, which may be less than secure.
On the IT side, Cisco DNA helps staff be more proactive by seeing network issues before they start to have a big impact. “It allows us to have an integrated way to look at our current security protocols and risk profiles that we have,” he said.
Train Staff to Optimize New Software-Defined Approaches
Graphical user interfaces, one feature of SDN that increases ease of management, also can necessitate staff training, Sheehan said.
Network engineers, for example, tend to have a “trust but verify” mentality, so even though they can see the GUI, they also want to see the code to verify what it’s telling them.
“Even with our knowledgeable network staff, when we started throwing GUIs at them that they’d never seen before, it took a while to get up to speed,” Sheehan said, adding that his team took an eight-week deep dive into the ins and outs of an SDN model. “Simple doesn’t mean easy. It means different and, in the end, more scalable.”
He also noted that although SDN can change the financial model that IT uses to account for networking resources, moving it from being a strictly capital asset to also being an operating expense, it’s not necessarily more expensive. At MSU, Sheehan said, he implemented the solution from his existing capital infrastructure budget using normal refreshes.
“I did not go back to anyone and ask for more money,” he said. “I changed what I was doing with the money I had.”
To stay up to date on all of the news and ideas coming out of EDUCAUSE, follow EdTech's coverage on the EDUCAUSE 2018 conference hub.