Zero Touch Configuration and network access policies are important concepts that both address the challenges of managing next generation enterprise networks and provide measurable benefits to network administrators.
Every network operator is looking for methods to optimise performance and minimise intervention. Policy Based Automation (PBA) is the ideal solution for providing an automated tool set that enables network operators to meet these goals.
PBA can automate the configuration that is necessary when adding moving or changing network connections.
“For example, policies can be created for all Wi-Fi access points, all video surveillance cameras or any other type or class of device. You can have a different policy for your indoor access points. If you prefer, policies targeting devices from a specific manufacturer can also be used. There are really no limits for which PBA policies can be used,” said Teresa Huysamen, Business Unit Manager for Cambium solutions at Duxbury Networking.
Cambium’s cnMatrix cloud-managed enterprise-grade Layer-2/Layer-3 Ethernet switches leverage PBA technology. When deployed with the Cambium cnMaestro™ management system, they provide network operators with an automation system that is easy to configure, manage and maintain.
Challenges in network changes
An overall network architecture is established during the initial deployment phase and remains relatively static, while the action takes place at the network edge where access is provided for devices and users.
Additions, moves or changes are a frequent occurrence and edge connection requirements can be significantly different across devices. Configuring these connections requires specific knowledge about the needs and privileges of the devices being connected.
“Switch configuration is typically required for each connecting device, such as VLAN assignments, port settings, Quality of Service (QoS) parameters and security settings. Provisioning these settings manually requires network connectivity to the switch, is time-consuming and is error-prone. A significant number of network outages are due to misconfigurations where one small tying error can block an entire team’s productivity or open an exploitable security hole,” Huysamen points out.
PBA to the rescue
Automating configuration, using PBA, minimises downtime and simplifies troubleshooting. The network switch needs to dynamically recognise devices and automatically apply predefined policies that perform the required switch configuration.
With PBA, policies can be customised on a per-switch basis or be centrally managed and distributed depending on the needs of the organisation. These policies can be developed and validated prior to deployment, thereby eliminating potential issues and ensuring uniform configuration throughout the network.
“Policies can be simple, acting as a general catch-all. They can also be complex, identifying and satisfying the special access needs of devices as determined by the network administrator. Finally, since policy-based switch configuration is dynamic, it is automatically cleared once a device is disconnected. This rapidly closes the potential security holes and returns edge access to a known, consistent state,” said Huysamen.
As a core cnMatrix component, PBA is engineered to exceed both the basic and advanced needs of a network administrator. Simplified device configuration and eliminated issues lead to saved time, conserved resources and reduce cost of ownership.
This article was published in partnership with Duxbury Networking.