5 Skills for Networkers Living in the SASE World
How can network engineers hone the most in-demand skills today?
Today, network and security can no longer live in silos. What does this mean for the route switch network engineer making a living on the edge of the enterprise? In this article, John Spiegel, director of strategy at Axis Security, discusses the top five skills for network engineers when it comes to being successful in the age of SASE/SSE.
A decade ago, the world changed for the platform team. In the past, infrastructure was made up of several siloed groups, the server team, storage team, network team, and of course, the legacy team (anything with a large “I” in front of it). In a matter of a few short years, the walls came crashing down. Engineers on the storage and server team merged due to virtualization. Time-sharing compute, and disk sharing in the x86 world forced a rethink about the lifecycle of the platform. Networking in the data center also got pulled in.
Tools like Cisco ACI and VMware NSX became part of the equation. Network teams were no longer responsible for provisioning ethernet ports for individual hardware server systems. Instead, the demarcation transitioned to the top of the rack switch. Trunk those VLANs down to the 1U server, hand the server’s network provisioning to the server team’s distributed virtualized switch, and then keep your fingers crossed they didn’t start bridging networks at L2, causing a spanning tree loop!
For the networking team, this was a small compromise which meant they could handoff, move, add, change, delete work, and focus on cool technologies like new WLAN APs, core data center switches, and of course, SDWAN. It worked until 2019, when Gartner announced a new framework to enable and secure the network edge, SASE! The next year, the pandemic put SASE into the fast lane with the rise of the branch of one. Workers were kept away from their branch offices, the HQ campus, and their cubicles. Out of necessity, they transitioned to home offices, kitchen tables and even garages. SASE, a solution inclusive of SD-WAN, and a subset known as the Security Service Edge (SSE) accelerated to lightspeed! Add in zero trust what happened to the server and storage teams is happening again to the network and security teams.
From someone who has led pioneering network teams, worked with startups, spent time with large networking vendors as an advisor, and earned more than enough battle scars, here are my top five skills for network engineers to be successful in the age of SASE/SSE.
1. Become Well-versed in Policy
SD-WAN brought policy-based routing to the forefront of networking. While this technology has been around for decades, it was difficult to implement, manage, and maintain via CLI. SD-WAN abstracted the complexity of the past and made policy-based routing available to even the entry-level network engineer. Need to route voice-over MPLS for real-time performance? Large data transfers over dedicated lines? And SaaS traffic over the internet with failover in place in case of a black swan event? Done with a few clicks.
SASE takes policy-based routing to the next level. You can now add in identity, device state, location, time of day, and security treatments such as DLP and CASB. You can even deny or allow application access based on multiple factors. What this means is the network engineer is no longer limited to packet pathing. It is now about OSI models 4-7 and now 8 (people). You must also become well-versed in security. Not just network security but device and identity security. A large part of SASE is creating, maintaining, and sunsetting policy. Policy lifecycle management. Spend time learning policy and how to run it at scale.
See More: Network Outages: How to Improve Visibility and Recovery
2. Think Like a Network Developer
Networking started in programming, and it is moving back there. Knowing CLI and the GUI is not enough. To manage a system at scale, you must learn to program it, interact with APIs, run via CI/CD pipelines, and leverage infrastructure as code principles. Why? The network is no longer “set it and forget it.”
It’s dynamic, always changing, and in order to be secure, configurations must be visible. It is now a living system. I recommend Python, learn programming principles, and make friends with developers. Pick their brains and learn their craft. Start small, don’t be afraid to fail and grow. For you, this will become a super weapon as you rise in your career. Start now.
3. Mind the User Experience
Networkers are often several layers removed from the employee. Often what a corporation sees as IT is the desktop engineer, or the help desk. Their role is to support IT, and the staff of the company, and “delight the employee.” Good IT departments hug their customers and always keep them as the top priority when deploying new tools and maintaining endpoints. Bad user experiences lead to employee frustration, lower overall morale, and, most impactful, reduce employee performance.
With SASE, the network engineer is now on the frontlines. Poor implementation of network and security policies will result in unhappy customers. You must develop a mindset of how will this impact the employee? Will the change slow them down? Is it balanced with requirements for increasing security? Mind the gap between the employee, the systems they access securely, and their productivity.
4. Develop Your Inner Diplomat
Similar to minding the user experience gap, working on your diplomacy skills will take you a long way. Soft skills are often overlooked in engineering roles.This can no longer be. Networking cannot live in a silo. For SASE to be successful within an organization it requires the network engineer to work productively with the security team, the end user compute team, the operations team, as well as the identity team to name a few.
Responsibilities are often shared. Learn about these teams. Learn about the technologies they support. Develop an understanding of their challenges. Offer up your challenges and work together to become more productive. It’s honestly amazing what can happen over a cup of coffee. If tensions are really high, do some team building. In the past, I would take teams with a long checked past out for an offsite event. The results were amazing. Conflicting agendas faded away as we mixed teams up, and they established common goals.
5. Use SASE as a Tool
At the end of the day, tools are one path to the end goal, the business outcome. Our companies are not in the business of running a WAN, a remote access system or a cloud access security broker (CASB). These are tools. The tools from many vendors. Find one that enables you to provide the business outcome.
Your role is to support the company so it can generate revenue. Consider how you can help the company create or maintain revenue while also reducing risk. Don’t get caught up in vendor marketing. Stay focused on the business outcome you support. Will X tool help us hit our goals? How can you make your employees more productive and secure? That is the goal. Keep this mindset in front of you in your decision-making process.
Good luck on your journey to SASE!
How are you helping your network engineers develop the right toolkit to succeed with SASE? Share with us on Facebook, Twitter, and LinkedIn. We’d love to know!
Image Source: Shutterstock
MORE ON SASE
