Q&A: Prasad Pammidimukkala on Integrated Network Management and Zero-Touch Provisioning

Zero-touch provisioning is finally happening, after years of discussion. With the power of Fabric Connect and Identity Engines, we’re able to help tackle the Bring Your Own Device trend and other needs easier than ever, while knocking out network downtime due to human error.

At ATF 2014, I sat down with Prasad Pammidimukkala, who heads up Product Management for Avaya stackable switches and wireless LAN and Identity Engines portfolios, to talk about what zero-touch provisioning is and how Fabric Connect makes it possible.

Mark: Prasad, you have over 20 years’ experience in the high tech industry including senior business development and product management and marketing roles at companies like Gridiron, Brocade and 3Com.

You had a presentation here called “The Introduction to Unified Access 2.0 with Avaya Fabric Connect.” What are some of the main trends that you see in BYOD in network access that are around that?

Prasad: Thanks, Mark, absolutely. If you think about the way we use our own devices, to get onto the network, you’ve got to connect the network.
Historically, that’s been done through a wired connection. However, if you just look around yourself, we see that network access technologies are becoming unified.

End users expect the same level of quality of access to their authorized resources regardless of whether they’re coming in wired or wireless.

Also, network administrators are demanding an integrated way of managing wired and wireless networks so that they can have a common set of policies for security, quality of service, etc., so much so that industry analysts such as Gartner and IDC stopped calling network access as wired and wireless separately.

They cover them in a unified way as unified access.

Mark: Has that affected the design of enterprise networks with these trends in wired and wireless access?

Prasad: Absolutely.

Let me just talk about a couple more trends in the access space.

We talked about network access becoming unified. There is one other trend around BYOD.

We all carry multiple devices. I have a smartphone, tablet, laptop and e-reader. These are all connected devices. I also have a wearable watch that measures how many steps I take and how I sleep. It analyzes my sleep patterns.

These, again, are connected devices and they’re coming to the BYOD realm.

We, as enterprises have moved past saying, “No,” to BYOD; it’s more a question of “yes” and how easy and seamless can you make the onboarding of BYOD devices, and more than anything else, securing your assets; corporate assets. Seamless onboarding and access to all your resources while protecting your corporate assets.

The last trend that we see is wireless LAN is becoming a primary access mechanism. Again, if you look at any tablets or smartphones, obviously, they don’t come with an Ethernet port and even MacBooks – the latest ones don’t have a built-in hardwired port.

Mark: Tell me about it. I had to buy a $39 bundle that I didn’t even know about.

Prasad: Exactly. Wireless truly is becoming a primary access mechanism. What does that translate to? What’s the implication of that?

Until now, we were using wired networks to connect and use our business-critical applications and mission-critical applications. Wired networks were delivering the service that they need.

Now with wireless becoming a primary access mechanism, wireless LAN automatically becomes mission critical. It needs to have and deliver the same level of performance, resiliency, availability, and manageability to be able to serve as the primary access mechanism.

Mark: The next generation of unified access is what we call “Avaya Fabric Connect” where we’re extending that Fabric out to the edge. Tell us a little bit about that.

Prasad: We’ve been getting tremendous response from customers on the benefits of Fabric connect. If you pause for a second and think about what Fabric connect gives you, it gives you automation in the core of your network so you’re essentially coming up with a hands-off core where you deploy once and then you don’t touch it again. All your provisioning of new services you do around the edge of that core.

Now, that reduces the number of configuration errors that will happen on a daily basis and bring down networks. People lose jobs when their networks go down due to somebody’s human error.

By automating the core, you’re getting that benefit of zero configuration errors due to human error. By extending it out closer to the edge, you’re extending that automation all the way to the edge. You no longer have to touch the core. You don’t have to touch the distribution layer. Now, all your provisioning gets done at the wiring closet.

What we’ve done is we’ve said, “Okay, Fabric is such a great thing and it’s giving us so many benefits from an integration perspective, automation perspective, performance and availability. Why not extend it even further? Why stop in the wiring closet?”

We’re extending it into the wireless access points as well as to the endpoints. These are third-party switches that may not be Fabric-capable and also endpoints like laptops and tablets when they connect the switch infrastructure.

Essentially, it recognizes them, authenticates and authorizes them automatically and provides them access to the services they’re entitled to. All of this is happening with zero touch from a configuration perspective. That’s why we’re calling it “the automated campus” or “automated edge” where you get zero-touch provisioning.

Mark: We’ve been talking about zero-touch provisioning for years and years and years. That was something that Jean Turgeon always was striving for: zero touch, just make it work. Make it work.

I think it’s always been a challenge because, at some point or another, you’ve got to put some intelligence in here. This is allowing that intelligence to come right from the device.

Prasad: That’s right. Fabric provides you that intelligence.

Now, when we talk about zero-touch provisioning, it is truly, literally zero-touch provisioning. You can take a switch that comes default out of the factory, open up the cardboard box, power it up and connect it to an uplink port into the northbound switch which is a Fabric-capable switch. This brand new vanilla switch can discover that it’s connected to a Fabric Connect network and downloads its configuration and automatically provisions itself.

When we talk about zero-touch provisioning, it’s truly zero-touch provisioning. Having said that, some amount of configuration has to happen prior to the switch getting plugged into the network.

That happens in a centralized place through our Identity Engines or it’s managed by skilled personnel as part of the design and deployment of the network.

You’re not relying on either not-so-skilled administrators that are in the branch offices and in locations where high skills are not easily found, thus reducing the chance of errors propagating through a network.

Mark: There’s got to be an ROI there because you’re certainly making best use of labor dollars where you need that skilled set.

Prasad: Yeah. One other thing, if you talk about remote offices again, where you’re deploying access point for wireless access, in traditional environments, you typically have to go pay someone to climb up on a ladder and put the access point there.

Now, that labor is not that expensive. However, where the expensive labor comes in is when you have to have a networking expert go out there, configure IP information, configure VLAN’s, configure access policies, etc. with Fabric being extended all the way to the access point.

You literally have someone attach the access point to the ceiling and then they take an Ethernet cable, plug it into a port on a switch and from then on all the configuration happens automatically.

You’re essentially onboarding access points with zero touch and then any endpoints like tablets or smartphones or laptops that connect to that access point will also get automatically provisioned into the right virtual services networks through Fabric Attach and Fabric Connect.

Mark: Now I think that’s a revolutionary behavioral change in network design and network deployment and it just opens up a whole host of things that can now happen automatically because all of that is happening.

Not only do you have the money and savings and resources and deployment, but you’ve just got the intelligence that’s there. It’s got to simplify your trouble shooting as well.

Prasad: It does. If you look at traditional architectures again, you have different pieces of the network being cobbled together in a way using gateways or some translation protocols in between. When you have a single end-to-end Fabric that’s running a single protocol, you’re troubleshooting becomes all that much simpler.

An analogy that I’ve seen being used, let’s say you have a plumbing situation, if you have a single pipe end-to-end, you can see from one end to the other really clearly. If there’s a blockage, it’s very obvious. Whereas if you have a lot of joints and things are going through different paths, it’s not that easy anymore to troubleshoot. It’s a very simplistic example, but that’s essentially how this equates to.

Mark: Plumbing is an excellent example of how to explain networks to people because it’s something they can see and visualize. It’s just got the exact similar characteristics in almost everything I’ve seen. It always comes back to plumbing.

Thanks very much for sitting down and talking to us today. Very interesting stuff and some real-world applications of all this great technology we’re dealing with.

Want more technology, news and information from Avaya? Be sure to check out the Avaya Podcast Network landing page at http://avaya.com/APN. There, you will find additional podcasts from industry events, such as Avaya Evolutions and INTEROP, as well as other informative series by the APN staff.

APN Blog Banner

Thanks for stopping by and reading the Avaya Connected blog on E911. I value your opinions, so please feel free to comment below or, if you prefer, you can email me privately.

Public comments, suggestions, corrections and loose change is all graciously accepted 😉 Until next week. . . dial carefully.

Be sure to follow me on Twitter at @Fletch911


Related Articles:

Avaya Named a Leader in Gartner’s Magic Quadrant for Contact Center Infrastructure

Avaya is honored to be recognized as a leader in Gartner’s Magic Quadrant for Contact Center Infrastructure worldwide. Avaya has been the only vendor having the distinction of being named a Leader for 16 consecutive years. Each year the research organization creates a market view of key players for business users, reflecting business goals, needs, and priorities.

Contact centers have gone beyond phone calls with customers now expecting to communicate on their terms via text, IM, email, chat or video. For the past 16 years Avaya has created seamless and highly personalized experiences, building brand loyalty for companies all around the world.

According to Deloitte, 85% of organizations view customer experience provided through contact centers as a competitive differentiator. Todays companies must remain relevant by creating a single interface to connect customers with the correct resource each time, supporting their preferences. Supervisors and managers need real-time performance information to adapt immediately to situations to ensure optimized customer experience.

Avaya has focused its efforts on creating next-generation contact center solutions, creating communication strategies enabling a continuous transition between channels during customer interactions.

Please visit Gartner’s page to read the full report and see how Avaya’s Contact Center infrastructure continues to deliver best-of-breed Contact Center applications. We look forward to continuing innovation and leading business communications for the digital age.


Seeing into the Office of the Future

Dubai is heavily focused on delivering on its Smart City goals, with the goal of being among the smartest—and happiest—cities in the world. The drive toward smart cities is part of a wider shift, with countries around the globe seeing a migration from rural areas to urban. With more than half the world’s population now living in cities, organizations in the Middle East are facing increasingly difficult decisions about how they allocate resources and manage their workforce.

For a city like Dubai, that can be challenging. Finding the right real-estate location for office space, managing energy usage and providing physical workspaces for employees working different shifts in a modern, 24X7 city creates its fair share of headaches. Enterprises also have to cope with an increasing Bring-Your-Own-Device (BYOD) culture, with smartphone and device penetration especially high in the United Arab Emirates and other Gulf countries.

We have reached an inflection point where the number of devices connected and generating data is accelerating at an exponential level. Our work environments are beginning to blur, as workspaces are no longer physical but virtual. Organizations need to deliver a consistent work experience whether in an office or on the road, or at home. The key driver is to intuitively connect not only communications devices, but interact with the ambient technologies that surround us, like lighting, BMS and signage.

At Avaya, we believe that the Smart Enterprise is one of the key building blocks for smart cities—and one of the foundations of true Smart Enterprise development will be what we term the Office of the Future. This is about more than just technology; the Office of the Future involves automating work processes within the enterprise to deliver a more intuitive employee experience. As with any “smart” solution, the Office of the Future is only smart if it resolves the challenges it aims to address.

So what do we mean by Office of the Future? Imagine walking into a new office you’ve never visited before and your work station is ready before you sit down, configured to your preferences, right down to the air conditioning settings and digital signage displayed with your identity. When a client arrives to meet you at the office, they can be sent to a meeting room automatically, and you can talk to them on their mobile as you walk to greet them.

With Avaya solutions, the act of an employee booking a workspace would kick start a workflow that immediately sets up that space with all communication devices enabled and connected securely, while interacting with the building management system to ensure the environment was set to the employee’s requirements, everything from lighting to temperature to digital signage. The employee could be identified by their phone or a card ID. When they leave, the workspace can be reset for the next employee that reserves it.

Such Smart workspaces will help enterprises manage their resources more effectively, better leverage their real estate investments, and improve employee well-being and productivity. Here in Dubai, the Office of the Future starts now.

89% of Employees Apparently Don’t Care About Mobile Security

Mobile Security Avaya

IT security has a big job: keep corporate data safe in the face of motivated hackers and unaware employees. Today that job is harder than ever — employees are bringing their own devices and applications into the office every morning, and walking out the door with corporate data every night.

The intention behind Bring Your Own Device and Bring Your Own Apps is good: Employees want to be productive away from the office. No one wants to carry around two smartphones, or truck around two laptops while they’re on the road. Cloud-based work apps excel at document version control, are accessible everywhere, and help teams cut down on email as a collaboration tool.

The reality of BYOD and BYOA is more troublesome: If your company is one of the estimated 26 percent with no official BYOD policy in place, employees will load work email and work documents on their personal mobile devices anyway. If a company fails to give their employees the cloud-based apps they want, they’ll simply use the app’s consumer-grade version. Thousands of unsecured laptops and smartphones get lost or stolen every week. It’s estimated that 43 percent of U.S. companies have experienced a data breach in the last year alone.

Troubling numbers

Given that backdrop, ask yourself — how many mobile devices are out there with your company’s data on them? The answer might surprise you.

In a recent survey of more than 12,000 people, security software maker Kaspersky Lab found roughly half used personal smartphones, tablets or laptops for work, 36 percent kept work files on their personal devices, 34 percent accessed work-related email from personal devices, and somewhere between 11 to 18 percent carried around corporate passwords.

Asked about it, just 11 percent said they were seriously concerned about keeping work-related information secure on their personal mobile devices.

If your company doesn’t have formal policies in place around personal mobile devices, chances are, your corporate data is already heading home with employees each night. BYOD and BYOA are just the start— Bring Your Own Everything is on the horizon.

Embracing the present

The first step is to either build a BYOD and BYOA policy, or review your existing policies to keep them up-to-date.

Employees are already using their own devices and apps inside the workplace — in an April 2015 report, Netskope found the average organization is now using 730 cloud-based applications. If that number seems high, it may be time to audit the software your teams are using, and determine if sensitive corporate information is at risk of being lost in the cloud.

Next, give employees the secure tools they need to use the devices and apps they choose. Different teams may choose different engagement software based on their individual needs. Mandating the entire company standardize on a single, monolithic software platform or official device is unrealistic, and may encourage “shadow IT,” where teams ignore official channels and adopt the tools that work for them.

Information silos are dangerous. At best, silos hinder company engagement by preventing teams from getting the information they need to make informed decisions easily. At worst, silos force employees to kluge together a solution — for example, emailing data across the company in spreadsheets.

Breaking information silos apart is possible with software like the Avaya Engagement Development Platform, which allows companies to write custom code that either communication-enables their existing apps, or builds new apps to share data between silos.

Lastly, smart companies adopt multiple layers of security, knowing that data breaches are just as likely to come from within the company than without.  Firewalls are not enough — network access must be segmented and role-based.

In a widely-publicized data breach last year, a major U.S. retailer admitted it had lost millions of consumer credit card numbers after it gave its HVAC vendor access to wide swaths of the company’s corporate network. Hackers breached the vendor, and used their network credentials to raid the retailer’s credit card database, which was sitting in a section of the network that an HVAC company should not have been able to access.

Virtualized, software-defined networking makes role-based network access easy, reduces the size of the network’s footprint of endpoints and obscures portions of the network from hackers. Individual devices, applications and endpoints are provisioned dynamically, with network access extending and retracting as needed.

BYOD and BYOA represent the new reality for enterprises. Take proactive steps to review your company’s BYOD and BYOA policies, give employees the tools to allow this trend, share information securely between applications and gain more control over the corporate network.

Want more? Download the new Avaya white paper, “The New Rules of Engagement.”