Posted on Apr 7th, 2015 by Reuven Harrison

We're currently experiencing a paradigm shift that is redefining networking and IT security. Infrastructure trends such as Software-Defined Networking (SDN), Virtualization and the Cloud are rapidly being adopted by enterprises recognizing the potential efficiency and cost gains.

I am noticing a recurring mistake that is made by many CIOs and executives – they expect their business to quickly be moved over to the new infrastructure and to start seeing the return on investment.

They decide on a strategic initiative to invest in the new platforms and all seems to go well until it reaches the operations teams.

This is when the challenge emerges: business applications and processes that have been working for many years on top of traditional IT need to be moved to the new platform and this turns out not to be so simple.

Typical problems that arise are platforms that cannot be migrated, nonexistent documentation, unexpected dependencies, business processes that no longer make sense and avoiding business disruptions during the migration process.

The underlying assumption is that established processes and applications are abstracted from their surrounding environment and underlying infrastructure, however, this is far from true. Most of them, especially ones that serve the core business, are tailored to match their environment and the infrastructure that they were built upon: business requirements, organizational structure, adjacent business processes and IT infrastructure such as servers, databases, networks and firewalls - all interdependent in intricate ways that executive management could not predict.

Migrating to the new platforms is a major undertaking, so much so that a viable alternative eventually emerges - creating things from scratch: new applications, new processes, new functions, etc.

Obviously, creating everything from scratch is not an easy alternative either. The same applies to other IT services such as networking and security – do they automatically improve once they are based on an modern platform such as SDN or a virtual data center?

Unfortunately not.

Migrating traditional security policies, tools and processes to a modern platform is difficult, if not impossible, and will probably fail to deliver the desired benefits.

On the other hand, creating new security policies and processes for an SDN platform is also difficult.

So here's my point:

Deploying new platforms such as Software Defined Networking, Virtualization and Cloud is the right way to go but it does not guarantee any gains automatically.

A lot of extra work needs to happen before the benefits are seen – it's a complex transition that will likely take years for the large enterprises.

I recommend to think of Software Defined Networking, Virtualization and Cloud as a foundation for improvement rather than as an end goal and to plan the transition with this in mind. Enterprises that intend to adopt modern IT and vendors who are providing these solutions must focus on the business applications that these platforms can enable rather than platforms themselves.