When we talk about our physical on-premises network is rather obvious. Without it we would not have the internet as we know it. With an increasing popularity in Wireless and Internet of Things (IoT) technologies as does the increase in skillset a network engineer has to learn to support an Enterprise Network (EN). So, when we move to the cloud and all that infrastructure goes away do we need a Network Engineer (NE) and if so, what would they do? In this article I intend to go over the different skillset and focus areas for both a NE and a Cloud Engineer (CE).
The skillset to be a NE is diverse and broad. I once had a manager that came from the world of Windows Server Administration and I’ll never forget his words a few weeks into the job “I had no idea how much stuff you guys have to know…” From the office wireless to the Data Center not only do we need to know how to configure and maintain the network gear but also the behavior of all the systems, services, and applications that the network hosts.
With many organizations moving to the Cloud one common misconception I see is organizations don’t think they need a Networking professional in the cloud as all the network equipment has disappeared. In fact, most of the health checks and remediations I have done are specifically rooted to the fact that networking was not brought in when the move to the cloud was decided and planned out. The same problems that exist on prem when organizations attempt to operate without a dedicated networking professional eventually present themselves in the cloud. The most common ones noticed is a lack of network security, poor performance from inefficient traffic flows, and overall disorganization. This is where both the skills of a CE and NE come into play.
The duties of a CE are very similar to that of the on-prem network engineer. The CE are responsible for making sure that the underlying cloud infrastructure known as the Landing Zone is in place for developers to deploy applications, and systems teams to host their services. Moving to the cloud comes with the same level of maintenance and risks as on prem they are just presented in a more dynamic way. Without proper guardrails and landing zone design what typically ends up happening is applications are exposed publicly with little to no security guardrails in place.
How do the two roles differ? It really depends on the professional path the individual has taken to get into the chair of maintaining the cloud. When I hear the term Cloud Network Engineer it translates in my head to a professional whose former focus was in on-prem networking and decided to take on the challenge of learning cloud. This means all the tasks the cloud engineer can do so can the cloud network engineer. With deployment of resources being moved to automated processes it is still important to understand traffic flows and how these services will be accessed. Bringing their skills from on-prem networking to the cloud this is where the cloud network engineer comes into play. Especially when it comes to deploying applications that need to be integrated to existing on-premises systems. A generic CE will be able to maintain, govern, and deliver the cloud landing zones but may lack the necessary skillset to integrate it into the on-prem systems.
What does this mean for organizations that want to migrate some or even all their workloads and applications to a public cloud? After doing quite a few health checks and remediations for organizations of all sizes the biggest piece of advice I can give is bring in at least one seasoned cloud professional. Yes, moving to the cloud is going to provide a wide range of options for your workloads and applications that can be implemented and removed efficiently. This does not translate to a reduced work force. Before you go and remove the requirement for a networking professional ask yourself if you have a plan to move to the cloud. Do you have someone with experience in performing cloud migrations and setting up landing zones? A large majority of what I see during these health checks is people just started deploying applications and workloads in the cloud with no strategy or design for the regions in which these will be deployed. This results in runaway cloud costs (unnecessary loss of money), security vulnerabilities, and a lack of visibility into the workloads. By taking the time to establish your cloud policies, monitoring, and design you will end up saving yourself from simply having to redo it later.
Was your cloud setup properly? Do you have clear indicators and examples that show best practices and guardrails are in place? Do you have a clear report on where the money for the cloud is going? If not or you simply want to get a second opinion from an outside source give me a shout and we can talk about it!