It was once straightforward to define the WAN edge in easily contained, brick-and-mortar organizations; today, the uncertain location of mobile devices creates a WAN edge with a "fuzzy" or undefined boundary --
a boundary not hardwired to a terminal device, but connected through a wireless network to a mobile device.
While mobility can positively impact customer response, which increases revenue and reduces costs, it is a two-edged sword that can also complicate security, corporate access, application delivery and network management. IT managers are faced with attempting to balance two competing corporate objectives: absolute security and absolute mobile access. It is no wonder, then, that IT managers have been hesitant about enabling access to critical business systems over mobile devices.
Yet mobility is here to stay and is likely to become an even more powerful business dynamic in the future. Rather than investing in fixed infrastructure, such as buildings and offices, enterprises are discovering that investing in networking and computing technology that enables their employees to travel to the customer creates much tighter business relationships and better service delivery. The virtues of mobility are expressed in terms of lower overheads, quicker response time and happier customers.
What mobile networks do to the WAN edge
Nevertheless, fuzzy network edges introduce issues into the enterprise user's quality of experience (QoE). Many applications may become unusable due to connection issues across the fixed/wireless interface. Virtual private networks (VPNs), in particular, can exhibit strange behavior as the mobile device roams and experiences differing degrees of signal strength and latency. Unified communications (UC) applications can also behave unpredictably if the roaming device's connection is intermittent.
Another concern is data security. When data is transiting a network, its security is lower than when it resides in a defended storage facility. When that network is wireless, the risk increases. And when the data is stored on a mobile device, physical security is added to that. The press is filled with examples of lost laptops and smartphones compromising customer identities and proprietary data.
A critical concern that mobility introduces is a loss of endpoint control. Network management systems give IT a great deal of insight into endpoint devices in fixed and immobile networks; such tools are far less available and reliable for devices with roaming wireless connections.
While management systems may allow for examination of the state of the mobile device, the fact that a roaming device may have intermittent contact at a microsecond level may make troubleshooting user service issues problematic. In many cases, IT simply tells users that they are pretty much on their own when accessing the wireless area network (WAN) using a smartphone or wireless laptop.
Why mobility is here to stay
Yet the issues associated with mobility are not going to get easier. Imagine "always-on" mobile networks: Augmented Reality (AR) is primed to add salt to the wounds of IT managers who are already trying to grapple with smartphones and mobile laptops. AR, primarily in the form of heads-up displays (HUDs), will be available next year and will fundamentally change the access characteristics of mobile users. Currently, smartphones access the WAN intermittently, and consequently, their demands on the network are low compared with fixed devices. Once AR drives "on-all-the-time" data connections, resource demands for both applications and networks will be much higher and will tax management systems even more.
It would be nice if IT managers could simply ban mobile devices from the WAN. Yet mobility can be very good for business and will eventually redefine enterprise WAN architectures. Ultimately, it is likely that the WAN will primarily be a way for the enterprise to manage internal data transfers between applications; between fixed company locations and among data centers; and serve most users through mobile connections. So what can IT managers do?
How to manage mobile networks on the WAN
It may sound counterintuitive, but IT must relinquish control of the network edge. That is not to say that firewalls don't count anymore, but the focus will shift from the management of physical devices to the management of mobile user experience. This is especially important when many of the devices that IT is trying to manage are employee-owned. Rather than building barriers to a dynamic that will likely accelerate, IT should embrace the notion of employee-provided mobile devices, since acquiescing will reduce enterprise overheads.
Instead, IT should be concerned with session management and control. Rather than focusing on managing the network connection or the device -- where mobility makes such management problematic -- IT managers need to focus on aspects of the user experience, which include presentation, data security and performance.
Critical to user experience is the notion of designing for mobility. This means that the IT organization will need to get involved in the development of mobile applications that run on the mobile device, and which are downloaded directly from an enterprise application store by the user. The mobile application takes care of local decryption and presentation. If the device is lost or stolen, the application can be programmed to self-destruct.
Prepare your WAN for mobile device proliferation
Viewed through the filter of complexity, mobility can seem like a scourge to the IT community. However, when examined in terms of enterprise financials, mobility is an excellent way to increase employee efficiency and improve revenue generation. IT professionals will need to adopt the latter view and embrace approaches that facilitate mobility. Chief among these are designing applications for mobile access, managing data security through encryption, and managing access at a session level. Adapting the right approach will turn the fuzzy WAN edge from a headache into a way for IT to demonstrate value to the enterprise.
This was first published in August 2012