Finally, remember the information technology field has always gone through cycles. Movements toward decentralization have always followed mass movements toward centralization. While most business leaders focus on “best common practices” or “doing what everyone else is doing,” there is always room for innovation in the real world, and innovation often means at least a little bit different.
Chapter Review
This chapter was all about cloud computing, beginning with differentiating between public and private cloud, on-premises, off-premises, and the different kinds of services offered by public clouds. While new as a Service offerings are invented every day (it seems), so you cannot know every cloud model, network engineers should be at least familiar with SaaS, PaaS, and IaaS.
Cloud resilience and connectivity were covered next.
Connecting to cloud services will always fall to network engineers.
Three case studies then illustrated different cloud deployment models: hybrid, multi-cloud, public cloud-native, and private cloud. These examples showed how network engineers and application developers must work together to create the best possible user experience. Choosing between public and private clouds is a matter of correctly assessing the strengths and weaknesses of each option for each application or use case— combined with a strong dose of the corporate culture.
Finally, this chapter considered the real-world implications of cloud computing on network engineers.
The book’s next part moves from services to security, beginning with a taxonomy of security concepts related to network engineering. The security section also considers privacy—one of the least thought about and yet important topics in information technology.
One key to doing well on the exams is to perform repetitive spaced review sessions. Review this chapter’s material using either the tools in the book or interactive tools for the same material found on the book’s companion website. Refer to the online Appendix D, “Study Planner,” element for more details.
Table 17-4 outlines the key review elements and where you can find them. To better track your study progress, record when you completed these activities in the second column.
Table 17-4 Chapter Review Tracking
Review All the Key Topics
Table 17-5 lists the key topics for this chapter.
Table 17-5 Key Topics for Chapter 17
Key Terms You Should Know
Key terms in this chapter include
Concepts and Actions
Review the concepts considered in this chapter using Table 17- 6. You can cover the right side of this table and describe each concept or action in your own words to verify your understanding.
Table 17-6 Concepts and Actions
Network engineers who believe their network will never be attacked or breached are wrong.
“But my network is too small for anyone to care!” No, it is not.
Every network carries private information. There is an attacker out there who is interested in the data on your network.
Rather than assuming nothing can or will go wrong, assume
• Your network will be attacked at some point in the future, causing services to be unreachable or unusable.
• Your network will be breached at some point, and the attacker will threaten to either destroy critical data or release it publicly.
Against these threats, you can
• Reduce the impact of attacks through planning. It is much easier to execute an existing plan (no matter how imperfect) than it is to create a plan on the fly in the middle of an attack.
• Reduce the odds your network will be attacked (or at least reduce the frequency at which your network is attacked) by presenting a harder target to the rest of the world.
Beyond believing “my network will never be attacked,” many network engineers do not take security seriously because security is hard. Engineers often feel as if they are playing one of those “whack-a-mole” arcade games. Attackers always seem to have an advantage.
Furthermore, security uses a completely different vocabulary.
The concepts are often foreign to network engineers.
The situation is not as dire as it might seem.
Security is hard, but taking even basic steps can prevent a lot of problems. Security is one of those realms where 80% of all attacks can be solved by closing 20% of the holes in your security “shields.”
Security is hard, but you can learn the lingo. Resist the urge to reduce security to a set of real or virtual devices to install and configure. Resist the urge to “install a firewall and call it done.”
This part of the book will give you a helpful introduction to security concepts, lingo, and tools.
Chapter 18 considers basic security and privacy concepts. When you are done with Chapter 18, you should have a solid mental map of the security space. Chapter 19 discusses how attackers work, and Chapter 20 considers some of the security tools engineers use. Chapter 20 covers configuring some security tools.
The chapters in this part of the book are as follows:
Chapter 18: Security and Privacy Concepts