Architecting for the Internet of Things creates a whole new ballgame for network pros.
Gartner predicts there will be more than 20 billion IoT devices in the world by 2020. About 40% of them will be deployed in the enterprise – monitoring air quality in factories, improving energy efficiency in offices, tracking assets across the supply chain, detecting equipment failures, and much more.
These devices will also be shuttling petabytes of data across thousands of IT networks, presenting new challenges in management, data governance, and compliance.
The Internet of Things is where information technology meets operations technology. Here, the data systems that keep businesses humming converge with the machines that manufacture many of the products these businesses sell. And the world of IT will never be the same.
"IoT’s future impact on data centers will be staggering," says Mike Schulz, senior principal architect at IT consultancy SPR. "The sheer volume of devices that will transmit information into a data center will continue to magnify the security, connectivity, and operational issues data centers currently face."
In other words, bridging the IT/OT divide won't be easy. Here are four essential things network professionals will need to know before they get started.
Expect complexity, lack of standards, IoT interoperability challenges
When large organizations adopt IoT, the number of devices network engineers must manage can increase by several orders of magnitude, as can the amount of data passing across the network.
"Instead of 100 devices connecting at one place, you're going to have 100,000 of them, each of them demanding a tiny amount of data but requiring thousands of open, lossy network connections," says Zachary Crockett, CTO for Particle, an IoT platform provider.
These devices in turn could be leveraging any one of thousands of connectivity protocols currently in the wild, most of them proprietary, says Jason Shepherd, CTO of IoT and edge computing for Dell Technologies.
"There is way too much fragmentation out there right now," Shepherd says. "Some people like to think there will be one magical standard IoT protocol to rule the world. That's never going to happen. And the closer you get to the device edge, the more operating systems, hardware, and programming languages you see.”
IoT devices also rely on a variety of wireless protocols not usually found in data centers, from ZigBee and LoRA to newly hatched standards such as LTE category M1 and NB1. The combination of proprietary technology and not-fully-baked communications protocols will lead to some strange errors, says Crockett.
"A software developer who's been pulled into an IoT project to write the embedded firmware might say 'I'm going to send this kind of message and support this kind of response,'" he says. "But there will be 50 different kinds of responses they didn't think of that will cause the device to error out and reboot. Folks on the network side are going to see errors they haven't seen before, and they'll see a great diversity of them. And many might mistake these errors for an attack, when it's really just a device misbehaving."
Open-source projects such as The Linux Foundation's EdgeX Foundry, which allow disparate IoT devices and applications to interact via standard APIs regardless of OS or hardware, should help solve some interoperability issues, notes Shepherd. Devices and applications that take advantage of EdgeX framework are just starting to appear; the project plans to launch a certification program for EdgeX compliant components by next April.
Prepare for a migration to edge computing
When it comes to IoT, latency is the enemy. With thousands of devices spread across offices, factories, hospitals, and remote locations, more and more data and computing resources will reside on the edges of the network.
"I always say, 'I don't care how fast your network is, you don't deploy your car's airbag from the cloud,'" says Shepherd. "Similarly, if I'm an operations person who needs real-time control over a manufacturing line, I want to move computing for process control and quality as close as feasible to the line, so I'm not relying on a wide-area network to respond."
By 2022, Gartner estimates that 75% of all enterprise data will be generated and processed on the network's edge. And that raises a host of new data governance issues.
Determining which data stays on the edge and what travels across the network can be complicated, says Kimberly Clavin, vice president of engineering for Pillar Technology, which designs IoT solutions for the automotive, healthcare, and retail industries.
Network admins may find themselves negotiating with their organization's application developers, operations pros, and analytics teams over what lives where, she says.
"You don't want all the data dumped onto the network," Clavin says. "You need to determine how much data you need in order to analyze it accurately, and whether you do it on the device, at the edge, or on the network. Admins need to have the power and knowledge to say, 'Whoa, this is too much, there's a better way to do this so that everyone can play on our network'."
Understand the importance of IoT security practices
When a hospital adds automated insulin dispensers to its network, or a nuclear power plant uses using embedded sensors to measure radiation levels, security really can be a matter of life and death.
Yet IoT devices are often the most vulnerable systems on your network, says Aditya Gupta, CEO of Attify, which offers penetration testing and training in IoT security.
"They're more prone to attacks because they're often built without security in mind," he says. "When we perform penetration testing for organizations, we usually find 5 or 6 devices within a network that we can attack and use to pivot to other corporate assets."
Gupta advises network pros to segregate IoT devices to prevent attacks from spreading, perform traffic and radio analyses to see what kinds of data they're transmitting, and implement automated firmware updates. He also recommends they educate themselves about the types and techniques of attacks.
"If I had a networking background, I'd want to learn about firmware internals, how hardware communication protocols work, how to sniff radio signals, and how to use mobile apps to reverse APIs," he says. "The learning curve is steep, which is why we decided to create these courses for mastering IoT security."
Expect to get your hands dirty
Network professionals who need to get up to speed on IoT have several other options. Universities like Stanford and MIT offer bootcamps and professional development courses in the intricacies of IoT. Vendors such as Bosch, Cisco, and Microsoft offer IoT training specific to their products.
Look for conferences and meetups sponsored by industry-specific organizations, suggests Srivatsan Rajagopal, CTO of ioTium, an industrial IoT startup. For example, the annual conference of the Building Owners and Manager's Association (BOMA) offers sessions on how IoT powers smart buildings; the OPC Foundation hosts working groups focused on industrial interoperability standards.
But the best way to learn may be by diving in and getting your hands dirty, says Clavin.
"I would come up with some small pilot that you could segment from the main network and start from there," she says. "But I would also not be scared to realize that you need help from people who specialize in this kind of thing."
The most important thing is a willingness to shed expectations about how IT systems normally operate, and to keep an open mind, says Crockett.
"There is no silver bullet as far as any training you can get today," he says. "The folks who will succeed have an open and curious mindset about learning stuff that is fundamentally new and very different than what they've done for the past couple of decades. Even the most knowledgeable people won't get this right the first time they build something."