Stay Ahead as a Network Engineer | Develop Expertise in Policy, Programming, Diplomacy, and Security

A decade ago, the world changed for the platform team. In the past, infrastructure was made up of several siloed groups, the server team, storage team, network team, and of course the legacy team (anything with a large “I” in front of it). In the matter of a few short years, the walls came crashing down. Engineers on the storage and server team merged due to virtualization. Time sharing compute and disk sharing in the x86 world forced a rethink about the lifecycle of the platform. Networking in the data center also got pulled in. Tools like Cisco ACI and VMware NSX became part of the equation. Network teams were no longer responsible for provisioning ethernet ports for individual hardware server systems. Instead, the demarcation transitioned to the top of the rack switch. Trunk those VLANs down to the 1U server, hand the server’s network provisioning to the server team’s distributed virtualized switch, and then keep your fingers crossed they didn’t start bridging networks at L2 causing a spanning tree loop!

For the networking team, this was a small compromise which meant they could handoff, move, add, change, delete work, and focus on cool technologies like new WLAN APs, core data center switches, and of course, SDWAN. It worked until 2019 when Gartner announced a new framework to enable and secure the network edge, SASE! The next year, the pandemic put SASE into the fast lane with the rise of the branch of one. workers were kept away from their branch offices, the HQ campus, and their cubicles. Out of necessity, they transitioned to home offices, kitchen tables and even garages. SASE, a solution inclusive of SD-WAN, and a subset known as the Security Service Edge (SSE) accelerated to lightspeed! Add in zero trust, now what happened to the server and storage teams is happening again to the network and security teams.

In this new world, network and security can no longer live in silos. What does this mean for the route switch network engineer making a living on the edge of the enterprise? From someone who has led pioneering network teams, worked with startups, spent time with large networking vendors as an advisor, and earned more than enough battle scars, here are my top 5 skills for network engineers to be successful in the age of SASE/SSE.

1. Become well versed in Policy. SD-WAN brought policy-based routing to the forefront of networking. While this technology has been around for decades, it was difficult to implement, manage, and maintain via CLI. SD-WAN abstracted the complexity of the past and made policy-based routing available to even the entry level network engineer. Need to route voice over MPLS for real-time performance? Large data transfers over dedicated lines? and SaaS traffic over the internet with a failover in place in case of a black swan event? Done with a few clicks. SASE takes policy-based routing to the next level. You can now add in identity, device state, location, time of day, and security treatments such as DLP and CASB. You can even deny or allow application access based on multiple factors. What this means is the network engineer no longer is limited to packet pathing. It is now about OSI model 4-7 and now 8 (people). You must also become well-versed in security. Not just network security but device and identity security. A large part of SASE is creating, maintaining, and sunsetting policy. Policy lifecycle management. Spend time learning policy and how to run it at scale.

2. The rise of the network developer. Networking started in programming and it is moving back there. Knowing CLI and the GUI is not enough. To manage a system at scale, you must learn to program it, interact with APIs, run via CI/CD pipelines, and leverage infrastructure as code principles. Why? The network is no longer “set it and forget it”. It’s dynamic, always changing and in order to be secure, configurations must be visible. It is now a living system. I recommend python, learn programming principles, and make friends with developers. Pick their brains and learn their craft. Start small, don’t be afraid to fail and grow. For you, this will become a super weapon as you rise in your career. Start now.

3. Mind the user experience!! Networkers are often several layers removed from the employee. Often what a corporation sees as IT is the desktop engineer, or the help desk. Their role is to support IT, the staff of the company, and “delight the employee”. Good IT departments hug their customers and always keep them as the top priority when deploying new tools and maintaining endpoints. Bad user experiences lead to employee frustration, lower overall morale, and most impactful, reduce employee performance. With SASE the network engineer is now on the frontlines. Poor implementation of network and security policy will result in unhappy customers. You must develop a mindset of how will this impact the employee? Will the change slow them down? Is it balanced with requirements for increasing security? Mind the gap between the employee, the systems they access securely, and their productivity.

4. Develop your inner diplomat. Similar to the minding the user experience gap, working on your diplomacy skills will take you a long way. Soft skills are often overlooked in engineering roles. This can no longer be. Networking cannot live in a silo. For SASE to be successful within an organization it requires the network engineer to work productively with the security team, the end user compute team, operations team, as well as the identity team to name a few. Responsibilities are often shared. Learn about these teams. Learn about the technologies they support. Develop an understanding of their challenges. Offer up your challenges and work together to become more productive. It’s honestly amazing what can happen over a cup of coffee. If tensions are really high, do some team building. In the past, I would take teams with a long checked past out for an offsite event. The results were amazing. Conflicting agendas faded away as we mixed teams up and they established common goals.

5. Technology and SASE is a tool. At the end of the day, tools are one path to the end goal, the business outcome. Our companies are not in the business to run a WAN, a remote access system or a Cloud Access Security Broker (CASB). These are tools. The tools from many vendors. Find one that enables you to provide the business outcome. Your role is to support the company so it can generate revenue. Consider how you can help the company create or maintain revenue while also reducing risk. Don’t get caught up in the vendor marketing, stay focused on the business outcome you support. Will X tool help us hit our goals? How can you make your employees more productive and secure? That is the goal. Keep this mindset in front of you in your decision-making process.

Good luck on your journey to SASE.