Seeing the IT Road Ahead with Riverbed

When you serve as CIO for a federal agency, there are many IT challenges. One of the most fundamental is a basic lack of network visibility. Due to the incremental way most federal agency IT networks have been constructed, there is often no clear network architecture to reference when considering important IT changes or upgrades.

I experienced this firsthand when I served as CIO of the Department of Transportation. Like many agencies, we were exploring moving enterprise applications to the cloud. We identified our MS Exchange email application as something that could be migrated to MS 365 email, hosted in the cloud.

This migration was successful. However, the lack of visibility into our network data flows – the lack of an overall IT network blueprint—caused concern in all of my DoT business units. We determined that before any more applications or IT resources could be migrated we badly needed a clear understanding of network bandwidth requirements and data flows. After all, such migrations are counter-productive if they end up degrading end user application performance.

We engaged a contractor, and through them were introduced to Riverbed networking technology. In short order, the visibility Riverbed delivered proved to be a god-send. What began as an engagement to ensure our network had enough bandwidth quickly morphed into a huge “cyber hygiene” project—one we were very lucky to have!

Working with all eight of our internal departments, we had manually compiled a list of approximately 800 network devices across the agency network. Riverbed used that list as a starting point, quickly identifying where we needed to shore up software patches and weak passwords. This would have been a big improvement in network security and application performance, even if the process had ended there.

But it actually was just getting started. Riverbed then activated their auto-discovery functionality, cataloguing all devices and the devices they were connecting to across the agency network. Within a week or two, I could see my end-to-end network architecture for the first time. And as you might expect in an agency as widespread as DoT, we identified many hitherto unknown devices on our network. 

Much of this was due to branch office self-servicing over the years. We identified a lot of consumer-grade equipment that had been “daisy-chained” onto the network over the years. This kind of shadow IT is often not enterprise grade, and it hampers strong cybersecurity. With a full catalogue of network devices in hand, I was able to remind all internal groups that there was an official change management policy to follow. And if it wasn’t, unauthorized applications would be locked out of the network.

This kind of network visibility should be mandatory for all federal agencies. Without clearly understanding where your network is today, you can’t make significant changes while minimizing risk. It enables IT leaders to start from a clean slate and identify what issues are most vital —usability, segmentation, overall network management? What began as a relatively simple project to avoid bandwidth bottlenecks ended up plugging a huge hole in our IT bucket.

This kind of IT visibility is essential for federal IT to leverage new technologies for better application performance and employee productivity. It allows you to clearly map out a game plan for major moves such as cloud migrations.

There is a well-known expression in IT: first you plan your work, then you work your plan. Riverbed allowed DoT to get our arms around our challenges and to clearly plan out a path to a better future state of IT. 

This content is made possible by our sponsor. The editorial staff of Government Executive was not involved in its preparation.

FROM OUR SPONSORS

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

    Download
  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download
  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.

    Download

When you download a report, your information may be shared with the underwriters of that document.