Network Design: Branch Office Connectivity

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Pat (00:00):
Hey everybody, welcome back to this week's edition.
Oh, breaking Down the Bites asusual.
I'm your host, pat.
You can find me on X.
See, I did at that time I didnot say Twitter.
I'm very proud of myself.

Alex (00:11):
Good job.

Pat (00:12):
Ah,

Alex (00:12):
Yep.

Pat (00:13):
You can find me on x slash Twitter@layer8packet.
That's the number eight.
Kyle, you heard his cackle inthe background.
You can find him on X as

Track 1 (00:23):
well.
Danath256.
Alex,

Pat (00:26):
we're still trying to recruit him into the X sphere.
He's not on Twitter or anysocial media, but if you have a
question for him, Hit us up,it'll get to'em.
No worries.
So, you can find the show on xslash Twitter@breakinbytespod,
right?
Go there.
And all of our socials andwhatnot are in the show notes.
So, if you join us on yourplatform of choice, come say

(00:47):
hello.
We always like the friends.
So, we are pretty active onTwitter.
That's usually the big one thatwe kind of stay active on.
So come say hello there.
That'd be awesome.
And as always if you like theshow, don't forget to subscribe
on your streaming platform ofchoice, we are on all of them,
or I would say 98% of them.
So come and hang out and makesure you tell your friends and

(01:08):
hit that like, subscribe and allthat jazz.
So we are back this week withthe trio, the Three Musketeers.
We're doing it, doing it well,Kyle, what's up man?
How are you my friend?

Kyle (01:20):
day in Paradise Living the Dream, whatever.
Yeah.

Pat (01:23):
it.
That's right.
This is the dream.
I'd hate to see the nightmare,I'll tell you that much right
now.
But that's a just differentstory.
I'll tell you what, we had somecrazy weather last night.
That thunderstorm woke me up outof asleep.
It cracked pretty good here atmy house., I'll let you do your
weather thing if you have anysort of weatherman

Kyle (01:38):
it's all you.
I was, I was letting you handleit this time.

Pat (01:41):
man.
Oh, all right.
Geez.
Gimme the hook.
My goodness.
Now we had some pretty crazythunderstorms roll through here
last night, and it was, it thatlightning was no joke and it
woke me up.
I was asleep.
So it was it cracked prettygood.
So no no meteor shower for me,for me last night.
It was the person's mediashower, meteor shower is the
last night was the best day tosee it.

(02:02):
So, maybe next year we'll seewhat happens.
But yep.
All good there, Mr.
Alex.
How are you, my friend?

Alex (02:10):
Well, I don't know if you saw some news articles recently
but Disney slash Hulu had apretty major outage yesterday,
so

Pat (02:22):
I did.

Alex (02:23):
I was up

Pat (02:23):
I saw it.
I did.
I didn't wanna bring it up,

Alex (02:26):
four in the morning dealing with that

Pat (02:29):
Oh, no.

Alex (02:30):
But outside of that, I'm fine.

Pat (02:32):
Ah, so you're a little sluggish.
I gotcha.
All right, we'll go,

Alex (02:36):
I usually do, that's why.

Pat (02:37):
we'll go easy on you.
If you hear any snoring, I'lledit it out.
It's okay.

Alex (02:41):
Yep.

Pat (02:43):
oh, look at that dedication.
He's up at three or four in themorning doing an, doing an
outage, and now he's heretalking to us bozos.
I like it.
Lemme tell you, So, I guess, sowe had an idea this morning, or
I should say the last coupledays.
It's been kind of permeating inour skulls.
We've had a couple discussionsand since we were, all three of
us are network folk we, wefigured, well, why don't we do a

(03:06):
show or couple on networkdesign, right?
So just throw in some designtopics out there, some what
we've seen out there in the wildin our experience.
What some of the best practicesare, what some other things to
tackle as far as what The likesof Cisco and a couple of the
other big networking platformsare, for their validated

(03:26):
designs.
So we figured we would startwith the well, I think we're
gonna do three over the nextcouple of weeks.
I dunno if we'll do'em bang,bang, bang, back to bang weeks.
But we'll sprinkle'em in overthe next couple of weeks.
But we went through the branchdesign, the data center design
that's on-prem data center, andthen finish up with a cloud
network design.
Those are the big three pillars,if you will, and see what kind

(03:48):
of mess we can make out of themas far as, again, What, what,
what are some best practicesfrom a design perspective what
we've seen in our environmentsover the years of our careers?
And, and just kind of give you abetter idea of what, what should
go on at, at each of these threemajor pillars and, and kind of
go from there.
So, tonight I think it makes themost sense to start with the

(04:08):
branch design, right?
The where, where the people are,right?
Bringing it to the people.
So, closest to the end user andthen we'll work our way out.
Data center on-prem, and thencloud being the last one.
I think so.
So I, I'm gonna hand it to Kylekind of see what kind of mess he
can make out of this as far asfrom a branch perspective.

(04:29):
So, I don't know, Kyle, have youI've, you've worked in mainly
education, right?
So I, and, and again, this iswhat we think kind of goes on
and what, what should go on.
And from our experience, this,this, by no means is the gospel,
but it's decent advice in whatwe've seen and some of the best
practices that are out therefrom various docs that we have
compiled all this info from.
So, I guess the first questionis Kyle you're obviously at a

(04:52):
university now which has a largefootprint as far as a couple
buildings.
How many buildings do you haveout there, Kyle, do you know?

Kyle (04:59):
actually don't.
Yeah.

Pat (05:02):
Oh my God.

Kyle (05:03):
there's a lot

Pat (05:04):
Cut.
Cut.
Start over.
Oh God.
So yeah, so I guess my questionis do I guess, do you guys treat
that as like an actual branch orlike a true campus, or do you
have like a data, I mean, I'msure you have some sort of data
center somewhere.
And do you treat individualbuildings with sort of different

(05:25):
priority depending on what theyhouse and like, what does that

Kyle (05:28):
it's basically just kind of split to the resident side
for, all the, the students andstuff like that, which is kind
of segregated off from theacademic network all the faculty
staff and stuff like that.
Are some buildings that aremixed, but for the most part
it's like, it's either anacademic space or it's a
residential space, so it makesit.

Pat (05:50):
Okay.

Kyle (05:51):
Simpler, I guess.

Pat (05:54):
Okay.

Kyle (05:54):
but the way that it's all distributed is, is pretty much
the same with fiberinterconnects from, kind of the
distribution out to the, theaccess at the end.

Pat (06:04):
Okay, interesting.
So, so from a branchperspective, right?
Say say your boss comes to youtomorrow and says, Hey, we're
gonna spin up this new building,treat it as a a branch site.
So a lot of folks, right?
You're just gonna be like asingle office, right?
And not at, not at aheadquarters or some sort of
on-prem data center or anythinglike that.

(06:25):
And, and I've seen it a coupleways.
I've seen the sites treateddifferently based off of a who
they house as far as what kindof users, right?
If you have a, if you have a abranch full of VPs and C-level
folks, that's obviously gonnaget.
More special treatment thanjust, regular workers.
Right.
may not have the amount ofpeople that the regular workers,

(06:47):
building houses, but because ofwho they are, that normally gets
special treatment.
I've seen it where they kind ofdice it up into three tiers, if
you will.
Obviously tier one being a datacenter, most of them are either
data center or like a massivelike a large call center, right?
So if your, if your bloodline isthrough the calls that you, that

(07:08):
you take, right?
That's a major a major site,tier two being like a mid-size
and then like a tier threebeing, just to use the phrase, a
small mom and pop, right?
If they, if something were tohappen on the, on with the
internet or something, theycould go home and work and, v p
n, they don't have to sit thereat that actual building.
So I've seen it like a bunch ofways.
So, so are you guys doing, or Ishould say the, the branch

(07:30):
locations It's gonna depend on abunch of things, money being one
of them, two being how muchredundancy you need as far as
what's being housed there.
So those are the two big ones Icould, I could think of, but I
think every sort of branch comeswith some sort of access layer,
right?
So ports that, kind of touch theend users, right?
They plug it into their desks,blah, blah, blah.

(07:52):
And then some sort of some sortof core layer, it seems to be in
the last couple years, they'removing to like a collapsed core,
right?
So you have the core and thedistribution together, right, to
save money, less management ofboxes, blah, blah, blah.
So we will just kind of go froma collapsed core, perspective
kind of thing.
So I, I'm guessing that's sortof where this sort of starts as
far as from a a branch design,perspective.

(08:14):
You have your core, make sureyou do your major routing there,
and then your downstream for theaccess and your wireless hangs
off the axis layer, all thatkind of stuff, right?
That makes

Kyle (08:22):
way.

Pat (08:22):
sense.

Kyle (08:23):
And then everything's got P oe now'cause that's the way to
go.
Right.
And all the access points hangoff there, all the phones and
the end users.
And that's worked out prettywell with that.
The collapsed core design, likeyou'd said.

Pat (08:38):
Yep.
So I'm guessing then thecollapse core just under the
assumption that we're under thecollapse core I'm gonna use
Cisco'cause that just seems tobe the major player in the game.
Not everyone uses Cisco, butobviously they're the elephant
in the room.
So we're gonna, we're gonna gowith that all of us have made
good livings knowing, off,knowing Cisco over our careers.
So that's what we're gonna stickwith.

(08:59):
But Alex, you and I were back atEvolve IP in the days of the big
6,500 bad boys, those chassis.
And so that, I just, I'm curiousthen, I'm guessing the 65
hundreds are no longer at leastat least the most places I've
been there.

Alex (09:13):
yeah, they still have those you're probably not in the
right

Pat (09:18):
in trouble.
Yeah, they're in trouble.
So a lot of'em moved to again,this is more of a data center
thing.
We won't go too far into it, butI've seen a lot of places that
have the Catalyst 95 hundredsfor cores, right.
Or 96 something of that layer.
So they've replaced, I thinksome of the old school stuff
like 37 fifties and, stuff thatwe're used to.
That's kind of in the new breadof the the 95 and 96 hundreds.

Alex (09:41):
Yeah.
I mean, it's pretty much the9,000 lines and there's so many
different models within there tofind what you need.
But for the most part, mostpart, it's the 9,000 line.
That's your core device.
That's where you're having yourfirst routing being done, so you
have your SPIs there typically.
And the access layer,surprisingly enough, they

(10:05):
haven't changed the model numberin like 20 years and it's still
the 29 sixties, which seemed tobe like the defacto.
Access layer switch and they mayeven have a 9,000 line that they
actually tout as being an axislayer switch.
But yeah, you'll still see the2,900 series switches and would

(10:25):
imagine that's gotta be likehalf of every of all the
branches out there probably usethat type of setup.
I guess on the flip side too,for branch offices, and I mean
you did a whole episode on this,you could really start talking
about SD-WAN and Meraki

Pat (10:43):
sure.

Alex (10:43):
and I mean, I don't, I'm not in this kind of field right
now as much as say you guyswould be like financials and
education.
I'm more in the data center.
But I mean at this point is man,if you talk to Cisco, they're
probably pushing you towards theMeraki point at AT, at right

(11:03):
now.
If you're setting up a branch,are they throwing some type of
Meraki SD-WAN device and aMeraki switch?

Pat (11:11):
Yeah.
Yeah.
Yeah.
I, I could see how they do that.
I do think they want to try tomerge some of that as far as the
the Meraki side of things andthe the older Cisco stuff.
Right.
I don't know how much they wannastep on each other's toes'cause
they have that weird, like,every, every team has a, has
their own product.
They don't wanna step on otherteams sort of thing.

(11:33):
Which is kind of weird sincewe're all under one umbrella,
but I get it.
We so I've seen a, a coupleplaces that have, or I've been
at a couple places that haveMeraki either for their, like
really small offices, say like,less than, 10 people.
Right.
And they're just doing wifi.
There's no switch there oranything.
It's just a Meraki an MXwhatever.
That does their their, theirauto V P N and gets you back to

(11:55):
a data center, blah, blah, blah.
That, that seems to be prettystraightforward.
Simple enough.
It's cheap, right?
Spin up an office and, you're,you're up in no time sort of
thing.
The Meraki switch stuff, I, I,I've used it once or twice in
various places.
They're nice.
The gooey is always nice, right?
You're not fumbling through a CL I and and it has all the bells
and whistles that that some ofthe Cisco stuff does.

(12:17):
But I guess it's, I dunno ifit's preference, but it just
depends on what you need.
But yeah, I would say, I wouldsay the Meraki is getting more
Noise, I guess in the, in thebranch space, then maybe some of
the some of the 9,000 stuff.
'cause yeah, you almost have tojustify the price of a 9,000
line, whatever that is.

(12:37):
To really say, okay, look, thesix people that work outta that
office really need that.
Like, that's just usually notthe case.
So, no, I, I would say that'sprobably fair that they're
starting to kind of bleed thatway at least.

Alex (12:49):
Yeah, I think the 9,000 line might be starting to get
into like, all right, you're,you're almost at data center
level where maybe not quite whatwe would define as data center
level,

Pat (13:03):
yeah.
Or maybe a call center, right.
Call center with phones comingin, that kind of thing.
A hundred people plus,

Alex (13:11):
But also has like a little mini data center.
And by that I mean you mighthave a, like a room with four or
five racks in it that actuallyservices something maybe that
then you can throw some stuff inthere.

Pat (13:21):
A local like domain controller, stuff like that

Alex (13:23):
Stuff that

Pat (13:24):
that probably makes most sense.

Alex (13:26):
Okay.
And I guess a question I hadbefore we even go a little bit
further,'cause I mean we werealready starting to get in the
weeds a little bit with modelnumbers and things like that.
I did just wanna come right andask you though when you say
branch network,'cause we'regonna talk about data center
network design as one of thesefollow up podcast.

(13:47):
So I'll just stick with thosetwo.
'cause those are, the, the twoobvious ones.
What do you think are really thekey differences between.
Data center and branch, I mean,right from the, the rip of this
episode you said where the, theusers are.
So where the, I would say wherethe, like the employees are is
the branch office, but how elsewould you define a branch

(14:10):
network and how is it differentthan, the data center network?
Close,

Pat (14:17):
Yeah, it's an interesting one.
I would probably say the branchis obviously where people go and
there's, there's cubicles andpeople sit and, do their, do
their tasks and whateverthey're, their applications that
they work on whatever it iswhere they access it from, blah,
blah, blah.
And then I would say the datacenter is technically where
those apps are hosted.
Like where they're actuallypulling, where those end users

(14:39):
are pulling that, that app from.
Now again, a lot of that ismoving towards the, the cloud
and that, it kind of blurs theline and I guess it really has
to make a It, it's really abusiness decision of like, do we
really put all this stuff into abrick and mortar data center?
Sink all that money into itrather than just moving it to
the cloud.
But I, to me, I think I've saidthis before, I think you, I

(15:00):
think you run your applicationswhere they make sense to, right?
So, moving a lot of it to thecloud makes sense.
'cause, well, the cloud is veryagile in that, in that aspect,
and you can, pretty much spinthings up almost instantaneously
rather than waiting for, aserver and then somebody to
configure it and VMware and allthat kind of stuff.
But there again, people that areusing as four hundreds for a

(15:21):
data for a billing platform,you're not gonna stick that into
a cloud.
There's no way.
So, I I would say you run yourapps where it makes sense.
So yeah, end users branches are,where the, in, where, where
they're actually sitting,getting their work done.
Data centers where the actualapps that those people are
using, that's where they'rehoused.
So the, obviously the redundancyand different VM farms and

(15:42):
things of that nature anddisaster recovery and all that
kind of stuff comes into playwith the actual data center
fabric.

Alex (15:47):
Yeah.
And I'd probably even go alittle further and say not only
the apps that they use, butmaybe like the company's
product.
So in other words, like, it'sprobably a little harder with
like education and financials,but like, certainly with like
Disney the office that I workout of, if that were to lose
power, it's not like you're notgonna be able to access

Kyle (16:09):
Hmm.

Pat (16:10):
Sure.

Alex (16:10):
so it's like complete segregation, nothing production
is going to go down.
If a branch office goes down,your employees might have
difficulty working, but yourproduct's not gonna go down.
I guess the other question, it'snot really a question.
It's I guess more like of astatement and something that
people should be aware of isbecause your product isn't in

(16:34):
branch office.
think there's a lot of thingsthat just fundamentally change.
you really have to justify costbecause you can take more risk.
I mean, if your employees can'twork for one hour at a time,
five, six times a year, that'sprobably a risk.

(16:57):
That is something you can handleand you can save yourself
millions of dollars in hardwareby accepting some lower end
stuff and lower endconnectivity.
Whereas, if Netflix went downfor an hour every other month,
it'd be hell to pay.

Kyle (17:16):
Be a problem.

Pat (17:16):
right.

Alex (17:18):
So I think because of that the design methodologies
methodology has to change alittle bit.
So we'll talk about it more withthe data center networks.
But in this case, I think youneed, you want some redundancy,
but now instead of dedicatedcircuits to data centers, you're
talking about maybe just plainbusiness internet circuits, do

(17:43):
an SSD wan over'em.
You have two of'em.
If one dies, you're fine.
If two die and you get unlucky,like I said, hope that they
restore one of'em before toolong.

Pat (17:56):
that's it.
Yeah.
I'm curious on that to kind ofsee what that branch sort, and
again, a lot of it comes down toOkay.
Again, who's sitting there?
What kind of redundancy do theyneed, right?
Because if you're redundant,you're getting two of
everything, right?
And that just, that just drivescosts up.
But there again, if people aredead in the water, how much
money are you losing by thosepeople being dead in the water?

(18:17):
That's the that's the trade offto that, right?
So, most places have redundantinternet, like Alex said, just a
a, a business internet, right?
There's no need for like metro Eor or M P L S or one of those
high cost high cost circuits,right?
You just do, you just do a, a, abroadband business class,
internet and, stick'em intosomething like an SD-wan, that

(18:37):
kind of thing.
And that's more into the windconversation.
Maybe that Probably a littlemore fitted for data center when
we get there.
But, from a land perspective,I've seen it all the way from
the board of, okay, just asingle, single switch or maybe,
two switches in a stack, if youwill, and an a s a or some sort
of firewall at the edge and, andthat's it.
Well, then at, at that pointthen it's, that's the cheapest

(18:59):
you could get at that point, andthat's what you want then.
That's, that's fine.
Kind of a, kind of piggybackingoff of what Alex said, I, there
was a time where I had a we, wehad a customer that was was a
government agency and and they,they had a, was I can't, I can't
remember if it was a Cogent orComcast or some, some reputable.

(19:20):
Internet that came into theirbuilding and everything sat like
their data center was in thatbuilding, like where their
people worked.
And like I would say at leastonce a month, Comcast cut a
fiber, cut it underground fiberor cogent, whatever it was, the
I s p, cut it underground fiberand took out the entire
building.
They were dead in the water andnobody could work across the
whole, across the whole city.

(19:40):
And I was just like, what are wedoing?
Like what?
Move that into a data center andthen just make that thing a
branch and they can go home andV P N N just be done with it.
I've seen, and I've seen, placesthat I.
Have all the way, the redundantall the way through, everything
from, from firewalls all the waydown to the axis and into 93

(20:00):
hundreds or whatever they werestacked all, eight, eight in a
row stacked all together and itwas redundant and, blah, blah,
blah, all the way through.
So like, I've seen the wholegamut and it's just, I think it
just comes down to how importantare your users that are sitting
at that particular office andwhat's the damage if they're
down and, and can they, can theyreroute, sort of thing.
So it really depends on, thatalmost it comes, it always comes

(20:23):
down to money, right?
They all, all the bean counterswant to know is how much money
it's gonna cost me, right?
And so it's just, that's usuallythe way the way it is.
So, but yeah, I, I would say, anaccess a collapsed core and
internet or two Yeah.
And basically like Alex said,some sort of SD-wan probably is
the, is the flavor that we're inright now as far as the network

(20:43):
space is probably the mostpopular flavor now.
Maybe three or four years ago,SD-WAN wasn't as popular as it
is now.
You're probably into someoutside firewall and they were
paired and, one failed and itall, yeah, yeah, one failed and
it automatically failed over andblah, blah, blah.
Now in the SD-WAN world, I thinkthat got a lot simpler.
But it's, it, it is aninteresting time to see where

(21:05):
that trans, that transitionhappens.

Alex (21:07):
right.
I think the other thing worthnoting for remote branches and,
and the shift to SSD WAN is aretrying to be much more
user-friendly.
Like, I feel like with any ofthese SD-wan, I mean, just the
fact that they've transitionedover into a.
And like a SCU in most of thesituations, which means you
don't even have to worry aboutspinning up a VM to run this,

(21:29):
like you're running in thecloud.
Things do Z T P, the zero touchprovisioning where you just plug
it into something that gets D HC P and internet access and this
thing will call home.

Pat (21:38):
And it knows where to go.
Yeah.

Kyle (21:40):
That's crazy.

Alex (21:40):
So, and I think the, the reason for that is they wanna
get to the point where a branchoffice is not only the
delineation of like productionappliances, production
applications, but also thedelineation of IT staff.
I mean, like, you don't have tohouse much of an IT staff
anymore.

(22:01):
Maybe you have like one or twoguys that can go around and
handle wireless issues, but you,you don't need somebody
provision switches and firewallsanymore.
They just need somebody that hasenough sense to rack an SD-WAN
appliance and probably a, awireless controller and some

(22:21):
aps.
I guess we hadn't even talkedabout that.
That's another thing that Idon't get involved with at all
anymore because I don't handleany of the corporate offices.
But that's probably the, a hugetechnology that you really see
it in branching campus officesall the time, and it's huge.
And that's anything related towireless, and I don't know what
you guys are doing today.

(22:42):
I guess start with you, pat.
Are you responsible at all forlike, or maybe you are entirely
like the, the corporate branchoffices, like we're tellers are
sitting Or is that a differentteam?

Pat (22:54):
Well, it, it technically falls under a different team,
but I think where the stickypoint is, is what they access
falls back to something in adata center, which is what I'm
responsible for, So it alwaysseems to be a, like, it always
seems to land with me at somepoint or another.
So the correct answer is no, I'mnot responsible for, but then

(23:15):
what ends up happening is yes, Iend up being responsible for it
So, but yeah, we're, we're, likeI said, we're, we're a very
heavy Cisco shop where I'm at.
So pretty much Cisco, everythingthat you can ever imagine or
think of is where, is where mybread is, is buttered.
But I've been places wherethey've used you, Cisco Light,

(23:35):
which is, the Meraki we stuff wetalked about.
I've been there arrow Hive,which I think is now part of
Extreme, if I'm not mistaken.
It was under Dell I think at onepoint, but they, they've changed
names a couple times, but arrowHive aps, which, which I liked.
I thought Arrow Hive was halfdecent.
It had that zero touch feel toit.
The SaaS platform.
We didn't have to host it.
We didn't have to host the GUIon the backend.

(23:57):
It was all in Arrow.
Hi.
It was all basically hosted inArrow Hive, which was nice.
So, that, that's probablysomething I would hang my hat on
Again, I haven't used it in acouple years, but I, I, I kind
of doubt it's gotten worse.
I, I, I would imagine it's onlygotten better so, that kind of
thing.
But yeah, we're, we're prettymuch, just for, for the whole
thing.
So, we try to stay out of theday-to-day operations of things,

(24:17):
at least my team does.
But we end up getting pulled inquite a bit just because we, we,
we have that same issue of,okay, we built it, so now we own
it all the way through There'sno actual like, handoff to an
actual ops team.
It's, oh, well you built this,you know the most about it, so
when it breaks it's yours.
It's like, that's not really theway it's supposed to be.

(24:37):
but, but I digress.
But no, I, it's, it's, we prettymuch own everything.
And, and from a designperspective architect
perspective, you have to bethinking of.
All, all the stuff and all thethings at all times.
So that does, that comes intoplay.
So, but yeah a lot.
Yeah, we do a lot of wirelessobviously guest wireless
throughout the branch,throughout the bank and

(24:58):
corporate, wirelessauthentication, the whole deal.
It, it all falls to, the, the,the 50,000 foot view all falls
to us.
So, yeah.

Alex (25:05):
Okay.
Yeah.
And that's another trend thatI'm seeing in branch offices
right now with the, just sudden,I wouldn't say sudden just the
consistent improvements withwireless and wireless aps, but
I'm actually starting to seeaccess, physical access, which
is kind of go away a at like, inthe office that I work at again

(25:26):
I don't think 75% of the deskseven have like a physical check,
like everyone is just connectingto an S S I D and, and yeah,
because of that, that's kindalike the new trends.
Like if you want to support abranch office, you need to.
Kinda understand the wirelessap, but again, we're talking
about GUIs and SaaSapplications, so they're

(25:47):
probably making it pretty simpleon you.
But yeah, that's what I'mseeing.
What, what about you, Kyle?
Are you doing the, are youresponsible for just end users
roaming the campus and gettingconnected online via access
points that falls under

Kyle (26:06):
all, I don't know, 3000 some.
That we have just strewn aboutin the residence halls and the
academic labs and stuff likethat.
I haven't really seen any fail,so that's been nice.
But yeah as we get'em, as we get'em installed and stuff like
that, they just they just getrolled into me and become part
of my possibility.

Alex (26:27):
So how do they work?
Well, I guess you're not anytrade secrets that you can't
release, but what are you usingas

Kyle (26:34):
We're an extreme shop,

Alex (26:37):
Still

Kyle (26:37):
so, it's pretty nice.
Just basic controller,everything gets tunneled back
and do your separate networkingfor everything like that, guest
networks and stuff like that forvisiting yada yada yada.
But works well.
Keep everything separated.

Alex (26:55):
And that's probably like 75% of your troubleshooting is
people saying wifi doesn't work.
Right.

Pat (27:01):
Yeah, that's an interesting one.
I'm, I'm also interested in,Well there's two things I'm
interested in.
I'll hit the first one I'minterested in, like, in, in the
way that you just mentioned,access switches going away, I'm
seeing a lot of like desk phonesgo away'cause everyone's now on
a soft phone or a soft

Alex (27:19):
Oh yeah.
I mean, that's another goodpoint about branches that

Pat (27:22):
yeah.

Alex (27:23):
just phone systems and call centers, setups and yeah.
Last two jobs.
Yeah.
We, we, we didn't do phones.
Yeah.
It was all slack and teamscalls, so yeah.
That's another transition.
And Kyle, you're still doingphysical phones, right?
Well, you, I think, yeah.
You're still doing Cisco phonesand, man, that's been so long

(27:46):
since I did anything like that.
Do you, are you running your ownlike Cisco?
What do they even call it?

Kyle (27:55):
Yeah, the,

Pat (27:56):
manager.

Kyle (27:57):
yep.

Alex (27:57):
manager.
That's what I was thinking of.
Call manager.
So you

Kyle (28:00):
Yeah, we host that all in house

Alex (28:02):
Okay.
I don't know you Yeah, I wasnever huge fan of that.
Okay.
Well, yeah.
That, that's interesting.
And you're not seeing atransition to just like a, a
soft client on a, a laptop.
People who just like theirphysical phones.

Kyle (28:20):
people love the phone.
Other end users are like, I'dlike it on my laptop or on my
cell phone or whatever, but give'em the option.
Kind of deal like that.
And everybody's happy.
You'd be surprised how happypeople are not when their phone
does not work.
I'm like thinking I don't evenwanna talk to anybody, so,

Pat (28:39):
I will say this, I have a desk, well, I, I work mainly
remote, but I do have a desk.
Not that I'm there a whole lot,probably once a month, but there
is a physical phone on my desk.
But I also have it tied to mysoft phone.
That Jabber obviously, or CiscoShop But my Jabber is almost
never up and running, and so itactually goes to my work phone.

(28:59):
It's tied.
So my, my so once my Jabberphone, soft phone rings, it
rings my work phone as well.
And I'm gonna be honest, if Idon't recognize the number, it
doesn't get picked up.
It's just, Like, look, you wannaget ahold of me, chat me on
teams or something.
But other than that, like, it'sprobably a sales call that I
don't have any power to say yesor no to.
Anyway, so so go away with yournonsense is basically what I'm

(29:22):
saying.
like, but no, that's somethingas far as from a branch
perspective, for those that arerely on hard phones, right?
So I, in today's world it's kindof hard to, outside of like an
actual phone for like nine oneone, right?
You gotta tie it to your local 91 1 dispatcher, they have to
know where you're coming from,right?
That sort of thing.

(29:42):
I don't really know of anybodythat, I should say that I don't
know of anybody, but I can'tthink of an actual industry that
says, oh my, I need a hard phoneon my desk because X Right?
That sort of thing.
So, but you know, years ago,when When Alex and I worked at
Evolv and their bread and butterwas voice, right?
We did the whole, voice vlan andq o s and all that kind of stuff

(30:04):
tied, wrapped around all thosephones and all, all that kind of
stuff.
So if that's something that isstill needed from a business
perspective, a hard phone, thenyou know, that those sorts of
things have to be, accounted forfrom a, from an access layer,
perspective Q o s and p o e wasanother one you mentioned, Kyle,
things of that nature.
But yeah, that's, that's also aninteresting sort of topic or

(30:24):
dynamic of physical phones are,are starting to go away, at
least to a degree.
And people move into a softphone or in Alex's case, slack
and teams is is the big is thebig boy in the room there?

Alex (30:37):
Yeah, I guess with everyone working from home too,
just I guess less of a focus onbranch offices.
Offices in, in general.

Pat (30:44):
Yeah.

Alex (30:45):
I would imagine the last three, four years haven't been
nice for the Meraki lineup.

Pat (30:52):
Yeah.
I would imagine so.
Yes.
I would imagine so.
But we do that here at the, atthe bank.
Like I have I have a Meraki APat the house right here.
It just basically ties into myinternet and gets its own ip.
And I don't have to use V P n, Idon't have to use a V P N client
at all.
Like, I, I, it's like my houseis a branch, which is great So,
but yeah, my, my work laptopties right to the S S I D that

(31:15):
my work, that the Meraki pumpsout and bam, I'm anywhere I want
to go right on, right on thenetwork.
I don't have to feel fool withnothing, which is nice.
Yeah.

Alex (31:25):
And maybe that's another topic we can kind of shift to a
little bit.
'cause again, it's completelydifferent branch versus data
center.
With data center, you're reallynot too concerned about somebody
physically plugging into aswitch.
Doesn't mean you're sitting inlike a locked data center
somewhere.
Someone's not just gonna show upand plug into it.
So there's a whole differentsecurity posture when you're
talking about branch offices andcertainly situations where you

(31:48):
have like a customer walk in.
I think that's another reasonwhy.
Wireless setups are more andmore popular'cause there's some
just native security solutionsthat you get with a wireless
solution that you don't, withyour typical switch.
And we can talk about itlike.one QX on switches, but

(32:09):
when it comes to wireless accesspoints, authenticating an access
point is something that, we'vebeen doing for 30 years.
So already there's one form ofsecurity that you don't have
from someone just, bringing in alaptop or bringing in some
device and plugging into a, anaccess port.
So it's like you have toauthenticate to the access

(32:32):
point.
And then from there it's not toodifficult really to tie.
And, and maybe Kyle, you eventalk about this if you guys have
this set up, but once youauthenticate, it's not too hard
to have these wireless landcontrollers talk back to AD and
then figure out What s ss i dshould be on or what particular

(32:54):
networks you should access andso on.
And so these are things that arejust kind of like built in
without too much more, like youdon't need some$50,000 win
wireless land controller thatdoes these sorts of features.
And it's something that ispretty intuitive.
Whereas if you're trying to dothis stuff on Cisco switches or
any switches and it startsgetting a a little bit more

(33:17):
difficult.
So I guess I'll stop there.
And go back to the moredifficult like switch security
stuff.
Do you guys do anything rightnow?
And, and maybe the answer is no,but if you guys actually have
physical ports like that peoplecould plug into at a branch, do
you guys do anything today toprevent them from plugging in,

(33:40):
their Their own little Walmarteight port switch or because

Pat (33:46):
Okay, Kyle.

Alex (33:47):
start talking about like Mac security and all kinds of
other things that you

Kyle (33:50):
Well, like, B P T or B P D U Guard and stuff like that we
have is you just, you plug anykind of crap in and it's just
like shuts the port off.

Alex (33:58):
Sure.

Kyle (33:59):
that's probably one of the biggest things, you always get
the call like, well, I pluggedmy crap in and it doesn't work
anymore.
And you're like, Hmm, right.
Yeah, I'm gonna come over thereand confiscate that for a man.
It's mine now.

Pat (34:11):
That's right.

Alex (34:13):
Okay.
Well, yeah, that, that's a,that's a decent one.
Can't plug a switch in.
And I know, pat, maybe thisisn't technically your domain,
so maybe this is at the pointwhere you don't know exactly
what the security posture is,but I'll let you try to answer
anyway.

Pat (34:28):
Yeah obviously being a bank and, and the security controls
wrapped around that due to ouraudits and, fed and all that
kind of stuff.
Yeah, we, we do we are a we douse a a knack, right?
A network network accesscontrol.
Obviously there's no secretwe're a Cisco shop shops or
we're using Cisco ice, right?
That sort of thing.
So, there's a lot of Cisco icethat goes on in my, in my place,
and sometimes it causes a littlemore trouble than, than what

(34:51):
it's worth, that kind of thing.
But it does exist and it isquite it is quite useful.
I, I don't have a whole lot ofexperience with the Cisco ICE
stuff, just'cause I, like, I'veonly used it at one or two other
places before I got here.
And again, it was just more oflike a, I had logins, but I, it
was just more fortroubleshooting purposes and not
for, hey, go spin this policyup, that kind of thing.

(35:12):
So, but yeah.
Cisco ice, everybody getsauthenticated no matter where
you're at user whether it's plugit in, whether it's on, on wifi,
you're all, it all flows throughICE to make sure that you are,
who you are, that sort of thing.
And then also we, we got thewhole gamut, right?
So the, the B P U guard, thespanning tree root guard, all
that kind of stuff is on there.

(35:32):
And then also Alex, youmentioned the Max security.
Yeah, we're, we're, we have MaxSecurity on there as well.
So that kind of, it all jivestogether from a, from a security
perspective.
So, not to say that there, thatit's, it's perfect.
It does, some of that stuff doeskind of step on each other time
and time again, so you gottakind of go digging.
But otherwise now it works, itworks pretty well.

(35:53):
But yeah, there's everythingfacing a user report has layers
of security on it,

Alex (35:59):
Yeah, and that's probably the stuff most network engineers
are familiar with, like B D P UGuard well you don't even need
root guard do B D P U Guard andthen max Security, and I mean,
we could go even a littlefurther into that, but don't
really have to.
But pretty common to just putlike, a limit of two Mac
addresses.

(36:19):
So if like you're piggybackingoff a phone, you get your phone
and one machine off of it, butyou can't hang a, a hub that
won't even send

Kyle (36:26):
Hub

Alex (36:26):
BDPs, gotta have'em somewhere.
And people still have hubs.
There's gotta be some guy thatlike worked in it in the
nineties that's got a, a hubbomb somewhere, Plug

Pat (36:37):
Yeah, probably.
Yeah.

Alex (36:39):
the brick, the network.

Pat (36:40):
I've been at, I've been at places where people just sitting
in pods, not really like

Alex (36:47):
Oh yeah.

Pat (36:48):
the wall sort of thing.
Just in pods in the middle ofthe room.
Then the pole coming down,feeding those pods only had four
ports and they added a fifthperson.
You're like, oh, shit, what dowe do?
Blah, blah, blah.
And the hub is there.
And then, one day you get a calland oh, a whole pod is out.
You go in, there's a switch,somebody kicked it with their
foot and like the switch likedoesn't have any power anymore.
And it's like, oh shit, when didthis get here?

(37:10):
That kind of stuff.
So it, it, it happens all thetime.

Alex (37:13):
even worse.
I mean, if it is a true hub, itis like your entire business
goes down.

Pat (37:20):
But yeah.
Yeah.
Or somebody needed to plug aprinter in but didn't wanna
like, have a wire run for it.
So they go and like, getsomething off of somebody's
truck and be like, Hey, I've hadthis neck gear hub in the back
of my truck for,

Alex (37:31):
Below the

Pat (37:31):
for a couple years.
Yeah, yeah, exactly.

Alex (37:34):
Looks like switchboards?

Pat (37:36):
Yeah.
Yeah.
Oh, I've been there.
Oh, I've been there.
It's ugly.
It is really ugly.

Alex (37:41):
are the, those are the worst.

Pat (37:42):
Oh God,

Alex (37:43):
I've only, I think in my entire career, I feel like I,
there may have only been onesituation where I had a true,
like the entire data center isdown because of a like loop
where I have to drive in andconsole into stuff to actually
find out where this is, wherethis is coming from.

Pat (38:04):
That is the worst.
Kyle, why don't you tell yourstory?
You have a pretty good layer twostory

Kyle (38:08):
one?

Pat (38:09):
that I've

Kyle (38:10):
trying to think.
I'm trying to think which

Pat (38:11):
which one I like it.

Alex (38:14):
Kyle's

Pat (38:14):
means there's multiples shit.

Kyle (38:16):
was uh, my previous job?
Somebody thought that if theybought a, their neck gear router
in and you know how there's likeone wan port and there's four
land ports?
Well, the more ports you plugin, the faster it goes.
Right?
So they plugged like every portin to every port in the room,
and it just started havoc, havoceverywhere.

(38:41):
it's like, what the hell's goingon?
You, like, you're getting D H CP on like, 1, 9, 2, just basic
crap from the, the neck gearrouter all the way across campus
and stuff like that.
You're like, what is happeningright now?

Alex (38:52):
Oh yeah.

Kyle (38:53):
You,

Alex (38:54):
starts handing out A c p thinks.
Yeah, that's a good one.

Kyle (38:57):
so that was one.
And one we had a super, superhelpful student.
Saw a, male female kind of deallike that.
Like, well, these obviouslyshould be together, right?
I.
One was the academic network andone was the administrative
network.
And he was just like, boop.

(39:17):
Again, havoc, Oh my

Pat (39:20):
Carnage everywhere.

Kyle (39:21):
'cause then one's stepping on the other and there's your
shit bleeding over from networkto network.

Pat (39:26):
It's the worst.

Kyle (39:27):
times.
Good times.

Pat (39:29):
is the worst.

Kyle (39:30):
Lots of troubleshooting.
Late nights, you're like, whatthe hell happened?

Pat (39:33):
boy.
Yep.

Kyle (39:36):
Mm-hmm.

Pat (39:36):
that's rough.
Yeah.
So yeah, I, I would, I wouldrecommend for those of you at
the axis layer, putting on thoseputting on those ports, some,
root guard or B p u guard orsomething to lessen that havoc,
if you will.
So learn from a couple of oldheads like us, like this shit
does happen.
It happens quite often, and ifyou don't put your foot down,

(39:57):
it's going to continue to

Kyle (39:58):
D T p

Pat (39:59):
So, Oh my God.
That's it.
Yeah.
Yeah, for sure.
Yeah, the other thing I'minterested in too and it's very
interesting to me, this newerphase and I, I'll tell you right
now, these are the two.
Most hated buzzwords that I havein my dictionary right now.
It's zero Trust, which is just amade up marketing word.

(40:22):
I'll tell you that right now.
it's made up by some marketerthat just wants to push zero
trust and, but it needs aboatload of shit.
The other one is SAS or sass ESS a s e, right?
They're, they're both made upBuzz buzzword marketing terms,
but I'm interested to, because Ithink, I think Zero Trust is

(40:44):
already here in some flavor.
Like people are moving towardsthat.
From, from a, a largeorganization, perspective.
But I'm, I'm really interestedin the SaaS sort of avenue
because if we're doing the SaaS,Right.
And you're treating your branchoffice like a, like a, like a
SaaS connected branch.

(41:06):
Then do you really like, from aWAN perspective on the branch,
you don't even need like an edgefirewall because you're, you're
connected, you're, you havecloud, it's basically calling
back to a, to a cloud.
You're getting filtered.
Basically you're, you're movingyour, your, your firewall from
the edge out to a cloud andyou're basically being filtered

(41:29):
from there.
And you leave from your cloudprovider rather than a local, a
local internet, breakout.
So, I'm curious to see, I don'tknow, maybe Alex, you're
probably not that close to itsince you're sort of in the
Disney world, but I'm, oranybody really, I'm curious to
see if you're either moving toa, a sassy solution or things of
that nature.
'cause really, if you thinkabout it, right, if you
implement SaaS, then all yourbranch offices is basically, you

(41:51):
can work from anywhere, right?
You can work from the coffeeshop, you can work from wherever
you can work from your car.
'cause it doesn't matter, right?
You don't need, you don't needcorporate infrastructure to get
to, like, there's no need for VP N anymore, right?
A remote access V P N, you don'tneed to fire up your AnyConnect
client or anything like that toget on to the, the, your company

(42:11):
wan.
There's no need for like theMeraki anymore to do the, the
auto V P N back to your datacenter.
Because that's all out thewindow.
There's no, you're, like I said,that computer already knows
where to go.
You're already tied into somesort of client back to a cloud,
edge and you're all thefiltering and all the firewall
and security is wrapped aroundat that edge, at the cloud edge.

(42:33):
So I'm curious to see where SASgoes in the next couple of years
to see if, if that simplifiesthe branch even further.
So I dunno if anybody's got anythoughts on that.

Alex (42:44):
Well, yeah, it'll just completely get rid of the whole
concept of a branch network.
It'll just be a building thatpeople sit in and yeah, it's
actually, it's a topic that I, Ireally, because it doesn't
impact what I would generallywork on because, I'm not, I'm
concerned about the, the productas opposed to the employees.

(43:04):
I know that you had an interest.
I you took some courses at Ciscolive on it, right?

Pat (43:11):
I did.

Alex (43:11):
probably should

Pat (43:11):
Yeah, I did

Alex (43:12):
I pay attention to because it is interesting and it solves.
Just the, the, the trend of justpeople working from home.
Of course now they're trying toreverse that trend.
So maybe we'll go back to likestandard branch office designs
in two, three years, But I stilldon't think the idea of having

(43:33):
like true IT staff in everysingle branch, I think that'll
probably, that'll probably nevergo back to the way it was where
you have a team, like a real bigteam everywhere, and I think
things like this kinda leadtowards that.
So really all these technologiesare gonna make networking much

(43:53):
easier.
it's just like

Pat (43:56):
Yeah.

Alex (43:56):
you have some cloud provider and they just like, and
do you have any experience withit yet?
I mean, what exactly is it justlike a, like the equivalent of
a, a.
A V P N client, you have somekind of client that's going out
to this third party sassy orprovider, and it does all kinds

(44:21):
of checks on you and figures outwhat access you should have.

Pat (44:26):
Yeah, I, I don't have any real experience with it at the
moment.
I think there are some talks atvarious points of it in, in
getting to a more, sassy model Iguess.
But, I think the big part of itis obviously it reduces costs
complexity, right?
There's only one way in, one wayout right?
That kind of thing.
It, it's again, more of a,moving towards a centralized

(44:48):
orchestration GUI managementthings of that nature.
Hey, this person can go here,but not here.
That sort of thing.
It's, it's more of a seamlessapproach from a security
perspective, right?
So, for, for users I should sayit, it, and you're, it, it has,
it has thing, well it has theability to basically restrict
access based on like a user orthe device or some sort of

(45:09):
application identity, that sortof thing.
So there is a lot of it thatBasically can, it's, it's like a
really, it's like a centralizedsecurity hub.
And then those, your, yourendpoints then sort of, they
basically come through that hubbefore they go anywhere on the
network, whether that's internalor out to the internet.
It goes through that central huband those policies then apply to

(45:32):
said, device said, user saidapplication, blah, blah, blah,
that sort of thing.
So, it, it, it's interesting'cause we're actually taking a
flyer on a couple of SaaSproviders, Cisco being one of
them.
'cause our SD WAN is with themright.
So that makes the most sense.
But there are some other playersin the game to see what, see
what works the best for us andthat sort of thing.

(45:53):
But I'm really interested to seewhat happens.
'cause if, like I said, if we doget, if we do get to a true
sassy solution, then the idea ofany sort of connectivity local
at the office completely goesaway.
There's no need for it.
Like those PCs or those laptopsalready know where to call home.
So why go through a, a localfirewall just to get to a cloud

(46:14):
one?
That makes no sense.
So I'm curious to see if thatsimplifies the branch even
further, but then I'm surethere's other complications with
that as far as, some latency orsome other nonsense that, that
that could, come into play.
But I'm curious to see whereSaaS is in the next couple years
and how that really kind ofturbocharges forward.

Alex (46:33):
yeah.
I'll have to look into it alittle bit.
Because if you talk about cloudproviders, you would think that
they probably, especially if yousay like, does a w s have one?
I feel like they have to, or ifCisco one, they're probably
using a W Ss, and so I kind offeel like a,

Pat (46:51):
Yeah.

Alex (46:52):
you're gonna be pretty close to one.
Wherever you are.
So maybe latency is not a bigdeal.
And the other thing too, and I,I have to really kind of dive in
and read about it some more, butI assume that kind of means that
sure you might have a littlelatency.
You go, Hey, can I access thisresource?

(47:12):
Yes, you can.
And maybe after initialauthentication is done, I don't
think subsequent traffictraverses the, the sass e
environment, at least my briefunderstanding of it.
So maybe have like an extra 20milliseconds for the initial
connection, but then the entiresocket is open for the entire

(47:35):
time without having to go backand

Pat (47:38):
That makes sense.

Alex (47:38):
right.
And it doesn't, the whole shiftto this identity security just
makes so much more sense.
Like if you were to take someonewho's not tech focused and try
to explain to'em that for thelast 30 years security has been
based on some arbitrary IPaddress that you get that's
generally tied to where you'rephysically located.

(48:00):
Now it's completely changed andnow your access is based on what
it is that you are like youruser laptop and that's just who
you are, but making sure thatyou're up to whatever standards
they want.
'cause with these SSS s eproviders, not only are they
confirming you are what, you'renot malicious, but, but like,

(48:23):
you're an end user laptop onthis I don't know this division
of the company, but you alsohave like these patches, you
have this software and then thatdictates whether or not, and
that makes, I think that makesmore sense.
Like if we can get to that, itmakes me a little scared for
exactly what our roles are, butI, I think it does make sense

(48:46):
and it is a, it's a It's an ideathat, yeah, it makes sense that
that's the feature because eventhings like Cisco A c I, which I
haven't had to work with in the,in the Wild, it takes a similar
approach where if you are tryingto dictate what can talk to what
on an a c I environment, you'renot using IP addresses.

(49:08):
They call'EM contracts, I thinkis what a c I refers to'em.
And the idea is the same.
You pretty much just say F T Pis allowed to happen from these
machines to this application.
It doesn't matter where thatapplication goes.
It doesn't matter where thisuser goes.
And then it, which is acontroller, will go back to all

(49:29):
the Cisco devices.
And if they are still doing theclassic IP address filtering,
it'll automatically ordynamically set those rules in
place to allow those flows.
And again, I think that makesmore sense.
And man, that's probably a wholenother topic that we can That's
a security episode.

Pat (49:48):
Yeah,

Alex (49:49):
mean, going back to the branch office, I guess the way
we tied it back into this wasthat again, that's just The
branch office might be a lotsimpler here.
Before too long.
The branch office will be someaccess points and a router
that's got like four internetconnections.

Pat (50:04):
That's it.
just do dual wan and, and

Kyle (50:08):
right.

Pat (50:08):
off to an AP or, or a couple aps and we're done.

Alex (50:11):
access switches, no SSD wan, just.

Pat (50:16):
no.
Yeah, I'm interested to see howthat goes or where that goes.
'cause that, that's a hot topicat the moment.
Again, to me, I think it's justa marketing term.
Like SASE means a bunch ofthings, right?
Just like Zero Trust does.
it's certainly making a wave atthe moment uh, with with Cisco's
uh, s s e right?
Security, I think it's SecureEdge something or other.

(50:38):
Palo Alto's got their prismaPrisma access, which basically
is their SaaS, platform, thatkind of thing.
So there's a bunch of'em outthere that are doing that kind
of thing.
So, yeah, I'm, I'm, I'm oddlycurious to, to see what what
happens there, what that lookslike in the next couple of
years, if, if that really startsto be an adoption, or if it
needs some, some room to bankyet.
And it's not quite ready for,for sort of prime time.

(50:59):
But I'm it'll be an interestingthing to see where it goes.
And again, the branch is, ifthat happens, the branch becomes
Way similar, or I should say waysimpler than than what it is
now.
And just less for a, for networkfolks to manage and, that sort
of thing.
So, interested to see what thatcomes up with.
So, anything else on the branch?

(51:20):
I think we, we hit it prettygood.
I think

Alex (51:22):
Well, we like to close with the future of the branch,
and I guess we kinda

Pat (51:26):
that's right.

Alex (51:27):
just did that organically without even being prompted

Pat (51:30):
Yeah.
We didn't even try.
Yeah, we we are good.

Kyle (51:35):
Access

Pat (51:36):
More gooder.

Kyle (51:36):
everyone.

Pat (51:38):
That's right.
That's right.
Access point.

Alex (51:41):
summary.
Yeah.
Branch offices, the access 0.1router,

Pat (51:46):
That's it.
That's right, that's right.
Now.
But I find it interesting ofwhere it actually came from,
right?
So when guys like The three govbus on this call started.
It was, it was a lot of, it wasa lot of hunkering, right?
A lot of ASAs and failover and,h ss r p and, and stacks and

Alex (52:05):
true three-tier

Kyle (52:06):
Mm-hmm.

Pat (52:07):
tier environments,

Alex (52:09):
Stack

Pat (52:09):
all that stuff.

Alex (52:10):
ports.
Yeah.
Like you said, firewalls withlike 50 VPNs on it.
Connecting you to every otherremote branch and every data
center.

Pat (52:20):
Yep.
A lot of that and so it, it'sreally come, a long way and, and
some, some branches did, B G Pwith their, with their ISPs and
had multiple ISPs, so B G Pfailed over and all like, it's.

Alex (52:33):
wan, I mean, it's not like you can just plug two internet
carriers in and you just have itfail over.
Yeah.
you had to put some more effortinto that, that fail over logic.
Then

Pat (52:46):
Yep.
IP SLAs and the tracking and allthat stuff.
It was, oh, it was just brutalto try to get all that worked.

Alex (52:54):
provision it.
It's not like you just plug itin and it calls back home.
provisions itself.

Pat (53:00):
Yeah, yeah.
So yeah, I'm just, I'm real, I'mjust kind of looking at it from
a 50,000 foot view of where it'sbeen and where it's going.
It's just, I think it's just alot simpler today, and a lot, a
lot of places are, like we said,less than 50 people, you get a
Meraki Meraki switch and boom,you're good.
Most places I've been now havesome sort of collapse core, to

(53:20):
them, some sort of routingintelligence and handing off to
a, a VeloCloud SD-wan or CiscoSD-wan or some sort of SD-WAN
box and back to a data center orout to the, out right out to the
internet, blah, blah, blah, thatsort of thing.
So it's, it's really come a longway.
Like I think, I think Alex hitthe nail in the head with the
wireless thing, that's gonnabecome way more prevalent.

(53:41):
And then I'm curious to seewhere the SAS stuff goes with
kind of, how we get back to, thebranch all ties back to the,
the, the larger wan.
So, and then we have yourgremlins, like your spanning
tree loops and, your, your Ciscoyour, your, your actual physical
phone's on desks.
If, if that still exists in someplaces, which I'm sure they do.
It's not like it's completelygone away, but but I, I'm

(54:02):
curious to see where this allgoes.
So any other parting?
We're, man, we're right at anhour.
Look at that.
See, we, we never thought, wenever think this stuff's gonna
go an hour.
And here we go.
We are, we hit it.
We hit it hard.
Any other closing thoughts herefellas?
On the on the branch?

Alex (54:17):
I don't think so.
A little sneak peek for the nextnetwork design.
You talked about

Pat (54:23):
Yeah.

Alex (54:24):
tree issues with the branch office.
So in the data center, we'lltalk about how we don't really
use spanning tree anymore.
So that's all I'll say.

Pat (54:33):
now you're talking.
Talk nerdy to me, my brother.
Talk nerdy.
I love it.
So Kyle, anything else from you?

Kyle (54:40):
I think we pretty much covered it.

Pat (54:42):
Yeah,

Kyle (54:43):
I like it.

Pat (54:43):
deal.
Good deal.
All everybody.
Yeah.
Stay tuned for the next sessionof this little mini session.
I like to call it the littlemini session on, on network
design.
So, just curious to see where,what your thoughts are.
If you like this one, great.
Throw us some, throw us an emailor something of that nature.
Get us, get ahold of us on theon the socials and whatnot, and
say, say, yeah, your nay say,yeah.

(55:05):
We like to keep going or knowyou idiots.
Keep, keep moving on somethingelse.
let us know.

Alex (55:11):
about the

Pat (55:11):
It, it,

Alex (55:12):
Come on

Pat (55:12):
that's right.
Yeah, that's right.
The Elon Zuck cage match.
It's happening.

Alex (55:17):
we want to hear.
Yeah.

Pat (55:18):
I.
It is happening.
It actually made news this week,so it's a, it's good.
I guess Elon wants it somewherein Rome.
That's what I heard.
Like an epic location in Rome.
Like

Alex (55:29):
veterans.
That's what I'm amazing.

Pat (55:31):
He's gonna retrofit the Coliseum and

Alex (55:34):
I fully,

Pat (55:35):
like, ah, get this, get this up to speed in like three
weeks and I'm gonna beat Zuckright in the middle of this
Coliseum.

Alex (55:42):
Oh man.
I could just

Pat (55:44):
Good times.

Alex (55:45):
Zuck,'cause he is so into martial arts and he is doing
there doing kicks and back flipsand Elon just shows up in like
some 20 foot mech And he'scontrolling with some Neuralink
plant that he had

Pat (55:58):
That's it.
That's it.
Oh, I love it.
Stay tuned for that.
If we hear something, man, we'regonna do a whole review on the
fight just on this show.

Alex (56:05):
maybe do a live play by play.

Pat (56:08):
That's it.
That's it.
I'll buy the pay-per-view.
I'll, I'll, I'll write it off asan expense.

Alex (56:13):
it's streaming on X.
That's what Elon

Pat (56:16):
Is it There you go.
Even better.
I'm not gonna pay shit.
I love it.
Awesome.
Well, everybody we appreciateeverybody joining this week on
this episode of Breaking Downthe Bites.
Again, make sure you hit ourwebsite, breakingbytespod.io.
You can subscribe to the show onyour platform of choice.
We are everywhere.
Apple Podcasts, Spotify, GooglePodcast.

(56:38):
Pretty much those are the bigthree, but anywhere you want, we
are there via our buzzsprouthosting company, which is great.
Shout out to Buzzsprout or wehave an r s s feed out there as
well on the, on the website.
So if you just need to play an rs s, we are that is there as
well for your picking.
Throw us a rating on ApplePodcasts that really helps us

(56:58):
out and gets us into more earsand eyes on the show, which is
always great.
That would be awesome of you.
I appreciate that.
Simply tell a friend, right?
So, I know a lot of a lot ofthis show is spread by word of
mouth, so that's alwaysappreciated by the three of us
sitting here.
And Hopefully it continues to doso.
Again, all of our socialsLinkedIn, Twitter Facebook, it's

(57:19):
all out there.
Discord servers out there aswell.
All that stuff is in the shownotes of the show.
So pop on over there, surveysout there, the feedback survey.
It's just kind of this living,breathing thing that is just
kind of out there for constanttweaking.
So, if you like the show hit usup.
If you hate the show, hit us up,So always looking for more
feedback and just helps tweakthe show and, and get more

(57:39):
content that you want to see.
So, fellas, it's been good.
It's always good.
See your bright shining faces.
Hear your golden voices.
Appreciate that joining in andwe'll do it all again next week.
Bye everybody.

Alex (57:53):
See him.

All Episodes

Episode Transcript

Popular Podcasts

Dateline NBC

24/7 News: The Latest

Therapy Gecko

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}Network Design: Branch Office Connectivity

Episode Transcript

Popular Podcasts

.css-r6mb8g{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:1;overflow:hidden;}Dateline NBC

24/7 News: The Latest

Therapy Gecko

All Episodes

Network Design: Branch Office Connectivity

Dateline NBC