The development of IT infrastructures has always been rapid and required enormous flexibility from IT professionals. But hardly any development has brought about such central changes as the introduction of the cloud. Whether it is SaaS solutions such as Microsoft 365 or the cloud platforms of the major cloud providers, the introduction not only has an impact on the infrastructure itself, but also entails an adjustment of central processes - both within IT and in the business departments. But experience has also shown that a pure cloud infrastructure is not the optimal solution in all customer situations and that, at least for the foreseeable future, hybrid solutions are the "way to go". In the following, however, we will describe the framework conditions that are decisive for the IT infrastructure of the future.
Infrastructures are represented as code
Infrastructure as code" is no longer a new topic in the environments of the large hyperscalers. Resources within the cloud systems are described as code and transmitted to the hyperscaler's platform, which then builds the infrastructures based on the blueprints transmitted as code. Vendor-independent languages such as Terraform offer a major advantage here, as the templates can be provided independently of the cloud platform with little adaptation.
However, the topic of "Infrastructure as Code" will also gain importance in local infrastructures in the future. With solutions such as RedHat Ansible, code-based provisioning can be extended to platforms such as VMWare, and more and more network manufacturers are offering integrations in the "Infrastructure as Code" solutions. This allows infrastructures to be deployed and customized automatically with little effort. And with the help of code management solutions, changes to existing infrastructures can be documented simultaneously.
Zero trust becomes the standard
In the security field, the perimeter was long considered the safe boundary, i.e., the focus of security efforts was primarily on preventing attackers from gaining access to the internal network, while actors within the network were trusted as far as possible. Due to increasingly clever attack scenarios, this basic idea does not apply today. Instead, the zero-trust approach has been established for several years and will become the standard in the coming years.
The basic idea behind zero trust is actually already in the name: it is assumed that every device could potentially be compromised and is therefore not trustworthy in the first place. Therefore, authentication and authorization are always necessary when accessing resources. For the latter, various factors are evaluated, e.g., whether the accessing device complies with the defined security settings or whether there is currently an active risk assessment for the user.
Additionally, the approach can be supported through the use of AI-powered analytics. By capturing security events and login logs, for example, this can create employee movement patterns within IT. These are then automatically checked for deviations that indicate a compromise of the user account.
Software defined everything
In recent years, technologies such as SD-WAN have been increasingly used and are replacing classic constructs such as MPLS. "SD" stands for "software defined". Unlike, for example, a classic MPLS network, the various locations are not connected to each other by a provider. Instead, the routers interconnect to form a WAN, in simplified terms of course, and use the existing connections to the Internet. This makes the WAN more flexible: if a provider's line fails, for example, the routers automatically switch to a fallback line. The software defined principle is also attracting more and more attention in the storage and data center sector.
Monitoring and automation are unified
Standardization will take place in the area of monitoring and automation. Today, monitoring one's own infrastructure is a particularly time-consuming process because the interfaces of the manufacturers often differ from one another and there is little standardization. Automation, e.g., the automated installation of updates, also presents administrators with problems time and again.
The shift to "software defined" components and Infrastructure as Code will simplify some things in the future. For example, devices can be integrated into existing monitoring solutions by default via configurations defined as code.
With solutions like Azure ARC, it is already possible to manage Windows Server on a central platform, regardless of where the virtual machine is running.
