No Inventory, No Proper Management

I'm luck enough to be sitting on a panel of delegate for Networking Field Day 34 by Techstrong.IT , and our first presenter, Forward Networks, Inc. did a fantastic job (as usual) in showing the benefits of having their digital twin in the network.

It all starts with a collector running inside your network that looks around a bit and figures out what gear you have, the subnets, the paths...everything. It takes that data and stores it in a way that can be used to simulate changes, check for compliance, and provide up-to-date information back to the user. Did the network change? Run the collector again to update your data.

I don't want to go into all the features of a digital twin here, but one big benefit of having one is a fresh inventory. This is not a human-maintained list. This isn't even a subnet scanning tool. This is a full analysis of all routers, switches, paths, routes, subnets, LLDP/CDP neighbors, and whatever else to have a real view of your network as it appears right now. Not as it appeared when you updated your diagram last spring. Not as it appeared before you replaced those failed switches last month. As it appears right now.

If you've inherited the networks, there may be sets of gear that no one on the team even knows exists much less their purpose. If you've made 84829 changes without properly documenting it, those docs are now inaccurate (which is worse than not having documentation at all!). If you've got a digital twin sitting there, you avoid those problems. Those diagrams get updated automatically. Those support contracts can be negotiated accurately. The scope of those SOX and PCI audits are no longer imaginary. Those automation projects now include everything that needs to be included and not just what you remember.

The moral of the story is that you can't effectively manage a network if you don't know what your network looks like. It sounds very obvious, but you would be surprised by the number of times in my career that I've seen companies that don't know exactly what they have in the data center.

You need to know what you have, and you probably can't keep that up-to-date by hand. Get a tool to do it for you. Write a tool to do it for you. Do it now before your Security Team asks you what that 18-year-old router is doing on the edge of the network...the one you've never even seen because the engineer who put that in left the company 12 years ago.