The Risk of End of Support (EoS) Infrastructure in Your Data Center
End of Life doesn't mean dead – it means it's time to plan the next steps
While most organizations and our account teams do a good job with keeping up with End-of-Life (EoL) notices and upgrades in their infrastructure, we are seeing some customers struggling with data center hardware refresh timelines. Along with the hardware refreshes, organizations are experiencing business-related changes in traffic patterns from North-South to East-West and they are also looking for micro-segmentation solutions for these changes in traffic patterns.
Most OEM vendors are recommending migrating towards spine/leaf designs and SDN controller-based data center switching to help with the change in traffic patterns and segmentation strategies. Because of these architectural changes, a refresh is not just a simple hardware swap anymore, but a full-fledged design change that we have not seen in a long time. What used to be a simple swap of a couple of TOR data-center switches, some minor configuration changes and maybe migrating 50-100 workloads per switch pair, has now turned into multi-year data center re-architecture and migration of thousands of workloads onto the new infrastructure to support these business requirements.
The business value of migrating to these new architectures means that "day zero" implementations as well as "day one" and "day two" operations can be automated. Additionally, these SDN solutions offer segmentation, greater visibility and assurance that your network is performing properly and will reduce downtime significantly. The efforts of re-architecture and the learning curve are far outweighed by the business impact of reducing OPEX with automation and reduced downtime due to enhanced visibility. Before we delve into some specifics on migration strategies, lets discuss what the End-of-Life terms mean.
The following example of terms is Cisco's verbiage, but every OEM will have similar terms, and they need to be understood clearly.
Simple steps to understand Cisco's End-of-Life policy dates
Stage 1: End of Life Announcement (EoL)
This is just a notification that Cisco will eventually stop supporting a particular product on a specific date. Feature freeze goes into effect on the platform and no new features or expansion modules will be added to the product line.
Stage 2: End of Sale (EoS)
Typically, one year after EoL is announced, the product can no longer be ordered through Cisco channels. The product, however, is still eligible for Cisco maintenance and is still receiving software maintenance updates and bug fixes.
Stage 3: End of New Service
At this stage, it is no longer possible to put the unit under a new Cisco service contract, though existing contracts can be renewed before they expire.
Stage 4: End of Software Maintenance Releases
Cisco stops issuing any additional IOS updates for the unit.
Stage 5: End of Contract Renewal
Device is no longer eligible for any Cisco maintenance package.
Stage 6: Last Date of Support (LDoS)
Within a year or less of the end-of-contract renewal, the unit then goes to Last Date of Support (LDoS) and Cisco stops all support for the product, thus making it obsolete in Cisco's view.
What does Cisco's Last Day of Support (LDOS) mean to the business and operations?
- Cisco will no longer provide TAC support for the LDOS product. If you have an outage or a problem, Cisco will not help or open a ticket. They may direct you to a third-party vendor for support.
- Cisco will no longer provide hardware support via the RMA process. For customers that have 24x7x4 support, it could mean that even before the actual LDOS date, there may not be hardware in a nearby warehouse to support a four-hour response.
- Compromised data security due to lack of security fixes and patches, increasing the risk of cyber attacks. This is the one that keeps my customers up at night. If you look at Stage 4 End of Software Maintenance Releases in the EoL notes, you will find they are sometimes two years before the actual end -of-support date. Cisco recommends being off EoL hardware 18-24 months before the actual EOS date.
- Non compliance has significant effects to meet regulatory requirements. For customers with HIPAA and PCI requirements, EoS/EoL hardware can cause fines from regulatory non compliance during audits or security breaches.
- Scalability issues due to older gear not being able to adapt to changing needs. As data centers change to East-West traffic patterns, older architectures and 1 GB speeds won't keep up to what today's agile business needs to keep pace with the competition.
- Higher maintenance costs by OEMs and third-party vendors offering support for obsolete hardware at a premium cost. There are third-party vendors that offer support, but they will not be able to replace the hardware with new parts and certainly not support software issues.
- Decreased productivity due to older equipment failing, causing a potential extended outage. This one is pretty obvious, but an outage on a core device could take hundreds or thousands of workloads offline.
Next steps for creating an End-of-Life plan
- An audit should be performed to see what exactly is in your data centers. This can be a huge effort, but WWT can help by pulling the data of all your equipment from Cisco and other OEMs. Contact your WWT account teams for help in doing this.
- If EoL hardware is found, determine if it's only a few switches or if it's every one of your TOR switches. A refresh of a small number of TOR switches does not require critical action; however, hundreds of TOR switches will force a decision around whether a complete re-architecture is needed due to going spine/leaf. This will also require an extensive migration plan to migrate workloads.
- Migration plans must factor in time to design, plan and implement the hardware refresh as well as migration time. There also needs to be training for the architects as well as day-two support staff to speed up the learning curve for all those who design and support the network.
- Organizations should have a migration plan working backward from the LDOS date of affected hardware. Cisco recommends an 18-24 month pre-LDOS date for full migration off LDOS hardware due to no bug fix or security vulnerability support well before true LDOS date.
- Workloads need to be grouped into migration groups and current change control windows examined. Dividing the workloads into the groups by change control windows will determine how long this will take to migrate. Typically, WWT sees an 18-24 month (or longer) migration process in brownfield migrations.
- Once a timeline has been established, accelerators can be investigated to decrease that timeline (POCs, using ITC for deployments, using smart hands and deployment engineers).
WWT's recommendations
We see a lot of organizations have a false sense of "I have plenty of time" when their LDOS is 36 months out. In reality, if they are doing a complete re-architecture by migrating from standard three-tier North-South architecture to Spine/Leaf East-West architecture, we see at least a three-year journey for a typical 6000 workload migration. And that is based on migrating 1000 workloads every three months for 24 months. Technology reviews, HLD/LLD creation, power and cabling refresh and the actual build-out of the data center is typically a 12-month process.
We highly recommend that organizations create an End-of-Life plan to at least get a basic timeline, working backward from the LDOS date. Also, remember that you want to be off the equipment when software support stops and that may be 12-24 months before the actual EOS date.
How can we help?
- Talk with your WWT account team for help getting the LDOS data for your data center switches.
- The WWT data center switching team offers a Data Center Discovery workshop for customers that need to migrate but are overwhelmed by the OEMs. We take a non-biased review of current architecture and a review of what other customers are successfully implementing in their data center refreshes.
- Once a specific architecture/technology is chosen, the next step would be a data center switching design workshop with an HLD and BoM as a deliverable to support the design. These workshops help accelerate the learning curve required.
- Other workshops are usually given for follow up, such as segmentation workshops, DR strategies, cloud connectivity, security or storage.
- Once a design has been set in motion, timeline accelerators should be utilized, such as POCs, using the ITC for burn in and build out, smart hands for rack and stack, as well as deployment engineers for implementation and migrations.
- WWT uses the Engage, Plan, Design, Implement, Operation (EPDIO) framework to bridge the gap between the current Infrastructure and the new infrastructure to streamline and accelerate the timeline of building and migrating a data center to new infrastructure.
If you have any questions on your EoL equipment or any of the services and offerings described here, please contact your local WWT account team.