Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Flat Network Strength Also A Security Weakness

The arrival of flat networks on the IT scene has created new opportunities, as well as additional concerns for those responsible for protecting systems from intrusion and preventing data leaks. Nevertheless, they are growing in popularity and are becoming the alternative to traditional tiered networks, which have started to encounter connectivity limitations due to inherent design limitations.

Flat networks and tiered networks differ in some fundamental ways, which greatly affect how those network ideologies are deployed, supported and secured. Flat network design came into being because an alternative was needed to interconnect systems relying on massive amounts of connections, caused by heavy virtualization and the convergence of networking technologies.

Flat networks tackle those connectivity problems by eliminating the Achilles' heel of tiered networks, the Spanning Tree Protocol (STP), which effectively restricts the number of paths packets can take through the network. Flat networks (sometimes referred to as a network fabrics) employ other approaches to open more paths and increase potential bandwidth.

Flat network options include both standards-based approaches, such as Transparent Interconnection of Lots of Links (TRILL) and Shortest Path Bridging (SPB), as well as proprietary vendor approaches. Those approaches address shortcomings of STP and can make a data center network more flexible and responsive to the changing demands of highly virtualized environments.

However, deploying those flat network technologies often requires rearchitecting the network, and, in most cases, upgrading hardware to deal with what may be new frame types. Those potential cons are only some of the downsides for migrating to a fabric, or flat, network.

Another major concern is security, as flat networks need a different approach than that used in a tiered network. One of the primary strengths of a flat network also tends to be the primary security weakness. Flat networks eschew the need for Layer 3 routing, which effectively removes traditional security technologies, such as firewalls, filters and other security appliances from the subnet. However, greater network throughput is realized when L3 routing is minimized. The net result is that, with a flat network, security, in the form of access control and connections, needs to be moved down to Layer 2 of the OSI network model.

Richard Dreger, president of WaveGard, recently authored a comprehensive report for Network Computing’s sister publication, InformationWeek. The report provides significant depth and associated research for securing Flat Networks at L2. The report offered some significant revelations on how to best secure flat networks. Dreger wrote, "Moving to a flat network, common L3 filtering controls such as firewalls and access control lists won’t necessarily be available because more devices will sit on the same subnet. But this doesn’t mean giving up on security controls. A variety of Layer 2 technologies are available for physical networks and virtualized environments that let IT restrict communications among devices."


Page:  1 | 2  | Next Page »


Related Reading


More Insights


Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Next Gen Network Reports

Research and Reports

Network Computing: April 2013



TechWeb Careers