Cloudstack integration of Xenserver 6.0 goes well beyond the typical control-plane functions such as starting, stopping, pausing, and destroying a virtual machine. The integration exposes features to Cloudstack such as configuring the networking, storage, and security parameters of the hypervisor across pods, and multiple data centers, but don't go as far as other orchestration platforms such as Microsoft System Center 2012 and provide bare-metal provisioning of Xenserver. Citrix claims Cloudstack can manage tens of thousands of servers via one management system. It integrates directly with Xenserver 6.0, providing direct access to Xenserver features, which is what allows Cloudstack to scale management to a high number of servers.

Cloudstack also adds what Citrix calls networking as a service (NaaS), which is an awful name and acronym, but they are trying to describe integrated network management features. The networking improvements are designed around centralized management of the networking components within hypervisors, and centralized management of Citrix's Netscaler SDX appliances and VPX virtual appliances. Cloudstack can integrate with physical switches, but that is done via third-party integration. Via Cloudstack 3.0, administrators can create and manage VLANs and virtual routers on Xenserver vswtiches. The configuration control doesn't extend to physical switches. The networking management, along with Citrix's CloudBridge, goes so far as to offer elastic IP similar to Amazon's elastic IP, where the IP address of a host can move with the VM across pods or even data centers, ensuring a seamless migration of hosts from location to location.

The integration with Netscaler is relatively advanced, allowing full administration of Netscaler's load balancing, VPN, and routing functionality within Cloudstack. Unlike other cloud management products like Microsoft's System Center 2012 which has limited integration with Netscaler such as discovering the virtual IP and joining an existing pool, Cloudstack can create new application pools, add servers to them, create virtual IPs, define load balancing and optimization functions.

Cloudstack has simplified the application deployment process using a drag-and-drop UI allowing administrators to draw the network connections and networking configuration policies in Cloudstack, and hides the networking details from view. A number of orchestration products try to make service provisioning as simple as possible by hiding the complex interactions and dependencies from view. The goal is to integrate your IT systems once and then provide a service catalog to end users, whether they are IT or business users.

Citrix, like other orchestration vendors, can't supply all of the automation features for all of the potential products customers might use. To support third-party integration, Citrix has launched Citrix Cloud Community, which is an integration program that certifies third-party products to work with Cloudstack 3.0 and is similar to the Citrix Ready program. Cloudstack Community launches with 2,200 services and products today, with more planned.

Read more about what your peers are doing with Service Oriented IT (free, registration required) ]]> http://www.networkcomputing.com/private-cloud/232600717 http://www.networkcomputing.com/private-cloud/232600717 http://www.networkcomputing.com/private-cloud Mon, 13 Feb 2012 12:00 EST But following the initial hoopla, some questions are being asked about how well the Nicira platform can deliver network services via software through all of the layers of a typical enterprise network. And others ask whether decades of legacy physical network innovation can so easily be replaced.

"Think of the number of man-years that have been sunk into the networking layers that they are trying to recreate in software," says Jon Oltsik, a principal analyst at the research firm Enterprise Strategy Group. "Conceptually they are spot-on, but I think to go in and replace IP backbone networking with virtual software is a tall order."

Another analyst, Zeus Kerravala of ZK Research, also called the Nicira news significant "in theory."

To be sure, analysts like Oltsik understand the problem, which he has defined as "data center network discontinuity." The use of server virtualization has consolidated the size of data centers and improved operational efficiency, but the network has not kept up. At the same time, more demands have been placed on the network to deliver services such as intrusion detection and prevention, firewalls and load balancing. So Nicira's Network Virtualization Platform (NVP) is certainly compelling, he says.

According to a recent InformationWeek Research trending survey, if enterprises don't plan to virtualize the majority of their servers by the end of 2012, they'll be firmly in the minority. The largest growth came in the number of respondents who say they'll virtualize servers. Just 13% planned to do that back in 2010. This year, the number almost doubled, with 25% citing that goal. Server consolidation was the top driver, by far, for virtualization efforts in 2010. Now that's tied with desires for high availability, better disaster recovery, and improved flexibility and agility.

Meanwhile, other players in the network virtualization space are asking how well NVP can virtualize the full stack of layers in a network. Dante Malagrino, co-founder and CEO of Embrane, says his company is shipping virtual networking software that delivers Web application firewall protection, load balancing and WAN optimization, which he describes as network services targeted at the application layer. Nicira's NVP serves network Layers 2 and 3 ,while Embrane serves the Layer 4 to 7 space. A solution designed for one part of a network is not interchangeable with the other, he argues.

Malagrino says Layers 2 to 3 and Layers 4 to 7 are quite different markets. Cisco Systems, for instance, dominates in the L2 to L3 market, while other vendors, such as F5 Networks and Riverbed, have significant share in the L4 to L7 space.

In other words, same planet, different worlds.

"When you look at what it takes to virtualize and scale network service functionality, you need to build an architecture that's much more about scaling compute than it is about scaling the network capacity," Malagrino says about the L4 to L7 layers. "So Nicira is doing some very interesting things in the realm of scaling Layer 2 and Layer 3, but when it comes to scaling network services, it's going to be a different animal."

Nicira responds that there is plenty of room for everyone to jump into the pool.

"It's called a Network Virtualization Platform," says Nicira CEO Steve Mullaney. "We're going to create a platform with APIs, and we're going to be able to go partner and create an ecosystem of other partners who will be able to program in [additional services], including maybe people like Embrane. We haven't talked to them, but my guess is there's going to be a long tail of ecosystem partners."

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/next-gen-network-tech-center/232600693 http://www.networkcomputing.com/next-gen-network-tech-center/232600693 http://www.networkcomputing.com/next-gen-network-tech-center Mon, 13 Feb 2012 09:00 EST In general, we've found that there are three primary obstacles to using WAN acceleration to serve branch offices.

The first is that WAN acceleration just isn't a good solution for write-intensive applications. At first glance, bank branches would seem to be a WAN acceleration win. However, since tellers scan images of every deposit, there is a large amount of unique write data that overwhelms the small amount of cache in a typical WAN acceleration appliance.

The second obstacle is that most organizations have some applications that don't use protocols that WAN acceleration devices can sufficiently optimize. If all you need to do is provide a low-performance file server and allow users to access the Exchange server via Outlook, a Riverbed Steelhead, the company's core WAN acceleration technology, might be a great solution. However, if you have to run some legacy application that the Steelhead appliance can't compress, deduplicate and accelerate, the users are going to have an unhappy experience.

Then there is the third and perhaps biggest obstacle: Most WAN acceleration solutions don't provide access to your data if the WAN link is down. Personally, I never trusted my telco providers enough to be willing to live with the no-win, no-work scenario.

Granite is an iSCSI storage device that acts as a cache to storage in your data center. With Granite you can run a domain controller, file server and the like in the branch office. Granite will provide storage for the servers, and it will synchronize the data to iSCSI storage in your data center through a Granite core appliance. Since this is a Riverbed product, the data will be compressed and deduplicated using Steelhead.

In some ways, Granite is the enterprise version of an iSCSI-based cloud storage gateway like those from StorSimple or TwinStrata drop. While those appliances provide a cache-to-front-end-to-object-based cloud storage, Granite uses block storage in your data center for its ultimate repository. Unlike the cloud gateways' logical volumes, or LUNs, Granite appliances' aren't limited to access by a single server. The folks at Riverbed tell me that Granite supports SCSI bus resets so servers at the branch office and servers in the data center can be part of a single cluster, or LUNs can be pinned to the Granite to enable off-line access.

Granite would be cool if it was a dedicated storage appliance, but the best part is that Riverbed has implemented it as an application on its new Steelhead EX appliance line. Not only does this mean that a single appliance can handle storage and other WAN acceleration tasks, but since the Steelhead EX runs VMware, that appliance can also host the servers you need in the branch. Riverbed has Steelhead EX appliances with up to 4 Tbytes of storage and 64 Gbytes of RAM, which should allow most branch offices to run their entire operation from a single appliance.

Riverbed's Edge Virtual Server Infrastructure (E-VSI) is just one of the innovative solutions I've seen recently for simplifying the process of managing data in remote offices. With cloud and other virtualization technologies advancing at a rapid clip, there's no excuse for five physical servers and a tape drive for backup in your branch offices anymore.

Disclaimer: Riverbed is not a client of DeepStorage, but Riverbed reps have bought me lunch occasionally.

]]> http://www.networkcomputing.com/wan-optimization-and-application-acceleration/232600280 http://www.networkcomputing.com/wan-optimization-and-application-acceleration/232600280 http://www.networkcomputing.com/wan-optimization-and-application-acceleration Fri, 10 Feb 2012 09:00 EST In this second installment of a three-part series on IPv6 implementation, Network Computing looks at the issues involved in deploying an IPv6 network alongside an IPv4 network.

The IPv6 protocol was established because the number of IPv4 addresses is quickly running out. The IPv6 protocol creates a 128-bit address, four times the size of the 32-bit IPv4 standard, so there will be infinitely more available IP addresses. This will accommodate all the smartphones, tablets and other computers on the network, but also the coming proliferation of Internet-connected devices including refrigerators, cars, and myriad sensors in homes, buildings and on IP networks.

With IPv6, a company may have exponentially more Internet addresses to use, but also more to manage, says Leslie Daigle, chief Internet technology officer for the Internet Society (ISOC), a global nonprofit organization that certifies technical standards for the Internet.

"The IPv6 address space is so large and your allocation is likely to be larger than you need it to be," she says. "On the flip side, that makes it a lot harder to probe your entire network because it is a much larger space."

The volume of available IP addresses adds to the network operator's workload because they have to probe the "dark spaces" within the network where there are no assigned IP addresses. "The managing and making sure that no one is squatting in your address space is considered to be a possible additional challenge," says Daigle.

The ISOC has created a Web portal, Deploy 360, to share information about how to deploy an IPv6-compliant network. On the site are a number of case studies on how IPv6 rollouts went, including one about the project at Oxford University in the United Kingdom. In an online report, Oxford's Guy Edwards detailed a five-step plan for deploying IPv6 alongside the existing IPv4 network.

First, Edwards advises, the organization should perform a network device audit, identifying all the routers, switches and firewalls on the network, as well as what specific versions of hardware and software are running. With the help of networking vendors, the next step is to determine which of the devices are already IPv6-compliant. He also advises that network administrators run a test on a particular IPv6 device to make sure that the software application to run on the network works.Second, Edwards says, perform an audit of services to run on the network, such as SMTP for e-mail and DNS for associating Internet domains and unique IP addresses. The audit should identify which of the network services may be IPv6-supported.

The next step is to build an IPv6-only test network and run the same services and applications that already run on the IPv4 network. In the test environment, document any differences in configuration syntax and behavior for setting up the service under IPv6.

The fourth step is to write a detailed IPv6 deployment plan that lays out in as much detail as possible how the rollout will occur. The plan should be shown to management for approval; it can also be peer-reviewed to make sure that nothing is overlooked.

Last, write a formal IP-addressing policy for going forward. This policy could also be peer-reviewed.

Some companies are going to discover that the network management tools designed to operate on an IPv4 network may not work the same way on an IPv6 network, says Jim Frey, managing research director at Enterprise Management Associates.

"There are still some challenges with how to manage these mixed environments. Underneath the covers there is actually, in many cases, a different set of data being drawn about the IPv6 traffic versus the IPv4 traffic."A network monitoring tool may reveal that maybe 5% or 10% of network traffic is IPv6 traffic, but it may not be able to identify which specific packets are IPv6, and some tools may not have been upgraded to support IPv6.

"It's still a work in progress to gain consistent visibility of mixed environments," says Frey.

Variables such as those described by Frey illustrate the need for a well-thought-out and well-executed rollout plan, says ISOC's Daigle.

"Any enterprise network operator knows that something done quickly is something done expensively," she says.

The third segment of this series--which first looked at how different networks have different IPv6 needs--will examine how to manage compliance and security in an IPv6 project.

Learn more about Fundamentals: Understanding Private Cloud Stacks by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/ipv6-tech-center/232600590 http://www.networkcomputing.com/ipv6-tech-center/232600590 http://www.networkcomputing.com/ipv6-tech-center Fri, 10 Feb 2012 09:00 EST InformationWeek: Outlook 2012 report, 75% of respondents see heightened demand for new IT projects. More importantly, IT is getting money to execute on those projects, with 56% saying their companies plan to increase IT spending in 2012 and just 16% saying spending will be cut.

That's good news because appropriate project management is the differentiating characteristic for IT projects that succeed, says the author of a new InformationWeek report. The "Research: 2012 Enterprise Project Management" report found that of the 508 business technology professionals surveyed, only 60% said they had a project management organization (PMO), but 30% said IT initiatives almost always add value to the business. There's a continuing mentality that IT professionals don't require good soft skills, but with IT success being directly related to business success, that's no longer true, says Jonathan Feldman, director of IT services for a North Carolina city and author of the report.

"I think the biggest problem is there are still pockets of 1980s mentality out there where IT people do not need to have good soft skills like written communications, tact, diplomacy, follow-up, follow-through. That's, I think, the biggest problem," he says. All of those skills are necessary for good project management.

PMOs are generally considered to be rather dry and boring by most people, and there are a lot of common misconceptions about project management in general.

"The big complaints are it's bureaucratic, it takes up time, it doesn't provide a lot of value, it's preventing you from doing what you need to be doing in the first place, it ties you up in meetings instead of working, on and on," Feldman says. "There are people who dive for cover when they see a project manager coming down the hall because they're afraid they're going to be put on a task that's a complete waste of their time."

Although it may come across as a waste of time, project management is necessary to keep projects on time and on budget, he says. In organizations that don't have a dedicated PMO, 77% of IT projects are being managed by IT staff. It's not OK to just be a technologist any more (unless that staff member is confined to the data center), and the increasing need for IT professionals with soft skills has been a trend in the making for 20 years, he adds.

The technology-native generation is now in the workforce, and the IT bullying that happened more than 20 years ago is no longer acceptable in the enterprise, says Feldman. The need for good project management is already there, mostly because an organization cannot execute well on a business technology project without soft skills related to project management.Good project management will enable businesses to reap the benefits of consistent, high-quality delivery of innovative IT projects. If project management is done right, it means that IT projects will succeed. Without it, failure is inevitable, and with failure comes a loss of time, money and effort, he states.

Can IT alone manage its projects? No. IT organizations that have their own PMOs attribute only 1% to 1.5% of the entire IT organization's budget to the PMO. They're not going to be able to manage every little project on IT's bailiwick, Feldman says. IT is equipped to handle a large number of smaller projects that don't require a PMO, but for larger projects where failure could mean significant harm to the organization, a PMO can ensure the project is a success. Unfortunately, only 53% of IT projects are always or usually delivered on time, based on responses to the survey. There's plenty of room for improvement.

"I think that by and large IT organizations need to understand that most of their infrastructure is going to be in the cloud in one way, shape or form in the future," says Feldman. "There's going to be very little in the way of internal infrastructure, and they had better bone up on their project skills if they want to keep working there because the projects are where the innovation comes from."

Learn more about 2012 InformationWeek Cloud ROI Modeler by subscribing to Network Computing Pro Reports (free, registration required). ]]> http://www.networkcomputing.com/data-center/232600601 http://www.networkcomputing.com/data-center/232600601 http://www.networkcomputing.com/data-center Fri, 10 Feb 2012 09:00 EST While it may be hard to calculate just on numbers the return on investment that the F5 technology will afford, the benefits are real, reports St. Louis-based Distribution Management, which decided to virtualize its entire network infrastructure and desktop environment on VMware View. The challenge became figuring out how to give end users access to everything they have inside the company, even when they work remotely, while not compromising performance and security. The $6 million wholesale computer, copier, fax and printer supplier, which has 300 employees, decided to deploy the BIG-IP Edge Gateway to provide secure remote access combining SSL, VPN, security, application acceleration and availability services.

"We saw about five or six different ways users were connecting to the network," notes Dan Shipley, IT architect at Distribution Management.

When that occurs, the VPN client has to be smart enough to know when a user is switching from one connectivity point to another and keep working, but he found the ones they were using "did a terrible job handling those network changes." The gateway is "very smart to switch to different connectivity options; it knows when to do it and holds the connection if the network isn't there," says Shipley.

Distribution Management is also using BIG-IP Edge client to talk to the application and send it a retry, letting it know that the network isn't down but is rather in waiting mode. It will let communication pass through as soon as the Edge client connects again.

In addition, when users logged in to the hosted virtual environment, they typically had to log in three different times, Shipley says. F5 Edge Gateway allows for single sign-on by caching the log-in information on the back end, he says.

Another challenge was that end users were seeing "widely varying experiences" remotely depending on their network bandwidth. The Edge client, in concert with Edge Gateway, compresses traffic, and Shipley says IT has seen speed double over what it had without that compression. Latency has also decreased for certain applications, so the company has witnessed a lot of traffic optimization, he says. "The net effect to the user is they feel like they have twice the bandwidth and everything works faster."

From a back-end perspective, Shipley says, there are several features he likes: network access control (NAC) of endpoints, based on whether the clients have anti-virus running and are updated; NAC for both Windows and browsers; the ability to push the VMware View client out to the user if it is not installed; quality of service for VoIP, RDP and PCoIP protocols; load balancing of incoming user connections; Webtop page listing applications users can connect to; and firewall limiting of ports, protocols and IP addresses the clients can communicate with. The only downside Shipley has seen with F5 is that the technology is so powerful it has a fair amount of complexity and a big learning curve. "I wish it would configure itself,'' he says.

Just two weeks ago VMware expanded its management portfolio with vCenter Operations Management Suite by integrating with VMware vCenter Capacity IQ and VMware vCenter Configuration Manager for improved performance, capacity and configuration management. The new enhancements focus on embedding and integrating management tools into the platform, streamlining processes and applying analytics so customers can achieve better economics with their cloud computing deployments.

Shipley hasn't calculated the ROI since his company started using F5, but he says the technology has leveraged the company's internal infrastructure by allowing external/remote access. "Without the F5, users would not be happy with the solution and wouldn't use it as much. The [virtualization] project wouldn't have been successful without the Edge Gateway and Client."

Learn more about Strategy: SIEM by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/virtualization/232600577 http://www.networkcomputing.com/virtualization/232600577 http://www.networkcomputing.com/virtualization Thu, 09 Feb 2012 13:00 EST 10 Gbit Ethernet (GbE) from 1 GbE appears to be gaining traction, 4G and LTE wireless networks are quickly replacing 3G, and the introduction of Intel's Romley microprocessor platform later this year, with built-in 10-GbE support, is expected to drive another round of server refreshes industrywide. All of this is causing network operators to buckle up for a bumpy ride as they try to manage the torrent of data on their networks these innovations will unleash.

And even as 10GbE is advancing, an increase to 40GbE and 100GbE connectivity is generating the next threatening waves. But many of the clients that industry researcher Zeus Kerravala, principal analyst at ZK Research, consults for don't have a clear sense of what traffic courses through their networks and how to best manage it.

"One piece of advice I always give network managers is don't re-architect your network or make any decisions until you truly know your network," he says. "My estimate is that only about 25% of network managers really know their network."

Enter Gigamon, which just introduced an additional network chassis that delivers what is calls a Traffic Visibility Fabric technology. It sits on top of the network layer as an abstracted layer, providing that visibility for various network management tools that track performance, quality of service, security and other important metrics.

The GigaVUE-HD4 Traffic Visibility Node chassis is a five-rack unit (5RU) device that complements the GigaVUE-HD8 chassis unveiled by Gigamon in May 2011. That is a larger 14RU chassis that customers thought was great, but a bit much.

"We designed this [HD4] box because customers were saying your big chassis, the HD8, is pretty efficient on space at 14RU, but it's big. Is there something that fits between a classic 1RU and the 14RU?" says Paul Hooper, network visibility strategist for Gigamon.

The HD4 offers eight 40-Gbps ports, 96 10-Gbps ports or 176 1-Gbps ports, depending on how the blade is configured. It delivers up to 1.3 Tbits of throughput and aggregates data from a row of servers by sitting at the end of each row.The beauty of the HD4, as well as the HD8, is the investment protection of being able to migrate from 10 to 40 to 100 GbE as needs change, says ZK's Kerravala. "The fact that it can do 10 gig natively, and it's got enough capacity to do 40 gig and 100 gig without an upgrade, means it lets companies upgrade to the higher speeds at their own pace," he says.

The confluence of technologies increasing network bandwidth--10 GbE, 4G wireless, Intel Romley--is needed to support the increasing demands on service provider and data center networks, says Gigamon's Mike Valladeo, product director for the HD line. Faster and more sophisticated networks are needed to support the growing number of endpoint devices, the explosion of data they are creating and crunching, the variety of applications they are running on premise and in the cloud, the number of physical and virtual servers they have to manage, and the extension of the fixed network to a mobile network, he says.

This creates a market opportunity for network administrators seeking to upgrade, as well as for vendors like Gigamon. "People are moving quicker now because I believe their budgets are starting to open up and they are seeing that the data that was evolving is now all of a sudden starting to explode," says Valladeo.

Another factor helping drive the 10 GbE market is declining prices. The average selling price has dropped to $388 per port in 2011, down from $818 per port in 2008. Key vendors in this market include Alcatel-Lucent, Avaya, Brocade, Cisco Systems, Extreme Networks, Dell, HP, IBM and Juniper Networks.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/next-gen-network-tech-center/232600569 http://www.networkcomputing.com/next-gen-network-tech-center/232600569 http://www.networkcomputing.com/next-gen-network-tech-center Thu, 09 Feb 2012 12:00 EST DocuSign is the global leader in electronic signature technology, and it first hit the mobile world in November 2011. DocuSign Ink for Apple iOS caught on fast, and was picked as a Top 5 iPad productivity app by Apple. DocuSign knows it has a good thing going on, and the company is now taking aim at a market of Android users that it believes is some 60 million strong.

Being an Android user, I recently took the Ink app for a spin. A lightweight download gives way to quick application setup, and first-time DocuSign users will get their accounts squared away in seconds. Pull a document from your local files or have one sent to you, and you're in the e-signing business just like that. It's free, and has the power of the law behind it. Depending on what you do for a living or how you'd like to improve your business processes, DocuSign can be transformative.

Another recent DocuSign announcement makes the point. Cartavi is a cloud-based real estate document management platform. If you've ever bought or sold a home or property, you know that there can be a tremendous amount of paperwork involved, and getting involved parties together can be a scheduling nightmare. But when those same documents can be accessed online in Cavarti's virtual "transaction rooms," the process can be much smoother and involve far less stress.

DocuSign has recently been integrated with the Cartavi platform. Gone are the days of driving to the office to close the deal, and now DocuSign Ink support for multiple mobile devices means that agents can do business more efficiently from their choice of device, from anywhere. DocuSign claims that more than 4 million real estate transactions have been closed to date through its e-signing capabilities.

Given the acceptance of DocuSign by industry biggies like Salesforce.com and its compliance with Payment Card Industry Data Security Standard (PCI DSS) requirements, there's little doubt that e-signing will only get more prevalent as mobile devices displace desktop workstations. DocuSign did well to add support for both of the major mobile platforms, and this is will continue to be an exciting space to watch.

As of publication, Lee Badman has no business relationship with DocuSign.

]]> http://www.networkcomputing.com/wireless/232600281 http://www.networkcomputing.com/wireless/232600281 http://www.networkcomputing.com/wireless Thu, 09 Feb 2012 09:00 EST The Solarflare ApplicationOnload Engine, available in late April, provides a direct path between the application and the network for applications that demand low latency, low jitter and high message rate performance, says CEO Russell Stern. He says of customers already using the technology, "We cut their latency by half, increased their message rate by from seven to 10 times and reduced jitter to zero." He identified the New York Stock Exchange and the Chicago Board of Trade as Solarflare customers, but said others did not want to be identified for competitive reasons.

The 10-GbE standard is gaining new traction as network operators upgrade from 1 GbE to meet demand for more bandwidth. According to the latest market data, sales of 10-GbE switches are expected to reach $13 billion by 2016 and will constitute nearly half of a total $28 billion Ethernet switch market by then. That year sales of 40- and 100-GbE products will amount to $3 billion. Vendors in this market include Alcatel-Lucent, Avaya, Brocade, Cisco, Extreme Networks, Dell, HP, IBM and Juniper Networks.

Growth in 10-GbE deployments will be driven primarily by continued adoption of virtualization, meaning servers will be running at higher utilization rates than will non-virtualized servers, says Alan Weckel, senior director at Dell'Oro Group. Another driver is expected to be the server refresh cycle prompted by the release of Intel's new Romley microprocessor platform, which will provide the faster server throughput that is needed for virtualization, he adds.

"Romley comes out in the first half of 2012, so 2012 is going to be the time that enterprises go through qualification tests of the new servers and new switches. The hockey stick up is [in] 2013," Weckel says.

Solarflare's ApplicationOnload Engine (AOE) adds FPGA capability to a previously introduced Solarflare OpenOnload application programming interface for connecting apps to the network. The company learned that many of its financial services customers were trying to engineer a FPGA feature of their own, but had trouble doing the engineering and financing the projects internally, says Stern. The AOE from Solarflare can be sold with either custom software developed by the financial institution, software developed by Solarflare or software from a third party, he says.

Solarflare is actually co-developing the AOE solution with some of the financial institutions needing it, says Scott Woolsey, director of brand development at Solarflare. He declined to identify them, but adds they are "household name" companies. Solarflare also sells through value-added resellers that serve the financial services industry.

While Solarflare adapters have found a market in other compute-intensive fields such as video surveillance, oil and gas exploration, research institutions, virtualized data centers and other big data applications, "we chose to land our beach craft in the financial services market," Stern says, because of the market opportunity there for financial trading and business analytics where speed, accuracy and up time are critical.

Stern believes the AOE capability distinguishes Solarflare from other 10-GbE server adapter vendors such as Broadcom, Intel, Qlogic and Emulex, and that Solarflare has greater market share than them in the financial services sector because of AOE.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/next-gen-network-tech-center/232600507 http://www.networkcomputing.com/next-gen-network-tech-center/232600507 http://www.networkcomputing.com/next-gen-network-tech-center Thu, 09 Feb 2012 09:00 EST InformationWeek's "Data Encryption: Ushering In a New Era" report found that cloud and mobility are adding new challenges to security, but only 47% of 506 IT professionals that responded to a survey on data encryption stated that have mobile-device encryption has been made a priority.

Another InformationWeek survey, "Research: 2012 State of Cloud Computing," of 511 IT professionals regarding cloud computing found that 64% of enterprises using cloud services are dealing with between two and five different providers. As the number of servers and applications move into the cloud, the more the use of encryption drops off.

"The problem of mobility and cloud is it forces policies, processes and encryption technologies to have to scale to an outside device, organization, and too many more use cases," says Michael Davis, CEO of Savid Technologies and author of the report. "This usually means the governance/audit team isn't ready, the security team gets bogged down in details related to deployment, but in the end we don't see users impacted too much by encryption in these spaces as the technology is usually transparent."

All of the encryption technologies require keys, but in the case of mobile devices, the keys are usually controlled by end users when they turn on their phones, Davis explains. In that case, the user must have a lock/password screen or encryption isn't able to do its job. IT can create policies around using lock/password screens, but end users frequently ignore policies. In the case of mobile devices, it leaves potentially sensitive data open to anyone who comes into physical contact with the phone.

Of the 506 respondents to the data encryption survey, 38% said their organizations have comprehensive formal policies in place that expressly require encryption of personally identifiable information (PII) or confidential data on certain devices within their networks. They said the policies are strictly enforced. Another 38% noted that although they have policies, enforcement is limited or done on an application-by-application basis.

"If the organization doesn't start looking at their data in terms of who, what, why and where the access to that data needs to occur, they won't be able to properly encrypt the data and know what devices need to decrypt the data," states Davis. "Furthermore, when it comes to cloud, if you don't encrypt and have control of your keys, you are basing your security on the fact that the cloud provider promises to implement security at or above the level your organization does, and, sadly, most organizations don't check to see that the cloud provider actually meets the same level of security requirements."

From a mobility perspective, enterprises have been lucky because of the type of data typically being stored on mobile devices, Davis says. End users have not wanted to work with large documents, spreadsheets and other files not easily viewable on mobile devices, but as the form factors, available applications and performance of mobile devices have increased, users are becoming more likely to work with such data on their smartphones and tablets.

"Mobility has enabled anywhere, anytime access. I call it the Starbucks problem. Every Starbucks is now the corner office for most workers, and mobility is going to continue to demand that employees access files anywhere from any device," he says.

IT organizations need to ask themselves some tough questions about security and encryption, with a focus on securing data that is not under their control (because most of those mobile devices aren't). The solution to the problem is usually taking a data-centric approach to security instead of the traditional premise-based model, says Davis.

Learn more about Strategy: SIEM by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/cloud-computing/232600474 http://www.networkcomputing.com/cloud-computing/232600474 http://www.networkcomputing.com/cloud-computing Wed, 08 Feb 2012 13:00 EST "As application management becomes much more complex as they turn to cloud, [IT organizations are] using cloud in ways that surprised me in terms of sophistication,'' Craig says. For example, almost half of the companies surveyed are running tiered transactions/services spanning both cloud and on-premise, according to the report, while 35% have either integrated or are in the process of integrating multiple software-as-a-service (SaaS) applications.

"The research showed quite a large number of companies that are actually already running transactions that span multiple SaaS services, and I didn't expect them to be this far along,'' Craig notes. "They are very sophisticated in terms of deployment but struggling as an industry with finding APM products that can deal with this kind of complexity." Her research found, for example, that many public cloud providers do not yet offer monitoring agents or APIs, which is hampering vendors' ability to build capabilities management into APM products.

Additionally, the majority of midsize to large businesses have already embraced private cloud as a viable delivery option for business-critical applications, the report finds, as some 66% of companies are either already using infrastructure as a service (IaaS) or planning to do so within the next year. Among other findings are that 44% of companies are already utilizing at least one SaaS service, with another 33% planning to do so in the next year.

There are a couple of key challenges in terms of managing cloud applications, says Craig. "One is that you have to build an end-to-end picture of the transaction or application. Unless you have that [visibility], you don't know where to start in terms of actually solving application performance problems." But the challenge is being able to drill down and understand as many as 30 to 40 components supporting the application to determine the origin of a slowdown, for example. "You have to be able to see the application from start to finish in context with the technology that's supporting it,'' she says. "IT organizations are starting to experience this problem. In many cases they're trying to manage these very complex environments with manual kinds of activities, and they see the need to get away from that because it's taking a tremendous amount of time." It's also very expensive to manage these complex environments with people alone, she adds.

In spite of the struggles APM vendors are having, Craig was also surprised by "how fast vendors are evolving products to address" the complexity during the timeframe she conducted her research. "There are constant updates and enhancements to cloud APM solutions," she says, "so it's a very rapidly evolving market." APM product vendors covered in the report include OpTier, AppDynamics, AppFirst, Aternity, CA, Compuware, Correlsense, eG Innovations, HP, IBM, INETCO, Nastel, Netuitive, New Relic, OPNET, Quest, SolarWinds and Splunk. More than 40 users of the products were interviewed for the report.

But even with the upgrades and enhancements, Craig doesn't see the level of APM complexity diminishing anytime soon. "It's still an evolving market,'' she says. "The task of managing applications is probably the most challenging of any of the enterprise management disciplines. Application management relies on assimilation of metrics from across the entire application execution ecosystem."

Her vision is to see APM become "increasingly automated," although full automation capabilities will likely take five to 10 years to evolve. Flow-based network analytics will likely be a powerful force in enabling full automation of APM systems, Craig believes. Network analytics leveraging such information to track and model end-to-end application execution will be the answer to enabling greater levels of automation in the future, she maintains. "I believe the network will ultimately provide the unifying information necessary to automate the process of application performance management,'' Craig says, adding that within the next two to four years, "APM vendors are going to turn to the network in very creative ways to build this end-to-end view of application execution."

Learn more about Research: 2012 State of Cloud Computing by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/cloud-computing/232600455 http://www.networkcomputing.com/cloud-computing/232600455 http://www.networkcomputing.com/cloud-computing Wed, 08 Feb 2012 11:00 EST Conversion to IPv6 is necessary because the supply of IPv4 addresses is close to exhaustion. An IPv4 address is only 32 bits long, creating a supply of just 4 billion addresses. The IPv6 address is 128 bits, creating more than 340 undecillion address combinations--(340,000,000,000,000,000,000,000,000,000,000,000), which is a 34 followed by 34 zeros--a virtually unlimited supply.

By one measure, IPv6 adoption is on the upswing. A November 2011 survey commissioned by Infoblox, a network infrastructure automation vendor, found that 25.4% of the Internet zones under .com, .net and .org domains support IPv6, up from only 1.27% in a 2010 survey.

But in terms of enterprise adoption of IPv6, little work is being done on the upgrade. Jim Frey of the research firm Enterprise Management Associates points to another Infoblox-commissioned study that said only 9% of businesses surveyed had completed an IPv6 rollout; 68% said they had made little or no progress in conversion; and 23% said they were in the midst of a rollout.

Converting to IPv6 may not seem a priority, but the pressure to upgrade varies by the type of business, says Arpit Joshipura, chief marketing officer for Force 10 Networks, a network equipment vendor recently acquired by Dell. He says the industry segment most likely to adopt IPv6 first is Web 2.0 companies, such as social networking sites like Facebook, because they have a lot more user endpoints. Under the least pressure to adopt IPv6 are enterprise data centers, he says, because they have relatively little "Internet-facing IT."

That being the case, enterprise data center operators can plan a smaller project focused just on its Internet-facing network.

"We see enterprises recognizing that they need a plan but that the plan can be done in pieces," says Keith Stewart, director of product management for Brocade Network's application delivery products. "Very few people that I talk to anymore are thinking about 'how do I do an end-to-end upgrade to v6' because the cost and benefit analysis just isn't there."

Service providers have led the market in migrating to IPv6 and they have an opportunity to monetize the IPv6 skills they have built up to advise others how to make the switch, Stewart says. "There's not a lot of IPv6 expertise out there, but ... they've got a lot of the IPv6 talent in house."Some companies will have to adopt IPv6 sooner than others also based on where they operate, adds Dell's Joshipura. The federal government faces an IPv6 mandate in the U.S., while mandates apply to all organizations in China, Japan and South Korea.

Wider adoption of IPv6 presents one of those "chicken-and-egg situations," says Leslie Daigle, chief Internet technology officer for ISOC.

Content providers don't see the point of providing production-quality IPv6 access to their content if there are relatively few users who they can reach over IPv6, Daigle says. Meanwhile, ISPs don't see the point in providing IPv6 services to their customers unless there's actually content that's available over IPv6.

"We're trying to untie that Gordian knot and basically get a number of content providers and service providers and the hardware manufacturers upon whom the service providers depend to jump into the swimming pool all at once," she explains.

IPv6 day 2012 is not just a one-day event to promote IPv6, as was the case last year, but it's the date by which several high-profile committed participants will be offering IPv6 as part of their regular service. Key members of ISOC are service providers such as AT&T, Comcast and Time Warner Cable in the United States and counterparts abroad, home networking equipment vendors such as Cisco Systems and D-link, and major websites such as Google, Facebook, Microsoft Bing and Yahoo.

ISOC also has a website called Deploy360 to help businesses plan and implement an IPv6 migration. Among the items on the site are this humorous take on running out of IPv4 from Cisco.

Part two of this series will look at how to deploy an IPv6 network on top of an existing IPv4 network.

Learn more about Best Practices: Ipv6 Transition by subscribing to Network Computing Pro Reports (free, registration required). ]]> http://www.networkcomputing.com/ipv6-tech-center/232600450 http://www.networkcomputing.com/ipv6-tech-center/232600450 http://www.networkcomputing.com/ipv6-tech-center Wed, 08 Feb 2012 11:00 EST I've long found the Federal Communications Commission to be a curious body. With a track record of commissioners coming from or going to high positions in industry, it's hard not to wonder about impartiality and whether commissioners are always acting completely in the interest of the public good. On occasion, the FCC comes across as a cheerleader for a specific technology or company, while at least partially turning blind eyes to strong technical evidence that counters the viability of some of the agency's pet initiatives.

Broadband over Power Lines (BPL) is a recent example, where the FCC wasn't very serious or consistent about enforcing its own regulations on interference that was disruptive to a range of licensed radio services. While the agency was out busting low-power community "pirate" radio stations, they often bordered on being a free advertising agency for BPL, regardless of the significant problems related to the technology in certain common configurations, as proven repeatedly by qualified experts. BPL as an initiative now is somewhere between death and life-support, having not survived its own flaws, despite the FCC's efforts to champion it.

Back to Lightsquared, and yet another weird vibe from the FCC. Lightsquared is an LTE broadband startup that employs technology that has been proven by a number of qualified groups to interfere with GPS signals. We're talking consumer, scientific, and military GPS applications at risk from Lightsquared's emissions. Typically, new technologies have to prove themselves to be non-problematic before the FCC will approve them going forward. Lightsquared however, was given conditional approval by the FCC's Democratic commissioners early on, with technical validation to follow. And here's how we got to the mess things are in today.

One prevailing version of the story (greatly simplified for brevity) has Phil Falcone, head of Lightsquared's owning company Harbinger Capitol, donating large amounts of money to the Democratic Party in advance of the FCC giving the go-ahead to Lightsquared in advance of the company actually proving its ability to be a radio good neighbor. But sooner or later the testing would come, and the results were not pretty. At least nine government agencies and the GPS industry have shown evidence that Lightsquared's approval would be devastating to a wide range of civil, consumer, and defense applications that that use the long-successful GPS system. The FCC (having little choice) has had to slow down the momentum of Lightsquared's unusually fast approval process in response, while the company attempts to address if and how they are going to get around the interference issues.

In the inevitable back-and –forth, Lightsquared has countered it's critics with a few well-publicized arguments. Talk of an inexpensive filter that could be added to high-end GPS receivers to mitigate the effect of Lightsquared's signals didn't go very far, as no real examples of the solution were offered and the strategy wouldn't help the millions of consumer-GPS-equipped products in use. Lightsquared has also claimed that the GPS system itself is problematic, and operating outside the tolerances of its approved frequency ranges. Whether this has been independently verified is unknown to me, but the GPS landscape is so entrenched at this point, Lightsquared's argument is almost moot.

And now the latest. Sprint is the biggest-named partner to sign on with Lightsquared, having done so early on. Sprint had originally given Lightsquared until February to get final FCC approval, which was derailed because of pushback by all of those who will feel the impact of a performance-compromised GPS system. Now, as Lightsquared (again with FCC cooperation) throws a Hail Mary pass by actually challenging whether GPS is legally entitled to protection from interference, Sprint has extended Lightsquared's approval deadline into mid-March. The FCC is gathering public comments on a fundamentally idiotic question, and we'll have to wait a few weeks to find out if this circus is finally over or whether this is just another turn along a very strange road paved by the FCC.

Anyone who follows the goings-on with spectrum-related issues and broadband growth in the US would agree that we have to have an eye to the future and look for new technologies. But if the FCC is going to be the agency that helps the country move forward, they are going to have to de-politicize their playbook, leave the technical decisions to experts, and start doing what's right for a change.

]]> http://www.networkcomputing.com/data-networking-management/232600279 http://www.networkcomputing.com/data-networking-management/232600279 http://www.networkcomputing.com/data-networking-management Tue, 07 Feb 2012 09:00 EST Providing universal access for mobile, residential and business users provides capital and operational savings for buyers and provides better flexibility for traffic management, says Juniper. The access layer extends from the initial connection to a network from mobile phones and the nearest cell tower, from a subdivision of homes or from a business park, to the edge of a service provider's network, be it a mobile carrier, an ISP or a conventional phone company.

The ACX Series routers should be in demand with mobile service providers that are migrating to 4G/LTE networks, the company says. Providers are doing so because of the continued heavy usage of smartphones and tablets; applications such as video; high-bandwidth usage; and applications requiring high quality of service.

Michael Howard, principal analyst at Infonetics Research, notes that Juniper's support for both Ethernet and Mulitprotocol Label Switching (MPLS), should interest a number of carriers that will want to evaluate the ACX. Wireless carriers, in particular, favor Ethernet and MPLS as primary cell site back haul connection protocols.

In September, Cisco expanded its service provider offerings, the ASR 9000 Series Aggregation Services Routers System portfolio, in response to the proliferation of mobile Internet services and devices such as tablets and smartphones that are fueling demand for bandwidth and quality experiences, as well as to the ongoing evolution to IPv6. The latest additions to the series, which has an installed base of more than 500 service providers, featured the company's nV (Network Virtualization) technology, which blends the network edge, aggregation and access layers into a single 96-Tbps system.

The ACX series also combines the benefits of traditional synchronous optical networking (SONET) technology and more contemporary packet network architecture, he continues. SONET architecture was exceptional at timing, meaning all the elements of a network signal arrived in the right order at the right time. This is why land-line phone calls sounded better than some cell calls, says Juniper. Packet network architecture offers the ability to deliver packets of data, regardless of type of content or structure, over a shared network, but timing is as optimal as on a SONET network.

Juniper has timing built into the ACX product that increases the quality of the experience for the users and also decreases the chances for service providers to have to incur SLA violations, the company says.

The new series delivers 10 Gbps throughput, versus most competitive routers in this space that typically deliver 1Gbps. It also adds a number of operational intelligence features to handle a variety of types of applications that have different quality-of-service requirements and that may require different service-level agreements (SLAs), says Juniper. The ACX line of routers is offered in five models, four of which are one-rack-unit configurations that are designed to be "passively cool" for energy efficiency and hardened to be unaffected by environmental conditions such as dust. The fifth model is a two-rack-unit model that has more capacity but lacks the hardened design of the others. However, all five products support Power over Ethernet (PoE) connectivity.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/next-gen-network-tech-center/232600360 http://www.networkcomputing.com/next-gen-network-tech-center/232600360 http://www.networkcomputing.com/next-gen-network-tech-center Tue, 07 Feb 2012 09:00 EST There, Cisco CTO Padmasree Warrior reportedly outlined Cisco's SDN strategy but did not mention OpenFlow as the protocol on which it would be based. "It appears Cisco will go proprietary on its SDN strategy," according to a report. The report also quoted another Cisco executive saying that "at this point, we don't think [OpenFlow] is production-ready."

Asked to respond, Bethany Mayer, senior VP and general manager of the HP Networking business, said Cisco and HP have very strong differences on support for standards-based versus proprietary technology.

"It is at the heart of a philosophy at HP that we remain open with open standards so that we can be interoperable with the other networking vendors in the industry. If they have decided to go the proprietary route, frankly, that's bad for the customers," said Mayer.

OpenFlow is a protocol developed at Stanford University, and HP Labs was present at the creation in 2007, working alongside Stanford researchers, said Charles Clark, an HP distinguished technologist and director of research in HP Networking. The idea behind it is that the intelligence in the network--to route packets, prioritize traffic, minimize latency, enforce quality of service (QoS) policies and provide security--is moved from network switches and routers to a software-based controller. Hence, the term software-defined networks.

The Open Network Foundation (ONF) is a community of academic researchers, networking vendors and companies managing their enterprise networks that is developing the OpenFlow protocol, evangelizing it and helping to bring it to market.

At the HP event in Cupertino, Calif., Dan Pitt, executive director of the ONF, said Cisco is also a member of the group, as are other networking vendors, and that "everybody is contributing in good faith.""This is a movement that is happening and vendors will react to it in different ways over time, but I don't think the movement itself is stoppable," Pitt said, adding that Cisco or any other company can bring to market both a proprietary product and one built to industry standards.

But he and HP representatives think OpenFlow is proven technology and that HP is the first networking vendor to offer OpenFlow over such a wide array of its networking products.

HP is offering a free download of OpenFlow to enable SDN on 16 switching product lines that are deployed by service providers, in data centers, on campus networks and in branch offices, said Dan Montesanto, worldwide product manager for data center network solutions integration at HP. Those 16 product lines represent an installed based of 250,000 devices with a combined total of about 10 million ports that can be SDN-enabled.

IBM and NEC jointly announced on Jan. 24 the introduction of an IBM switch coupled with an NEC network controller based on OpenFlow, but Montesanto noted that is only one switch that is SDN-enabled. Both IBM and NEC are also members of the ONF.

The CEO of a new vendor in the OpenFlow space, Big Switch Networks, says more OpenFlow products still in beta testing are expected to come out in 2012.

At an OpenFlow conference last fall, Cisco was asked if the intelligence is moved from the switches to the network control layer, wouldn't that make switches more commodity products, selling for less money and making less profit for switch vendors? David Meyer, a Cisco fellow, said the company is aware of the situation and is preparing to deal with it. "Folks get this and how to react to it is what's being formulated right now."

He said it's very obvious to everyone that something's going on here, and the question is how to react to it in a way that everybody can live with. "When you have a big company like Cisco, you've got to socialize those kinds of things." Meyer added that he was pushing people inside Cisco "to start thinking about it."

Responding to the same question on Thursday, HP's Saar Gillai, VP of the Advanced Technology Group within the networking division, replied that OpenFlow/SDN is not a "commodity play."

"This is a simplification play," he said. "If you look at where HP is deployed today, we're solving customer problems. If you look historically when things like this have happened, typically the same vendor who is providing the value in one place is now providing value some place else."

Cisco did not reply to a request for comment for this story, but the story will be updated when and if the company does.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

]]> http://www.networkcomputing.com/next-gen-network-tech-center/232600195 http://www.networkcomputing.com/next-gen-network-tech-center/232600195 http://www.networkcomputing.com/next-gen-network-tech-center Fri, 03 Feb 2012 11:00 EST