Internet Network Security Blog

News that Cisco Systems may release proprietary networking products implementing software-defined networking (SDN) technology, but not necessarily based on the emerging OpenFlow protocol, has executives at rival HP complaining about another Cisco vendor lock-in play. At a news event at HP Thursday, at which the company announced OpenFlow capability available for 16 HP networking product lines, executives were asked to comment on a news report from the Cisco Live event going on this week in London.

There, Cisco chief technology officer Padmasree Warrior reportedly outlined Cisco's SDN strategy, but did not mention OpenFlow as the protocol on which it would be based. "It appears Cisco will go proprietary on its SDN strategy," according to a report. The report also quoted another Cisco executive saying that "at this point we don't think [OpenFlow] is production ready."

Asked to respond, Bethany Mayer, interim senior vice president and general manager of the HP Networking business, said Cisco and HP have very strong differences on support for standards-based versus proprietary technology.

"It is at the heart of a philosophy at HP that we remain open with open standards so that we can be interoperable with the other networking vendors in the industry. If they have decided to go the proprietary route, frankly that's bad for the customers," said Mayer.

OpenFlow is a protocol developed at Stanford University and HP Labs was present at the creation in 2007, working alongside Stanford researchers, said Charles Clark, an HP distinguished technologist and director of research in HP Networking. The idea behind it is that the intelligence in the network -- to route packets, prioritize traffic, minimize latency, enforce quality of service (QoS) policies and provide security -- is moved from network switches and routers to a software-based controller. Hence, the term software-defined networks.

The Open Network Foundation (ONF) is a community of academic researchers, networking vendors and companies that manage their enterprise networks, that is developing the OpenFlow protocol, evangelizing it, and helping to bring it to market.

At the HP event in Cupertino, Calif., Dan Pitt, executive director of the ONF, said Cisco is also a member of the group, as are other networking vendors, and that "everybody is contributing in good faith.""This is a movement that is happening and vendors will react to it in different ways over time, but I don't think the movement itself is stoppable," Pitt said, adding that Cisco or any other company can bring to market both a proprietary product and one built to industry standards.

But he and the HP people think OpenFlow is proven technology and that HP is the first networking vendor to offer OpenFlow over such a wide array of its networking products.

HP is offering a free download of OpenFlow to enable SDN on 16 switching product lines that are deployed by service providers, in data centers, on campus networks and in branch offices, said Dan Montesanto, worldwide product manager for data center network solutions integration at HP. Those 16 product lines represent an installed based of 250,000 devices with a combined total of about 10 million ports that can be SDN-enabled.

IBM and NEC jointly announced on Jan. 24 the introduction of an IBM switch coupled with an NEC network controller based on OpenFlow, but Montesanto noted that is only one switch that is SDN-enabled. Both IBM and NEC are also members of the ONF.

The CEO of a new vendor in the OpenFlow space, Big Switch Networks, says more OpenFlow products still in beta testing are expected to come out in 2012.

At an OpenFlow conference last fall Cisco was asked if the intelligence is moved from the switches to the network control layer, wouldn't that make switches more commodity products, selling for less money and making less profit for switch vendors? David Meyer, a Cisco fellow, said the company is aware of the situation and is preparing to deal with it. "Folks get this and how to react to it is what's being formulated right now."

He said it's very obvious to everyone that something's going on here, and the question is how to react to it in a way that everybody can live with. "When you have a big company like Cisco, you've got to socialize those kinds of things." Meyer added that he was pushing people inside Cisco "to start thinking about it."

Responding to the same question on Thursday, HP's Saar Gillai, vice president of the Advanced Technology Group within the networking division, replied that OpenFlow/SDN is not a "commodity play."

"This is a simplification play," he said. "If you look at where HP is deployed today, we're solving customer problems. If you look historically when things like this have happened, typically the same vendor who is providing the value in one place is now providing value some place else."

Cisco did not reply to a request for comment for this story but it will be updated when and if it does.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

Cisco Systems is introducing new switches with 40 and 100 Gigabit Ethernet (GbE) capabilities, which are the coming new standards for switching speeds on networks. The 40GbE capacity is now available on its Catalyst 6500 switching line for campus networks, while 100GbE is available on the Nexus 7000 line for data center and service provider networks. The company also announced two new fixed-configuration platforms providing high-density 10GbE switching, which is the fastest growing category of switches today.

Like other networking vendors, Cisco is adding these higher-capacity switches to meet network demands for cloud computing, wider use of video, the increased use of mobile devices and the explosion of data flowing on those networks. According to the latest market data, sales of 10GbE switches are expected to reach $13 billion by 2016 and will constitute nearly half of a total $28 billion Ethernet switch market by then. That year sales of 40 and 100GbE products will amount to $3 billion. Other vendors in this market include Alcatel-Lucent, Avaya, Brocade, Extreme Networks, Dell, HP, IBM, and Juniper Networks.

Cisco is also introducing a capability it calls Easy Virtual Networking, which simplifies network virtualization functionality for its Catalyst 6500, 4500 and ASR 1000 product lines. A new Nexus 1010-X appliance enables scalable virtual services in a data center environment.

"We aren't just throwing bandwidth at the problem and saying everything is going to be sunshine and roses," said Shashi Kiran, senior director of marketing for Cisco Data Center and Enterprise switching. "We are helping customers to utilize that bandwidth in a much more resource-intelligent manner and, with ease of use, reduce complexity."

Cisco's domination of the network market continues, but a new report from Information Week Analytics indicates that the people who buy networking equipment are considering other vendors, such as Dell, HP or IBM, as an alternative. In addition, 49 percent of respondents said they were not considering switching vendors at all, a decline from 60 percent in the October survey.

Cisco earned the highest score among the seven vendors represented in the survey, scoring 77 percent out of a possible 100 percent. However, IBM came in a very close second with a performance rating of 76 percent, while HP and Dell both came in at 75 percent. Juniper and Brocade also scored generally well, just three and four percentage points respectively behind Cisco. Avaya earned a performance ranking of 70 percent.Cisco has been feeling the competitive pressure from rivals such as HP, which acquired networking vendor 3Com in 2010, and Dell, which late last year acquired Force 10 Networks. But Cisco's Kiran says the company is maintaining its market share lead measured either by revenue or the number of ports sold. Its revenue share was 71.8 percent in the third quarter of 2011, up from 68.6 percent in the previous quarter, and port share was 51.7 percent in the third quarter, up from 49.8 percent in the second. The figures are from the networking equipment research firm Dell'Oro Group. Meanwhile, Gartner research shows Cisco's share of the fast-growing 10GbE market is 76 percent based on port count.

"There's a lot of noise out there in the market today, a perception that Cisco is losing its port or revenue market share and the facts say otherwise," said Kiran. "Despite all this noise we're in a very strong position."

The Catalyst 6500, becoming available in April, supports 44 ports of 40GbE and 176 ports of 10GbE connectivity. The Nexus 7000 line, available sometime in the second quarter of this year, offers 96 ports of 40GbE and 32 ports of 100GbE connectivity.

Also new and available now is a Catalyst 4500-X switch that offers 40 ports of 10GbE connectivity and up to 1.6 terabits (TB) capacity. It is designed for deployment on campus networks. Coming in March is a Nexus 3064-X switch supporting 40GbE connectivity and targeted at data center deployments for high-frequency trading, big data or Web 2.0 environments.

Pricing information was not shared.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

While I was visiting Juniper in early December, I got a chance to sit down with the QFabric folks to discuss some of issues with QFabric and what I saw as a proprietary—with all the badness that word implies—product set in search of a reason. While QFabric is proprietary because of how the components are interconnected, I came away with the impression that the overall design and capacity looks extremely powerful, and I think the upsides of the QFabric product set far outweigh the downsides. Give a month's time between visiting Juniper and now, I'd say that all my ballyhoo about being proprietary was a non-issue. My bad.

Juniper's QFabric, in a nutshell, distributes the traditional chassis switch into discrete components. The top-of-rack (ToR) switches, called QFNodes, are line cards. The QFinterconnect, which the QFNodes are connected to via OM-4 or OM-5 fiber, is the back plane, and the QFdirector(s) are the supervisors (in Cisco parlance), or managers. Each QF node is connected to between two and four QFInterconnects via 40-Gbit links, and there are two QFDirectors that are connected to QFNodes and interconnect via an out-of-band 1-Gbit link.

Greg Ferro, who does network design and consultation for large organizations and also contributes to Network Computing, has written a nice explanation of QFabric and explains some benefits.

Here's why I like it. It's operationally simple. The distributed chassis metaphor is apt and means that multi-switch management is greatly simplified. You can manage up to 128 switches as if they were a single switch, which for all intents and purposes, they are. Think about that for a moment. You don't have to maintain credentials across 128 switches or authentication configuration if you are using RADIUS or some other authentication server.

You don't have to integrate 128 devices into your network management system (NMS), hypervisor management system or other IT systems. Even with scripting or an NMS, making sweeping changes to 128 individual switches in a network is dicey. Granted, you can aggregate multidevice management to simulate a single pane of glass, but that means introducing more servers and management protocols that can get in the way or breakdown. As the number of things you need to manage grows, the simpler your management framework needs to be.

Traffic-wise, you don't have to worry about multiple paths, spanning tree, building N-tiers, or deciding where to set-up routing since QFabric also routes (although Juniper is quick to point out that you likely wouldn't replace your edge or core router with a QFabric, just like you wouldn't replace them with a 1U ToR L2/L3 switch). Any two points in the QFabric is a mere 5 microseconds away. Unless your company requires ultra low latency, anything below 1 millisecond (typically, the granularity that latency is measured and reported in enterprise switches) is probably fine. But, hey, less is better in any case. If you need more capacity at the edge, you can add additional switches fairly cost effectively, as Ferro points out.

Bear in mind that, currently, each QFNode 3500 can be oversubscribed at 3 to 1, based on 48 10-Gbit ports facing the access devices and 4 by 40 gigabit uplink ports facing the QFInterconnects. 480 Gbits inbound going into a 160-Gbit uplink makes 3-to-1. However, engineers at Juniper said the limitation today is the interface speed of the uplink ports. There is no limitation to the QFInterconnect, so speeds can increase in the future provided Juniper ships QFInterconnect cards and QFNodes that support higher capacities.What gets interesting with QFabric is the migration path to and from QFabric, and how QFabric can fit into the data center. In a fit of whiteboard craziness, we mapped out some scenarios. A couple of things come clear:

• To the rest of the network, QFabric is just a L2/L3 switch. It's one bridge in a spanning tree, and outside QFabric, it's just Ethernet. That means you can plug a QFfabric into the rest of your network and it will be loop-free.
• All the rest of your L2/L3 network will behave just fine, and you can run any other network equipment, like a Cisco Nexus side-by-side.
• Any requirements such as reaching hosts defined by routes on an external router or passing traffic through a load balancer mean traffic many have to pass out and back in to QFabric.

If you have already invested in Juniper's QF 3500s, the EX line is not supported and you want to migrate to QFabric, you need a QFInterconnect and a QFDirector, although Juniper recommends pairs for redundancy. You can cable to your existing QF 3500s and they become part of the Qfabric. Take them out of the QFabric, and they become l2/L3 switches. Pretty nice investment protection.

I like it. QFabric is a fairly simple design—simple is good. No need to worry about mutlipath Ethernet protocols like TRILL, SPB, LAG or MLAG. It only scales to 6,144 10-Gbit ports with over subscription, 2,048 if you want non-blocking (that's 16 10-Gbit ports per QFNode). If you dual-home your servers, that only 3,072 servers. I say only tongue in cheek. That's a lot of servers for most organizations, and I will go out on a limb and assume that if you're looking at that kind of scale, it's either a special-purpose computing center or a hosting or cloud provider.

The other elephant in the room is cost. That's a topic I will take up later, as well as digging a little deeper into the design scaling issues. Of course, there are a number of other things to consider, like distance limitations of the OM-4 cable, cable layout and designing the L2/L3 network within QFabric. But if you are looking at upgrading from a 1-Gbit to a 10-Gbit network and you want to take advantage of the new features that network fabrics such as Brocade's VCS, Cisco's Fabricpath and Juniper's QFabric offer, it's worth a long hard look. And I bet the proprietary features will be less important the deeper you look.

Disclosure. I traveled to Sunnyvale on my company's dime. Juniper fed me a hamburger, chips and a soda, and gave me a pen.

Brocade introduced a new application delivery controller that enables service providers to manage application delivery in a way that servers or end-point devices no longer can. A key feature of the Brocade ADX 12.4 is what the company calls an OpenScript Engine, which enables enterprise service providers to build customized versions of network applications using the open-source Perl programming language in order to deliver networking capabilities unique to their needs.

The ADX 12.4 is designed to address a shift in the role of networks in delivering applications. Because of the proliferation of various end-point devices to which applications are delivered, no one optimization will suffice. For service providers such as ISPs, that range of devices includes laptops, smartphones, tablets, gaming consoles and Internet-enabled TVs. Because applications are also delivered via the cloud, traditional server-based application controls also come up short.

The OpenScript Engine feature in ADX 12.4 is a Perl-based platform for customizing applications for a service provider's unique needs, such as improving network infrastructure, security, acceleration or monitoring. Brocade is a supporter of the Comprehensive Perl Archive Network (CPAN), a community of app developers who share extensive libraries of scripts that have already been created. A developer trying to accomplish one task may find the work of someone else in the community who already solved the problem so efforts aren't duplicated.

Although other application delivery vendors also offer scripting engines, Brocade's support of Perl is laudable because it's a well-known and widely used scripting language, said Sam Barnett, directing analyst for data center and cloud research at the research firm Infonetics. He is also a veteran of the networking industry, running startups that worked with Brocade and Foundry Networks, which Brocade acquired in 2008.

A particularly impressive feature of the OpenScript Engine, Barnett said, is the Application Performance Estimator, which, as its name implies, predicts how an application will run on a network, as it's currently configured, before the application is actually deployed.

"The service provider community didn't really know what a new application or service delivery platform was going to do on the network because they didn't really understand how it was going to be used," he said. "This [Estimator] gives you ... a really good understanding of where your pain points are going to be before you introduce something completely unknown onto your network."

ADX 12.4 also streamlines the transition the IPv4-based network to the IPv6 network. It will help maintain service parity on both networks, which in a typical situation will run in parallel. IPv6 is a new standard for assigning Internet Protocol addresses because the worldwide supply of IPv4 address is running out.

Learn more about Strategy: OpenFlow vs. Traditional Networks by subscribing to Network Computing Pro Reports (free, registration required).

Riverbed Technology introduces Cascade 9.5, an upgraded version of its network management tool that aggregates information from a number of Riverbed network appliances -- physical and virtual -- into a single management console. Among the new features of Cascade 9.5 is Virtual Cascade Shark, the virtual version of Riverbed's physical appliance, which sees into the virtual switching layer within a virtual machine environment in a way the physical Shark appliance cannot, said Riverbed.

The new version of Cascade comes just two months after the WAN optimization market leader released a major upgrade to the RiOS 7--the software that powers its line of Steelhead application acceleration appliances--and Steelhead Mobile client software adding optimizations for video, disaster recovery applications, ICA over SSL and enterprise applications as we as and IPv6.

The new features include tight integration with Riverbed's Stingray traffic manager and F5's BipIP so that Cascade can perform multi-segment analysis correlating individual connections to a virtual IP (VIP) address associated with connections to hosts in a server pool. With multi-segment analysis, IT can correlate traffic issues like dropped packets, delay and other issues with an end user session. Without such correlation, monitoring application performance across the load balancer is difficult. Other load balancers are supported, but the configuration in Stingray is a manual process.

The need to manage the growth and increasing complexity of networks is driving demand for network performance management technology that can monitor traffic, identify possible bottlenecks and intervene to clear them up. As use of IT grows in enterprises so does demand on IT to deliver more capacity and speed over the WAN and to be able to prioritize traffic. For example, video gets priority over a simple e-mail, but a VoIP call gets priority over video if the video in question is something frivolous on You Tube.

The data center is undergoing a radical transformation. Data centers are being consolidated as virtualization technology is more widely adopted. Network pipelines need to expand to handle more traffic, particularly high-bandwidth video. And as applications are increasingly being distributed over the Web, more attention has to be paid to how well the network delivers those apps.

Wrap all of this with a virtualization layer, and application performance management and monitoring gets difficult. Virtual Cascade Shark, which currently runs only on VMware ESX hypervisors, is a virtualize version of Cascade offering visibility into traffic flows between virtual machines in a hypervisor. Cascade Virtual Shark pricing starts at $1,200. The Cascade Shark appliance now integrates with intelligent taps from companies like Gigamon, cTap, and VSS relying on their timestamps for latency measurements.

All of that is happening at the same time and the network administrators are pushed to understand the applications that run over the network and how well they are performing. While virtualization has greatly improved the efficiency of data centers by increasing server utilization, it has created "another blind spot for network managers," said Jim Frey, managing research director at Enterprise Management Associates (EMA).

"There could be traffic that goes on inside a hypervisor between multiple virtual machines and unless you have a means for gaining visibility into that hypervisor, you have no way to understand what's happening in terms of the traffic between those VMs," Frey said.

Other Riverbed management appliances that interact with Cascade 9.5 include its Stingray application delivery controller -- which the company said is more commonly known and a load balancer -- the Whitewater cloud storage gateway and the Steelhead wide area network (WA) optimization appliance.

Steelhead appliances could sit on the network at various branch offices and send WAN performance data to be aggregated by another Steelhead appliance in the data center with the results then presented in the Cascade management console, it said.

The network performance management solutions market is "pretty healthy and growing," said EMA's Frey, with startups seeing revenue growth of 20 percent to 40 percent or more annually and even more mature firms -- publicly traded companies like Riverbed and NetScout Systems -- reporting low double-digit revenue increases.

Learn more about Strategy: OpenFlow vs. Traditional Networks by subscribing to Network Computing Pro Reports (free, registration required).

These five configurations are the first thing a network administrator should apply to a newly-provisioned switch or router. Although these may seem like common sense, 90 percent of devices I see are missing at least one of these settings, and about 75 percent are missing two or more. Use this checklist as an action item to verify your existing devices have these settings, at a minimum, and integrate these in to any templates or provisioning documents you use. You'll appreciate the results of the consistency this adds to your network management and monitoring.

Define a default gateway or default route
Let's start with the fantastically easy one; a management IP and default gateway. Obviously, you can't manage a device across the network unless it has, at bare minimum, a management IP address. Instead of harping on the obvious, instead take note that many times when edge devices are provisioned, an IP address is configured, but the default gateway or default route is forgotten or omitted.

What happens when this configuration is missing? Those edge switches will hum along happily until one of three things happens:

1. Your management tool is installed or moved to a different subnet
2. You try to manage the switch from a different network or subnet.
3. You begin adding other VLANs or subnets to the switch.

Without a default gateway or route off of the network the switch is using, traffic may reach the switch, but it won't find its way back off that network. You won't believe how many edge are in the wild with this grievous omission, often resulting in the switch becoming unmanaged, by virtue of the management tools not able to see it.

Cisco & HP Networking:
# ip default-gateway
# ip route 0.0.0.0 0.0.0.0

Set the time
If I could ask administrators to set only one configuration out of the box, after the basic IP settings, I'd ask for this – the correct time. Correct time on a switch is vital when troubleshooting the device. A string of log entries dated 1/1/90 are useless to network administrators troubleshooting a problem.

The three most popular ways to set time on a device are 1) manual time settings, 2) TimeP or NTP and 3) SNTP. You should really have a time server in your environment, to keep the network all in sync. If you don't have a time server now, you can very easily add it. In Windows Server environments, a few clicks will have you up and running with SNTP in less than 5 minutes. You can also use public (Internet-hosted) time servers, although you shouldn't put yourself in a position to force each switch to call out over the Internet for time. As a last resort, set the time manually if you must; but by all means, set it somehow.

Cisco:
# ntp server
# clock timezone
# show clock

HP Networking:
# ip timep manual
# timesync timep
# clock timezone
Or
# sntp server
# sntp unicast
# timsync sntp
# show time

Enable neighbor discovery
Neighbor discovery protocols are essential for network administrators and management tools to accurately construct a view of the network topology. Each manufacturer has its own supported mix of neighbor discovery protocols, loosely based on how standards-focused that vendor is, and how much they want to pay in royalties to use proprietary protocols. The two most widely used are LLDP (Link Layer Discovery Protocol), an IEEE standard, and CDP (Cisco Discovery Protocol). Support varies by brand and at times even by model or firmware versions. What you may see in some devices is LLDP supported for listening and talking, but only the only CDP support is for listening. Others may offer equal capabilities for both protocols.

Enabling all supported neighbor discovery methods is highly recommended. The information it provides lets you immediately locate neighboring switches and even media endpoints such as phones and access points that use LLDP-MED, an extension of LLDP. Not only can you see where these devices are connected, you can get details of the device type, its hostname, IP address and even see what port it's connected to on the other end. In a similar fashion, your network monitoring and management tools will use these protocols to crawl the network, discover new devices and correctly identify and show inter-switch links.

Cisco: CDP is enabled by default, Enable LLDP
# lldp run
# show lldp neighbors <+ optional details>

HP Networking: LLDP is enabled by default. Enable CDP receive only support
# show lldp info remote <+ optional details>
# show cdp neighbors <+ optional details>

Configure logging and traps
Notifications of events on the network are a critical component of monitoring, troubleshooting and real-time alerting. Most switches offer two primary means of sending this data to a central repository; logging events via syslog and trap events via SNMP. Configuration of both is simple, and usually varies minimally from switch to switch, and even brand to brand.

Most organizations have a syslog server or a management tool configured to receive SNMP traps. If yours doesn't have such an application, I'd strongly encourage you to use this opportunity to investigate your options. If you don't have budget or time, look around your existing management tools, and you'll likely find something you can use already in production. If not, there are a variety of free syslog and SNMP tools; just make sure you download free tools from a source you trust.

Cisco & HP Networking:
# logging
# snmp-server host

Add custom SNMP communities
SNMP (Simple Network Management Protocol) is used to manage or monitor all types of devices in a network, including switches, servers, and even desktops. SNMP allows us to define different community strings that are mapped to different access rights. Most simply we have a read-only string, and a read-write string. The read-only string lets monitoring tools see and gather information from the device, whereas the read-write string allows management tools to make modifications and configuration changes to the device. By default, switches most often have either no pre-defined strings, or they use a combination of public and private.

For some readers, you may feel this should be included with the full management configuration (defining local users or RADIUS/TACACS authentication, enabling secure management with SSH and HTTPS), but I define it as one of the recommended out-of-the-box settings. Within an organization, you likely have only a set or two of custom SNMP community strings, and these strings aren't going to change from the time you order the switch, unbox it and then deploy it. Initial omission of the strings is usually an oversight, or network admins consciously leave it out, and figure they'll go back and add it later. Your management tools should already be set to talk to your devices using your custom SNMP strings, so go ahead and start off on the right foot by setting it early on the device. Remember, they are case-sensitive, and you'll avoid the frustration of typos if you include these in a template or at least copy-paste from a base text document. Incorrect SNMP strings are frustrating, especially in larger environments. Correct strings will let your device be seen and managed immediately by all your management and monitoring applications.

Cisco:
# snmp-server community ro
# snmp-server community rw
# show snmp

HP Networking:
# snmp-server community operator restricted
# snmp-server community manager unrestricted
# show snmp-server

There are many other configurations recommended in a production environment, including secure encrypted management and file transfers, and SNMPv3 in certain networks. These 5 settings are a quick-start to ensuring consistent management of your infrastructure devices across the enterprise.

Learn more about IT PRO Report: Data Center Networking (free, registration required).

Thinking back on the 1987 movie "Spaceballs", I picture a comical Dark Helmet standing on the bridge of his ship. In my mind, he holds a smartphone and contemplates the latest buzz on mobile network speeds, fresh from the International Telecommunications Union. As he ponders the 100 Mbps data speeds soon to be delivered by his preferred carrier, he utters the order "Prepare for ludicrous speed" and the ship IMT-Advanced warps off to hyperspace at an impossibly crazy velocity. Speeds in the mobile data world are about to get quite exciting.

To read the various analyses of what the International Telecommunications Union (ITU) has recently approved in its IMT-Advanced announcement is to be schooled on what 3G and 4G really are, and are not, as well as getting a look at where mobile wireless is heading. And where it's heading is impressive.

Where a present-day good 3G connection will yield a respectable few Mbps connectivity (if you’re not moving), IMT-Advanced will make 3G feel like a dial-up modem. Current LTE networks that claim 4G-ness measure and market their speeds in the double-digit Mbps, but there is a lot of variability across carriers and conditions required to get to top speeds.

Regardless of the current marketing campaigns and the decent speeds that the carriers are giving us on their "4G" networks, the ITU says that we have yet to see true 4G networks by their technical definition. To really be 4G, a network must deliver speeds of 100 Mbps when in motion at vehicle speeds and 1 Gbps (yes, Gig speeds from mobile networks) when not moving. Marketing being what it is, nothing we have in the US from LTE or WiMax comes close to these lofty requirements despite of all of the 4G hype taking root. So far, 4G isn't really 4G. But when we get there, it will be ludicrous.

So what did the ITU do for the mobile network space during their meeting in Switzerland that commands so much interest? The communications governing body approved two technologies, LTE-Advanced and WiMax 2, as the path forward to mind-blowing mobile networks under the heading of IMT-Advanced. Now that the declaration has been made, development and manufacturing can proceed. Though it will likely take a couple-few years for IMT-Advanced network and handset build-out, it stands to reason that IMT-Advanced will stay on people's minds as they contemplate their future mobile strategies.

All guesses about how IMT-Advanced will truly impact the mobile network space are on the table. As more individuals and businesses alike make mobile data a priority, carriers today are using strategies like data plan terms and WiFi offload to prevent network saturation, which also gets interesting through the lens of IMT-Advanced. Though network speed is easy to get excited about, you can’t get blazingly fast without modulation and antenna techniques that make for better cells and higher capacity for everyone, even legacy non-IMT –Advanced users. Higher speeds and better cells mean better general traffic-handling capability, which has to have some impact on how service plans will be structured.

There is little doubt that IMT-Advanced will certainly come to be recognized as a disruptive technology and will likely challenge notions of traditional networking in many areas yet to see broadband. Testing with early IMT-Advanced components is already well under way in Europe and China, and Internet videos showing beta efforts and results for IMT-Advanced are simply captivating if you follow mobile network development.

Gigabit mobile broadband? Even Dark Helmet would approve.

At the time this was written, I was not being paid by any vendors or organizations mentioned.

In all the technical discussions about network routers, switches, throughput, packets and the alphabet soup of acronyms that apply, it may be easy to forget that network downtime can have life or death consequences. For two NetFlow users, the requirements for the network monitoring technology were less dire, but the results were still compelling.

Jhune Rosario is the network systems administrator for Puget Sound Blood Center, which operates 17 sites where blood is drawn from donors and 51 hospitals that use that blood supply to treat patients. Some of those sites are a three-hour drive from Puget Sound, but have only a T1 line connecting them, so the implications of that connection going down are significant.

"Recently I met a family whose son had leukemia and they had to do almost two transfusions a week. If they don't get that transfusion, that child could be in a very difficult situation," Rosario said.

The child could be waiting for blood but with the network down, lab technicians can't confirm whether a donor in, say, Bellingham, Wash., is the right blood type for the patient, he said.

While Puget Sound is a nonprofit without the budget to replace a T1 line with a 10 gigabit per second (Gbps) connection, it has benefited from adopting NetFlow technology to monitor its network and proactively troubleshoot problems before they cause an outage. Puget Sound Blood Center, which uses NetFlow technology from Lancope, has saved $22,680 in costs for each hour of network downtime it suffered.

The blood center is one of several examples Lancope cited in a recent report on "The State of NetFlow."

NetFlow is a network protocol developed by Cisco Systems in 1996 to collect IP traffic information and provide visibility into a network. IT professionals monitoring their networks with NetFlow can see where situations like network congestion or a mis-configured switch are occurring and intervene to fix those problems. Variations of the NetFlow are now widely used in networking gear from such companies as Alcatel-Lucent, Cisco, HP's 3Com, Huawei Technology. Other flow based technologies like SFlow are used by Juniper and Extreme networks. The IETF's IP Flow Information Export (IP-FIX) standardizes the flow reporting protocol, but has yet to see wide spread adoption.Puget Sound Blood Center has seen network uptime improve since introducing NetFlow, Rosario said. "On our old system we always had to react to a situation," he said. "Now our help desk can see that the system is running slow, then they can proactively look up that information and alert the folks who can start solving the issue."

The problem was different at Grafisch Lyceum-Rotterdam (GSR), a university in the Netherlands. The university was hampered by existing firewall technology and an embedded intrusion detection and intrusion prevention system (IDS/IPS) that could only inspect a portion of network traffic and did not provide visibility into the school's high-speed internal and virtual network. Using Lancope's StealthWatch NetFlow technology, GSR gained wider visibility into its Internet gateway traffic and the internal and virtual network. GSR also reported faster time to resolution for network problems and a 75 percent cost savings compared to what they had before.

For AirTran Airways, the network challenge was maintaining Payment Card Industry (PCI) compliance across a widely distributed network serving about 10,000 end users. Because it's billed as a low-cost airline, AirTran needed a cost-effective and scalable network monitoring system to enable employees to take credit cards from wherever possible--at any gate, ticket counter or kiosk. Its deployment of StealthWatch enabled the airline to improve PCI compliance, increase network visibility and better identify and address anomalies to improve network security.

A recent Lancope-sponsored study by Enterprise Management Associates found that the most popular current uses of flow data are traffic monitoring (76 percent) and security monitoring (61 percent). Other key findings include: 47 percent of respondents leverage flow data for understanding services consumption; 46 percent use flow data for planning/engineering; 96 percent say they expect to maintain or expand their use of flow data over the next 12 to 18 months; and NetFlow is the most popular type of flow data, used by 70 percent of respondents.

Learn more about Strategy: OpenFlow vs. Traditional Networks by subscribing to Network Computing Pro Reports (free, registration required).

Sales of 10 gigabit per second (Gbps) Ethernet Switches are expected to reach $13 billion by 2016 and will constitute nearly half of a total $28 billion Ethernet Switch market by then, a forecast from the research firm Dell'Oro Group states. And even as data center operators upgrade from 1 Gigabit Ethernet (GbE) Switches to 10GbE in order to handle exponentially larger volumes of network data traffic, sales of even faster 40GbE and 100GbE switches will also be picking up as well.

By 2016 sales of 40 and 100GbE products will amount to $3 billion, Dell'Oro said in its five-year forecast for the Ethernet Switch market. The company, which is focused exclusively on networking and telecommunications equipment market research, expects the strongest growth in 10GbE Ethernet in 2013 and 2014 as enterprise data centers invest in the technology for server access through a mix of connectivity options for blade and rack-mounted servers.

Growth in 10GbE deployments will be driven by continued adoption of virtualization, meaning servers will be running at higher utilization rates than do non-virtualized servers, said Alan Weckel, senior director at Dell'Oro Group. Another driver is expected to be the expected server refresh cycle prompted by the release of Intel's new Romley microprocessor platform, which will provide the faster server throughput that is needed for virtualization.

"Romley comes out in the first half of 2012, so 2012 is going to be the time that enterprises go through qualification tests of the new servers and new switches. The hockey stick up is [in] 2013," Weckel said.

Vendors in this burgeoning market include Alcatel-Lucent, Avaya, Brocade, Cisco Systems, Extreme Networks, Dell, HP, IBM, and Juniper Networks, but Weckel declined to say which specific vendors Dell'Oro thinks will benefit more from 10GbE sales than others.

Vendors are seeing the same pick-up that Dell'Oro sees.

"This is the year of 10 gig," said Arpit Joshipura, chief marketing officer for Force 10 Networks, which was acquired by Dell in August 2011. "All of a sudden, this year we will see a lot more 10 gigabit deployments and it's already starting to happen in our customer base."

Joshipura, who came to Dell from Force 10, said Force 10 developed the first 10GbE switches about 10 years ago and would have hoped the technology would have caught on sooner but is nonetheless happy that sales are picking up. However, while the rate of growth of 10GbE switch sales is strong, Dell still sells far more 1GbE switches than 10GbE ones. Based on unit sales, he estimated 90 percent of sales are of the previous generation 1GbE products.

Likewise, Cisco Systems sees strong growth in the 10GbE market and crossed the 10 million unit sales mark in December 2011, said Shashi Kiran, senior director of data center and enterprise networking at Cisco.

Kiran said Cisco currently enjoys a 76 percent share of the 10GbE market and that, although the majority of their sales are also still of 1GbE products, the growth rate for 10GbE is higher. He also said that as more 10GbE switches are deployed, Cisco is acting proactively to see what other points on a network may appear as "choke points" for the faster 10GbE traffic.

Kiran also said unit sales of 10GbE products are driven by declining prices, which makes it easier for customers to justify purchasing 10GbE to replace 1GbE on their networks.

Dell'Oro's Weckel provided some specifics: Across all vendors, the average selling price of a 10GbE product was $388 per port in 2011, down from $818 per port in 2008.

Learn more about IT PRO Report: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

Network equipment vendor Enterasys is tackling the growing problem of managing wired and wireless devices with the latest addition to its suite of fabric network management technology, the OneFabric Edge Architecture. The combined wired-wireless management fabric relieves a number of network management headaches, especially in situations where the wired network is often managed by one vendor and the wireless network by another, says the company.

"Wired is a pain in the butt now," said Craig Mathias, a principal analyst at Farpoint Group. With wireless devices ubiquitous in the workplace, he wonders why anyone would use a wired network.

For now, though, wired and wireless networks have to work together and need to be merged. "The idea of thinking of the network as a single unified entity ... is one of the key emerging themes that I think you're going to see a lot of emphasis on over the next couple of years," Mathias said.

The OneFabric Edge features an end-to-end integration of the wireless local area network (WLAN) and the wired infrastructure and integrates Enterasys' security and management features with application-aware capabilities that aid compliance and service level agreements (SLAs). The product introduces what Enterasys calls the Wireless Services Engine (WiSE), a WLAN controller for application services, which the company said gives customers greater flexibility for deploying edge access in virtual, physical and cloud environments.

Lastly, the OneFabric Edge introduces the K-Series modular switch, which provides visibility into network traffic to determine location, identification, and overall management capabilities of the converged wired and wireless network. Enterasys says the K-Series switch helps manage environments in which employees bring their own wireless devices into work to run on the corporate network.

Both the Enterasys data center fabric and edge fabric systems are jointly managed by the OneFabric Control Center management console.

While applauding Enterasys' innovation, Mathias said it faces considerable competition in the data center fabric space from companies such as Cisco Systems, Juniper Networks, Brocade and others -- as well as in the edge network space.Although network and edge fabric technology from those and other vendors is catching on, a recent survey of the people who buy networking equipment showed some caution about embracing new technology too soon. Information Week analytics released a survey earlier this month that showed that IT buyers favored products built to industry standards over those with the latest innovation, including network fabrics.

The report noted "a general wariness of proprietary features, where many cutting-edge capabilities are in flux--either the standards aren't complete or are yet to be widely adopted."

Those kinds of reservations are warranted, but Enterasy says its approach to fabric computing is different from that of competitors, noting that it uses an open architecture based on networking standards and that its fabric offerings are compatible with other vendors' legacy systems, something fabric competitors can't always say.

The difference between Enterasys and competitors is also based on different definitions of the term "fabric," added Mark Townsend, director of solutions architecture for Enterasys. Enterasys endorses the research firm Gartner's definition of a network fabric as "taking a collection of resources, such as a network, and to unify those under a single control plane to deliver an application," he said.

Other vendors define fabric in terms of a "topology," he added, referring to the multi-path connections between switches and routers designed to make networks run faster, more efficiently and to be flatter.

"If you look at our competition, they are looking at fabric as a topology and the topologies that they are talking about are based on proprietary protocols," Townsend said.

While buyers may be wary of fabric technology, this happens all the time when new technology is introduced, particularly in networking, said Mathias. "There's always a degree of risk when you shift from the old modes of thought to the new modes of thought," he said, adding that vendors need to better educate prospective customers to overcome their reservations.

Learn more about Optimize Your Mobile Infrastructure by subscribing to Network Computing Pro Reports (free, registration required).