Internet Network Security Blog

Consumerization and the BYOD Trend Heighten Data Leakage Fears

Network Computing — Thu, 17 May 2012 20:43:00 +0000

The growing consumerization trend is doing more than simply wreaking havoc for IT administrators looking to protect the corporate network from unknown infiltrators--it's also dramatically changing how data is being created, consumed and stored.

While that opens up market opportunities for a myriad of vendors, it's a veritable Pandora's Box for corporate IT grappling with ensuring that data leakage doesn't become the order of the day in the age of BYOD, or bring your own device. Ultimately, it has everything to do with creating information ubiquity, making data available to employees no matter where they are or what device they're using.

"This is a really interesting space because it overlaps so many adjacent areas that there isn't a category yet," says Terri McClure, a senior analyst at Enterprise Strategy Group (ESG). "The whole consumerization and mobilization of the workforce is what's driving this market ... the second driver is multiple people sharing that one copy of the truth versus having to email it between each other. It's not really true collaboration if everyone is working on a separate version of a file."

ESG is in the midst of studying the subject and future reports are forthcoming. In the meantime, the IT consultancy did produce a December 2011 report entitled "Online File Sharing and Collaboration in the Enterprise." It found that end users are "looking to tackle issues like data sharing, portability and access from multiple intelligent endpoint devices, creating a conundrum for IT as it needs to balance business enablement, ease of access, and collaborative capacity with the need to maintain control and security of information assets."

That's precisely what's driving the online file-sharing and collaboration segment of software-as-a-service, says McClure.

"This market is coming from the consumer workforce into the enterprise because enterprise IT is solving the challenge of collaboration with solutions like Microsoft SharePoint," she says. "But those solutions aren't Web-enabled so the challenge is, as more consumer devices make their way into the enterprise, a lot of people are solving this sharing between devices and one file between each other on their own."

Though new vendors are coming to the fore, the market itself isn't new, explains Charles King, president and principal analyst at Pund-IT Inc.

"It's new in the sense that we're seeing different players coming into the space and tweaking the services that they offer ... everyone's trying to reinvent the wheel," he says. "All of these solutions tend to roll in the same general direction.

"In businesses that are active users of information technology, information represents the crown jewels for a lot of companies, literally and figuratively."

Next: Secure Collaboration Tools to Protect DataOne vendor looking to capitalize on the growing opportunity is the lesser-known Soonr Inc. Though the company has been in business since 2005, it's maintained a low profile, selling its wares through partners. With the launch of a new product dubbed Soonr Enterprise, the vendor aims to answer corporate IT's need for business groups to access files securely within the cloud.

"Last year was the first year that mobile devices outsold personal computers, and it's only going to get worse or better depending on how you look at it from here on," says Martin Frid-Nielsen, Soonr's CEO. "We're seeing people carrying around [corporate] data on their devices, including laptops ... the IT people in these companies are concerned about physical security, about device security and also with what's being shared with others and they're worried about company data falling into the wrong hands."

But if it's a corporate-provisioned account, when an employee leaves, the company can just wipe out all those files.

"The company has control of its own information. There's still a possibility of data leakage. If someone really wants to steal data they could, there's always way to do it," McClure adds. "That's why so many companies are interested in these corporate-sanctioned accounts and that's the opportunity companies like Soonr are going after."

Everyone wants a piece of the pie, she says, and the market is wide open. There's no clear-cut leader in this space as of yet.

"There's VMware, with its Project Octopus; Microsoft SkyDrive; Google Drive; Apple iCloud, it's all about enabling mobilization," she adds. "There's not a leader in the business solutions space ... and it's a huge market."

One thing that consumerization has done is drive home the need for simplicity from the user's perspective. Enterprise IT must now consider the end user's experience unlike ever before when it comes to evaluating new solutions. And generally, IT executives are increasingly focused on service culture development.

"You need to make this as seamless and easy for everybody involved," King says. "Frankly, if you don't do that, your employees will find a service that does offer an intuitive user interface and ease-of-use tools."

So Long, Unlimited Data Plan: Customer Focus Dies at Verizon Wireless

Lee H. Badman — Thu, 17 May 2012 15:57:00 +0000

It seems that right now, the mobile carriers are counting on customers having short memories, deep pockets and low expectations. Blazing-fast networks aren't enough, as there are still human beings on the receiving end of the grief that comes with impressive throughput. The prevailing strategies blowing across the mobile space are decidedly customer-unfriendly, and the carriers are heading in a bad direction.

Consider my own situation, as a longtime Verizon Wireless customer (there are plenty of similar tales from other carriers' customers to be heard). Having long since cut the landline at home, we have five phones from Big V on our family plan. Three of those phones are in the hands of teenagers, and my own has a data plan, given my lines of work. I'm on an unlimited data plan--but not for long. But more on that in a bit.

My family grew up with New Every Two, the Verizon Wireless policy that let each phone be replaced for free or at significantly reduced cost every couple of years. And we made use of that, changing out the kids' flip/feature/basic phones as the teens put normal wear and tear on them. We grew accustomed to it, and New Every Two was part of what kept us as loyal Verizon Wireless customers.

Not only was New Every Two recently killed off, but now it also costs $30 to update even the low-end feature phones. The website may show free for a given phone, but in the age of New Carrier Math, free equals $30. I was told by Verizon that this helps subsidize pricey units being sold at a loss, like the iPhone. In other words, I get dinged $30 to replace my daughter's "free" phone so those folks living the iPhone lifestyle benefit. Uh, hello? What's wrong with this picture? Even worse, when complaining via online chat with a Verizon rep, I was told this is actually a good deal because it's cheaper than other carriers. Uh huh, a good deal--for Verizon Wireless.

Let's talk about bloatware. On my smartphone, I have at least a dozen apps that I cannot remove. Evidently the NFL, Slacker Radio, Verizon Wireless itself and several other entities are also subsidizing smartphone costs as the slew of unwanted apps cannot be uninstalled and are a fact of life. I have no choice what crapware comes bundled into "my" phone. These apps take up memory and use my data plan and battery life against my wishes by checking into various mother ships for updates--and that's just supposed to be OK with me. With an unlimited data plan, perhaps I shouldn't care. But nothing is sacred these days, and unlimited ain't what it used to be.

Depending on the carrier, an unlimited data plan is actually quite limited. Again, using New Carrier Math, the word unlimited departs from being defined as "without limits" and has been reworked to loosely mean "a few gigabytes, after which you will pay quite a bit more than you might expect." It's absolutely nuts, and glitzy, sexy, high-tech-themed commercials make it no easier to swallow.

But the data plan story gets even worse. Verizon Wireless CFO Fran Shammo has announced (and rather coolly, I might add) that the much-loved $30 monthly data plans that many longtime customers like me enjoy will soon be a thing of the past. Despite what we signed up for, we're being forced into not-yet-defined family share plans, because, Shammo says, "That is beneficial to us"--us being Verizon Wireless. He might as well have said, "In your face, Loyal Customer!" Just like with the cable companies, the new mantra of dealing with mobile customers appears to be, "We say it, you pay it--and just shut up about it."

Evidently, the promise of smokin'-fast 4G networks is supposed to make everything else moot in the mind of the modern mobile customer. But it doesn't. Those of us with a longer history of loyally paying our bills to the carriers can't simply ignore that any friendly relationship we had as customers is being systematically dismantled by the carrier itself and replaced by overhyped promises of a fast network. And that's just not enough for some of us, as we want to be treated like valued customers again.

Thanks a bunch for nothing, Mr. Shammo.

Four Sins of Mobile Website Design, and How to Avoid Them

Mike Fratto — Thu, 17 May 2012 15:22:00 +0000

According to a study released March 1 by Pew Internet, 46% of adult Americans are smartphone owners. A study released last year by Microsoft Tag found that more than half of all local searches were conducted on mobile devices. Despite that growth in mobile usage many sites are still horrible on mobile devices. Here are four things to avoid in mobile website design:

Adobe Flash. I get it: Flash is great for animations and cool interactive stuff. HTML lacked those features, JavaScript was dicey, and HTML5 was a long time coming. In the meantime, Flash filled a gap. However, using anything other than standard HTML + CSS for key components like navigation is just bad practice. How can visitors interact with your site if they can't navigate through it?

If your website makes extensive use of Flash, fire your web developers and hire ones who know what they're doing. Web developers who rely on Flash are doing you a disservice: Your site won't work on iOS or many Android phones, which will drive those people away. Tell your restaurant-owner friends to stop paying web developers who rely on Flash and PDFs.

If you must use Flash, degrade gracefully. A recent BBC article on big wave surfing had a video of a monster 72-foot wave. When rendered in a browser that doesn't support Flash, the video player was replaced with an image and a note saying the video would have been shown if the browser supported Flash.

At least the BBC article looked good and welcoming.

JavaScript popovers. Don't use popovers that cover the page and don't quit on their own. I know, advertisers love popovers, but they don't render well on mobile sites, offering just a teeny-weeny "X" to close them.

Frankly, I wanted to read this story in the graphic at left, but when I see a popover, I leave immediately. You got the ad impression, but that's it. When I leave, there's no chance that I will interact with your site further and there is less chance I will return, ever--at least, not willingly.

While I'm on the topic of JavaScript: For your mobile sites, remove any JavaScript that isn't absolutely necessary. While 3G and 4G speeds are faster than ever and mobile phones pack a lot of processing power, page rendering can take a long time--especially when multiple web requests are outstanding. I'm pretty patient and I might wait five to 10 seconds for a page to load, but many others won't. Exacerbating the issue is that partially rendered pages are barely useable in browsers that are trying to complete the page and zoom in/out and scroll.

JavaScript navigation that obscures content. See the gray boxes with arrows in the image at left? They're in the way and remain there while I scroll up or down (thankfully). This is one of the least-intrusive examples I've seen. Like JavaScript popovers, these navigation aids just get in the way and don't really help. I have no idea why I would click on unnamed links--they're useless. If you want to direct visitors to other content, either integrate the links into your text or put a list of links at the end of the post. Visitors will find it.

Speaking of JavaScript: Desktop UI things like hovering over links, mouseovers and other actions don't translate well to mobile, where someone's finger is "clicking" on page elements and not mousing around. Dropdown menus and flyouts work fine on desktops, but they're very difficult to use on mobile devices. Think carefully about using them: In fact, don't.

"Under construction" notices. Make your content work with mobile devices, period. A page like the one at left may seem helpful, but it's offputting. Even more so because I clicked through anyway, and the page rendered fine. I bet the trigger was a Flash video widget. (See No. 1.)

Most modern mobile browsers, at least the ones I use on Android anyway, render "desktop versions" of sites really well. Sure, visitors have to pinch in to see the text, but browser UI elements like magnifying a touched area of a page, smooth zooming and improved character and image rendering make getting to your content easy and reliable for visitors, without telling them you couldn't be bothered to support mobile devices.

The upshot: If you aren't coming up with a mobile-friendly design for your website, you're driving visitors away. A well-designed mobile site lets visitors on small form-factor devices connected via potentially slow and congested networks see your content and interact with your site quickly. Figure out which components are most useful for your visitors and design your site accordingly.

As Brian Katz, who heads up the mobility group for a global pharmaceutical company, says in a recent blog post about application development, "know why you are creating an app, figure out what data you need to access and how you will do that securely and then worry about the best tool to use for building the actual app. Don't spend so much time working it backwards."

Compuware Tunes APM Tools for Mobile, Cloud and Big Data

Esther Shein — Wed, 16 May 2012 20:36:00 +0000

Compuware Corp. is responding to the surge in mobility, cloud computing, Big Data and networking with upgrades to its dynaTrace and Gomez application performance management (APM) tools.

The updates, announced this week, will affect how customers build and deploy applications, says Steve Tack, CTO of Compuware's APM business unit. "Customers are working a lot more with native mobile applications ... as well as the sheer proliferation of different browser types and a global base of customers, partners and employees," he says. "They've lost the insight into the relationship between performance and user behavior."

As users become more mobile and applications more diverse, customers want a better understanding of how performance relates to business results, he explains. "Without visibility to users at the edge, there is a blind spot," Tack says, citing conversion or abandonment rates as areas of concern.

He says customer feedback shows that the user experience is the most critical part of measurement, and the key to driving those transactions. Compuware's newly announced User Experience Management tool, with analytics and transaction visibility, aims to address performance management "at the edge of the internet."

The focus on mobile monitoring in the APM tools is particularly interesting, notes Julie Craig, a research director at Enterprise Management Associates. "Compuware is one of the first major vendors to offer a single solution for Web performance monitoring across traditional web and mobile web," she says. "Both the Gomez and dynaTrace PurePath solutions support mobile, and with the explosion of mobile applications, this is shaping up as an essential capability for APM toolsets."

Because so much innovation is now taking place in the cloud, customers also need stable applications for their public- and private-cloud technologies, Tack says.

"There is a lot of value from what you can get from Amazon EC2 or Microsoft Azure in terms of elasticity, but [the cloud] introduces new performance challenges when you don't have control over the data center," she says. "What becomes top of mind is, it's all about the app" and how to control the transactional aspect that the application delivers.

Since most of today's applications are distributed across multiple infrastructure elements, it isn't enough to monitor infrastructure alone--users have to be able to see the entire application end-to-end, Craig says. And even if customers use a cloud application like SugarCRM, for example, the end-to-end application also includes network and desktop monitoring, at minimum. "APM vendors are developing solutions that monitor public cloud in context to the end-to-end application--giving customers the 'big picture' they can't get from the information the cloud vendor provides alone."

Compuware has also released dynaTrace Data Center Real User Monitoring, which provides analytics and real-time status on performance availability and the business impact of applications for end users.

The company has also set its sights on Big Data--its dynaTrace Enterprise is geared at providing visibility into Cassandra NoSQL and Hadoop Map/Reduce Big Data environments.

"From the APM perspective, the ability to process Big Data as part of application monitoring and profiling and as part of auto-generated service models is very important," says Craig. "Information from logs, data streams, messages and other sources is becoming increasingly important to automating the APM process and producing real-time APM information." She says other suite vendors--most notably IBM--have been able to process this kind of information for some time, but this capability is lacking in many competing APM tools.

On the whole, Craig says the Compuware upgrades have several differentiators in terms of APM coverage. One is comprehensive coverage for a variety of applications and enterprise use cases, and another is ease of use. She says dynaTrace "has always been known for its quick installation and time to value, as are the cloud-based Gomez solutions." With the upgrades, Compuware is focusing on ease of use for mobile monitoring as well, she says. "It has also introduced a more unified monitoring platform incorporating, on-premise, cloud and now mobile applications."

Time To Say Goodbye To Static IPs

Mike Fratto — Wed, 16 May 2012 13:30:00 +0000

Configuring static IP addresses on switches, routers, log servers, databases, management systems and other parts of the infrastructure is a common practice. It's also a bad one. Extending that error to virtual machines and applications is worse.

The thinking behind the practice is that if all else fails, IT can still connect to critical services because the IP address is static and therefore known. That may be true, but with the advent of server virtualization and the inevitable migration to IPv6 addresses, it's time to end this well-intentioned but misguided habit. The fact is, static IPs break the mobility and flexibility that server virtualization provides. As for IPv6, do you really want to keep lists of all those 32- digit addresses in hex?

A Better Choice
Extend your use of DNS and DHCP to these systems. I know some IT pros will argue that this is dangerous and insecure. After all, if DNS and DHCP services fail, you won't know the IP addresses for important network devices or virtual servers. It would also force IT to treat DNS and DHCP like mission-critical services, which means spending more time and resources to keep them up and running. But DNS and DHCP are already used for essential devices and applications, such as VoIP phones, Active Directory services, and wired and wireless desktops. If your DNS or DHCP servers fail, you have to get them restored right away.

In other words, DNS and DHCP are already essential, and it's time to treat them as such. Moreover, by expanding use of DNS and DHCP to eliminate static IPs, you can take better advantage of server virtualization. One of the benefits of virtualization is it lets you move VMs around your data center and even between data centers. Data center automation simplifies VM moves and VM provisioning.

Those actions, as well as others, are difficult or impossible to do if you use static IP addresses. What happens if you bring up a VM on, or move a VM to (not a live migration, of course), a subnet where there is an address collision? You must, as part of the move, change the node's IP address. You can do that using automation software like Puppet, but it's not only a lot more integration work, it's one more function that can fail. Static IPs are also more difficult to use with virtual appliances because they are often physical-to-virtual clones of their hardware counterparts, and IP configuration can't easily be automated.

And managing static IP addresses only gets more complicated as you move up into applications because those assignments are buried in configuration files.

Frankly, the IP address assigned to a host shouldn't matter. What's more important and useful to IT is the host name: You can decouple a name, which is portable, from an IP address, which may not be. You want to connect your application to database.example. com, not 2001:0db8:85a3::8a2e:0370:7334.

I can hear the concerns from operations and security about how DNS and DHCP aren't reliable or secure. But it's your job to make them so. Do it now, and you can thank me later.

Private, Public and Hybrid Clouds Will All Need an IT Service Culture

Mary Shacklett — Tue, 15 May 2012 13:22:00 +0000

Whether IT focuses on a public, private or hybrid cloud computing strategy, it's going to be measured on service like never before. As a result, more and more IT executives are focusing on service culture development.

Servicing the systems and the applications you deploy would seem to be second nature, but it never has been for IT. All too often, new systems and applications have such demanding requirements that no sooner do you wrap up one project than you're off to the next one. At the end of the day, your feet get held to the fire by upper managers who want IT quickly deployed so the business can reap the benefit. There are few penalties if you skimp on support and service. To further compound things, the IT skill set traditionally comes up short in so-called "soft skills" like people management, teamwork, written and verbal communications, and service. By nature, IT professionals tend to be task- rather than people-oriented--and the IT culture rewards technical and project management performance more often. As a result, CIOs have their work cut out for them because the cloud is going to require excellence in service.

What makes cloud computing different? For starters, outside cloud vendors are pitching to end-business managers, not IT. "It seems that every month, I get word about a new cloud application that the company is considering," acknowledges one IT director at a Fortune 500 manufacturer. "Sometimes I get word of an offering after the contract has already been signed with an end-business department, and I'm simply being told to assist the cloud provider in onboarding our company, and to manage the contract and the service agreement."

The service-level agreement lists what the company should expect from the vendor. If these service levels aren't stated, companies are increasingly demanding that they be added to the agreement. The best companies meet quarterly with vendors to review service performance.

While all of this is going on, there has also been a notable shift toward private clouds. During the past 24 months, companies have become comfortable with cloud solutions and what they can deliver--but there have been few improvements to eliminate security concerns surrounding public cloud providers. The security concerns are so pronounced that even very small businesses are implementing private clouds, thanks to a plethora of vendors offering "cloud in a box" solutions that are practically plug and play.

End users, however, expect the same service culture from a company's private cloud that outside providers promise.

Next: Service and Collaboration ChallengesThe question facing IT is: Can it quickly attain the levels of service that end users are likely to expect? The short answer: There are several dynamics within traditional IT operations and culture that CIOs will need to address in order to make a successful transition to service.

It's no secret that the majority of IT staff members prefer task-oriented, technical work, which the IT culture traditionally rewards. The best application developers and system programmers get six-figure salaries and are canonized into prestigious positions. However, as IT moves into a service culture, new staff positions demanding both technical expertise and "soft skills" will be needed. Chief among them is the internal account executive, who will reach out to users and be their advocate with internal IT. This account executive will likely be evaluated on the strength of verbal and written communications, the ability to run meetings and collaborate, and skills from which he can build consensus for solutions between disparate groups of stakeholders.

After the account executive, there's a need for project managers who can not only run technical projects but also successfully bring people and goals together. That's not an easy combination to find. "You can be the best technical program developer, but if you can't communicate, you can reach a point where you're not useful," says Louise Magee, human resources manager at Allstate in the U.K. "We continue to look for IT professionals who can communicate, interact positively with users and be strong team players. These are the people soft skills in IT that we often find missing."

Private cloud-based services are going to span multiple platforms and systems in IT. They are also going to demand strong collaboration among staff members with different IT specialties. This is easier said than done in many organizations because IT staffs are siloed into highly specialized areas and don't consistently cross-communicate on a daily basis. Each group also tends to use its own tool sets for monitoring, fine-tuning and trouble-shooting systems. When they come together to work on an issue, each can potentially defend its "area" of the problem by saying that its tools indicate its systems are functioning normally. "It's a bad situation," says a CIO at a large financial services company. "Everyone passes by the glassed-in 'war room,' where all of these expensive systems experts are meeting and debating whose fault the problem is. Meanwhile, the users just sit and wait."

Strategies CIOs Are Likely to Consider

IT is entering the private cloud era with a solid set of best practices in transaction processing, database and network management, and data center management. It will also have to develop and reward for people skills and user management and collaboration. Most CIOs already know that service is an IT Achilles' heel. The key is developing a new set of IT goals and strategies that can cultivate a service culture. Some IT organizations are already making strides with service by employing strategies such as:

Developing a set of IT service metrics such as time to respond, time to repair and system uptime that reward IT for exceptional performance.

Developing new positions in IT¬ to allow for more meetings with end users to review service-level performance and discuss business IT needs.

Breaking down technical silos within IT by restructuring the IT organization and replacing specialty tool sets with a common set of data and tools that everyone uses.

Evaluating how well IT is meeting the needs of the business. "Over 20 years ago, we made a strategic decision that we would be business-driven and that we would have to sell any IT solution to our business units first," says John Heller, CIO at Caterpillar. "We developed a comprehensive ROI formula that measured 15 or 20 different cost categories, and that ultimately came down to a cost per end user. When I talk to CIOs of other organizations, I realize that this approach is somewhat unique to us."

Hybrid Memory Cube Takes RAM to the Third Dimension

Howard Marks — Mon, 14 May 2012 17:30:00 +0000

As Intel and AMD pack six, eight or more cores into each processor, servers are once again struggling to move data from main memory in and out of those cores fast enough to keep them fully occupied. The Hybrid Memory Cube Consortium, led by Micron, Samsung and Intel, has come up with a memory package that promises higher CPU-to-memory bandwidth by extending integrated circuit technology to the third dimension.

Formerly known as Hyper Memory Cubes, the new Hybrid Memory Cubes promise memory bandwidth up to 1Tbps, more than 10 times what today's DDR-3 can deliver, while using approximately one-eighth the power per gigabyte. The cube is a hybrid package that stacks four or eight DRAM chips on top of a base-level memory controller chip.

Stacking the chips in a small package has several advantages. First, the stack keeps the interconnections between the memory chips and logic chip significantly shorter than they could be on a more conventional DIMM. At multi-gigahertz-frequencies, distances--even those measured in just a few inches--matter, since data signals are limited by the speed of light to traveling about one foot per nanosecond.

Using a stack rather than a single chip required the Hybrid Memory Cube designers to develop what they're calling silicon through-vias, which provide data paths vertically through the extra-thin silicon chips that make up each layer. Without silicon through-vias, signal paths would have to extend to the edges of each chip, where a massive number of interconnection wires would have to be connected. This would slow performance and make the whole thing too complex to manufacture cost effectively.

Most significantly, it allows designers to use completely different integrated circuit manufacturing processes for the memory controller logic chip and the DRAM chips themselves. Combining logic and memory on the same chip means the logic sections of the chip have to be produced using the memory chip process, which significantly limits their performance. A dedicated logic chip provides significantly more horsepower for ECC and other memory management.

We should see Hybrid Memory Cubes appear as preproduction samples some time in 2013, with the technology appearing as an extended processor cache in leading-edge servers, as vendors roll out their next generation of servers in 2014-2015. With power players like Micron, Intel, Samsung and most recently Microsoft in the consortium, odds are good that Hybrid Memory Cubes could be the solution to our memory bandwidth woes.

Disclaimer: Micron has provided SSDs for use in DeepStorage Labs.

Cisco Acquires Data Analytics Company Truviso: Can It Execute?

Greg Ferro — Mon, 14 May 2012 16:09:00 +0000

Cisco recently announced that it had acquired Truviso, a data analytics business with a specific focus on real-time analytics. The immediate question is: Why?

At first glance, data analytics isn't part of Cisco's core business of networking, and it isn't related to one of the company's foundational priorities. Memories of previous business failures, like the Flip video camera, come quickly to mind as areas where Cisco picked the trend but failed in the execution.

Most of Truviso's product offerings are focused on web analytics. More than just webpages, Truviso also claims analysis for video and mobile, as well as advertising (including targeted placement). Given that most of the current market for data analytics is applied to extracting more advertising revenue from existing web businesses, this seems like a solid application of the technology.

What can Cisco do with these assets? Where does data analytics with a web-centric application fit into the Cisco product portfolio?

Truviso's offerings seem different, in that the company performs real-time analysis (unlike most other analytics tools, which are batched and near-time). In my view, the concept of continuous analytics would be very useful for network management and operations. The immediate application of the software assets to NetFlow applications could improve the quality of the reporting and data. The limitation of NetFlow analysis is partly determined by the performance of the collectors, but, critically, the user's perception of product performance and value is determined by the NetFlow analyzer. Today's NetFlow analysis products are competent but rarely expose useful data metrics beyond simple analysis of voice and critical data. The amount of data processing needed to enhance the usefulness of NetFlow is beyond the current software developers--Truviso may be an answer to that.

But perhaps the most vital part is software-defined networking (SDN) applications. While many SDN controllers are looking to implement as configuration utilities, the longer-term value of the OpenFlow-enabled network is the ability to dynamically respond to packet flow events and change the network configuration. This concept would require massive data analysis of the entire network (a Big Data problem if ever there was one) and is not easily implemented. Therefore, a "Big Data engine" will be a vital part of any long-term SDN strategy.

Because Truviso already has an OEM model, the business unit could release products into other Cisco business units for use. Less repackaging, less change means faster adoption of technologies (Cisco is slow to integrate new acquisitions these days).

So, perhaps Truviso has a part to play in the Cisco portfolio. Here's the vision I see: "The network of the future will be driven by software controllers that are fueled by Big Data." Although, Truviso doesn't look like a networking product, but the fundamental change in networking to data needs new engines. Cisco is often able to pick the trends but often fails in the execution. Let's see how this one plays out.

BYOD vs. Network Bandwidth: How Blue Coat Tackles Selfish Apps

Art Wittmann — Fri, 11 May 2012 20:43:00 +0000

New devices that support bandwidth-hungry applications are invading the network--it's time to embrace and control them.

There's a lot of Internet applications out there with a lot of different network usage models. Some are chatty, some are optimized. Some are bursty, others are constant network bandwidth users. Even if you can figure out what applications are coming into your enterprise and understand their bandwidth needs, that's only part of the problem. Some of the apps are critical to the company, and others--like, say, YouTube--are less so. Many who've tried to manage the melee have given up in favor of just adding more bandwidth. And that was a viable solution until the recent rise of what Blue Coat calls the selfish application.

What's a selfish application? It's any app that from time to time downloads a lot of data and does it as fast as it can--regardless of the needs of other apps on the network. In other words, most apps are selfish. The difference these days is the quantity of data they're downloading and the likelihood that lots of other people are running the same apps and downloading similar quantities of data. Think of all the Flash updates, or iOS refreshes, or YouTube users on their personal devices. The data sets have gotten bigger, and the number of users is growing daily. So if you weren't managing your WAN bandwidth before, it might be time to start.

Blue Coat gave a quick demo of how YouTube can suck up available network bandwidth, and how its Mach5 and PacketShaper products can manage bandwidth limitations for particular apps. For the most part, the problem of bandwidth-hungry apps is newer than the Blue Coat features to limit them. The problem is compounded by employees, visitors and contractors bringing in their own devices and expecting access to the Internet and internal resources. It can be further exacerbated by heavy use of SaaS applications.

Blue Coat does have a new major release of its software, which has been shipping for just a month now. Version 9.1 now handles IPv6 and increased the throughput capability when run on Blue Coat's fastest hardware.

Interop Las Vegas 2012: A Big Thanks to the Speakers

Mike Fratto — Fri, 11 May 2012 18:00:00 +0000

Interop Las Vegas 2012 is over. It was a good show -- and I'm not saying that because my company, UBM Techweb, runs it as well as Network Computing. I enjoy going to Interop -- I've been to 30 (two a year for 15 years), I run into a number of people I know, and I get to meet many more. Some have become good friends and colleagues. Attendance for the Data Center and Storage track sessions—the two tracks that I chair—were up from last year, and we had some good interaction between the speakers and audience during and after the sessions. That's what I call success.

I mainly want to say thanks: Thanks to the audience members who attended the sessions. I know the speakers appreciate you coming and asking questions. There were a number of good sessions each day; making a choice of where to go was difficult.

Thanks to the track speakers, in no particular order: Dave Peters from ESRI, Kurt Marko from InformationWeek, John Burke from Nemertes, Sam Barnett from Infonetics, Frank Wiener from Cyan, Eric Shepcaro from Telx, Barry Dykes from ViaWest, John Abbott from the 451 Group, Duncan Cambell from HP, Brendon Howe from NetApp, Stephen Steir from VCE and Dheeraj Pandey from Nutanix. The Data Center track was informative, and I'm sure the Interop Las Vegas audience learned from your sessions.

On the Storage track, thanks to Stu Miniman from Wikibon, Howard Marks from Deep Storage.net, Stephen Foskett from Gestalt IT, Randy Kerns from the Evaluator Group and Sandeep Singh from HP. In particular, Marks and Foskett agreed—I still don't know why—to engage in a "Cloud storage is DOA" debate, with Foskett arguing it isn't and Marks arguing it is. (Marks doesn't really think cloud storage is D.O.A., he was just arguing the point.) It was fun, funny and informative. Marks won by a landslide, but that was due to releasing his inner thespian. You can catch the debate on YouTube.

I had the pleasure of sitting down with:

Allan Leinwand from Zynga, who discussed what the social gaming company is doing with its cloud;
John Engates from Rackspace, about cloud computing and OpenStack, among other things;
Allwyn Sequeira from VMware, who talked about virtual networking and SDN;
Steve Hanna from Juniper and the Trusted Computing Group, Lisa Lorenzin from Juniper and Mark Townsend from Enterasys, who caught me up on IF-MAP; and
Don Clark from NEC, who caught me up on what NEC is doing with OpenFlow.

Lots of good conversations that I'll dig into later.

If you missed the Las Vegas Interop keynotes, you can catch them at Interop TV. We're getting ready to work on Interop New York, coming Oct. 1-5. We should be going through the call for papers and putting together the sessions. I know Jim Metzler and I will do the SDN and Data Center LAN Design workshops again.