Internet Network Security Blog

As the major US carriers get closer to unleashing shared data plans for mobile devices, it’s worth noting how this change in offering will likely impact both the private and corporate sides of the mobile client world. Smartphones and tablets have already been profoundly disruptive in a number of ways, and new multi-device data plans will only magnify the effect.

Along with various announcements by US carrier execs in 2011 on this year’s long-anticipated arrival of shared data plans, a fair amount of hope and speculation on what these plans might amount to has also been afoot. Will my department be able to get a single pool of data that our iPhones and Android tablets alike can all draw from? How about a single contract that covers all of the smart devices that my family uses? And wouldn’t rollover data be sweet -- if I don’t use it all this month, it adds to next month’s plan? Details on what is actually coming from each carrier are scant, but we can hope for a good range of options.

To get a sense of what shared plans in the US might eventually feel like, we can look at Canadian provider Rogers Wireless and their Data Share Plan (www.rogers.com/web/content/dataSharing). With Rogers, currently up to 5 devices can access a shared data allotment with a variety of monthly pricing tiers available. It is interesting to picture similar offerings in the colors of American carriers.

From the personal device angle, I’m all in favor of family plans. I’d love to replace the non-smart 'feature phones' that my kids currently have. Because I can’t/won’t spring for multiple pricey data plans, three bright and social teens are relegated to the world of non-smart phones. Will a 'big' plan for multiple devices be any cheaper than several individual plans? We’ll see. My dream plan would also come with control mechanisms sophisticated enough to allow good parental control over the youngsters’ mobile connectivity (at no additional fee, of course) while restricting nothing for the older members using the plan.

Contemplating the corporate mobile realm, it’s harder to know if the impact from shared data plans will be direct or indirect. Though shared data plans would also help sell more smart devices to businesses, it remains to be seen whether such plans will be offered to corporate customers. But even if shared plans are relegated to the consumer space, their impact on enterprises will certainly still be felt.

Anything that fuels the mobile device explosion has ripple effects on the corporate WLAN. The increase in clients seeking Wi-Fi offload will bear on WLAN design and support, as wireless worlds continue to collide wherever smart devices pop up. And if the WLAN admin has to worry about the added devices, so does the enterprise security team as the final 'D' in BYOD further proves to mean drama, dilemma, disaster, and a number of other unpleasant descriptors as we all get used to the new paradigms of highly mobile personal devices being hosts on the corporate network.

Cable TV and business telephony systems are feeling the impact of smart device popularity. Sales of laptops and specialty devices like GPS units are already losing ground to smartphones and tablets, and this effect will only get more pronounced with the advent of shared data plans and more sophisticated mobile platforms. (I know I’m not the only one who pitched my automotive GPS when my Droid came to town.) Technical evolution is always a game of winners and losers, and while some device markets fall off, the world of paid applications and smartphone accessories will be further ignited by pooled data plans that put more devices into more hands.

Finally, shared data plans and added users on those plans will hasten and amplify many of the societal changes that an always-on, Internet-Portal-In-Your-Pocket brings. In countless ways, we all actually get a bit smarter with these gadgets on hand. And ruder. And more resourceful. And less attentive. And more productive. And less engaged. The dichotomies are many, and are simply becoming a way of life for those who have smart devices.

For those who haven’t been able to ride the mobile smart device wave for financial reasons, the pending arrival of shared data plans should end up getting more clients into our very, very connected world, for better and worse. How it all shakes out remains to be seen, but the mobile network carriers have a chance to deliver yet another disruptive blow to the networked world. Let’s see what they do with it.

Tackling 'big data' challenges is a growing concern for enterprises looking to mine their data stores, according to the Enterprise Strategy Group. ESG defines big data as data sets that exceed the boundaries and sizes of normal processing capabilities, forcing you to take a non-traditional approach. With big data, such data sets can range from ten to hundreds of terabytes in size.

Managing big data is an issue because the platforms are expensive and require new server and storage purchases, training in new technologies, building up an analytics toolset, and finding people with the expertise in dealing with it. "What's happening is that you've got different vendors saying they have a big data solution without saying what problem they're solving," says Julie Lockner, senior analyst and vice president of data management.

One of the most important factors is meeting the needs of both information technology and business departments, says Lockner. "It seems obvious, but a lot of IT organizations are trying to make an enterprise-class decision without collaborating with business," she says, meaning organizations can be over-invested in one technology and not enough in another.

Organizations that are the most successful with big data initiatives are ones where IT worked with business to brainstorm on what would be possible. "Business isn't going to know the difference between (Apache) Hadoop (a software framework that supports data-intensive distributed applications) and MPP (massively parallel processing)," she says. They just want the answers to their questions faster and smarter, and then those projects will be more successful, she says.

A recent survey conducted by ESG highlights enterprises big data issues. For example, when asked about the importance of enhancing data analytics activities relative to all an organization's IT priorities over the next 12-18 months, 6 percent of respondents said it was the most important IT priority, and 45 percent said it was one of the company's top-five IT priorities.

When the same group of users was surveyed about data analytics challenges their organization had experienced, 47 percent said that data integration is complex, 34 percent said the lack of skills necessary to properly manage large data sets and derive value from them, 29 percent said data set sizes limited their ability to perform analytics, while 28 percent said that they were unable to complete analytics within a reasonable period of time, ESG says.

Learn "the technologies and procedures for protecting data with 'Strategy: Stop Illicit Data Dumps'" by subscribing to Network Computing Pro Reports (free, registration required).

While others in the wireless market seem to float one press release after another about new products and features, Cisco tends to be more deliberate in releasing their latest wireless offerings . In my opinion, Cisco has been a bit too slow in updating the company's aging wireless management framework for their market-leading customer base. But it's here now, and worth talking about.

On the outgoing pile for Cisco wireless management is Wireless Control System (WCS), and the new kid on the block transforms WCS to Cisco Prime Network Control System, or NCS for short. If you didn't catch it, "wireless" has been dropped from the name, and there is purpose behind that change. Cisco sees bigger things for its latest network management system than just the wireless side of the network, but we'll get to that in a bit.

As a WCS customer since 2006, I've been a bit disappointed with the management solution at times. How disappointed? Let's just say that when Cisco wireless competitor Aruba Networks bought the Airwave management product line back in 2008, I was seriously bummed out. Having used both Airwave and early WCS back in the day, I fantasized that Cisco would scrap its own solution early on and purchase Airwave instead of continuing development on WCS. But alas, WCS soldiered on as Cisco's wireless management offering, and did get better through the years. Better- yes, but still frustrating in some important ways.

Long before my environment grew to its current scale of 3,000 plus access points and 10K daily peak client devices, WCS would occasionally grind to an almost unusable crawl. Reporting has been problematic in that it was easy to ask for "too much" data, like several months worth of this or a year's worth of that. Information lookup that did give what I asked for could be painfully slow or inconsistent, and TAC cases invariably confirmed that our config and available resources were adequate. There were also many more annoyances along the way, but WCS' little character flaws simply became a fact of life and my team learned how to squeeze as much as we could out of it while frequently petitioning Cisco for relief. Meanwhile, the system did an overall adequate job over the five years we kept it in service.

With the NCS' arrival, I can say first-hand that some improvements over WCS are obvious. I have yet to query the new Oracle-powered NCS database in a way that isn't responded to quickly, and the overall pep of the UI is much appreciated compared to my WCS experiences. I can actually get the data that I need to evaluate a number of decision points going forward with network expansion and upgrades. I have found no report too big to be run, and run quickly. This is a capability that in many ways, I have been waiting years for. A Big fat thumb's up to Cisco for this. A word of caution though- there are specific browser requirements for anyone using NCS and they can trip you up, so read the release notes if you go down the NCS road.

Pretty much all of the configuration, monitoring, and alerting stuff is familiar enough in NCS. The news in this regard is that Cisco now includes limited functionality for network switch monitoring, and the ability to use the Mobility Services Engine (MSE) to track wired users along with wireless clients throughout the network. The overall switch support is on the thin side in this incarnation of NCS, but you can guess where this might be going. Cisco's "Borderless Networks" campaign and the growing importance of wireless as a network component that's every bit as important as Ethernet means that common management is likely inevitable.

There is a modest upgrade cost to NCS, which I must admit to finding offensive. WCS was so problematic for so long that in my opinion, it should be a free upgrade for Cisco's customers that didn't abandon it. Here's hoping that as Cisco begins melding wireless and wired management into a tighter integration that none of WCS' baggage has carried over to the wireless giant's latest management suite. And to Cisco's credit, I do have to say that so far I very much like what I see in NCS.

Across IT, many observers have identified three broad trends going forward -- mobility, cloud computing and the consumerization of IT. When it comes to networking, these trends are expected to drive demand for more bandwidth capacity and, increasingly, wireless network architecture. In addition, 2012 is expected to see a continuation of the intense rivalry between industry leaders Cisco Systems and HP, as the latter tries to chip away market share from the former.

The combined trends of mobility and consumerization will force network administrators to invest more in wireless networks and less in wired networks because of the simple fact that tablet computers don’t have Ethernet ports, noted Saar Gillai, chief technology officer of HP’s networking business. “Tablets don’t have cable,” Gillai said, adding that younger workers, in particular, are increasingly bringing their tablets, to work with them. “A tablet is something they expect, not something that’s new and exciting. If their primary tool is something they can’t connect to the network, it’s going to be a problem for them.”

At the same time, newer smartphones are usually equipped to connect to the Internet via wi-fi at a user’s home, workplace or in public places instead of just on the carrier’s network, he added, which will increase workload demands on wi-fi networks. Also, as mobile devices become more powerful, they are used for more sophisticated applications, such as videoconferencing, requiring even more bandwidth.

Demand for higher-capacity networks is also driven by cloud computing, be it on public or private clouds, Gillai said, noting that legacy network technology is being replaced by network fabrics that offer multipath connectivity for ever-increasing loads. But while HP is offering technology such as Intelligent Resilient Fabric (IRF), that aggregates multiple switches to act as one, he said other HP innovations are more long term.

In the rivalry with HP, Cisco has positioned itself as the innovator in networking while portraying HP as the provider of the “good enough network.” Conversely, HP has touted itself as the best alternative to Cisco’s market dominance. “Customers need to have choice. If customers have choice we believe we will win more often than not,” Gillai said.

While HP claims to be taking market share from Cisco, the record is actually mixed. HP touts market share gains that it says are at the expense of Cisco, but it has lost market share more recently. While HP’s share of the Ethernet switch market -- just one component of all networking technology -- reached 12 percent, based on revenue, in the first quarter of 2011, it fell to 10 percent in the third, according to numbers from Dell‘Oro Group.

Cisco CEO John Chambers pointed that out in an address at Cisco’s shareholders meeting Dec. 9, after mentioning Cisco share of 72 percent. “And HP, who is one of the competitors who has said they were going to leave us behind, shrunk by 2 percent,” Chambers said.

But HP can also claim success by other measures, said Chris DePuy, a wireless LAN (WLAN) research analyst at Dell’Oro. Cisco enjoys a 54.6 percent share of the WLAN market, based on units, in North America, but only 22 percent in the Asia-Pacific (APAC) region. HP has only a 5 percent share in North America but a 27 percent share in APAC, exceeding Cisco’s. DePuy attributes that primarily to the operations in China that were formed as a joint venture called H3C between 3Com and Huawei that HP inherited when it acquired 3Com in 2010.

In the broader global enterprise WLAN market, Cisco remains the undisputed leader, with 51 percent market share, based on revenue, to HP’s 7.5 percent share, in the third quarter of 2011. Cisco’s share is down from a high of 59.4 percent in the fourth quarter of 2010, which could give some credence to HP’s claims that it’s winning business away from Cisco, except that HP’s share has stayed in the 7.3 percent to 7.5 percent range over the last year. Dell’Oro numbers do show other WLAN vendors such as Alcatel-Lucent, Aruba Networks, Motorola Solutions, Ruckus and a number of small start-ups gaining share.

“You have a percent here, a percent there, a couple of the small players are growing fast. It’s not like you have some big monster breathing down the neck of Cisco. They have more than half the market. They’re just losing a little here and a little there,” said DePuy.

See more on this topic by subscribing to Network Computing Pro Reports Strategy: Inside OpenFlow (free, registration required).

It's December 29th and I have started to transfer personal DNS domains from GoDaddy. Their position on SOPA (Stop Online Piracy Act)—their reversal not withstanding—was the nudge that pushed me over the edge. Frankly, GoDaddy has been acting poorly over the last few years and I decided to move my domains elsewhere. So far, the transfers have gone well with nary a hiccup.

I don't have a problem with trying to curb piracy. Enforcing copyright is good for content creators, publishers, advertisers, stores—anyone involved with the creation and distribution of creative works. If you want to charge for your work, give it away for free while disallowing modification, give it away and let others modify and redistribute it, then you, as copyright holder, should be allowed to do so. For all the benefit of giving away the things you create, there are economic incentives to charge for work and if you are offended by that, too bad. Some of us want to get paid for our work, but a bad law is worse than no law and neither SOPA nor PIPA are good laws. I made a personal choice to not support companies that support bad laws. Leaving GoDaddy is just one recent example.

Regardless, If you want to transfer your domain now or at any point in the future, and there are many reasons why you might want to do so, there are some things you can do to ensure that the transfer will go smoothly.

• Make sure your contact information is current and correct. Sorry kids, but DNS is a public service and you have to provide accurate contact information if for no other reasons than if someone wants to contact you, like a lawyer or law enforcement before, during, or after taking action such as a DMCA takedown or notifications required under SOPA and PIPA, they can always find you through whois. If you are worried about leaking private information, use addresses, email accounts and phone numbers not associated with your personal or professional contact information but still allow you to be reached. Alternatively, you can use privacy services offered by your registrar to hide behind. Frankly, in the 10+ years I have had DNS names, I haven't received any spam or solicitations. Your mileage may vary.
• If you are using your registrars privacy services, you will need to uncloak during the transfer process. The receiving registrar needs to get your whois data and they can't if it is locked. Unlocking your whois data may require extra steps with your current registrar, so check first. It may delay the transfer, but you signed up for privacy so don't blame the registrar for executing on your wishes.
• Your authoritative DNS servers will not be affected by the transfer unless you are using your registrar's DNS servers for your domain names. In other words, of your domain name is registered through Acme Registrar and your how names like www and mail are managed through Acme Registrars service, then Acme will likely remove your domain name from their DNS servers after the transfer is complete. Set-up secondary DNS servers and ensure they have propagated before you initiate the transfer.
• Give it a few days to let the transfer complete. You will have to authorize the transfer (which is why you need a valid email), and wait for the registrars to handshake. Once it is started, you shouldn't need to do anything else unless there is a problem
• While you are transferring your domains, make sure you establish a strong password for your registrar. Make it long and complex, write it down and put it somewhere safe. That will keep attackers from guessing your password. Oh, and remember to lock your domains after the transfer is complete.

Update. The first of my domains are completing transfer. It took me about 2 minutes per domain, and about 5 hours for two registrars to do their thing. No blocking from GoDaddy. No phone calls pleading for my business. No drama. Maybe I am not important enough. Or maybe I am too important. I'll go with the latter. (ha ha) Have a great New Year.

After about eight or nine years of networking innovation stagnation, the number of new innovations starting in 2010 and exploding in 2011 is astounding. Speed and feeds are increasing, but the exciting work in 2011 occurred in new technologies to support initiatives like cloud computing, storage and data convergence, as well as migrating to IPv6. Here are the highlights.

Multipath Ethernet was all the rage in 2011. Protocols like Multichassis Link Aggregation (MLAG), Transparent Interconnection of Lots of Links (TRILL), Shortest Path Bridging (SPB) and proprietary protocols are all aimed at solving one of the thorniest issues in networking:getting rid of spanning tree and making use of all the interconnects between switches. The problem is that none of the multipath Ethernet product suites are standards-compatible. Part of the issue is that TRILL and SPB still aren’t fully ratified, so there isn’t a standard to conform to. But the other part is that early implementations of the current protocol drafts have gone far afield of what will likely be the final version. Brocade’s VCS uses only TRILL framing but not IS-IS, which is used by switches to form a coherent view of the network. Cisco’s FabricPath has taken TRILL and "enhanced" it to work better. Both Cisco and Brocade claim they will support standard TRILL after it is ratified.

Of course, the question has to be asked: Is multichassis link aggregation (MLAG) good enough? Unless you have an Internet-scale data center with tens of thousands of servers, you probably don’t have the port count, port density, nor strict SLAs that would require a partial or full mesh network that a TRILL-based network could provide. If all you need to do is to reduce the EoR/ToR switch to core oversubscription, then MLAG may be a workable choice. HP thinks that eschewing both TRILL and SPB in favor of MLAG is the way to go.

Juniper, for its part, went in a totally different direction with QFabric, by taking the chassis concept and distributing the components to a stand-alone director that acts as the brains of QFabric and ToR switches that connect to servers, as well as home-running back to a backplane chassis. It’s a bold move, and the proprietary approach is one that we have been critical of.

The question of whether multipath Ethernet standards will ever be implemented and, more importantly, whether various vendor products will interoperate is cloudy at best. Perhaps standards don’t matter and vendor choice does, because in all likelihood, if you are going to buy into a vendor’s fabric, you’re going all in.

All-in with OpenFlow

Software Defined Networking (SDN), which allows applications and stuff other than traditional network management systems to manipulate the network, builds on multipath Ethernet, converged networking and orchestration, have primarily been used to build private clouds in your own data center. The darling, of course, is OpenFlow, a protocol designed for controller-based flow management. The hyperbole around OpenFlow has been thick with claims that it will commoditize switching, make networks faster and more reliable, and treat male pattern baldness. The first two claims are just outrageous.

There is value in OpenFlow, and the promise of a programmable network that is both dynamic and robust is powerful, but let’s remember that Openflow made its commercial debut in 2011 with NEC and Fujisu announcing switch platforms at Interop 2011 and BigSwitch announcing a controller. The InteropNet Labs Openflow demonstration showed the tip of the iceberg of what can be accomplished with OpenFlow-based networking, but we have yet to see anything unique or innovative. That’s coming.

What is promising is the vendor backing of the Openflow Networking Foundation, an industry consortium founded by some of the largest Internet companies, including Deutsche Telekom, Facebook, Google, Microsoft, Verizon and Yahoo, and that includes participants from every major networking vendor.

IPv6 Out With A Wimper

You’ve been warned. In February, the IANA handed out the last of its IPv4 address space to the Regional Internet Authorities (RIR). There are no more to allocate, and the RIRs are parsimoniously allocating the remainder. While the IPocalypse is not a cause for panic, you’d be remiss if you haven’t been planning to migrate to IPv6 in the near future. There are going to be some challenges, mostly in supporting existing IPv4 servers and devices that will never have an IPv6 stack, as well as supporting any Internet-facing services. We’ve put together a resource page that we update to get you started.

What’s bigger news is that there is so little IPv6 adoption under way. It’s as if the lack of a hard deadline, like we had with Y2K, means that adoption can be pushed off indefinitely. The fact of the matter is that, despite products coming to the fore, moving to IPv6 presents some significant hurdles.

Today, not even network operators have fully deployed IPv6. When I announced that Network Computing was IPv6-ready, the reality was that the URL www.networkcomputing.com could be resolved to an IPv6 address, but all the components, such as images and ads, that are hosted on other servers were still on IPv4 largely because our hosting provider still hasn’t deployed IPv6 to our co-lo.

In 2010, the Interop conference announced it was giving back its IPv4 class A address space to IANA (potentially worth millions on the market) and moved to a dual-stack IPv4/IPv6 network for the show. While it went OK, the InteropNet team did have some lessons to learn. Everyone dealing with networks--engineers, support staff, end users, and so on--have grown accustomed to reading off IP addresses. But as the InteropNet engineers found out, that is untenable in IPv6 networking, where the address strings are long.

See more on this topic by subscribing to Network Computing Pro Reports Strategy: Inside OpenFlow (free, registration required).

As we wrap up another year of doing more with less – too often a lot more with a lot less – it's time to look back at the highs and lows of the vendors of IT products, services, panaceas and placebos. Based on the latest quarterly earnings, HP ($32.3 billion) had a comfortable lead over Apple ($28.27 billion) and third-place IBM ($26.2 billion). Microsoft ($17.37 billion) held down fourth place, followed by Dell ($15.4 billion), Intel ($14.2 billion), Cisco ($11.3 billion), Oracle ($8.4 billion) and EMC ($4.98 billion). Depending upon whose forecast you use, the top vendors accounted for more than a third (IDC) or a fifth (Gartner) of the total IT pie this year. Here are some of the news they made in 2011.

Back in the late 1980s, just prior to Lou Gerstner taking control of a beleaguered IBM, a noted analyst said Big Blue was facing two options: shoot itself in the foot or wait until the market shot it in the head. In other words, make the painful choices before customers and competitors made them for you. Fast forward to 2011 and a long-recovered IBM must have gotten a lot of enjoyment – and new customers – as HP appeared to get a garbled translation and tried blowing its own head off.

Trouble in paradise first came to light in June, when HP ousted two executives and gave a third a seat on its board. Out after 29 years at HP was Ann Livermore, head of HP Enterprise Services, as well as Pete Bocian, executive VP and chief administrative officer, and Randy Mott, executive VP and CIO.

Ex-SAP CEO Leo Apotheker's reign of terror as president and CEO of HP came to a close a month after he announced that the company was considering spinning off its Personal Systems Group, its PC business which accounts for almost a third of its total revenues. He was replaced by former eBay CEO Meg Whitman. In late October, she announced that HP had decided to stay in the PC business.

According to a Dell-sponsored study from IDG Research Services, 64% of current or potential HP customers with more than 500 employees were concerned by HP’s changes in business strategy and leadership. Another recent survey of 130 HP customers in the United States with at least 500 employees, by Technology Business Research, found that respondents were concerned with the direction the company was taking.

On a more positive note, this year IBM was focused on making things work better or cost less. What struck Janelle Hill, VP, business process management research, Gartner, as most significant at the kickoff to Impact 2011 was IBM's emphasis on helping business transformations, to position companies for growth and optimization of performance results with a much lower amount of emphasis on IBM technologies and product brands. "There is a significant amount of emphasis on the need for leadership and cultural change, not just technology," she says.

Microsoft tossed a curve ball in May when it pledged wider support for open source software. "Microsoft continues to work on becoming more open in how we develop solutions and work with the open source communities," wrote Sandy Gupta, general manager of the open solutions group at Microsoft in a blog post prior to his keynote address at the Open Source Business Conference (OSBC) 2011.

While Microsoft was talking about changing its spots, Dell was actually doing so. At its inaugural Dell Storage Forum in June, the company that originally started off as a storage vendor in Michael Dell's college dorm, highlighted its evolution from a storage reseller – mainly EMC – to a storage OEM. Dell is becoming a technology leader, at least as far as storage goes, said Terri McClure, senior analyst, Enterprise Strategy Group.

In October, Dell and EMC ended their 10-year multibillion-dollar OEM relationship, during which Dell accounted for 8% to 9% of EMC's annual revenue, while EMC contributed approximately half of Dell's storage revenue. At the time of the split Dell's own storage platforms grew revenue 15% year over year and represented nearly 80% of its storage revenues and more than 90% of its storage profits.

Like HP, Cisco also stumbled this year, announcing a major restructuring and reporting disappointing financial results. At the start of May, the networking giant announced it would streamline its sales, services and engineering organizations, and would focus on five areas: core routing, switching and services; collaboration; data center virtualization and cloud; video; and architectures for business transformation. A week later it announced income of $1.8 billion on net sales of $10.9 billion.

Chairman and CEO John Chambers said that the company has acknowledged its challenges: "We know what we have to do. We have a clear game plan, and we are a company with a track record of market-shaping innovation," he said in a statement.

Parting ways with Dell didn't seem to slow EMC down at all, which made a number of announcements in 2011, including announcing a focus on big data and the cloud. Charles King, principal analyst, Pund-IT Research, was impressed by EMC's focus on partnerships, as well as with the lack of "acrimony" that seems to increasingly characterize HP, Oracle and IBM. "They really made an effort to talk about the channel and their partners," he says.

The storage giant also boosted its SMB (Iomega) portfolio, expanding from its usual 25-50-user segment to the 100-250-user range, while still clearly differentiating itself from its entry-level VNX family. Their previous network solution offerings have mainly been SOHO focused, said Liz Conner, senior research analyst with IDC's storage systems and personal storage teams, but with its latest products, it is really looking to move full steam ahead into the SMB market, and bring with it enterprise features, but with the simplicity and price point more akin to personal storage.

Finally, Oracle continued to reinvent itself following its acquisition of Sun's hardware and software assets, and its acquisition in July of Pillar Data Systems. Oracle president Mark Hurd, Apotheker's predecessor at HP, said we think we can run applications 10 times faster using a 10th of the storage capacity. For its last quarter, the Sun hardware business brought in $1.2 billion, and while non-Sun storage was down significantly, Sun storage and tape grew very well.

See more on this topic by subscribing to Network Computing Pro Reports Strategy: Unified Computing Stack Wars (free, registration required).

We've come a long way since the early days of wireless networking. On the right 802.11n network today, you can see data rates of 300 Mbps and real throughput that tops Fast Ethernet speeds. But things change quickly in the wireless space, and after a recent conversation with chipmaker Broadcom, I can smell ridiculously fast wireless off in the distance.

Many wireless environments got started for real when supported data rates were along the lines of 1, 2, 5.5, and 11 Mbps. These are slow by today’s standards, but were enough to fertilize a burgeoning technology that became addictive to those who tried it. The portability advantage that came with early wireless was absolutely compelling, enhanced by the Wi-Fi Alliance’s world-class interoperability campaign that gave the wireless industry a unifying undercurrent. Many of us got our environments so hooked on wireless that going to expensive 54 Mbps-capable 11a and 11g dual band APs was a given when they hit the market. Wireless client device counts climbed and continue to climb, and 11n has sealed the deal that wireless is bigger than wired networking in many large and small environments. That’s the nickel history lesson, but again, things change fast in the wireless world.

Even as many large environments work on migrating to 11n, with its cool features like rate-boosting wide channels and MIMO antennas that make the once-evil multipath affect work on our behalf, there is much going on behind door number three. Like most IT folks living the wireless dream, the voices in my head are very fond of asking “what’s next”? To my delight, I was recently able to get that question answered by industry giant Broadcom, whose technical folks are in the thick of helping to shape both the pending 802.11ac wireless standard and the culture that will accompany it.

What follows here is my take-away from the conversation, and as you digest it please remember that 802.11ac is developing. It is not yet even a draft version of what it will become. At the same time, there is a lot to talk about. To address the wireless gee-whiz stuff straightway, the 11ac standard will allow for data rates up to 1000 Mbps in the 5 GHz spectrum using channel widths up to four times as wide as current 11n uses at its fastest. In other words, we will eventually see 160 Mhz wide channels. Impressive, yes- but initial product sets will ship as “pre-standard” in 2012 at half or below what the intent of the standard supports from a performance perspective. Even when the actual standard ratifies, which is expected in 2014, products will probably not be ready to deliver on full Gigabit data rates for some time afterwards.

At the same time, we are realistically using “Gigabit” and “wireless networking” in the same sentences, and that is significant in and of itself. And because 11ac works in 5 GHz and not in 2.4 GHz, we will finally get some relief from device manufacturers continuing to saturate the dirty 2.4 GHz space with even more noise makers, also very significant.

Back to Broadcom, and how 11ac will invade our collective conscience. Consumer-oriented, pre-standard products will hit shelves in 2012. The unquenchable thirst for ever-more video applications and delivery mechanisms will push 11ac along. Wireless home routers built on 11ac specs will have greater effective range, and client devices should see improved battery life over earlier wireless technologies, mostly because more data is being moved in the same time slice, says Broadcom. And when 11ac chipsets start to ship, expect them to be at a pretty frantic pace.

2012 will be the year of 11ac cutting teeth in the consumer space. Even though the Wi-Fi Alliance is expected to greatly hasten interoperability testing and certification for 11ac products compared to past standards, the enterprise faction of the wireless market will be slower to adopt and embrace draft versions of 11ac as it develops, until a version emerges that feels close enough to “baked’ for the wireless big guns to take a chance on. Look for this milestone in late 2013, several months ahead of 11ac becoming official.

Obviously, the 802.11ac story will get bigger in the months to come. Broadcom and others in the industry have done an amazing job in evolving the wireless space almost to high-performance ubiquity, and 11ac is the natural next step in the journey. Consumers will love it, while enterprise IT folks will eventually agonize over why and how to migrate their large networks to 11ac. Even though we won’t get to Gigabit wireless in 2012, it’s still a good bet that marketing folks will have a field day with outlandish claims of nonsensical coverage range and physics-defying speeds as early shadow versions of 11ac take root, and so the force remains in balance.

At the time of publication, Broadcom has no business relationship with Lee Badman.

Dear Santa: While I wouldn’t be upset to find a Mercedes SLK350 with a big ribbon on it parked in front of my apartment on Christmas morning, the best present Santa, and the networking industry, could give me is general availability of 10GBase-T across switches and NIC/CNAs. Once I can just order my 10gig network gear with 10Gbase-T, I can stop worrying about how to pay for optical transceivers at $350-$1,200 a pop, as well as the never ending compatibility problems with both optics and twin-ax direct connect cables.

Since 10Gbase-T runs over plan old twisted pair cable, there’s no way for a switch or CNA to interrogate the cable and reject it because it wasn’t blessed. Sure you have to make sure your cable plant is up to the higher data rate. In general, that means Cat6a unshielded twisted pair or Cat 7 shielded cable, though you can use Cat 6, or even Cat 5E, patch cables for short distances (30M or less).

Just as I was feeling that I had found a solution to the 10 Gigabit Ethernet cable conundrum, my friend Greg Ferro blogged that he thought twisted pair cable was a mistake for 10 gigabit Ethernet. He pointed out four problems he had with cat 6 for 10 gigabit traffic.

Greg’s first complaint and the biggest real down side to 10GBase-T is power consumption. Even with today’s 40nm PHY chips, driving a 10Gbase-T port will take 2-5 watts where a twin-ax DAC cable or 10Gbase-SR transceiver draws under a watt. Since I’ve spent much of my career working in data centers on the 34th floor of New York office buildings, I’m sensitive to the power limitations many data centers face.

But before you write off 10Gbase-T as a major cause of global climate change since it uses 4-5 times as much power, remember that we’re talking about 5 watts in the context of a server that’s probably drawing 3-500 watts. Unless you’re designing a system for a submarine, or one of my client’s over populated Manhattan data centers, 10GBase-T isn’t going to bust your power, or your financial budget.

Assuming a worst case situation where a 10GBase-T link would use 10 watts more than a fiber link, that’s only an additional 7.3 KWh/month. We use about as much power each year to cool our lab as the servers and storage inside the lab use and pay about 18 cents per KWh. At those rates a 10 watt link will cost us around $30 more a year to run while costing $700 less. Since most 10Gbase-T equipment will run in a roughly 2 watt mode for short cables (up to 30M which should cover most server-switch connections), we’re talking about a few dollars a year to run 10Gbase-T on a server.

Greg then objects to the size of Cat 6A cables. He has a point if we’re comparing Cat 6A to fiber, after all the 48 strand fiber cable that would serve a full rack of servers is just .6” in diameter where a 48 cable bundle of Cat6A cables could be over 3” in diameter. From where I sit it makes more sense to compare Cat 6A not to fiber but to the Cat 5E that it’s probably going to replace. Most Cat 5E cable is between .2 and .25” in diameter, where the Cat 6A standard allows cable to be up to .35”. However, vendors including Panduit, who Greg references in his post, and Belden are now making Cat6A cables that are under .3” so that 48 cable bundle will be around 2.5”. Yes bigger, but considering that we’re taking a typical server from 5-9 Cat 5E cables for 1GBase-T to three, two data one IPMI management, with cables in the 10 Gigabit era the total space twisted pair cables will take up will be less than we’ve used in the recent past.

Greg says, “This leaves the problems of mechanical and electrical performance over time. The basic problem I have is that Cat6A is close to the limit of what can be achieved with copper in terms of electrical performance. It was originally believed that 10GBaseT wouldn’t even be possible.”

Now Greg has a point that eventually we just won’t be able to squeeze higher and higher data rates through a twisted pair cable and 8x8 modular jacks. I myself once predicted that we’d never see gigabit Ethernet, since collision detection requires that the first bits of a packet reach the most distant node before the last bits are transmitted, a gigabit network could only be a few meters end to end. I was of course proven wrong as we adopted switching, and collision detection became a historical artifact.

However, I remember hearing almost exactly that same “Twisted pair isn’t up to carrying our really cool new fast tech” line when Synoptics introduced LattisNet Ethernet over twisted pair. People were so concerned that 2 twisted pairs couldn’t securely carry 100Mbps Ethernet that a four pair standard 100Base-T4 was ratified just in case. The pattern over the past several Ethernet speed upgrades has been for fiber to come first and for truly widespread acceptance to occur when twisted pair made it cost effective.

Greg worries that twisted pair cable is delicate, that the cable is weak where it enters a modular plug (more frequently referred to as RJ-45), that overinsertion of cables during cable assembly can cause problems, and that a kinked cable can cause data reflections. Having spent 20 years in data centers where twisted pair was the norm, I’ve always had the impression it was fiber, not twisted pair, that was fragile and hard to terminate. Maybe Greg thinks it’s better that the fiber in an optical cable snaps when slammed in a cabinet door so the problem is permanent not intermittent. I’ll just dress my cables so they can’t slam in the door.

Finally, Greg quotes a no longer available blog post that implied that 10Gbase-T has lower bit error rate specs than optical or DAC connections. I spent some time researching this and found not only that all 10 gigabit Ethernet PHYs (Physical layer implementations), and Fibre Channel have the same worst case BER of 1 in 10^12. My research shows real world BERs of more like 1 in 10^15 in the field. While some Fibre Channel folks have lobbied for higher standards, they’ve never made it into the spec.

When 10 gigabit Ethernet becomes standard on servers, it will almost certainly be 10Gbase-T because 10GBase-T ports can auto-negotiate down to 1GBase-T. Server vendors can sell 10GBase-T servers into data centers that haven’t yet upgraded their network gear but would have a smaller market for SFP+ on the motherboard. Now, if there were 10Gbase-T SFP+ modules like there are for 1GBase-T… but that would just get us into SFP+ checking again.

Disclaimer: I really do believe in fat guys with beards that give my kids presents.

When you are looking at your next network equipment refresh, be sure to take a long, deep look at the APIs the vendors are exporting and importing. Integration features should be near the top of your must-have feature list. I was out on the West Coast two weeks ago for a company meeting, and took an extra day to visit Arista, Juniper and Extreme. My visits reaffirmed what I already knew--speeds, feeds and port densities, while important, shouldn't be the deciding factor in your equipment purchase. Most of you will find that those features are comparable. It's the API and integration points that are differentiators.

While Arista and Juniper like to tout their high capacity and ultra-low-latency networking, the numbers they are tossing around simply don't matter to most organizations. Five microseconds of latency matters only in high-performance computing and financial (trading) segments. It's not that faster isn't better; I just don't think it is a critical decision point for most IT shops. What we are seeing is increasing integration of network equipment with other systems for automation, such as virtual machine moves/adds/deletes, and orchestration, such as deploying an entire application including the networking, storage, servers, operating system and software in one swoop.

SNMP and CLI screen scrapes aren't going to cut it for automation and orchestration. SNMP, even if it were a reliable protocol, doesn't have the access to many of the core switch and router configuration functions needed to automate actions. CLI emulation using something like Expect scripts are OK in some cases, but if you have ever had to maintain them during software upgrades (I have), you will find that they become very brittle over time unless you have a rock-solid testing methodology in place (I didn't). Even SDKs--libraries of language-specific code such as Junos SDK--are losing favor with ISVs and enterprises because they typically limit the languages that applications can be built in.

APIs, specifically RESTful APIs, that allow integration via familiar HTTP request and responses are where networking integration needs to head and is heading. This is something all the vendors are starting to support and are in various stages of implementation of. Arista, Juniper and Extreme are all working on RESTful APIs that customers and independent software vendors can use to integrate their software with the switch vendors' equipment. The power of a robust API is that you can easily--and I do mean easily--access data and execute commands using any programming tools you have on hand. It makes integration and maintenance simple and streamlined.

There are three lessons I learned:

1. 100% coverage is required. Many of the APIs in active development may not have coverage of all the features and functions available at the command line. You need to find out how much coverage they have, and if they don't have 100% coverage, when will they? Coverage is important because you can't predict today what you will need tomorrow. Don' t think you will ever need to change a syslog configuration? You probably will at some point, and if you want to automate that, you really want it covered in the API.
2. Vendors have to use their own API. One of the points Juniper's Mike Harding, VP of engineering, Junos Space Business Unit, made during our talk is that he is pushing Juniper's developers to use their own API versus the SDK for new development. His point being that Juniper's developers are demanding, and any issues with the API can be identified, resolved and updated--benefiting everyone. If a vendor doesn't use its own API for its own integration, why would you?
3. Don't be afraid to script on the switch. All three vendors I talked with have on-switch scripting, and there are times when you want to automate atomic actions like port configuration--something Extreme did early on with XOS. Both Arista's and Juniper's scripting support lets you use common languages like Python to perform nearly any task you can perform on the command line.

Lastly, I was tickled once again that Arista uses XMPP and a management protocol for multiple switches. XMPP provides multiunit access over SSL with access control and audit logging. It may sound silly at first to IM your switch, but when you see it in action, you get it.

Disclaimer: I traveled on my company's dime. Juniper bought me lunch, for about $9. Arista gave me a paper notebook and pen. Juniper, not to be outdone, took my Arista pen and gave me one of its pens. When Extreme's Shehzad Merchant saw my booty, he bolted from the room, returning with a purple pen. He did not have a purple notebook for me, however.