Internet Network Security Blog

Telephony has certainly done its share of morphing over the last decade, as IP networks have invaded pretty much all communications spaces. The traditional PBX has given way to server-based voice systems, and wireless networking has stretched the paradigm even further. Enter both the cloud and mobile apps, and we have RingCentral’s latest strike in the battle for ever-more powerful business communications.

For background, RingCentral has been around for almost a decade. With financial backing from the likes of Cisco and Sequoia Capital, it specializes in IP-based small business and branch-scale unified communications. Nisha Ahluwalia is the VP of Product Marketing at RingCentral, and she recently caught me up on company’s successes in different parts of the world, and how RingCentral is now leveraging the mobile device explosion and the acceptance of cloud-based services to bring interesting new capabilities to those in the market for low-cost, feature-rich voice capabilities.

Many of RingCentral’s customers have far-flung employees that need to appear to the world as being under one roof when the phone rings. The RingCentral Office “platform” lives in the cloud, has wonderfully simple all-inclusive pricing models, and elegantly marries distributed PC-based soft-phones and plug-and-play Polycom wired phones into a single system, regardless of where users actually hang their hats, and without a clunky cabinet hung on the wall.

Having long since gotten my own toes wet with cloud-managed networking and applications for both business and personal use, I appreciate the power and flexibility that comes with opening your mind to the “As a Service” models of various types. But there’s more to RingCentral’s story, as I learned during Ahluwalia’s presentation on Cloud-Touch—her company’s newest addition to an already compelling alternative to traditional and expensive voice systems.

Boiled down to the simplest, Cloud-Touch evolves the RingCentral product line in a way that could have powerful implications for those shopping for a 'system'. With the latest offering, RingCentral customers can not only use smartphones as extensions on their phone system, but they can also do full system administration via an app that runs on smartphone or tablet.

When I say full system administration, I mean it. From an app on my tablet, I can activate, set-up, and fully manage system functions and all user extensions. The management app empowers a designated administrator to control all aspects of the RingCentral operational framework for wired Polycoms, softphones, and mobile-app-based extensions. Users, from the same app with appropriate permissions, can personalize their unified communications experience as needed.

Given that Cloud-Touch allows for full administration of RingCentral’s services, I was struck by a notion that Ahluwalia confirmed. If I wanted, I could 'build' a RingCentral system with nothing but smartphones and tablets, and still get the functional equivalent of a PBX-style environment. Presence, auto-attendant, the ability to transfer calls among virtual and wired stations, highly-customizable extension settings, unlimited fax and phone services, and even integration with GoogleDocs, Box, and Dropbox are all there.

Perhaps the singular most impressive feature with RingCentral is that where your users are actually located becomes irrelevant, and they are free to use their own devices on the system. Even the slickest of key systems from days gone by couldn’t come close to that.

For an example of cost, a ten-user RingCentral system will run around a flat $300 monthly, and Ahluwalia stressed that customers will never be subject to surprise charges or costly add-ons. If I were in the market, I’d have to give RingCentral a good hard look. Having worked on the voice side of communications when things weren’t so flexible, I can assure you that having the administrative console for my business phone system on my smartphone (which would also happen to be an extension on the system) is powerful stuff. So is having an actual phone system with potentially no hardware whatsoever.

I have no relationship with RingCentral.

Brocade is broadening its line of 16 gigabits per second (Gbps) Fibre Channel switches with the introduction of the entry-level 24-port 6505 Switch, and identified IBM as its first OEM partner to deliver a 16Gbps Brocade switch as a component of the IBM Flex System x240. Finally, the network infrastructure vendor's stand-up 16Gbps host bus adapters (HBAs) are now available for integration with IBM System x in rack and tower form factors.

The news continues a Brocade rollout of storage area network (SAN) switches built to the new 16Gbps standard, which the company first began supporting in May 2011. A month ago the company announced HyperEdge, a new initiative to simplify switch configuration and management, although it won't be available until the first quarter of 2013.

SAN switch speeds have grown through a progression of 2-4-8 and now 16Gbps, and Brocade has kept pace as have other vendors, including Cisco, HP, Juniper, Emulex, and Qlogic.

“It’s not about the speed necessarily,” says Brocade's Scott Shimomura, a data center SAN product executive. “It’s more about the added functionality that comes with the new platform. SAN switches really are easy to install and deploy ... and it provides a level of reliability and uptime.”

The market for 4Gbps and 8Gbps SAN switches isn’t yet saturated, he continues, but the thinks some customers will invest in 16Gbps to future-proof their networks for expected growth.

“As customers begin to deploy more virtualized servers on top of physical servers, they’re anticipating potential bottlenecks in the network as you drive more data to storage,” he says.

Brocade’s Fibre Channel switches business enjoyed 15% sequential sales volume growth in the fourth quarter of 2011 to $162 million, shipping 80,000 ports, driven by “continued strength” in its 16Gbps products, according to a report by the networking business group Dell’Oro Group. However, Brocade still trailed industry leader Cisco Systems, which reported twice as much revenue of $331 million.

Both switch revenue and shipments measured by ports reached record levels in the 4th quarter, totaling $509 million and 1.8 million ports among all vendors. Dell’Oro identified cloud and virtualization in large data center deployments as underlying drivers of the market growth.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

Despite months of rumors and speculation, the networking industry's most powerful and influential vendor, Cisco Systems, is continuing to keep its plans for software-defined networking (SDN) largely to itself. In an exclusive interview with Network Computing during this week’s Open Networking Summit (ONS), Shashi Kiran, senior director of market management at Cisco, also an ONS member, says that OpenFlow and SDN are both so nascent that it should not be looked at as an either/or situation -- OpenFlow or not OpenFlow -- but as OpenFlow “and” other approaches.

“We will pursue the strategy of the power of the and, instead of the power of the either/or,” he says.

The Open Networking Foundation (ONF), which hosted the summit, strongly backs the OpenFlow protocol for delivering SDN. To that extent, Cisco plans to enable the OpenFlow protocol on some of its existing switches and routers. Company spokesman Neil Becker could not be specific on when that might happen, on what products OpenFlow would be enabled or how Openflow would be made available.

Cisco CEO John Chambers did confirm that Cisco has created a 'spin-in' company called Insieme, an internal startup that would develop SDN technology. At this week's Cisco Partner Summit in San Diego, he said Insieme received $100 million in funding and could receive up to $750 million. Its nucleus is a trio of Cisco engineers who have done spin-in startups in the past: Mario Mazolla, Luca Cafiero and Prem Jain. Other spin-ins have included Andiamo Systems, which developed storage area network (SAN) switches and Nuova Systems, which developed the Nexus 5000 series data center switches. The concept of the spin-in is that the team develops a new technology and once it’s brought to market, the spin-in is absorbed back into Cisco.

Rival HP may have only a fraction of Cisco's networking market share, but the IT industry's largest vendor has made a concerted effort to grow its slice of the networking pie. HP has long been a supporter of Openflow, providing Openflow software on some of its switch equipment to academic researchers. In February, HP offered a free Openflow software download that runs on 16 different HP networking product line. Becker declined to say whether Cisco would use the same approach.

The Cisco-versus-everybody-else approach to SDN has been a constant buzz among those in the research, vendor and user communities since the last ONS event held in October at Stanford University. At this week’s event in nearby Santa Clara, Calif., which had about 900 attendees, up from 400 last fall (plus close to 200 turned away), the “where is Cisco” buzz continued.Backers of OpenFlow, including some of Cisco’s rivals, are solidifying support around OpenFlow so vendors can develop and customers can enjoy the promised benefits of software-defined networking including better programmability of networks for greater performance, agility and reliability.

“We believe that the industry should provide open solutions and then may the best man win,” says Saar Gillai, VP and chief technology officer of HP Networking. “We support something we think the industry is standing behind because we think that way customers will have choices.”

But while strongly backing OpenFlow, and offering more evidence this week that OpenFlow-based SDN is working right now, Gillai and other OpenFlow supporters acknowledge the protocol is young, still evolving and that other ways of delivering SDN could come along to challenge it.

“You can probably think of a bunch of other ways to do it,” says Nick McKeown, professor of Computer Science at Stanford, faculty director of the Open Networking Research Center, and one of the original architects of OpenFlow. “But if everybody did their own [protocol] then there’d be much less value to it. But [OpenFlow] becomes this building block upon which people can innovate.”

McKeown analogized OpenFlow to the Intel instruction set (or AMD or others) in processors. The instruction set is low level but it is designed to run really fast. A developer can customize what they’re doing to a particular environment by building on top of the instruction set, writing programs in a way that would exploit that instruction set. “When you think OpenFlow, think instruction set,” he says.

Cisco argues it leads by innovation, which can then become industry standards down the road. OpenFlow is the protocol that helps abstract the control plane from the data plane on a network, enabling software controllers to augment the intelligence in routers and switches to better manage traffic flow. Cisco, which is also a member of the ONF and supportive of OpenFlow, believes OpenFlow is still a work in progress, says Kiran.“When we talk to our customers, they realize that OpenFlow is largely still research-focused and not production-ready,” he says, adding that the relevance of OpenFlow to customers varies by market segment. Cloud service providers are looking at OpenStack more than OpenFlow, the former being an open-source platform to deliver cloud computing which includes SDN features. Enterprises are cautious about OpenFlow/SDN because of the disruption it may bring. “For them, investment protection is really strong, and anything in the SDN realm is something they’re looking at 3 to 5 years out, or even further,” says Kiran.

“If anything, the majority of the requests [about OpenFlow] we’re seeing are from academia,” noting that many universities are funded for research into SDN technologies.

But the presentations at this week’s ONS show OpenFlow-based SDN is more than just an academic exercise. Google, NEC, NTT Docomo and others presented case studies on OpenFlow-based SDN adoption, both internally and with some of their customers. NEC, for instance, presented the example of Nippon Express, a logistics company, that realized these benefits from SDN adoption: it reduced the amount of switch rack space needed by 70%; reduced power consumption by 80%; and reduced failure recovery time by 98%.

In the end, OpenFlow and other approaches to SDN should be able to coexist while the SDN technology evolves, states Bob Laliberte, senior analyst at Enterprise Strategies Group. “Certainly OpenFlow is helping to raise awareness of [SDN] but it’s not the only way it could be accomplished.” He cites Nicira’s Open vSwitch, Arista Networks products and Juniper’s QFabric offering as products that deliver SDN capability without OpenFlow. In addition, Cisco’s Nexus 1000V line, introduced about three years ago, is not OpenFlow-based.

The Cisco-versus-everybody-else divide boils down to market position, he believes. “Companies like HP and IBM, NEC and all those companies other than Cisco who are looking to take market share [from Cisco] are more aggressively adopting the OpenFlow standard,” says Laliberte.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

“SDN is ready to go,” says Kaoru Yano, chairman of the Japanese tech giant NEC to his audience at the Open Networking Summit in Silicon Valley this week. At a prior conference last fall on software-defined networking (SDN), many presenters spoke of the promise of SDN to bring the same type of virtualization to the network that has made server and storage IT resources more efficient. This time, some presenters such as Yano described actual implementation of SDN in production data centers. Although SDN has a long way to go before it’s anything approaching mainstream technology -- and many cautions about it remain -- it is making demonstrable progress.

Yano explains the push for SDN is being driven by the explosive growth of network traffic from video, machine-to-machine communication and smart devices. “The SDN industry grows explosively [and it is] time for network users to be prepared for building the instant network to take advantage of SDN.”

Software-defined networking is technology being developed to eliminate the bottleneck that occurs when increasing amounts of data in virtualized servers and storage hits the legacy network. Although there is some automation technology already available, such as the virtual local area network (VLAN), SDN decouples the control plane from the data plane, network intelligence is centralized, and the physical network infrastructure is abstracted from the applications. That means that software in the controller plane augments the intelligence in the physical network to make it more efficient.

The Open Networking Summit is hosted by the Open Networking Foundation, which is promoting the OpenFlow protocol that enables SDN. At this second ONS in just six months, speakers like Yano detailed case studies of how OpenFlow-enabled SDN is working in production. Yano tells how two NEC customers benefited from SDN implementations.

The first was Genesis Hosting Solutions, a virtual infrastructure company based in Chicago, which found its network structure incredibly complex, difficult to scale and the company was running out of IP addresses. Genesis deployed a number of NEC ProgrammableFlow Controllers, a switch and a management console. The result was that it reduced network administration by 100 hours a week with improved automation, reduced IP consumption by up to 60%, and was able to reach its goal of five-9s network availability.

In another example, NEC brought SDN to Nippon Express, a global logistics company based in Japan. Nippon found it had limited flexibility for modifying networks in virtual environments and sought to create a private cloud by 2014. With SDN, the company reduced the amount of switch rack space it needed by 70%, reduced power consumption by 80%, reduced failure recovery time by 98% and reduced network outsourcing costs by 100%.

“In the traditional tiered hierarchical model of network deployments, we have equipment tiered to provide the kind of resiliency that the data center would expect,” says Donald Clark, director of corporate business development for NEC. “With the software-defined model, the resiliency is logically assigned in software and then deployed throughout the switches. So we don’t need the same level of physical redundancy in order to get the level of resiliency required for services.”

NEC also realized the benefits of SDN for itself in converting some of its own data centers, Yano says, adding that immediately after the earthquake and tsunami that devastated Japan in March 2011, the company had to scramble to transfer workloads from a data center near the epicenter of the quake to one on the Western side of the island, a task that would have been easier if they had been SDN-enabled.Representatives of Google also presented case studies on SDN projects at some of its data centers, and other presenters shared their success stories.

Yet in spite of those successes, there is still reason to think through an SDN project “SDN is perhaps a decade-long journey,” says Geng Lin, chief technology officer of the networking business at Dell.

While citing some “low-hanging fruit” instances where SDN could be deployed successfully, Lin said SDN needs to be evaluated as part of an “ecosystem” and a “business value chain” of related technology that has to be considered, from the hardware and the merchant silicon within it, as well as the programming language that would be used to provide intelligence to control the routers and switches.

“Each player in the value chain has a role to play in order to achieve the full benefits of SDN. Everyone needs to evolve and needs to evolve collaborate,” he says.

While strategic issues such as those are certainly valid, SDN is also certainly “maturing,” notes Eric Hanselman, research director for networks at The 451 Group.

“People are actually starting to apply software-defined networking broadly and OpenFlow in specific to solve some real-world problems,” he says. There are real applications where SDN provides some specific benefit.”

To Lin’s point about looking at SDN in the context of the broader ecosystem, Hanselman says there has to be some integration with management,the orchestration system and other elements. But a company the size of Google, which also presented on its SDN deployment, can make SDN work because it “has legions of of development staff to make that happen.” At the same time, he acknowledges that for many other organizations, an SDN project has to be managed carefully.

Learn more about Research: IT Pro Ranking: Data Center Networking by subscribing to Network Computing Pro Reports (free, registration required).

The telecommunications giant Verizon has joined with other top technology partners to collaborate on a software-defined networking (SDN) demonstration that is based on the OpenFlow protocol. The news of the collaboration was made at an Open Networking Summit being held this week in Silicon Valley.

Verizon will work together with Intel, HP and a company called Adara Networks to create a demonstration project to show how SDN can work for a network, particularly one the size and scale of Verizon’s. Besides local business, residential and mobile phone service, Verizon is also a cloud service provider. Verizon’s top concerns in exploring SDN are to improve “service velocity and service flexibility,” says Prodip Sen, director of network architecture at Verizon Network and Technology.

“We need the ability to be able to introduce services faster and the need to be able to modify these services as the need arises,” Sen says. “Our core networks are built on the traditional networking paradigm and it’s not so easy to change how traffic gets routed. With all of these new applications coming online, the traffic patterns are no longer what we used to think they are.”

Adara Networks brings the SDN network intelligence to the project. While it has been around for about 10 years, managing the computer networks of U.S. Department of Defense and other government agencies, it just recently expanded into commercial markets.

Software-defined networking works by uncoupling from the physical hardware-based network elements the software that directs the traffic, similar to the way server and storage virtualization works. In SDN, software-based intelligence augments network intelligence in routers and switches. Eric Johnson, chairman and CEO of Adara, calls its solution a “network overlay.”

“An overlay means while we have the ability to work using physical interfaces, we can literally create tunnels -- an overlay, like a VPN -- only this VPN is very special,” he explains. “A VPN would be a secure transmission overlay, while this is an SDN overlay so that the infrastructure does not have to be modified.”

Johnson says the beauty of Adara-delivered SDN is that a customer would not have to “rip and replace” their networking gear. The new software overlay would provide the SDN capabilities to deliver network services now in demand as networks carry more traffic.The demonstration lab will include HP BL460 G7 blades running quad-core Intel Xeon 5600 series processors, HP Networking switches and the HP CloudSystem Matrix, which is HP’s infrastructure-as-a-service platform. HP in February offered a free OpenFlow download for customers to install on their HP switches to enable SDN.

The demonstration at the Open Networking Summit should give more traction to the development of OpenFlow and SDN, says Bob Laliberte, senior analyst at Enterprise Strategies Group.

“It will be great to see demonstrations with commercially available products, because with any new technology, users are always looking for validation. Who else is doing this? How are they using it? What benefits does it provide?” Laliberte says.

Other players in the growing but nascent SDN market include Big Switch Networks and Nicira.

The Open Networking Summit is hosted by the Open Network Foundation, a group of academics, vendors, but more importantly, enterprise IT professionals who run data centers and have to make decisions about investing in OpenFlow and SDN.

Prior to the opening of the summit, NEC announced the establishment of the Open Networking Research Center, to be co-developed by the company along with Stanford University and the University of California-Berkeley. Much of the original research on OpenFlow was conducted at the two San Francisco Bay Area schools. Eleven other companies have joined in support of the center, including Cisco, HP, Huawei and Juniper -- all rivals in the network equipment space -- as well as Google, Ericsson, Texas Instruments and VMware.

Learn more about Strategy: Monitoring and Measuring Cloud Provider Performance by subscribing to Network Computing Pro Reports (free, registration required).

The usual scenarios discussed for mobile data tend to involve either single-user connectivity or mobile hotspots, and rarely get into the notion of using mobile links for “important” business connections. But that is changing, as more manufacturers work the value afforded by fast-enough carrier-provided network connections into their feature sets, and more customers buy in. Whether used in a primary service role, or more commonly as wireless failover, 3G and 4G data links provide some interesting options to those who build networks.

With throughputs that rival or exceed other broadband services, the mobile carriers provide a new option when it comes to architecting and administering business networks. For the small business or branch setting that can get a decent plan, a 4G connection can be more than enough of a pipe to the rest of the world, and allow for extremely low operational costs by reducing wiring and complexity of topology. This isn’t exactly a big deal in and of itself, but does herald changes that are coming from other directions. That mobile data might be a good fit for small businesses is somewhat interesting, but there’s a bigger story here with mobile networks playing a part in enterprise networks.

Recently I kicked the tires on SonicWall small-business-class security appliances, and also installed yet another small-site Meraki site-to-site VPN. Sure enough, both vendors ship gear with a USB connection for a 3G or 4G modem. Usually the premise is simple, in that if the primary ISP connection is lost, the mobile data option automatically takes over. As mobile connectivity gets more robust, it’s quite possible anymore that the failover path is actually faster than the “preferred” wire link.

In my case, I have a couple of 50 Mbps down/5 Mbps up remote links that are the biggest available by the local wired carriers. When comparing cost and symmetry of throughput for both the uplink and downlink on a path that serves in a site-to-site VPN role, the mobile carrier options do get more interesting, with only subscription price and variability of performance if you are in a frequently saturated cell being potential buzzkills.

Beyond the ISP role, there is another side to mobile service in support of the business network. I recently had the pleasure of spending some time talking with folks from Opengear, a company that specializes in infrastructure management. Opengear lives in the world of power management, data center monitoring for environmentals and the like, remote site management, and more. After getting the very interesting rundown on their second consecutive year of providing management and monitoring for the complex data center environment for Interop (early May in Las Vegas), we got into the nitty-gritty of the cellular side of their product portfolio.

From case studies of far-flung backup generators sounding the low-fuel alarm through the right combination of Opengear sensors and cellular modem to routine out-of-band management application for up to 16 network devices through a 3G modem, Opengear got my wheels turning on the many possibilities for monitoring critical parts of the network wirelessly, not relying on your own network for transport.

Perhaps the most compelling tale from the discussion, Opengear has an impressive implementation along the Ipswich Motorway in Australia. Along 8 kilometers of roadway, over 40 cabinets are equipped with fiber connectivity backed up by Opengear’s wireless alerting gear. Regardless of fiber integrity, each location has enjoyed “always up” connectivity for SMS and email alerting on flood conditions and other causes for concern. Even when fiber is compromised, Opengear’ stuff provides access to real-time and recorded video from afar, and has saved countless man-hours in travel to each cabinet just to check on things.

As a builder and maintainer of networks of varying complexity and size, I am definitely starting to ponder where mobile data can be leveraged in my world. I know I’m not the first to go down this road, but it’s still pretty fascinating.

I have no relationship with these vendors beyond the brief mention of Meraki.

When it comes to WAN optimization and application acceleration solutions, big name vendors such as F5 Networks, Riverbed BlueCoat and Barracuda normally get all the press. After all, squeezing maximum performance out of a WAN and its associated applications has quickly become job No. 1 for most network managers. However, smaller vendors are striving to one-up the big names with new connectivity methodologies and technical advancements.

Case in point is CoyotePoint, a company that has been delivering appliances that help improve application and WAN performance for some 12 years. Although CoyotePoint is one of the lesser-known entities in the realm of application acceleration and WAN optimization solutions, the company is ready to take on the big names with its latest platform, called EQ/OS10. Although the company refers to EQ/OS10 as a platform, in reality it is the core operating system and applications for the company's Equalizer series of appliances. The changes and enhancements are so significant that EQ/OS10 pretty much reinvents what a CoyotePoint appliance can achieve in the enterprise and is much more than just another release of the company's core software. CoyotePoint's latest deserves a fresh look.

I recently visited CoyotePoint's Millerton, N.Y., offices to set up a couple of the company's appliances for testing. The devices I tested included a CoyotePoint's E350GX, as well as the company's Equalizer OnDemand virtual appliance. I put both units (virtual and physical) through their paces and focused on the new capabilities offered.

I found ease of use a major theme throughout the product. All of the major features of the product can be configured directly from the management GUI, eliminating the need to use a CLI to configure the device. While many vendors in this space offer GUIs, most still require interfacing with a CLI for some basic setup chores. For example, Layer 7 application traffic management can be quickly defined and include criteria ranging from simple to complex. Rules can be built to identify and appropriately route things like HTTP and SSL versions, type of browser, URL path names, file names, extensions and cookie data. In short, L7 routing lets administrators create flexible cluster configurations by specifying rules that direct traffic to servers.

I tested CoyotePoint's equalizer series of products about two years ago, and the new devices have significant enhancements. First and foremost is the support for IPv6. Some older versions also offered IPv6 support, but CoyotePoint's latest OS (EQ/OS10) adds some major enhancements. For example, the company's appliances allow you to transform and migrate IPv6 networks. Simply put, EQ/OS10 allows you to attach IPv4 networks to IPv6 networks and acts as the go-between, translating addresses as needed and handling all of the heavy lifting associated with IPv6 routing. What's more, it is very easy to set up, thanks to a wizard-driven model that let me almost instantly define the required elements for access to IPv6 content.

IPv6 simplicity is further enhanced by the device's use of VLANs to define server access and cluster memberships. It is a rather simple paradigm: Administrators create IPv6 subnets and then assign those subnets to server clusters and failover clusters.CoyotePoint offers global IPv6 support using 6in4 tunnel technology, which is provided by Hurricane Electric (www.he.net), to route IPv6 traffic over IPv4 networks. That proves very handy if a company's ISP or carrier does not offer native IPv6 support.

Another improvement is the way that the device handles servers and other networking components. You can now organize devices into groups. Each networking component is treated as an object, which can then be placed into groups--even multiple groups. That proves to be a simple concept, where a physical server needs to be defined only once and can then be assigned to multiple server pools with drag-and-drop simplicity.Other vendors have offered similar capabilities for some time now. Although CoyotePoint may be playing catch-up with an object-orientated management model, the company has made up for lost time by making it very clear and easy to understand via the drag-and-drop capabilities of the GUI.

One of the primary features offered by EQ/OS10 is the ability to quickly scale out servers and incorporate load balancing technology to increase the efficiency of processes provided over a WAN (or even a LAN) connection. Again, that simplicity is powered by the new group/= object paradigms. Here, I was able to create server groups and deploy advanced traffic capabilities, such as HTTP multiplexing, which allows the reuse of server connections (commonly called TCP multiplexing).

That offers a significant improvement in performance for clients making multiple requests to a particular HTTP session. The device also works as a gateway to servers, allowing groupings of servers to be created using load balancing algorithms to service requests and enabling administrators to improve application performance simply by adding new servers into the servicing group.

CoyotePoint's EQ/OS10 operating system provides full support for 802.1Q-tagged VLANs, as well as for untagged VLANs, while the GUI makes it easy to discover and/or define VLAN elements. I was particularly impressed with how VLAN elements could be defined using a drag-and-drop style graphical interface, which simplifies the definition of virtual LANs. The visual reference made it much easier to quickly identify, define and control VLANs.

As expected, VLANs also support multinetting, which allows administrators to create multiple subnets under a single Layer 2 infrastructure. Although that feature is relatively common among WAN optimization type appliances, it is still notable because it allows administrators to define multiple Layer 3 networks on a single infrastructure setup.

Network administrators should find that deploying an EQ/OS10-based solution is relatively straightforward. All it takes is networking knowledge and a good understanding of WAN and LAN routing principles. It all starts with plugging in the device, which resides in line, between the servers and the WAN/LAN connections. The browser-based management console makes setting up the device straightforward using setup wizards and extensive help files.

EQ/OS10 offers several features that are geared toward performance. Most notable are SSL offloading and HTTP compression, both of which have the ability to significantly speed traffic across the network and to reduce latency.

All things considered, CoyotePoint's latest platform is ready to take on the big iron of the WAN optimization market and offers unique innovations and an ease of use that is second to none.

Coyotepoint's appliances are available now.
E250GX - starts at $1,995
E350GX - starts at $6,495
E650GX - starts at $14,395

What are your peers saying about WAN optimization? Find out in IT Pro Ranking: WAN Optimization Appliances. (Free, registration required)

Networks are asked to do so much these days from moving video and voice to connecting mobile devices and delivering applications through a browser, but the basic architecture of a wide area network (WAN) hasn’t changed much over time, says analyst Zeus Kerravala. Enter WAN optimization, whose goal is to improve performance to deliver apps from the cloud that look as good and perform as if they were natively installed on the end-point device.

“Most WANs are still built off of that traditional hub-and-spoke architecture,” says Kerravala, principal analyst with ZK Research. “It was really meant for client-server traffic ... but today, when you look at the direction of cloud computing, you would expect the network to evolve with it, and I don’t think that’s happening.”

WANs are also considerably slower than local area networks (LAN), he adds, and WAN optimization in its original form was about acceleration of apps like Microsoft Windows or Exchange, which he refers to as non-real-time traffic. In today’s WAN environment, the network is also tasked with delivering real-time traffic such as videoconferencing, Voice over IP (VoIP) or a virtual desktop image. With those, acceleration is irrelevant.

“You can’t really accelerate real-time traffic. You can’t hear me before I talk,” Kerravala says.

WAN optimization in the virtualization-cloud computing-videoconference-mobile era is all about delivering Quality of Service (QoS). If the image on a video meeting is choppy, the sound of a VoIP call is garbled, or the delivery of a virtual desktop is slow, the quality of service is poor.

In this third part of a three-part series on WAN optimization, Network Computing looks at WAN optimization as a way to ensure quality application delivery. In the first part of this series, we looked at visibility tools and in the second, WAN security.

Kerravala gave a shout-out to Akamai and Riverbed Technology for their partnership, announced in late February, to address the serious latency problem in software-as-a-service-delivered applications. In a demonstration at a media event, executives of each company showed that a Microsoft Office app installed on a corporate network took two seconds to open but two minutes to open from a SaaS provider using Office 365.As enterprises embrace SaaS and other forms of cloud computing, it’s important that they make the changes necessary to optimize WAN performance, he says. “It’s important for network managers to realize user’s expectations have been cranked way up and they often don’t understand why is it that when I’m at home on my network my experience is great, but when I come to work my experience goes down.”

Leaders in WAN optimization include Riverbed, Blue Coat Systems and Silver Peak Systems, all of whom placed in the Leaders Quadrant in a Gartner January report on the WAN optimization controller (WOC) space. The Gartner rankings are based on analysts who study each company’s product, market execution, sales execution and customer experiences, not just on sales volume.

While Riverbed announced its partnership with Akamai, Blue Coat just released PacketShaper 9, which offers content-aware visibility and control over networks and applications. Meanwhile, Silver Peak Systems introduced new entry-level and high-end WAN optimization appliances in September of last year that are available in both physical and virtual forms.

The Dell’Oro Group research organization forecast the WOC market, based on sales, to grow almost 60% over the next five years to $1.65 billion in 2016, from $1.05 billion in 2011.

Learn more about Strategy: Monitoring and Measuring Cloud Provider Performance by subscribing to Network Computing Pro Reports (free, registration required).

Every year since the first Global 2000 company installed VMware, server virtualization has been at the core of more and more data center architectures. Vonage is one major corporation that is now making the leap, and its architects shared with me how 10 Gigabit Ethernet is playing a key role in how the organization handles vMotions.

With approximately 2.4 million subscribers, Vonage maintains and operates a VoIP network that supports more than 6 billion communications per year to more than 60 countries. Located at corporate headquarters in Holmdel, N.J., is the Vonage Development and QA Lab. It’s here that new technology and products are evaluated before they can enter a production environment. The lab also is where the company's IT architects and engineers develop and certify the standard hardware and software images that will be used in production systems ranging from front-end Web servers to back-end database servers.

Taking advantage of technologies that will allow the company to consolidate infrastructure, reduce costs and speed new server deployments, the Holmdel data center is migrating from a mostly non-virtualized, "discrete" environment to a virtualized data center. This installation features about 40 data center cabinets with 1,100 rack-mount servers, each dedicated to specific applications. The power-hungry rack servers are connected to data center LANs and SANs by more than 3,000 cables, and deploying a new server takes about two weeks from the time a user makes a request.

The migration from discrete data center to virtualized data center involves many new technologies, products and processes. Blade servers, server virtualization and network virtualization stand out as technologies that are key to slashing costs while maintaining application performance and availability.

--Blade servers: Vonage is deploying HP ProLiant BL490c G7 blade servers to perform the same function as rack servers but with far less floor space, power, cooling and cables. By sharing resources through a single enclosure, blade servers will also eliminate a great deal of management complexity and overlap.

--Server virtualization: A typical application server utilizes only 1% to 5% of available CPU. Server virtualization allows Vonage to fully utilize the compute power of each physical blade server by running multiple virtual machines (VMs) and applications. The result is another level of massive consolidation and cost savings.

--Network virtualization: To accommodate the proliferation of VMs, the HP BladeSystems feature virtual networking capabilities that allow server admins to configure unique virtual networks for each VM. Embedded on G7 servers used by Vonage are dual-port integrated HP Virtual Connect 10-Gbit FlexFabric Adapters, which are based on Emulex OneConnect technology. A single HP 10-Gbit FlexFabric Adapter port can be configured as four FlexNICs, with an option to configure one as a FlexHBA for either Fibre Channel or iSCSI storage connectivity. Each FlexNIC or FlexHBA can be configured with its own set of network policies tailored to the needs of specific VMs and applications.

Once Vonage architects got started, they realized the bar was set high. The 1,100 rack servers that form the company's discrete production environment are highly tuned for maximum performance and availability. The rest of the IT team was skeptical that a mass migration to virtual servers could be accomplished without compromising one or both. Therefore, the first step was to pilot the technology with a single blade system chassis and two server blades.It took about six weeks for company architects to learn how to efficiently configure a physical server with VMware ESXi, and HP VirtualConnect Flex-10. Then, one application at a time, the number of VMs in the Development & QA lab grew to 900. The confidence of the IT team also grew as applications running in the lab demonstrated the performance needed in a production environment.

Eventually, live migration emerged as a killer app for the 10GbE on board the HP servers. Usage in the lab also demonstrated the benefits of automated server performance optimization and maintenance. With VMware Distributed Resource Scheduler (DRS), scheduling server downtime to move applications to less utilized servers was no longer needed. Without anyone knowing, DRS was automatically moving VMs when servers became hot. This made quick evacuation of VMs during vMotions a killer application for the 10-Gbit HP Virtual Connect FlexFabric Adapters on board the G7 server blades.

Vonage engineers provisioned 4-Gbit FlexNICs to minimize the time required to move hundreds of gigabytes of data involved in live migrations, and quickly found the vMotions over-running the 4-Gbit bandwidth. Based on their experience in the lab, company system architects decided to use 10-Gbit FlexNICs in production so that ESXi has the full bandwidth of the FlexFabric Adapter available for live migrations.

The following are a few lessons the Vonage staff want to share with their peers:

--Share your system designs with your vendors: Vonage architects discovered that HP technical staff were aware of issues they encountered and would gladly have reviewed their system design.

--It takes a while to learn how the virtualization layers work together: It took six weeks to learn how to use the server and network virtualization tools efficiently. However, after learning proper configuration techniques, profiles could be cloned by Level 1 operators for rapid VM deployment.

--Take things one step at a time: 18 months ago, there was not a single VM in the Holmdel Development & QA Lab. Starting with a couple of server blades, Vonage architects slowly added application workloads that allowed the rest of the IT team to build confidence in the ability of VMs to perform.

--vMotions can use an entire 10-Gbit Link: Testing showed that vMotions were saturating the 4-Gbit FlexNICs provisioned in the lab.

Frank Berry did not receive compensation in the form of free promotional products or cash or cash equivalent for the purposes of writing this blog from (including but not limited) to Vonage, Emulex and HP.