If you’re a network manager, chance are you’ve possessed a laptop with a packet sniffer or protocol analyzer on it. Just plug that bad boy into the corporate network and you can look at all the traffic that’s going across the wire.
I’m sure you’ve worn a white hat while using such a tool, but has the thought crossed your mind at some point that one of your admins could go rogue with such a tool and cause some real trouble for you?
I recently talked to Steve Shalita, vice president of marketing for NetScout, about this worry. Back in the fall of 2007, NetScout bought Network General, the maker of one of the original packet sniffers, named (what else) Sniffer.
Shalita said NetScout is releasing a new version of Sniffer called Sniffer Global which introduces a server-based authentication point for all Sniffer desktop installations. Through this central server, network managers can set policies for usage of Sniffer technology.
“You can limit how far they can go into the packet,” Shalita told me. “And you have the ability to, by user and with very granular detail, report on what that user has done out there on the network. The server is doing policy control and authorization of what they can do and reporting back to you.”
Sniffer Global isn’t a cure-all for potentially rogue packet sniffers on the network. It isn’t backwards compatible with older versions of Sniffer. So you’d have to update all the desktops that have Sniffer on them. That means you’d have to find the ones you don’t know about, too. And of course, Sniffer Global’s server won’t identify packet sniffers made by other vendors, either. Instead, Sniffer Global’s value is in establishing centralized control over sanctioned Sniffer PCs across the network.
When I have conversations with network managers about whether they plan to upgrade to 802.11n wireless LAN technology, many say they’re in no hurry. They’re still getting plenty out of their existing 802.11a/b/g infrastructure, they say. And besides, all the legacy clients in their organization would just slow down the 802.11n clients, preventing users from enjoying the benefits of a faster wireless network. Access points are usually shared by multiple clients and clients can only transmit to an access point one at a time. This often means that faster 802.11n clients are stuck in a queue behind slower legacy clients that take much longer to transmit the same amount of data.
Several WLAN vendors, such as Meru Networks and Aruba Networks, have developed technologies to solve this problem. For instance, Aruba’s Adaptive Radio Management software can shift WLAN clients to different radio frequencies and can analyze the 802.11x protocol used by the client. If the client is a faster 802.11n device, the software gives it priority
Aerohive Networks, a start-up known for its controllerless WLAN architecture, has found a new way to tackle this problem. In the latest version of its operating system, HiveOS 3.2, Aerohive has introduced a new feature called Dynamic Airtime Scheduling. Rather than making airtime decisions based on protocol, Aerohive actually examines the airtime of the client’s packets to determine how fast it is. This is relevant because the farther a client is from an access point, the slower its transmission. So an 802.11n client which is much farther away from an access point than 802.11g client is could actually be slower. The Aerohive AP will give priority to the .11g client since its signal is closer and thus faster. With this technology, Aerohive can also give priority to a fast 802.11n client over a slower 802.11n client.
Dynamic Airtime Scheduling also applies policy to the clients as well. For instance, a company can give airtime priority to employee devices over guest devices,
Niall Pariag, senior network administrator at Riverside Health Care Systems Inc., a network of hospitals and clinics based in Yonkers, N.Y., is in the process of replacing legacy Cisco infrastructure in his facilities with Aerohive 802.11n access points. He said Dynamic Airtime Scheduling solves a problem he’s been worried about ever since he decided to upgrade to 801.11n.
“It solves the only quirk we had with the wireless network, that slow clients basically slow down fast clients,” he said. “That’s a concern we kept ignoring, because we knew we were going to cross that bridge when we got to it. We don’t have that many clients connecting now, so it wasn’t a concern.”
Pariag said that in the future his company will be adding more and more clients to the wireless network, and airtime scheduling will become critical to him.
If Sean Hannity can run a dating site just for his fans, surely there’s enough interest out there for a geek-friendly “Match.com.” (Please note, the only reason I would ever visit Hannidate would be to screen for people NOT to date. Fortunately the Hanni-pickings in Massachusetts are pretty slim).
Geek-friendly scifi blog io9.com has given some link love to a Chicago Sun-Times article about “Nerds at Heart,” a series of Windy City geek gatherings where men and women herd together and look for potential mates. io9 highlighted a couple choice paragraphs about these gatherings that I just have to include here.
The game of Risk may not sound romantic to everybody. “I was playing; he was knocking my cavalry over into the ocean,” remembers Flaherty. But it led to a first date at a book fair. And, eventually, love.
In April, their wedding-cake topper will depict them holding Wii controllers.
Now, I’m not aware of any geek dating websites out there, but surely there’s a market for one. I’d love to find a woman who appreciates my passion for the Star Wars universe and George RR Martin books… someone who would help me sell off some of my 6,000 comic books on Craigslist for some extra money.
A college professor once warned me never to put things in writing — which was funny given that he was a writing professor. What he meant was that to ensure confidentiality between people I communicated with remotely, I should speak with them over the phone. That way, he said, it would be much harder for a person to publicize or look back on anything said. Arguably, phone call privacy isn’t guaranteed, but between a hand-written note, an email, an IM conversation or a phone call, the audible record was the most anonymous. Google’s recent acquisition of GrandCentral Communications, however, makes phone call privacy much less likely.
As consumer-centric as Google initially set out to be, they just keep either building new useful enterprise applications or acquiring companies that do. This acquisition is a prime example; GrandCentral Communications “provides services for managing your voice communications,” according to Google’s blog entry.
GrandCentral’s pitch is this: “No matter how often you move, change jobs or phone providers, everyone can still reach you through the same phone number.” And the business advantage can be seen in that this technology would give enterprise workers more flexibility: If you miss a meeting or a call, you can listen to it through someone’s forwarded email. When you discuss ideas with your boss you’ll never have to take notes again or run the risk of forgetting an assignment.
But this advantage also comes at the price of having to pay much more attention to the words coming out of your mouth. Editing what you say can only happen inside your head. Once it’s out, it’s there to be heard — and recorded, and posted to a blog and turned into a techno song by Indaba Music users.
Yes, with GrandCentral.com a conversation can go from phone to public forum within clicks. They keep your phone call records in their database and you can forward them to your colleagues, post them to a blog and more. So unless you’re talking to someone in person, any mode of communication through a device may as well be a record of your intercourse.
Let’s not get forget the impact this has on server space and network bandwidth. As the network remains the central core that enables connections and communications, the converged network which carries voice and video traffic across IP networks, is all the more demanding. Some months ago, Cisco’s push for network convergence was said to broaden the role of network pros. But with corporate kings like Google vying for more enterprise voice and video, this is only the beginning of what networking professionals will have to deal with.
Now that workers can easily manage their voice accounts, you may be wondering who is helping network pros manage the voice data on their network. SearchNetworking.com created a workshop on how to manage voice performance on your network, dedicated to this very cause. And if there are any other management tools you’re looking for, let us help you find them and get organized.
On a side note about getting organized, GrandCentral’s FAQ section says “Google acquired GrandCentral because its communications services fit into Google’s mission to organize the world’s information.” That was “to organize the world’s information.” At least you don’t have that responsibility.
And for Google, who does have that mission, thank you for helping me find, through your search engine, these articles on ways you frighten the general public:
- From ABC News: Is Google Turning Into Big Brother?
- From Bill Snyder’s “Tech’s Bottom Line” blog: Google plays Big Brother
- From CSMonitor.com: Big brother isn’t watching – Google is
And believe it or not, there’s an entire website devoted to the topic: Google as Big Brother.
Thanks for reading, watching, and hearing…
Gartner has published its first Magic Quadrant for the global network service providers since the summer of 2007.
As you probably know, the Magic Quadrant is a market assessment tool that rates vendors on their ability to execute (their service quality, pricing and track record) and their completeness of vision (an understanding of what enterprises want from their providers). Vendors who score high in ability to execute are challengers. Vendors who score high in completeness of vision are named visionaries. Those who excel in both areas are leaders. Those who fail to excel in both areas are niche players.
The key takeaways from this quadrant:
- AT&T has overtaken Orange Business Services and BT Global Services as the highest rated provider in the leaders quadrant.
- The four providers in the leadership quadrant (AT&T, Orange, BT and Verizon Business) are all very tightly grouped together, meaning their abilities to serve enterprises are pretty evenly matched.
- Gartner has added three providers to the quadrant: Telefonica, NTT Communications, and Reliance Globalcom. All are rated as niche players.
- Cable & Wireless has slipped from visionary to a niche player.
- T-Systems has climbed from the niche player quadrant to become the only challenger in the market.
In their market overview, authors Neil Rickard and Robert F. Mason wrote: “There are four leading providers, with the remaining players way behind, often focused on a particular market segment.”
They added that the increase in the number of providers in the Magic Quadrant represents increased competition, which is good for enterprises. However, it also means that smaller providers will struggle to compete in the market because they lack the ability to scale. They predicted that some market consolidation is possible given the global economy.
Aruba Networks has joined the growing ring of vultures circling above Nortel Networks’ Toronto headquarters, where executives are busily trying to restructure Nortel while under the cover of Chapter 11 bankruptcy protection.
Aruba announced an “investment protection” program for customers of Nortel wireless LAN (WLAN) technology. The vendor is offering Nortel customers a discount on Aruba’s AirWave Wireless Management Suite, a WLAN management technology that can work in multi-vendor environments.
Nervous Nortel customers, who are worried that Nortel might not be around a year or two from now to support their wireless infrastructure, might find this offer from Aruba appealing. It gives them a a way of managing legacy Nortel infrastructure.
And Aruba no doubt sees this as a potential foot in the door with Nortel customers who will likely give new WLAN vendors a good luck when it comes time to refresh or expand their infrastructure. Today, Aruba can sell them AirWave. Next year, Aruba will have a better chance of selling them access points. Now if only Aruba had a wired networking division as well, they could attack Nortel on multiple fronts.
Are you the Romeo of routing? The Orlando Bloom of the OSI model? Here’s your chance to shine…
Just in time for Valentine’s Day, Daily Candy is running a contest to find the “hottest tech dude in all the land.” Since we’d like to see that award (justly) go to a networking pro, we couldn’t resist posting the link for you in the Network Hub. Theoretically, nominations are supposed to come from ladies who subscribe to Daily Candy’s newsletters (which promote shopping, dining and travel items of interest). But any toothsome techie worth his salt should be able to figure out a way around that. 😉
In addition to bragging rights, both the winner and the person who nominates him will receive an HP Mini 1000 XP edition series netbook with an upgraded 60 GB hard drive.
The Daily Background blog has created quite a stir for pointing out that a Belkin buisness devleopment rep was offering money for positive product reviews on Amazon.com. The product, a wireless USB hub, was getting terrible reviews on Amazon, so Belkin representative Michael Bayard posted an ad on Mechanical Turk, Amazon’s online marketplace for menial tasks, requesting that people write positive reviews of the product “Write as if you own the product,” the ad stated, and “Mark any negative reviews as ‘not helpful.'” Take a look at the Amazon reviews for this router and you’ll see 17 reviews that gave it one star and two positive reviews. Looks a little fishy to me.
Belkin’s president Mark Reynoso has since issued a statement to The Daily Background which apologizes for the “isolated” incident and promises that Belkin will work with online retailers to make sure any fake reviews are taken down. Reynoso doesn’t mention anything about the fate of Bayard.
WAN optimization heavyweight Riverbed Technology gobbled up Mazu Networks this week for just $25 million in cash. Mazu is a privately held company that sells network behavior analysis (NBA) tools that analyze the interaction between users, applications and systems. Mazu Profiler, the company’s flagship product, is used for security monitoring, but like many NBA vendors, customers have been increasingly using it for monitoring and analyzing the performance of rich critical applications like voice and video.
Riverbed apparently is acquiring Mazu so that it can better evaluate the state of application performance over a customer’s wide area network. The comapny’s press release explains that Mazu’s ability to give “a holistic, real-time view of application usage and performance” is critical to understanding the “application environment and taking the right steps to validate and ensure delivery of business-critical applications across the wide area network.”
Riverbed’s cash payment of $25 million for Mazu is definitely a bargain. According to GigaOm, venture capitalists have invested $40 million into the company. The blog peHub puts the VC figure at $47 million. The VC firms might get their money back if Mazu performs for Riverbed. The terms of the sale include an additional payment of up to $22 million based on the sales performance of Mazu in the 12 months following the closing of the deal.
Over the last year I’ve written about the importance of developing your IPv6 skills now, and about how you should be looking at what kind of IPv6 support your vendors of choice have to offer. Some of you might think I’m being a Chicken Little by devoting any space to the advance of IPv6. IPv4 is the dominant version of Internet Protocol and widespread use of IPv6 is still years off, most of you say. Most of the networking pros and many of the vendors whom I talk to say its not something worth thinking about right now. There is plenty else to worry about.
Indeed, you may react to an IPv6 story or tip like I react to those commercials I’ve been seeing about the transition from analog to digital television broadcasts scheduled for February. “Upgrade your TVs today because in February TV stations will cease to broadcast analog signals. Yes, this means YOU, you folks who don’t have cable or satellite television. Vast multidues of you will be unable to watch NBC, ABC, CBS, FOX and PBS unless you buy a new TV or get a digital converter box… Or you could just get cable.”
Yes, I usually flip the channel when I see those commercials. If you’re reading this blog, it’s likely that you aren’t one of the 7.8 million Americans who will be affected by the end of analog TV, either. But chances are good that you should be paying attention to IPv6 because it is getting closer.
In a new research note entitled IPv4 Address Exhaustion: An Inconvenient Truth (client log-in required), analyst Jeff Young predicts that IPv4 addresses will run out in November 2011. That’s less than two years away. And you don’t want to wait until then to start planning for a transition. IPv4 addresses could start getting pricey. There is still no backwards compatibility between IPv4 and IPv6, which means that when IPv6-only hosts start cropping up on the Internet in a couple years, there could be large swaths of the Internet that these hosts can’t talk to. Any company that relies on IP networks to conduct business will want to have a handle on this transition early.