The Network Hub

A blog

November 24, 2010  3:54 PM

HP Networking eating into Cisco’s market share?

Posted by: Shamus McGillicuddy
Cisco, HP Networking, HP ProCurve, Networking

Tiernan Ray at Barron’s blogs that HP Networking’s market gains appear to be coming directly at Cisco’s expense.  He notes that HP’s Q4 earnings detailed a 300% increase in networking revenue thanks to the 3Com acquisition and that HP’s own ProCurve products saw a 50% increase year over year.  Meanwhile, Cisco’s revenues reported earlier this month were solid, but the company issued guidance for next quarter that was very soft, about $1 billion lower than Wall Street analysts were predicting.

An important catch by Ray: During Cisco’s earnings call, the company said sagging sales to state and local governments, down about 25%, were a major challenge. However, HP CFO Cathie Lesjak claimed her company’s great quarter was partially due to rising sales in state and local government accounts.  Is this an early indication that government IT shops are looking to HP as a cheap alternative to Cisco in their networks? Will the private sector follow?

November 17, 2010  5:42 PM

In game of wireless LAN musical chairs, Juniper ends up with Trapeze

Posted by: Shamus McGillicuddy
Cisco, Juniper, Juniper Networks, Networking, Trapeze Networks, wireless LAN, Wireless networking

Like celestial bodies wandering the cosmos, networking vendors and wireless LAN vendors are drawn to each other’s inescapable gravity .  Wired networking vendors have been buying wireless LAN vendors since the dawn of the wireless LAN controller. Cisco Systems, for instance, had little more to offer than Wi-FI hot spots until it bought Aironet in 1999. HP bought Colubris, and later acquired another WLAN product line with its 3Com deal. Enterasys Networks inherited a WLAN product line when it merged with SIemens Enterprise Networks. Extreme Networks and Brocade have OEM relationships with Motorola. Would it be terribly shocking if Motorola decided to buy Brocade or Extreme?

And now Juniper Networks has finally acknowledged its inescapable attraction to WLAN, announcing yesterday that it had struck a deal with Belden to buy Trapeze Networks for about $152 million. Belden, a network cable manufacturer, bought Trapeze two years ago for about $133 million.

Juniper has become a strong Cisco alternative in the campus networking space with its growing line of EX switches, but the nature of office networks is changing.  A great many offices today still have plenty of Ethernet cables and ports pulled to every desk. But more and more of those offices also have a wireless LAN overlay, so that employees can unplug their laptops and carry them to a meeting or the lunch room without losing network access. Yours truly has that option today.

It’s only a matter of time before some enterprises decide to cut down on the number of ports they pull to desks and start replacing some of the switches in their wiring closets with WLAN access points. Juniper is expanding and future-proofing its foothold in campus networks by expanding into wireless LAN.

Juniper will also have an opportunity to integrate its wired networking products with Trapeze’s WLAN technology. Wired and wireless integration, for simplified deployment and management, has been much hyped about these past couple years, but very little has been done in the area.

For some ideas on how that integration might unfold, check out Andre Kindness’s Forrester Research blog.

November 10, 2010  9:27 PM

FCoE is not ready but iSCSI is, so what’s the deal?

Posted by: rivkalittle

Vendors can push Fibre Channel over Ethernet (FCoE) all they want, but the technology is simply not ready for deployment, argues Stephen Foskett, Gestalt IT community organizer, who presented this week at the Large Installation System Administration (LISA) conference in San Jose.

That’s not what Cisco had to say about FCoE. While we were in San Jose, company officials explained how users can start slowly with FCoE implementation at the access layer. Foskett, however, points out that most vendors don’t have a full FCoE solutions just yet (that includes Cisco, which won’t have a core FCoE play until at least early 2011). According to Foskett, vendors use FCoE as a product differentiator and as a protector of Ethernet.

Foskett’s LISA presentation was called “Storage over Ethernet: What’s in it for me?” The answer to that question is “Not a whole lot” when it comes to FCoE deployment for now. But Foskett is a fan of iSCSI. Find out why …

 [kml_flashembed movie="" width="425" height="350" wmode="transparent" /]

November 10, 2010  3:26 PM

Implementing FCoE doesn’t mean a rip-and-replace

Posted by: rivkalittle
Cisco FCoE, FCoE implementation, Fibre Channel over Ethernet

Implementing Fibre Channel over Ethernet (FCoE) for converged data center networks doesn’t mean users have to invest in a complete rip-and-replace … even when implementing Cisco FCoE. We met with Kash Shaikh, Cisco’s data center solutions senior manager of marketing, who explains in this video that users can start Cisco FCoE implementation in the access layer with converged network adapters at the servers, and later move toward FCoE in the core.


[kml_flashembed movie="" width="425" height="350" wmode="transparent" /]

November 5, 2010  3:41 PM

Motorola on the future of the wireless LAN controller

Posted by: Shamus McGillicuddy
Aerohive, Brocade, cloud, Extreme Networks, Meraki, Motorola, wireless LAN, wireless LAN controllers, Wireless networking, wlans

Recently Motorola announced a significant change to its wireless LAN architecture with its WiNG 5 announcement. With WiNG 5, Motorola is running identical firmware across its wireless LAN controllers and access points.  Its access points have enough memory and processing power to operate independently from a controller, allowing enterprises to deploy controllerless WLAN infrastructure.

This new architecture allows an access point to perform some of the high-level security, policy and RF management roles that have traditionally been centralized in a controller.

At first glance it appeared that Motorola was going the way of start-up Aerohive, which has had a controllerless approach to WLAN from its inception. However, Motorola isn’t dumping the controller appliance altogether. It still has a role, but Motorola admits that the role is evolving. In fact, from what Motorola says, it sounds like everything about the WLAN controller is evolving.

Manju Mahishi, Motorola’s director of product management, told me that WiNG 5 is meant to give enterprises flexibility in deployment and to avoid bottlenecks associated with backhauling high throughput 802.11n data through centralized controllers. But he said that controllers will not be disappearing from Motorola’s WLAN architecture.

“We believe very strongly that in the vast majority of cases, depending on the number of access points in a local site, you can get away without having controllers. Up to 24 access points can be deployed without any controller,” Mahishi said. “But there are scenarios where we still see certain enterprises customers will still want to pull data centrally. They want to do all data processing through a controller, whether on specific VLANs or on guest access. Even though we see the benefits of distributed intelligence and having the access points doing all the work, there are still scenarios where [enterprises] will want to pull certain data if not all data through controllers, whether they are doing packet inspection or applying some security policies.”

He said there are some scenarios where the access points will simply not have the processing power to match Motorola’s high-end controllers. For instance, a highly subnetted network will require a controller. If a company wants to extend certain VLAN from a central campus out to branch offices, they will also use controllers to pull data back through a WAN.

Beyond the role of the controller, Mahishi said the format of the controller is also set for an evolution. He said Motorola’s OEM partnerships with Brocade and Extreme Networks are pushing the concept of a controller in a new direction. He said the ability to virtualize a controller and run it on a third party switching platform from one of these OEM partners could offer new ways of scaling a wireless LAN while simultaneously integrating it into the wired infrastructure.

“We can easily virtualize [controller] functionality,” Mahishi said. “When we were demonstrating WiNG 5, we were running it on a laptop. Clearly the intent is to be able to take this capability and run it on a cloud-based controller or any server-based appliance that can scale. The WiNG 5 architecture helps us get there.”

Networking pros will doubtless follow Motorola’s evolution of the controller-access point architecture very closely. Controllers from most WLAN vendors are extremely expensive and vendors like Aerohive and Meraki have made hay with customers by offering WLAN infrastructure that is free of a costly physical appliance. Aerohive’s access points collaborate as a virtual controller while Meraki offers cloud-based, subscription controller functionality, which transfers the controller function from a big-ticket capital expense to a low-cost, but ongoing, operational expense.

October 25, 2010  11:19 AM

New HP networking certification: You need to know more than just networking

Posted by: rivkalittle
Cisco certification, Cisco data center network certification, HP certification, HP ExpertONE, Unified Computing certification

The days of being just a networking pro are officially over … or that’s what networking vendors would like you to believe.

Maybe that won’t be the case if your company never virtualizes its servers or applies dynamic provisioning or moves toward converged storage and data center networks.

So probably a fairer way to state it is: you can probably be just a networking pro for a little while longer. But then you’ll very likely be forced to provide networking that enables and even optimizes server virtualization performance, and you’ll be asked to figure out how your data center LAN and SAN can be managed as one.

Banking on that being the case (and hoping to sell their new technology strategies), HP rolled out an integrated infrastructure certification this month to rival Cisco’s Unified Computing and data center infrastructure specialist certs.

The HP ExpertONE converged infrastructure certification program includes network-specific certifications that teach skills in so-called next generation data center networks (read converged), as well as how to migrate from proprietary network technology (read Cisco-based networks) to multi-vendor “open network infrastructures.” The program also includes a systems component that teaches systems engineers how to apply IT to business processes, and includes Return-on-Investment (ROI) analysis in a converged infrastructure. It’s no coincidence that HP rolled the cert out during Interop New York, which has shifted its focus almost entirely to next generation networks that support virtualization and the cloud.

HP claims to be the first provider of integrated technology certification, but Cisco has long had its Unified Computing certifications that reach across servers, networks and storage. It also has a data center network infrastructure design certification that focuses on converged networks. These certs don’t, however, stretch across multi-vendor environments.

Vendors notoriously roll out certifications for technologies they want to sell – and all of these programs can be seen from that perspective. Still, with virtualization in some form experiencing uptake among 90% of most companies, and many of these same companies considering at least some form of private cloud implementation, it’s fair to say that networking professionals need to consider broadening their horizons.

October 21, 2010  5:46 AM

Cisco plays nice at Interop: Vendors must work together for infrastructure on demand

Posted by: rivkalittle

“Integrated stack.” If you’re confused by that term, don’t be concerned.

Apparently it’s the buzzword for the integration of applications and virtualized network instances in a single stack that will enable dynamic provisioning of infrastructure and applications on demand. Still a bit confused?

At Interop New York Wednesday, Cisco’s VP of data center and virtualization Ben Gibson used his keynote sessions to tout Cisco’s role in this integrated stack. More solidly, he preached the idea that vendors must work together to co-develop and market pieces of the infrastructure (virtual or not) that enable dynamic provisioning – offering the entire picture “from the application to the disk.” Though Cisco set the tone for selling highly proprietary networking equipment in the ‘90s, Gibson harkened back to the era, calling on vendors to work closely together the way companies did to enable e-commerce.

As an example of multi-vendor strategies, Gibson noted Cisco’s Vblock alliance with EMC and VMware, which offers “pre-validated infrastructure pieces that bring together network, compute and storage.” Gibson also pointed to the HP-Microsoft alliance that also brings together hardware and applications.

“The vendor community has to work together in new and interesting ways to deliver solutions that drive our systems integration and drive simplicity,” Gibson said, calling it a “new way of thinking about things” to bring about a “single cohesive customer experience.”

Customers in the audience weren’t necessarily buying into the idea just yet. One network manager from a major telecom carrier said buying into “solutions” from these multi-vendor partnerships is not that different than buying technology from one vendor – “it’s still about lock-in to one prescribed system,” he said.

Some network engineers are just not ready to buy into the infrastructure-on-demand play. One Interop attendee, network engineer from a national health insurance firm, said his company would be ready to converge data center networks in about five years and wouldn’t consider infrastructure on demand until then. What’s more, he doubted that his users would understand the concept of automatic provisioning of infrastructure to meet their business needs. In turn, he doubted his engineers would be understand user business needs enough to supply the right applications automatically. He referred to the whole transitions as “a big learning process.”

October 11, 2010  12:28 PM

Tech companies dream up new and horrible ways to lay off workers

Posted by: Shamus McGillicuddy
career, Networking

Why are some tech companies so bad at firing people?

Mark Fraunfelder at BoingBoing highlighted a Telegraph report about how Everything Everywhere, the mobile carrier created by the merger of Orange and T-Mobile, took artless and heartless firing to a new low. Employees were  herded into rooms by the dozen or by the hundred and shown a “traffic light system” that told them of their job status. If employees saw a red light, they were fired. If they saw a yellow light, they had to re-apply for their jobs. If they saw a blue light their jobs were fine. If they saw a green light, they were getting one of a small number of newly created jobs.

Rather than sit through further humiliation as management offered soothing information about severance, etc., many of those who saw a red light reportedly stood up and walked out.

Can it get any worse than this? How about fortune cookies baked with the good news inside: “Unemployment checks are in your future!” Perhaps a creative executive could modify one of those “Easy” buttons from Staples, replacing the recording of the guy saying “That was easy” with a sample of Donald Trump blurting out “You’re fired.”

October 8, 2010  4:22 PM

Motorola smartens access points, pulls back WLAN controllers

Posted by: Shamus McGillicuddy
Aerohive, Aruba, Cisco, Enterasys, Meraki, Motorola, Networking, Wi-Fi, wireless LAN, Wireless networking

The role of the wireless LAN controller appliance is shifting dramatically. The days of the dumb access point are severely numbered. Motorola became just the latest WLAN vendor to deemphasize the role of its controller appliance in its architecture with its new WiNG 5 architecture.

As we know enterprise wireless LAN used to consist of a bunch of independent, “fat” access points that were basically islands of wireless with no centralized control. Then vendors like Aironet (now Cisco), Motorola and Aruba started introducing a controller-based WLAN architecture, which was much more scalable and (eventually) much more secure. This change opened up Wi-Fi’s potential from isolated hot spots to campus-wide, centrally managed deployments.

Now vendors vendors are pulling back the controller’s role in enterprise WLAN. Meraki has moved its controller functionality into the cloud, building access points that are smart enough to survive on their own when contact is lost with Meraki’s cloud. Aerohive has distributed most of the controller functionality throughout its access points, with a simple management and policy piece sitting on a server.

Enterasys-Siemens’ HiPath wireless LAN product line has also deemphasized its controller in recent years. The HiPath access points manage QoS, encryption and RF management on their own, leaving the controller to handle configuration and policy control and roaming.

Now Motorola has committed to smarter access points, too, with its WiNG 5 architecture. With a simple software update, all of the company’s access points will now run the same software package as Motorola’s controller appliance. Apparently Motorola’s access points have enough compute capacity to handle this new functionality.

Like every vendor that has pulled back the controller’s role in WLAN, Motorola says the speeds involved in 802.11n can lead to a bottleneck effect in the controller. Dr. Amit Sinha, Motorola’s WLAN CTO, said that backhauling everything to the controller isn’t practical, especially when it comes to voice and video communications.

In demos in Boston this week, Motorola showed that the access points are capable doing things traditionally reserved for its controllers. In one demo, an access point that was isolated from its controller was able to recognize and adjust to RF interference. In a second demo, the isolated access point was able to detect a rogue media server running unsanctioned streaming video over the wireless network and cut off the access to that server.

Finally, Motorola demonstrated that by making its access points smarter, it can boost performance. It streamed unicast streaming video from a single wireless access point to 80 laptops, which earned it recognition for a new record by an adjudicator from the Guinness Book of World Records.

What remains unclear to me: Why is Motorola keeping the controller at all. I know there’s a need for centralized configuration, policy and other management functions, but why does Motorola need to continue holding onto the standalone controller appliance. Can’t those management functions be run on an industry standard server or as a virtual machine? If the access points are able to run the same code-base as the controller, surely the access points can handle the data and control planes of the WLAN architecture on their own and leave the management plane to some simple software. Motorola probably has a good reason for this but I didn’t hear much from them about it during their announcement of the WiNG 5 announcement.

October 8, 2010  2:52 PM

Another look at Cisco’s network security strategy

Posted by: Shamus McGillicuddy
Cisco, firewalls, Juniper, mobility, Network security, VPN

We put Cisco’s security strategy under the microscope about six weeks ago after hearing from many, many networking pros who felt Cisco had lost its way, at least a little.  I think Cisco was hearing that message a little bit as well, because it focused heavily on its network security business this week with its latest round of Borderless Networks news. I received two separate briefings for this latest Cisco news cycle. The first briefing was a straightforward update on the various Borderless Networks products: the routers, switches, firewalls and software that make up the soup-to-nuts product portfolio.

The other briefing was strictly about Cisco’s security business. It was a WebEx panel led by Cisco’s security technology chief Tom Gillis and a coterie of marketing and product management folks. Unlike the first briefing, which was a one-on-one affair, this one was open to an unknown number of reporters and analysts who dialed in or made the trip to California to be there in person.

Gillis used this event to lay out Cisco’s current game plan for network security. The details of this talk didn’t make it into my Borderless Networks story this week, so I thought I’d lay out some of the basics here.

First, Gillis reviewed the state of Cisco’s security play. The company has an impressive footprint.

  • Cisco earned $2.2 billion in security revenue in its 2010 fiscal year, which represented a 14.5% growth rate over the previous year.
  • Cisco has 150 million VPN endpoint clients installed globally, and about 33% of them are the company’s new AnyConnect Secure Mobility client, a hybrid VPN/802.1X product.
  • Cisco’s Security Intelligence Operations (SIO) center, the company’s threat and vulnerability analysis lab, processes 20 billion URLs per day and has more than 500 security researches, analysts and rule writers distributed across the world.

Next, Cisco dug into the details for the biggest security piece to come out of this week’s news: The Adaptive Security Appliance (ASA) 5585-X. This firewall/IPS/VPN gateway box is Cisco’s first attempt to offer a product with the scalability and power to compete with the data-center class versions of Juniper Networks’ SRX platform.

In the past networking pros have told me that the ASA 5500 series is a decent product that lacks the firepower and scalability for high-end data centers. Cisco hopes the 5585-X answers those critics.  Although the Cisco folks didn’t name the SRX or Juniper during this briefing, they did keep referring to vendor “J,” whose product’s specs bore an uncanny resemblance to the SRX3600.

The 5585-X comes in a 2 RU format (about 40% of the size of SRX boxes with similar specs) and offers 20 Gbps of simultaneous firewall and IPS throughput, 350,000 new connections per second and 8 million total connections. Cisco also said it draws less power than the vendor “J” product (785 watts to 1,750 watts).

The ASA 5585-X should give enterprises the ability to scale up the number of AnyConnect clients they deploy. AnyConnect is a hybrid of a IPsec VPN and SSL VPN client and a 802.11X supplicant. Cisco says it can run on pretty much any device and enable enterprises to provide secure network access to employees, partners and suppliers, regardless of what device they are on and where they are. Since 33% of Cisco’s VPN client footprint has already upgraded to this product, which was released earlier this year, customers should already be discovering for themselves whether AnyConnect is truly able to provide them with an open yet secure network.

Cisco has focused its marketing efforts on a broad range of new markets in recent years (telepresence, Flip video cameras, smart grid technology, and servers), leading some networking pros to question its commitment to its bread and butter markets like routing, switching and security. This week proved to me that Cisco is at least listening to those customers who are worried.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: