Take a look at ESG Research and you’ll see a number of simultaneous trends. Enterprises are consolidating data centers, packing them full of virtual servers, and hosting more and more web applications within them. This means massive traffic coming into and leaving data centers.
Yes, this traffic needs to be switched and routed, but this is actually the easiest task. What’s much harder is processing this traffic at the network for security, acceleration, application networking, etc. This processing usually takes place at the network edge, but additional layers are also migrating into the data center network itself for network segmentation of specific application services.
Think of it this way: There is a smart-fat network edge that feeds multiple smart-thin network segments.
The smart-fat network edge aggregates lots of network device functionality into a physical device, cluster of devices, or virtual control plane. This is the domain of vendors like Cisco, Crossbeam Systems, and Juniper Networks for security and companies like A10 Networks, Citrix (Netscaler), and F5 Networks for application delivery. These companies will continue to add functionality to their systems (for example, XML processing, application authentication/authorization, business logic, etc.) to do more packet and content processing over time. It wouldn’t surprise me at all if security vendors added application delivery features and the app delivery crowd added more security.
Once the smart-fat network edge treats all traffic, packets and content will be processed further within the data center (i.e., smart-thin network edge). This will most likely be done using virtual appliances like the Citrix VPX. Why? Virtual appliances can be provisioned on the fly with canned policies or customized for specific workloads. They can also follow applications that migrate around internal data centers or move to public clouds.
A few other thoughts here:
The smart-fat, smart-thin architecture is already playing out in cloud computing and wireless carrier networks today and I expect it to become mainstream in the enterprise segment over the next 24 months. The technology is ready today but many users have no idea how to implement this type of architecture or capitalize on its benefits. Vendors who can guide users along with knowledge transfer, best practices, and reference architectures are most likely to reap the financial rewards.
Tags: A10 Networks, application networking, Cisco Systems, Citrix, Cloud Computing, Crossbeam Systems, Dell, F5 Networks, HP, IBM, identity management, Juniper Networks, routing, server virtualization, switching, XML Posted in Uncategorized | No Comments »
Did you see the series of announcements Cisco made this week? It was pretty impressive. This is the traditional season where Cisco announces products and new initiatives but this week’s announcements were very extensive — new switches, routers, security devices, wireless access points, WAN optimization equipment, etc.
In its marketing mastery, Cisco related all of these announcements to two core strategic initiatives, data center virtualization and borderless networks. In other words, Cisco is talking about the way IT applications and services are hosted (central data centers, virtualization, cloud), and the way they are accessed (wired and wireless networks, security, access control).
Cisco is clearly demonstrating that it plays in a different space then it used to. It’s all about industries, business processes, and enterprise IT now; the network simply glues all the pieces together. So why all these announcements at once? Doesn’t this water down the individual piece parts? I don’t think so. Cisco is actually doubling down on integration across its products with an overall strategy aimed at:
Now I realize that the “integrated stack” story has limited value today since customers have a history of buying servers from HP, wired networks from Cisco, Wi-fi from Aruba, storage from , etc. That said, IT is radically changing. For example, ESG Research indicates that server virtualization is driving a lot more cooperation across disparate functional IT groups. As these organizations come together, it’s only natural that they will look for common solutions from fewer vendors.
In the meantime, service providers and financially-strapped organizations (i.e., State/local government, higher education, real estate, etc.) will look for IT savings anywhere they can, even if it means moving away from some vendors with relatively stronger point products in the process.
Cisco also has a services opportunity in that it gets to play services Switzerland and partner with companies like Accenture, CSC, and Unisys in competition with IBM Global Services and HP/EDS.
Lots of people knock Cisco products and point to better, faster, cheaper alternatives. Maybe, but the overall Cisco story seems pretty strong to me. As of Tuesday, Cisco has a bunch of new products that support its corporate strategy and make its story even stronger.
Tags: Acceture, Aruba Networks, Cisco Systems, CSC, HP, IBM, Juniper Networks, Riverbed, Unisys Posted in Uncategorized | 2 Comments »
If you look at revenue numbers, Cisco is the clear leader in network security. That said, the company has been far less visible over the last few years–especially at the high-end of the market in consolidated data centers, wired and wireless carrier networks, and cloud computing infrastructure. This opened this lucrative market to Juniper’s SRX and the security duo of Crossbeam Systems/Check Point.
As the saying goes, “never wake the sleeping giant.” In an unprecedented series of announcements yesterday, Cisco announced its new high-end security system, the ASA 5585X. Cisco’s deepening data center chops are clearly evident here. The ASA 5585X is a 2 rack unit appliance, a small form factor that one-ups the competition in terms of power, space, and cooling but still delivers massive data center performance from 2Gb to 20Gb of throughput. Cisco also demonstrated that it is paying attention to the mobile Internet market by emphasizing that the 5585X can deliver up to 350,000 connections per second — a metric that will really appeal to wireless carriers.
The ASA 5585X announcement was one drop of a veritable waterfall of news coming out of Cisco yesterday. Whether you love Cisco or hate it, you have to give the company credit — all of the announcements were strong on their own, tied together with overall company initiatives, and supported one another. For example, the ASA 5585X announcement:
I don’t know how the ASA 5585X compares to the competition, but speeds-and-feeds are somewhat beside the point. The ASA 5585X gets Cisco back in the game. Combined with Cisco’s growing portfolio, data center experience, and un-matched marketing messages, it will most certainly sell a lot of high-end security boxes.
Tags: AnyConnect, ASA 5585X, Borderless Networks, Check Point, Cisco Systems, Crossbeam Systems, Juniper Networks Posted in Uncategorized | No Comments »
Cisco Systems has purchased dozens of companies in its history, so most deals receive relatively little attention. There are exceptions, however. When Cisco acquired companies like Scientific-Atlanta (2005), WebEx Communications (2007), and Jabber, Inc. (2008), it signaled a change. Cisco was broadening its strategic focus and viewing the network as a platform rather than a series of boxes. Fast forward to the present and Cisco continues to acquires companies and technologies that build on top of its network platform and customer base.
In my humble opinion, Juniper Networks made a similar strategic transition last week when it acquired SMobile, a privately-held software company specializing in smartphone and tablet security.
Allow me to explain: like Cisco in 2005, Juniper always thought of itself as a networking hardware vendor. This changed in late 2009, when Juniper announced several products and programs centered around its core operating system, JUNOS. The goal? Make JUNOS a development platform for network-based functionality.
The SMobile acquisition demonstrates that Juniper is willing to put its money where its mouth is and build the value of JUNOS through acquisitions, not just internal development projects. In announcing the deal, Juniper highlighted its plans to integrate SMobile security with its JUNOS Pulse endpoint software for network connectivity and acceleration.
The story gets better. The JUNOS Pulse/SMobile client will gain added functionality when combined with the other elements of the Juniper platform built into carrier-class networking and high-end security systems. Who is using all of the elements of the platform? Wireless carriers who are already big Juniper customers. Juniper figures that it can help these carriers create lucrative and profitable services built on top of JUNOS. Mobile device network access, security, and high performance seem like a great place to start.
Unlike Cisco, Juniper hasn’t strayed too far from its comfort zone by acquiring companies focused on consumer electronics or cloud computing applications. Good idea–Juniper is pretty insular and engineering-focused, so it needs to proceed slowly and really leverage its technical strengths, install base, and the JUNOS software development mission.
I believe that Juniper does have a great opportunity with JUNOS and I like the company’s strategy and the SMobile acquisition. But unless you follow Juniper pretty closely, you probably still think of it as a network hardware company and you’ve most likely never even heard of JUNOS. In a similar situation, Cisco would create a flurry of marketing campaigns, events, programs, and business development programs. Juniper isn’t Cisco, but it needs to take a page out of the John Chambers playbook to make SMobile, JUNOS, and its overall software strategy a success.
For those interested in more information, I’ve also written a brief on the acquisition, which can be found here.
Tags: Cisco Systems, Juniper Networks, SMobile Posted in Uncategorized | No Comments »
Earlier this week, Cisco announced its intentions to end-of-life the Cisco Security Agent (CSA) at the end of the year. Cisco will continue to support CSA for another 3 years but it won’t enhance the product any longer.
Moving forward, Cisco’s endpoint security efforts will center upon AnyConnect, an agent-based offering that unfies endpoint connectivity, TrustSec, DLP, threat defenses, and policy management. As far as pure AV protection, Cisco will recommend partner with vendors like Sophos and Trend Micro.
What’s going on here? Is Cisco walking away from an entire product and market? No. In fact, ESG believes this decision demonstrated guts and vision. Cisco has never had any luck with Windows client software and that’s really what CSA is. Cisco may be saying adios to Windows but this move is right down Broadway as it aligns with Cisco’s strengths and market direction. Why? Because:
Cisco has a fair number of CSA customers so I’m sure some folks within the company wanted to continue to invest in the product. This would have been the easy “let’s not rock the boat” decision.
Yes, this would have been the easy path but it also would have been the wrong decision. Cisco can now focus on endpoint security from a position of network/cloud strength rather than its Windows PC weakness.
The market is already headed in this direction. Cisco is simply shedding some legacy baggage and positioning the company at the nexus of endpoint, network, and cloud security. This is the absolute right decision.
Tags: AnyConnect, Cisco Systems, Okena, Sophos, Trend Micro Posted in Uncategorized | No Comments »
Yesterday, Juniper Networks made a series of announcements. The company is introducing technologies to flatten and secure the data center network and change the economic model. Juniper will offer multiple new homegrown and third-party applications built on top of Junos (a.k.a., the Junos Space initiative). Juniper is also changing its support model for enterprise customers and offering its support in conjunction with IBM and other partners.
These announcements are receiving positive, yet lukewarm, reviews. I read several articles saying the Juniper isn’t going far enough; that it is too secretive about its Stratus project and that it isn’t talking enough about storage.
Hmm. I understand these responses — Juniper has never been a company that goes out on a limb to discuss its roadmap or vision. The whole notion of the “new network” is also pretty vague. That said, I think the naysayers are overlooking one important fact: Juniper is making steady progress in new areas. Two years ago, Juniper’s enterprise presence was limited to high-end routers and security devices. Now, it has a full data center portfolio and is winning enterprise accounts. Industry insiders may not get this, but Wall Street certainly does.
Juniper faces a tough road ahead. Cisco owns the enterprise, is refreshing its product line, and is the absolute thought leadership master. HP now owns the 3Com high-end stuff and will try to leverage its enterprise server and storage base to hawk networking equipment. The battle to compete with Cisco or become the #2 enterprise networking vendor will be a long, hard struggle.
After years of technical geek-speak, Juniper now seems up to the task at hand. Yes, it still needs more vision, but in my view, the company continues to make steady progress — just look at its financial results.
Tags: Cisco Systems, HP, Juniper Networks, Junos, ProCurve, Stratus Posted in Uncategorized | No Comments »
Yesterday, I hosted a panel at the Cloud Computing summit focused on cloud security for the federal government. The panel was made up of some smart folks: Alex Hart from VMware, Bob Wambach from , and one of the primary authors of the Cloud Security Alliance guidelines, Chris Hoff from Cisco.
While these folks offered great contributions, most questions were focused on the fourth member of the panel, Peter Mell from NIST, the chair of the Federal Cloud Computing Advisory Council. Why? Let’s just say that Mell may be the single individual most focused on cloud security in the world. He has been tasked with defining cloud computing standards for the entire federal government–a big responsibility since President Obama and Federal CIO Vivek Kundra continue to trumpet the benefits of cloud computing and push federal agencies to adopt pilot projects.
Mell’s work will soon come to fruition when the feds introduce the Federal Risk and Authorization Management Pilot program (FedRAMP). FedRAMP has two primary goals:
Since FedRAMP is still a work in progress, the audience made up of federal IT people had a lot of questions about all of the fine points. Thus Mell was in the hot seat for most of the time.
Peter Mell deserves a lot of credit. Federal agencies have often acted independently with regard to IT, so Mell and his team are herding cats.
If FedRAMP works, cloud service providers can deliver to a single set of standards. This will encourage innovation and bolster competition. On the agency side, FedRAMP could pave the way for a wave of cloud computing consumption over the next few years. What happens if FedRAMP fails? The federal government becomes difficult to service, so most cloud service providers treat it as a market niche. If that happens, the federal government could lose its cloud computing leadership and momentum very, very quickly.
Tags: Cisco Systems, EMC, FedRAMP, NIST, Peter Mell, President Obama, Vivek Kundra, VMware Posted in Uncategorized | 3 Comments »
Okay, I’m back in sunny Boston after four days at Interop. I’m now convinced that no normal person should be subject to Las Vegas for more than this amount of time. Everyone I ran into yesterday was looking forward to leaving. I flew out at 2:15 and found that people with later flights were jealous. This says it all.
Enough about the fake city however. As for Interop, a lot of people thought that the 2009 downer indicated that Interop may not be around much longer. In less than a year, the buzz has returned under the guise of strong financials, more market demand, and cloud computing. Here are my final thoughts on the show:
One final thought. I don’t think anyone really knows what the network will look like in a world with cloud computing, advanced mobile devices, and ubiquitous wireless broadband. In my opinion, this means that the network business is up for grabs in a way it hasn’t been in the past. This should make next-year’s Interop just as exciting — I just wish it were at the Moscone Center.
PS: Thanks to all the folks who provided feedback on my comments about Arista Networks. Clearly, I owe Jayshree a call.
Tags: A10 Networks, Aerohive, Blue Coat, Cisco Systems, Citrix, Cloud Computing, F5 Networks, HP, Juniper Networks, Riverbed, Xirrus Posted in Uncategorized | No Comments »
I’m here in the wasteful energy capital of the world, Las Vegas, for Interop. After back-to-back meetings and a few strolls across the show floor, here are some of my observations:
More tomorrow, I have to walk through the cigarette smoke Casino and meet some friends for dinner.
Tags: Arista Networks, Barracuda, Brocade Networks, Cisco Systems, Extreme Networks, ITIL Posted in Uncategorized | No Comments »
ESG’s research indicates that network security spending will be a focus area for 2010. Nearly half (48%) of midsized (less than 1,000 employees) and enterprise (more than 1,000 employees) organizations will invest in network security technologies like firewalls, IDS/IPS, gateways, and threat management solutions.
Yes, all of these technologies are important components of a defense-in-depth security architecture, but they are also quite mature. Why the network security renaissance? Because of:
With all of this activity, many networking vendors stand to benefit. Cisco and Juniper have great network security offerings that interoperate with their core networking products. HP will pick up TippingPoint with 3Com, but it needs to build an architecture story quickly. Brocade is working with partners and must continue to make this a core part of its value. Other networking vendors need to make similar moves.
Security gets more complex each day, so state-of-the-art devices may have a short shelf life. Expect continuous investment in network security moving forward. Networking vendors that recognize this will put themselves in the best position.
Tags: Brocade Networks, Check Point, Cisco Systems, Crossbeam Systems, HP, Juniper Networks, McAfee, Sourcefire, TippingPoint Posted in Uncategorized | 3 Comments »
Your email: