Take a look at ESG Research and you’ll see a number of simultaneous trends. Enterprises are consolidating data centers, packing them full of virtual servers, and hosting more and more web applications within them. This means massive traffic coming into and leaving data centers.
Yes, this traffic needs to be switched and routed, but this is actually the easiest task. What’s much harder is processing this traffic at the network for security, acceleration, application networking, etc. This processing usually takes place at the network edge, but additional layers are also migrating into the data center network itself for network segmentation of specific application services.
Think of it this way: There is a smart-fat network edge that feeds multiple smart-thin network segments.
The smart-fat network edge aggregates lots of network device functionality into a physical device, cluster of devices, or virtual control plane. This is the domain of vendors like Cisco, Crossbeam Systems, and Juniper Networks for security and companies like A10 Networks, Citrix (Netscaler), and F5 Networks for application delivery. These companies will continue to add functionality to their systems (for example, XML processing, application authentication/authorization, business logic, etc.) to do more packet and content processing over time. It wouldn’t surprise me at all if security vendors added application delivery features and the app delivery crowd added more security.
Once the smart-fat network edge treats all traffic, packets and content will be processed further within the data center (i.e., smart-thin network edge). This will most likely be done using virtual appliances like the Citrix VPX. Why? Virtual appliances can be provisioned on the fly with canned policies or customized for specific workloads. They can also follow applications that migrate around internal data centers or move to public clouds.
A few other thoughts here:
The smart-fat, smart-thin architecture is already playing out in cloud computing and wireless carrier networks today and I expect it to become mainstream in the enterprise segment over the next 24 months. The technology is ready today but many users have no idea how to implement this type of architecture or capitalize on its benefits. Vendors who can guide users along with knowledge transfer, best practices, and reference architectures are most likely to reap the financial rewards.
Tags: A10 Networks, application networking, Cisco Systems, Citrix, Cloud Computing, Crossbeam Systems, Dell, F5 Networks, HP, IBM, identity management, Juniper Networks, routing, server virtualization, switching, XML Posted in Uncategorized | No Comments »
Have you heard of the Technology CEO Council? Neither had I until recently. The council is made up of a strange mix of tech CEOs from organizations including Applied Materials, , , IBM, Intel, Micron, and Motorola. Why this group and not Adobe, Cisco, HP, Juniper Networks, Microsoft, Oracle, and Symantec? Beats me.
Anyway, the group published a paper in early October called, “One Trillion Reasons: How Commercial Best Practices to Maximize Productivity Can Save Taxpayer Money and Enhance Government Services.” The paper stresses the need to reduce federal spending and suggests some IT initiatives in support of this objective. The initiatives include:
The paper is available at www.techceocouncil.org.
I agree with the spirit of this paper as there are plenty of ways to use IT costs savings to reduce overall federal spending. That said, the paper is pretty weak and self-serving. Specifically:
The CEOs also need to remember that their own internal IT organizations are far different than those in the federal government. When EMC executives mandate a massive VMware project, all of IT jumps into formation. It doesn’t work that way in the public sector.
There were certainly some good points in the paper, but overall it is really a marketing piece put out by a lobbying organization. In my humble opinion, there is some irony in this paper and organization–while the Technology CEO Council puts out a paper about how the federal government can save money on IT, companies like Dell, EMC, IBM, and Intel are happily wasting dough on a half-baked lobbying/PR organization. Funny world.
Tags: Applied Material, CIA, Cloud Computing, data center consolidation, Dell, DHS, DISA, EMC, Federal Enterprise Architecture, FedRAMP, FISMA, IBM, Intel, Klinger-Cohen Act, Micron, Motorola, NASA, Technology CEO Council, Vivek Kundra Posted in Uncategorized | No Comments »
I’m here in San Francisco for Oracle Open World. Just arrived, but I already have some first impressions.
More soon, time to walk the floor and get indoctrinated.
Tags: Cloud Computing, Dell, Digital Equipment, IBM, identity management, Larry Ellison, Oracle, Oracle Open World, Sun Microsystems Posted in Uncategorized | No Comments »
This week, announced its entry into the SMB security market with a portfolio of products and services. The initial portfolio is fairly simple, with Dell partnering with others for endpoint security, network security, and security services.
There is no shortage of vendors in the security space, but I believe Dell has an opportunity here. Security issues don’t discriminate by organizational size — small companies have to have the same type of protection that larger ones do. That said, security is complex and grows more difficult daily. Dell has the opportunity to help SMBs simplify security by providing tightly packaged and configured end-to-end security solutions. Yes, others can do this too but most security vendors have wide gaps in their portfolios. Dell can sell systems, storage, networks and the whole security enchilada.
In the short-term, Dell will really be another point products security provider so its presence is likely to hurt network security players like Fortinet and SonicWall and the army of endpoint security vendors. In the longer-term, as it adds to its portfolio, broadens its services, and starts to understand security best practices and methodologies like the Consensus Audit Guideline (CAG), Dell can truly be an SMB security partner.
Security provides Dell with a unique opportunity to help customers overcome complex security challenges and increase its value. In this way, security may be even more valuable than its existing hardware portfolio.
Tags: Dell, Fortinet, SonicWall Posted in Uncategorized | No Comments »
A recent Network World article stated that is warning customers that a small number of PowerEdge server motherboards sent out through service dispatches may contain malware.
Dell is doing the right thing by alerting potentially impacted customers, but questions remain:
I could go on and on.
To me, the Dell incident demonstrates an important but relatively unknown concept called cyber supply chain assurance. Servers, software, and other IT equipment are made up of millions of lines of code, a potpourri of components, and hundreds or even thousands of specialized electronic gear. If any one of these elements is compromised, the whole enchilada could be a ticking time bomb. Malware on a server motherboard is just the beginning.
A bit of a tangent: back in 2004, the U.S. federal government issued a report stating that only 21% of semiconductor manufacturing remained in the United States while the bulk of capacity was migrating to China. This caused great concern in the Department of Defense as most our weapons systems, communications, and logistics all depend upon IT. This led to the creation of the Trusted Foundry program, a DOD/industry initiative to ensure microprocessor domestic microprocessor design and manufacturing capabilities.
I bring up this example to illustrate a point. DOD realized that it was dependent upon technology and thus vulnerable to a breach of the cyber supply chain. Outside of the defense community, however, cyber supply chain risk management is nearly invisible. While the Dell incident is minor and seems contained, it is a further warning about the risk we all face. Let’s hope it wakes up some security professionals outside of the Pentagon.
Tags: Cyber supply chain assurance, Cyber supply chain risk management, Dell, DOD, Trusted Foundry program Posted in Uncategorized | No Comments »
If you do some research on endpoint security you’ll quickly read one analyst or another’s claim that antivirus software is dead and that there is a pressing need for some new model like cloud security services, white listing, black listing, virtual desktops, etc.
Antivirus is dead? Hmm, I wonder if these analysts have been following the financial results of Kaspersky, McAfee, Symantec, Trend Micro or a host of others who continue to make money on endpoint security software.
As you can tell by my sarcasm, I don’t subscribe to this theory but I do believe that endpoint security is going through massive changes in order to best address new threats and new requirements. Now and into the future, endpoint security will:
Aside from market demand, security vendors will go down this path for defensive reasons. Free AV software from AVG and Microsoft is plenty good for casual users.
Will all of these features mean an uber fat client application? No. Like hybrid threat protection, vendors will offer a lot of these features as cloud services and rely on a lightweight agent to orchestrate the process. Finally, users will choose what they want and how much they want via a pricing calculator. Think online PC sales as an analogue.
Security purists may claim that endpoint security changes mean giving up control but the business case is too attractive for both users and vendors to pass up. Broad based solutions that cover requirements like threat management, performance management, backup, identity protection, and configuration management across multiple devices per user are simply the next phase of an evolutionary life cycle.
Tags: AVG, Check Point, Cisco, Dell, Finallyfast.com, IDWatchdog, LifeLock, McAfee, Microsoft, Panda, Sophos, Symantec, Trend Micro, TrustedID Posted in Uncategorized | No Comments »
There is an interesting debate happening in the networking industry that centers around branch office equipment. ESG Research points out that branch office servers and applications are moving to the data center and this move is driving more investment in WAN optimization technologies from Blue Coat, Cisco, Citrix, and Riverbed. At the same time, cheap bandwidth and cloud services are changing the network infrastructure. Large organizations are moving away from back-hauling all traffic through the data center and setting up a real network perimeter at the branches themselves.
While networking changes continue, there is also another trend happening. Lots of legacy networking and IT functionality (WAN optimization, firewall, IDS/IPS, file servers, print servers, domain controllers, etc.) is now available as a virtual machine. A single device can now take on multiple functions.
The debate centers on the “hybridization” of networking and server functionality at the branch office. Should branches deploy edge networking devices packaged with Intel processors for running VMs, or should they simply implement Intel blade servers from , HP, and IBM at the network perimeter and then use VMs for all networking and server needs?
The answer to this question could really impact the industry. For example, Fortinet is the king of UTM devices for branch offices but what if these appliances are suddenly replaced with standard Intel servers and virtual appliance software? Obviously this wouldn’t be good news for Fortinet.
For the most part, leading vendors are not pushing one model or another. Cisco WAAS equipment comes packaged with a Windows server while the Riverbed Service Platform (RSP) can run a Check Point firewall, a Websense gateway, an Infoblox DNS/DHCP server, or basic Windows services.
So which model wins? Both (Yeah, I know it is a cop out, but I truly believe this). It’s likely that smaller branches go with Intel servers and VMs while larger remote offices stick with networking gear. Large organizations will also lean toward their favorite vendors. Cisco’s networking dominance means it wins either way while Riverbed will likely do well in its extensive installed base and succeed at the expense of second-tier WAN optimization guys like Silver Peak.
In truth, there is no right or wrong way at the branch office network, but the vendor debate ought to be very entertaining.
Tags: Cisco, Citrix, Dell, Fortinet, HP, IBM, Riverbed, SilverPeak, virtualization, WAAS, WAN Optimization, Websense Posted in Uncategorized | No Comments »
A few years ago, I boldly predicted that PC encryption would go through a technical transition. My instincts told me that software-based encryption from companies like PGP, McAfee (SafeBoot), and Check Point Software (PointSec) would be usurped by laptops and desktops with standards-based (i.e., TCG standards) Self-Encrypting Drives (SEDs).
This seemed like a “no brainer” based upon industry history. For years new Intel chips would include new functionality, as did each Windows release. If encryption came as a standard feature on Seagate, Hitachi, Fujitsu, and Western Digital drives, it was logical that this would become the default configuration. Besides, SEDs are faster and more secure than software, so regulatory compliance activity was sure to add fuel to the SEDs fire.
Fast forward to 2010 and I readily admit that my timing was off. Check Point, McAfee, PGP, and others continue to sell tons of software encryption licenses while few have adopted self-encrypting drive-based systems. Why?
So does all this mean that SEDs are dead? Not at all. In fact there may be a SEDs renaissance any time now. The reason is simple. Some software-based encryption doesn’t protect data if PCs are in “sleep” or “hibernate” mode. Given the start-up time of Windows, many users take full advantage of sleep/hibernate modes, so this is a serious hole. Combine this with the fact that many organizations provide users with administrator access to their PCs and you’ve got a real problem — you can’t claim that a lost or stolen PC was actually protected if this loophole — and user behavior — exists.
Since SEDs overcome this issue, lawyers, auditors, and compliance officers may demand that new PCs come with self-encrypting drives onboard. Sounds extreme, but security-oriented purchasing behavior is already pretty pervasive.
From a security perspective, SEDs are a great option. Combine this with regulatory and litigation pressure and they may gain momentum after all. Software vendors take note, you may be dragged into supporting SEDs sooner than you think.
Tags: Dell, encryption, Laptop, PC, Self-encrypting drives Posted in Uncategorized | No Comments »
Cisco Systems (CSCO) has long had a unique competitive position in the enterprise market. In the glory days of the mainframe, IBM still competed with HDS and Amdahl, but Cisco has had the enterprise networking market to itself for a number of years.
This monopoly seems to be at its greatest risk ever — ESG calls this market phenomenon the Cisco squeeze. Think of Cisco in the middle of a big triangle with the competition closing in on Cisco from three distinct fronts:
1. Innovation. Juniper’s (JNPR) Trio chipset and 3-D architecture set a new plateau for networking performance that Cisco can’t match. Yes, this is probably a bigger threat in the service provider market than the enterprise, but large enterprises like DISA and NYSE are buying into Juniper innovation. Beyond Juniper, companies like F5 Networks (FFIV), Citrix (CTSX), and Riverbed (RVBD) are out innovating Cisco in strategic areas as well. Finally, small enterprises are looking longer at innovative and affordable alternatives like Extreme Networks (EXTR), Force10, and even 3Com (COMS) to get better end-to-end functionality at a lower price point.
2. Commodification. While aggressive innovators hurt Cisco at the high margin data center and core network, commodification hurts Cisco at the edge. The best example here is HP. Low-cost edge and wiring closet switches with lifetime warranties are increasingly “good enough” for many Cisco customers. If history repeats itself and the low end scales to eat the high end, HP (HOQ), Dell (DELL), and other commodity networking vendors will continue to gain share at Cisco’s expense.
3. Server vendors. With its introduction of UCS (aka: California), Cisco effectively alienated major partners Dell, HP, and IBM (IBM). Publicly each of these companies say that they will continue to work with Cisco but privately they are mobilizing the troops. Both Dell and IBM now OEM networking equipment from Brocade (BRCD)and Juniper while HP is bolstering its ProCurve offerings with new products and partners. The rumor is that HP will no longer pay its sales reps commission on selling Cisco gear — that will certainly change selling behavior.
Cisco is a huge successful company with good products, great support, and some of the best sales and marketing in the industry. It also has done a great job diversifying into new areas like Telepresence, consumer electronics, unified messaging, and yes, even servers. Cisco is a machine that will continue to flourish but it clearly faces greater competitive and market pressures today than ever before.
Here are a few things I’ll be watching for over the next few quarters:
1. Layoffs or budget cuts in sales, marketing, or field support. This will tell me that margins are eroding, existing field skills are no longer useful, or Cisco is losing strategic battles.
2. “Back to basics” messages from John Chambers. If the ever-visionary Cisco CEO starts speaking to Wall Street in cliches like, “we took our eye off the ball,” or “we need to get back to basic blocking and tackling,” things are way worse than most people think.
3. Big acquisitions. If Cisco goes out and buys an F5 Networks, Riverbed, or ArcSight (ARST), it tells me that internal innovation can no longer keep up with the market.
4. Server deals. If Cisco wins large UCS deals, everything else will come along for the ride. If not, everything else will be challenged.
5. HP. If HP develops or acquires high-end networking equipment and new enterprise boss Dave Donatelli can instill an EMC-like sales culture at HP, Cisco will have its hands full.
Innovation, comodification, and competition are at the heart of the tech industry. Most industry leaders face these challenges from day one but Cisco through a combination of skill, luck, and lack of true competitors was able to tap dance around these pressures for a long time but no longer. Over the next few years, Cisco will be challenged like never before. It will certainly be interesting to see how it all unfolds.
Tags: Cisco Systems, Citrix, Dell, DISA, EMC, Ethernet switching, Extreme Networks, F5 Networks, HP, IBM, Juniper Networks, Riverbed Posted in Uncategorized | No Comments »
Your email: