Network Stability Through Resilience Engineering
In case you didn’t read my previous blog on the topic, I’ll be a delegate at Networking Field Day 13, November 17-18 in Silicon Valley. I’m looking forward to demos of cutting edge technology and discussions with fellow delegates. Did I mention demos?
Since my prior blog, more vendors have been announced: NEC, SolarWinds, and Viptela. As an update to my prior #NFD13 blog, I just heard that Riverbed had to reschedule, moving to January’s #NFD14.
We have not yet heard which topics or products will be discussed, so I can’t provide that information for you, but I’d like to provide some background on each vendor.
Networking Field Day events are streamed live, so if you want to hear about the latest technology from the sponsoring vendors, along with intelligent discussion and questions from the delegates (or occasional lapses thereto), follow the links that will be posted here. I bet I mentioned demos.
NEC is a big company that provides a large number of solutions and products — see its website for details. From prior Networking Field Day events, I know NEC has invested heavily in SDN, with focus on OpenFlow-based switching, “ProgrammableFlow,” including a functional centralized controller. Without going into the pros and cons and recent history of OpenFlow, if you’re tracking the OpenFlow side of SDN, you’ll want to tune into those sessions. For more info, see this link.
SolarWinds has been present at a large number of Networking Field Day events and always shows up with some interesting new technology. I keep encountering SolarWinds in most consulting customer accounts. I have some issues with the way interfaces are licensed, boiling down to something I’ve noted in prior blogs: If you’re going to establish that the network is innocent, you have to monitor absolutely every active interface. That said, SolarWinds is innovating constantly, to an extent consistent with a frugal pricing model. The company is customer-driven, meaning if enough people ask for a feature, it’s likely to appear. The biggest selling point for a lot of shops is that SolarWinds out-performs and has more/better features than some much more costly offerings from other vendors.
If you’ve been reading my prior blogs, you know I espouse showing the network path for troubleshooting, with Google Maps-like indications of devices or links with problems. I’ve seen what a few companies do in that regard, including HP NNMi (C+ for right idea but rather clumsy execution), Riverbed (A- in demo this spring), and NetBrain (B, but I’ve not seen what they have done in the last year, especially if they do SNMP threshold alerting along the path).
I haven’t yet had the chance to work with a customer’s SolarWinds in a setting where I could explore the SolarWinds NetPath feature. I’ve encountered a couple of people who were pretty enthusiastic about it, however, so I’m hoping to see that feature demonstrated. The following text should provide some idea why I think this is a big deal!
I’ve also been reading SolarWinds’ APM (Application Performance Management) product literature. This is a space I’ve become strongly interested in for troubleshooting. In most shops the APM products are old-school, owned by the server team, usually somewhat under-utilized, and provide little useful information to the network folks. And cost multiples of $500K.
I’ve been doing a fair amount of Application Performance Troubleshooting lately. What I like as a conceptual approach to support that troubleshooting is a tool that:
My sense is that if you’ve mapped an app, then you know the servers it uses, which is pure gold from a network troubleshooting perspective. That info, plus a trouble-coded map view, can shave weeks off troubleshooting an app slowness problem. (Been there, done that, persisting until knowledge extraction is achieved with app and server admins.)
Compare what you’d have to do otherwise:
I feel tired just listing all that!
To cut to the chase, network teams need to know about APM tools, and better yet, such tools ought to be chosen, in part, to help the network team greatly increase its productivity. However, the “classic” APM tools are darned pricey, and often rather oblivious to the network.
I think I just said “great market opportunity for SolarWinds,” didn’t I?
Viptela is a SD-WAN vendor I haven’t heard from before, although they’ve appeared on my radar. Perusing their web page, I see a cloud-based central SD-WAN controller along with network management functionality (vManage NMS). Their web page lists the following capabilities: transport independence, securing the WAN routing (crypto), network-wide segmentation, centrally controlled business logic, and insertion of network services.
I had the thought for a moment that if an SD-WAN box is attached to the Internet for WAN services, perhaps SDN control might extend to Internet-facing security. Interesting idea — Meraki is in that space, is that an adjacent technology space for SD-WAN vendors?
What Viptela does apparently offer is service chaining, allowing insertion of firewall and other services, apparently arranging for route/tunnel traffic to pass through said services. Said differently, once you’ve mastered tunneling between sites, is tunneling to a site and through a device the next step?
Viptela also does appear to offer “smart local Internet routing” (my term), allowing optimal paths to cloud and SaaS services. That’s the hot area for remote offices: reducing latency for trusted Internet services, while still keeping control over and safety measures for general Internet browsing, quite possibly via centralized or regional firewalls, web proxies, etc.
I’m looking forward to hearing what special SD-WAN differentiating features Viptela has, as well as what they do in the way of service-chaining and “smart local Internet routing.”
I’m looking forward to #NFD13, and hoping you are too!
Comments are welcome, both in agreement or constructive disagreement about the above. I enjoy hearing from readers and carrying on deeper discussion via comments. Thanks in advance!
Network Stability Through Resilience Engineering
Cloud Security 101
BGP Traffic Engineering
Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.