Need for Speed
I’ll be a delegate at Networking Field Day 13, November 17-18 in Silicon Valley. I’m looking forward to recharging my technical batteries with discussions and hot debates with my fellow delegates, and with fresh tech (and demos) from vendors. Did I mention demos?
Networking Field Day events are streamed live, so if you want to hear about the latest technology from the sponsoring vendors, along with the intelligent discussion and questions from the delegates (or occasional lapses thereto), follow the links that will be posted here. Did I mention demos?
As I write this in early October, 2016, the announced vendors are Apstra, Forward Networks, Ixia, Riverbed, and VeloCloud. I hear a rumor there are unannounced and possibly stealth vendors who will also be presenting.
I like to do my homework early, in this case exploring the vendors. We have not yet heard what the topics or products to be discussed will be, so I can’t provide that information for you, but here’s some background on each vendor.
Here’s a summary of what I learned (or think I learned):
Apstra is an SDN vendor. Since “SDN” has been over-abused by marketing, let’s re-state that: Apstra is a multivendor network automation company. A key part of its mission is to provide vendor neutrality, permitting customers to leverage best-of-breed hardware purchasing – without the friction that changing vendors entails.
That’s an interesting goal, because I’ve seen that in major vendor swap-outs or mixed-vendor environments, staff skills can be an issue. The amount of time to learn new stuff is a universal constant. Divide that across two vendors, and staff will only be approximately half as deep. Yes, routing protocols should be common. But commands and fine nuances of behavior are not. (Does that make me a bit skeptical?)
A side note is that awareness of hardware internals and model limitations tends to fall by the wayside – although internal TCAM limits, MAC or routing table limits, or internal oversubscription factors and bottlenecks are perhaps of more interest to the designer. They matter operationally when a device is overloaded because staff is unaware of its limitations. One concrete example is the vast and rapid increase in the number of VMs overloading distribution or core switch MAC tables in some datacenters, resulting in Unknown MAC flooding.
Forward Networks appears to be in stealth mode, with little detail on their web site. So we will have to tune in and find out what they’re up to, and whether they achieved amazing new technology. It sounds like they’re doing SDN, perhaps competition for Apstra. I’ll be listening for similarities and differences!
According to Venture Beat, Forward Networks claims it’s “bringing the best ideas in Computer Science to networking. Our mission is to dramatically improve networking for companies of all sizes,” and its “goal is to accelerate an industry-wide transition toward networks with greater flexibility, agility, and automation, driven by a new generation of network control software.”
Pretty much everything else Google finds talks about the (mandatory?) four Stanford Ph.D. founders who helped pioneer SDN. Yup, stealth mode, or not much public visibility yet. Is the NFD13 appearance to be a launch or stealth exit?
Ixia is a long-term player with a lot of products, which they group as test products and hardware, security, and visibility. So I’ll have to stay curious about what they’ll be presenting on at NFD13 until the actual event. I definitely think of Ixia as producing clever high-performance hardware with testing capabilities. Perusing their website, I see they have a “Network Packet Broker” product, taps, and related software products, all of which are interesting. My awareness of that side of things has mostly been Gigamon-centric, as something the Security team may put in and the network people get to leverage (or vice versa).
I’m still not sure I want packet copies. But when you need them, you need them easily.
Recent adventures with WireShark capturing Gigabytes of data just to determine conversation flows for an application bring words like “slow, overkill, unwieldy” to mind. I’d much prefer NetFlow, IPFIX, or meta-data (Riverbed term?) for that. Yet for Security needs and occasional network needs, packet-by-packet analysis is sometimes essential. (Flows and apps is a different blog that’s gestating in my head.)
I see Ixia has a vTap (as does Gigamon, Riverbed has vShark, and Cisco Tetration has an “agent”). Clearly, this is an idea whose time has come. For my customers who have been asking about cloud management and monitoring, that seems to be one possible component, giving you some ability to see what a virtual instance is doing, what it is talking to, measure latency, etc. I still think I prefer self-monitoring apps for the management side, but that’s a topic for another blog post. For the security side of things, the packet visibility could be key. I strongly suspect one would want to process them locally in the cloud or datacenter, not transport the packets in raw form back to a central location.
The HawkEye product looks interesting for APM (App Performance Monitoring). A lot of the very costly APM products monitor user to server/app but appear to provide less web to app, app to DB monitoring. HawkEye apparently does that, or simulates VoIP call traffic, and monitors the results. I’ll be interested in seeing the details – if HawkEye happens to get discussed.
Riverbed has been around for quite a while. They perhaps stuttered a bit around 1-2 years ago, due to some WAN Accelerator bugs that I ascribed to too much new code too fast and memory leaks. Having said that, they now seem to have gotten beyond that speedbump, and clearly intend to leverage their application awareness and WAN smarts to play in the SD-WAN arena. I certainly wouldn’t mind hearing about that, or, alternatively, about their network management offerings. On both fronts, they seem to have tackled a lot and making rapid progress, thinking outside the box.
More recently, I was in the position of examining requirements and assisting with network management tool evaluation, both for network and for UC (Cisco plus Lync/Skype plus Acano and multi-vendor VoIP + IP video-conferencing). The Riverbed UC Expert team demonstrated candor and deep awareness of their product’s capabilities and of Cisco video gear. The other vendors on the UC front weren’t shabby either, but the Riverbed offering had some nice synergy and potential with their other products. Riverbed seems to be successfully digesting the OPNET acquisition and integrating their products into a suite of just a few products. (And that’s a good thing: 30-product suites are too confusing and too costly; just the admin cost alone is a nightmare.)
I’ll leave this side-track with this thought: There’s a reason Riverbed is (was) in the upper right Gartner quadrant, and to learn more about that reason, see my recent network management blog post. They seem to “get it”.
VeloCloud is a company I’ve been keeping an eye on since their impressive presentations at Network Field Day 9 last year. If you can’t wait for NFD13, you can view the prior presentations from February 2015 at NFD9-VeloCloud.
You can also download their free book, SD-WAN for Dummies, after registering yourself (or a pseudonym, if you’re touchy about being contacted). Good reading before tuning in on the streaming video, to get updated. I’ll bet VeloCloud’s done a few things in the year and a half since NFD9, and will have some neat new tech to talk about!
A couple of other things to know about them:
Comments are welcome, both in agreement or constructive disagreement about the above. I enjoy hearing from readers and carrying on deeper discussion via comments. Thanks in advance!
Need for Speed
Container-Based WAN Monitoring
What is NVMe and How Does It Impact My Network?
Nick has over 20 years of experience in Security Operations and Security Sales. He is an avid student of cybersecurity and regularly engages with the Infosec community at events like BSides, RVASec, Derbycon and more. The son of an FBI forensics director, Nick holds a B.S. in Criminal Justice and is one of Cisco’s Fire Jumper Elite members. When he’s not working, he writes cyberpunk and punches aliens on his Playstation.
Virgilio “Bong” has sixteen years of professional experience in IT industry from academe, technical and customer support, pre-sales, post sales, project management, training and enablement. He has worked in Cisco Technical Assistance Center (TAC) as a member of the WAN and LAN Switching team. Bong now works for Tech Data as the Field Solutions Architect with a focus on Cisco Security and holds a few Cisco certifications including Fire Jumper Elite.
John is our CTO and the practice lead for a talented team of consultants focused on designing and delivering scalable and secure infrastructure solutions to customers across multiple industry verticals and technologies. Previously he has held several positions including Executive Director/Chief Architect for Global Network Services at JPMorgan Chase. In that capacity, he led a team managing network architecture and services. Prior to his role at JPMorgan Chase, John was a Distinguished Engineer at Cisco working across a number of verticals including Higher Education, Finance, Retail, Government, and Health Care.
He is an expert in working with groups to identify business needs, and align technology strategies to enable business strategies, building in agility and scalability to allow for future changes. John is experienced in the architecture and design of highly available, secure, network infrastructure and data centers, and has worked on projects worldwide. He has worked in both the business and regulatory environments for the design and deployment of complex IT infrastructures.