Networking giant Cisco regained market share lost in previous quarters, according to IDC’s first quarter research on the Europe, Middle East and Africa (EMEA) LAN switch market. The research showed that while the LAN switch market in EMEA continued to grow in terms of revenue the actual number of port shipments declined.
According to the numbercrunchers at IDC, port shipments fell 2.9% sequentially from a figure of 20.5 million ports in the fourth quarter of 2005 to 19.9 million ports in the first quarter of 2006. Despite this slight decline revenues increased 2.6% sequentially US$1.3 billion. “In the first quarter of 2006, Cisco proved again to be a very strong market leader in the EMEA LAN switch market by winning back all the market share it lost in the previous quarters,” said Peter Hulleman, research manager with IDC’s European telecommunications and networking group. Cisco (excluding Linksys) continued to lead the LAN switch market, increasing its market share to 35.3% in terms of port shipments in the first quarter of 2006.
In terms of revenue share, Cisco picked up 69.9% of the market in the first quarter of 2006, compared to 65.8% in the fourth quarter of 2005. The average sales price (ASP) of LAN switches in EMEA rose sharply to US$65.3 per port — an increase of 5.6% on the previous quarter. IDC attributed this rise to Cisco’s success in EMEA and the fact that the vendor sells a high proportion of high-end LAN switches with relatively high ASPs.
The increase in ASP was also partly due to the growth of the gigabit nonmodular segment of the market, according to IDC. Fast Ethernet port shipments slipped 5.6% during the first quarter of 2006 to 14.9 million ports with revenues from this sector dropping 2.3% to US$397.1m as a result.
In contrast, Gigabit Ethernet port shipments jumped 6.2% to 5 million ports pushing revenues up 5.4% to US$845.4m. While Cisco continued to dominate the market, other vendors made significant headway during the first quarter with both Force10 and F5 achieving double-digit percentage increases in terms of both port shipments and revenues. Linksys — a business unit of Used Cisco — also managed to achieve this level of growth.
Wednesday, March 31, 2010
HP turns telepresence into Webcasting
TelePresence systems use rooms with high-end audio and video equipment so alive kitted videoconferencing on the internet.
These conferences tend to require use both sides of a series of Telepresence, HP Halo webcasting will allow users to stream content to thousands of online users.
Each webcast can be found up to three speakers in different locations, HP. All parameters can be used Halo for webcasts, including the HP Halo Collaboration Studio, HP Halo Meeting Room and HP Halo Collaboration Center.
Also on Wednesday, HP said it is aligning its activities with activities Halo ProCurve Networking customers with one stop shopping for video display terminals to provide services and networking products.
The service is available immediately worldwide. According to HP, the average cost of a one hour webcast will be U.S. $6,000, even if you want to add an extra hour, but another U.S. $ 2,000 in cost.
These conferences tend to require use both sides of a series of Telepresence, HP Halo webcasting will allow users to stream content to thousands of online users.
Each webcast can be found up to three speakers in different locations, HP. All parameters can be used Halo for webcasts, including the HP Halo Collaboration Studio, HP Halo Meeting Room and HP Halo Collaboration Center.
Also on Wednesday, HP said it is aligning its activities with activities Halo ProCurve Networking customers with one stop shopping for video display terminals to provide services and networking products.
The service is available immediately worldwide. According to HP, the average cost of a one hour webcast will be U.S. $6,000, even if you want to add an extra hour, but another U.S. $ 2,000 in cost.
Monday, March 29, 2010
HP Heats Up Cisco Rivalry with 3Com Purchase
The gloves are off now in the fight for the data center. Cisco has operated largely unchallenged in providing routing and networking equipment for data centers, but with the purchase of 3Com, HP is poised to go head-to-head with Cisco.
The nearly $3 billion acquisition allows HP to incorporate a diverse portfolio of network switching and routing equipment, as well as 3Com's TippingPoint intrusion prevention products into its inventory. Combined with the growing success of HP's existing ProCurve network devices, purchasing 3Com intensifies the rivalry between Cisco and HP.
The purchase also signals a new direction for HP which has a history of expanding the scope of its products and services through acquisitions. HP bought Compaq in 2001 to extend its market share of server and desktop computers. In 2008, HP purchased rival IT services provider EDS to buy its way into 2nd place in that industry behind IBM. Acquiring 3Com takes HP into data center networking hardware territory and gives it the ability to deliver comprehensive, end-to-end solutions for customers.
HP isn't the only company blurring the lines between traditionally separate markets. The entire industry is going through a convergence driven by unified communications and virtualization. The technologies and how they are being applied have evolved and companies like HP and Cisco have to adapt to those market trends to meet their customer's needs.
Cisco has been stepping on toes for some time now. Cisco essentially drew first blood in this battle when it recently began marketing its own line of server hardware. Cisco has also been engaged against Microsoft, fighting to shape the future of unified communications. Last week Cisco announced the addition of 61 new products to its unified communications and collaboration portfolio.
Cisco has built its reputation in networking and has a solid share of that market, but it has been working diligently to break out of that mold and expand its products and services. Cisco is learning though that competitors are not going to sit idly by. Logitech took a bold step from the consumer side of technology to square off against Cisco for enterprise video-conferencing with the purchase of LifeSize.
The nearly $3 billion acquisition allows HP to incorporate a diverse portfolio of network switching and routing equipment, as well as 3Com's TippingPoint intrusion prevention products into its inventory. Combined with the growing success of HP's existing ProCurve network devices, purchasing 3Com intensifies the rivalry between Cisco and HP.
The purchase also signals a new direction for HP which has a history of expanding the scope of its products and services through acquisitions. HP bought Compaq in 2001 to extend its market share of server and desktop computers. In 2008, HP purchased rival IT services provider EDS to buy its way into 2nd place in that industry behind IBM. Acquiring 3Com takes HP into data center networking hardware territory and gives it the ability to deliver comprehensive, end-to-end solutions for customers.
HP isn't the only company blurring the lines between traditionally separate markets. The entire industry is going through a convergence driven by unified communications and virtualization. The technologies and how they are being applied have evolved and companies like HP and Cisco have to adapt to those market trends to meet their customer's needs.
Cisco has been stepping on toes for some time now. Cisco essentially drew first blood in this battle when it recently began marketing its own line of server hardware. Cisco has also been engaged against Microsoft, fighting to shape the future of unified communications. Last week Cisco announced the addition of 61 new products to its unified communications and collaboration portfolio.
Cisco has built its reputation in networking and has a solid share of that market, but it has been working diligently to break out of that mold and expand its products and services. Cisco is learning though that competitors are not going to sit idly by. Logitech took a bold step from the consumer side of technology to square off against Cisco for enterprise video-conferencing with the purchase of LifeSize.
Google's Unified Tools Pose a Threat to Cisco
Officials at Cisco Systems Inc. say they are closely watching Google Inc.'s aggressive foray onto their unified communications turf and plan to respond quickly by boosting the capabilities of Cisco's offerings.
In fact, analysts said Cisco's announcement late last month that it plans to offer at least some pieces of its IP voice technology as a hosted service could be viewed as a direct response to Google's recent move to start limited release of its Web-based Google Voice and Google Wave communications tools.
During a press briefing at the Cisco Live user conference in San Francisco late last month, Doug Dennerline, Cisco's senior vice president of collaboration software, acknowledged the challenge from Google and said his company is set to "invent and reinvent" its unified communications offerings.
Analysts said that the Google Voice Internet telephony service, now available to early users by invitation, and Google Wave, a hosted collaboration and communications service released to developers early this month, may pose long-term problems for companies like Cisco and Microsoft Corp.
The Google products could provide users with a less expensive common platform for delivering messaging, voice and video services to consumers and office workers, they said.
The Google Voice service was launched in March for a limited customer base: users of its predecessor, Grand Central, a service the search vendor had acquired almost two years earlier. Late last month, Google began inviting selected new users to the service, which has attracted widespread attention for its call-screening capabilities and its ability to provide a single phone number for multiple devices.
The company did not say when the free service will be generally available.
Google Wave, which has been in development for about two years, promises to give users a single platform for accessing e-mail, instant messaging, blog, wiki, multimedia management and document-sharing tools. Google also hasn't said when Google Wave will be widely available.
Though the Google offerings appear to be aimed primarily at consumers, they could quickly become attractive to small businesses, and eventually to large companies, if the products can overcome the privacy concerns raised by storing phone messages and other confidential data on third-party systems, analysts said.
Zeus Kerravala, an analyst at Yankee Group Research Inc., said it could take some time for Google's product features to match those of Cisco, Microsoft and voice-switching vendors like Avaya Inc. or Siemens AG. But he predicted that over the "long term, Google will have a significant role" in the business.
Some observers said that Google's maneuverings could hurt Cisco in particular as it tries to expand into the consumer market, long a Google stronghold.
For example, Cisco in March announced plans to buy Pure Digital Technologies Inc., maker of the Flip handheld camera used mostly by consumers. Cisco officials have also disclosed that the company is developing a consumer version of its TelePresence videoconferencing system.
"We think video is going to be very key in driving the next level of collaboration -- Internet video, desktop video and consumer TelePresence," said Padmasree Warrior, Cisco's chief technology officer.
Cisco officials released few details of the company's plan to offer some virtual voice services, though Warrior said they will probably be offered through its service provider customers.
In fact, analysts said Cisco's announcement late last month that it plans to offer at least some pieces of its IP voice technology as a hosted service could be viewed as a direct response to Google's recent move to start limited release of its Web-based Google Voice and Google Wave communications tools.
During a press briefing at the Cisco Live user conference in San Francisco late last month, Doug Dennerline, Cisco's senior vice president of collaboration software, acknowledged the challenge from Google and said his company is set to "invent and reinvent" its unified communications offerings.
Analysts said that the Google Voice Internet telephony service, now available to early users by invitation, and Google Wave, a hosted collaboration and communications service released to developers early this month, may pose long-term problems for companies like Cisco and Microsoft Corp.
The Google products could provide users with a less expensive common platform for delivering messaging, voice and video services to consumers and office workers, they said.
The Google Voice service was launched in March for a limited customer base: users of its predecessor, Grand Central, a service the search vendor had acquired almost two years earlier. Late last month, Google began inviting selected new users to the service, which has attracted widespread attention for its call-screening capabilities and its ability to provide a single phone number for multiple devices.
The company did not say when the free service will be generally available.
Google Wave, which has been in development for about two years, promises to give users a single platform for accessing e-mail, instant messaging, blog, wiki, multimedia management and document-sharing tools. Google also hasn't said when Google Wave will be widely available.
Though the Google offerings appear to be aimed primarily at consumers, they could quickly become attractive to small businesses, and eventually to large companies, if the products can overcome the privacy concerns raised by storing phone messages and other confidential data on third-party systems, analysts said.
Zeus Kerravala, an analyst at Yankee Group Research Inc., said it could take some time for Google's product features to match those of Cisco, Microsoft and voice-switching vendors like Avaya Inc. or Siemens AG. But he predicted that over the "long term, Google will have a significant role" in the business.
Some observers said that Google's maneuverings could hurt Cisco in particular as it tries to expand into the consumer market, long a Google stronghold.
For example, Cisco in March announced plans to buy Pure Digital Technologies Inc., maker of the Flip handheld camera used mostly by consumers. Cisco officials have also disclosed that the company is developing a consumer version of its TelePresence videoconferencing system.
"We think video is going to be very key in driving the next level of collaboration -- Internet video, desktop video and consumer TelePresence," said Padmasree Warrior, Cisco's chief technology officer.
Cisco officials released few details of the company's plan to offer some virtual voice services, though Warrior said they will probably be offered through its service provider customers.
Thursday, March 25, 2010
Mozilla discloses more Firefox flaws
Apple's Safari browser, you have once Snow Leopard and the iPhone hacked during the first days of the annual competition Pwn2Own where security experts of the material they were able to gain the offensive. The CNet reports, security analyst Charlie Miller won $ 10,000 after it remotely Safari on a MacBook Pro.
The victory was both sweet and familiar to Miller, senior analyst of security used for Independent Security Evaluators, because he had managed to Safari to contest the 2009 and 2008 iterations. He holds the exact technique of the attack this year under wraps for now, but have simply pointed out that the target computer was to visit a specially crafted Web site enough to use the trigger, by providing access to online orders for the Mac. The promoter Pwn2Own, Tipping Point's Zero Day Initiative, the exchange of information on exploits with participating manufacturers to provide them the opportunity to patch vulnerabilities.
The iPhone had been shot by Vincenzo Iozzo of Zynamics and Ralf Philipp Weinmann at the University of Luxembourg, which the prize money of $ 15,000 for the penetration divided into the unit. (Everyone must also be an award for unique names are difficult.)
The iPhone hack is started with a website with malicious code, before the attack inside "the database of the local SMS phone for the server we have control," says Weinmann CNet.
The victory was both sweet and familiar to Miller, senior analyst of security used for Independent Security Evaluators, because he had managed to Safari to contest the 2009 and 2008 iterations. He holds the exact technique of the attack this year under wraps for now, but have simply pointed out that the target computer was to visit a specially crafted Web site enough to use the trigger, by providing access to online orders for the Mac. The promoter Pwn2Own, Tipping Point's Zero Day Initiative, the exchange of information on exploits with participating manufacturers to provide them the opportunity to patch vulnerabilities.
The iPhone had been shot by Vincenzo Iozzo of Zynamics and Ralf Philipp Weinmann at the University of Luxembourg, which the prize money of $ 15,000 for the penetration divided into the unit. (Everyone must also be an award for unique names are difficult.)
The iPhone hack is started with a website with malicious code, before the attack inside "the database of the local SMS phone for the server we have control," says Weinmann CNet.
China's Great Firewall spreads overseas
An error of networking computers caused in Chile and the United States under the control of the Great Wall of China to come, rerouting of Facebook, Twitter and YouTube users the Chinese servers.
Security experts do not know exactly how it happened, but it seems that at least one supplier has recently started doing high-level DNS (Domain Name Server) information, which as known root DNS server China. This server, operated by China by the Swedish NETNOD returned DNS information for Chinese users are intended to spread efficiently in the network censors in China and abroad. China firmly control access to a number of sites, using technology, popularly known as the Great Wall of China.
The matter was reported Wednesday by Mauricio Erec, a DNS administrator with NIC Chile, which found that ISP unnamed local reported that queries DNS for sites such as Facebook.com, Twitter.com and YouTube. com - all of which have been blocked in China - have been diverted to bogus addresses.
It is unknown how extensive the problem. Erech always false information reported by three access points to the network in Chile and California, but on Thursday he said that the problem does not occur again. "The evidence shows that we have not hit the server in China," he said to send in a group discussion.
This problem occurs because, for whatever reason, at least one Internet service provider outside the DNS queries sent to a root server located in China, such as network experts. This is something that should make the service outside China, because it allows network censored in China "leakage" outside the country.
Researchers have long known that China has censored DNS routing information has changed for the users of government services functioning of the server instead of redirect sites like Facebook and Twitter. But this is the first version, leaked to these routes outside China, according to Rodney Joffe, a senior technician, DNS services company NeuStar. "Suddenly, the consequences are that people can be defeated outside China or redirected to servers in China," he said.
From the use of a China-based root servers, ISPs are primarily controlled China, a way to get all the traffic of its users on the network. The serious security problems mean for people, said the network accepts the well-trodden routes could Joffe.
The ISP uses the roads bad probably wrong its BGP (Border Gateway Protocol) system is used to provide information based on the Internet, according to Danny McPherson, chief of security at Arbor Networks. "I do not think it is deliberately," he said. "This is an example of how easy it is these details are contaminated or are damaged or have fled beyond the borders of what is supposed to be. "
Security experts do not know exactly how it happened, but it seems that at least one supplier has recently started doing high-level DNS (Domain Name Server) information, which as known root DNS server China. This server, operated by China by the Swedish NETNOD returned DNS information for Chinese users are intended to spread efficiently in the network censors in China and abroad. China firmly control access to a number of sites, using technology, popularly known as the Great Wall of China.
The matter was reported Wednesday by Mauricio Erec, a DNS administrator with NIC Chile, which found that ISP unnamed local reported that queries DNS for sites such as Facebook.com, Twitter.com and YouTube. com - all of which have been blocked in China - have been diverted to bogus addresses.
It is unknown how extensive the problem. Erech always false information reported by three access points to the network in Chile and California, but on Thursday he said that the problem does not occur again. "The evidence shows that we have not hit the server in China," he said to send in a group discussion.
This problem occurs because, for whatever reason, at least one Internet service provider outside the DNS queries sent to a root server located in China, such as network experts. This is something that should make the service outside China, because it allows network censored in China "leakage" outside the country.
Researchers have long known that China has censored DNS routing information has changed for the users of government services functioning of the server instead of redirect sites like Facebook and Twitter. But this is the first version, leaked to these routes outside China, according to Rodney Joffe, a senior technician, DNS services company NeuStar. "Suddenly, the consequences are that people can be defeated outside China or redirected to servers in China," he said.
From the use of a China-based root servers, ISPs are primarily controlled China, a way to get all the traffic of its users on the network. The serious security problems mean for people, said the network accepts the well-trodden routes could Joffe.
The ISP uses the roads bad probably wrong its BGP (Border Gateway Protocol) system is used to provide information based on the Internet, according to Danny McPherson, chief of security at Arbor Networks. "I do not think it is deliberately," he said. "This is an example of how easy it is these details are contaminated or are damaged or have fled beyond the borders of what is supposed to be. "
Wednesday, March 24, 2010
Cisco Plan Green Data Centers ?
Cisco is no stranger to the green IT scene. It has publicly announced its smart grid intentions and, for years, has touted the carbon-cutting benefits of its teleconferencing technologies. But when it comes to data centers, Cisco has been outgunned by its rivals.
While IBM mounted huge campaigns like Big Green and Smarter Planet, the computer networking giant has kept a comparatively low eco-profile. So far, Cisco’s green efforts boil down to dabbling in energy management, moving into the smart grid, cutting the energy consumption of its network hardware and reducing packaging — an odd state of affairs considering the company’s position as a prime supplier of data center–focused IT equipment.
But in recent weeks, Cisco has been demonstrating that it does indeed have a green data center strategy, even if it isn’t shouting it from the rooftops. This week’s roll out of EnergyWise 2.0 — an upgraded version of its network energy management tool — expanded its reach into a network’s nooks and crannies and opened up the platform to developers to help lay the groundwork for energy-aware networks. The company is also making a play for the containerized data-center market, centered around fast and efficient Lego-style data center builds.
While IBM mounted huge campaigns like Big Green and Smarter Planet, the computer networking giant has kept a comparatively low eco-profile. So far, Cisco’s green efforts boil down to dabbling in energy management, moving into the smart grid, cutting the energy consumption of its network hardware and reducing packaging — an odd state of affairs considering the company’s position as a prime supplier of data center–focused IT equipment.
But in recent weeks, Cisco has been demonstrating that it does indeed have a green data center strategy, even if it isn’t shouting it from the rooftops. This week’s roll out of EnergyWise 2.0 — an upgraded version of its network energy management tool — expanded its reach into a network’s nooks and crannies and opened up the platform to developers to help lay the groundwork for energy-aware networks. The company is also making a play for the containerized data-center market, centered around fast and efficient Lego-style data center builds.
Used Cisco Hardware
Knowledge Computers is a company that is dedicated to serving the clients by providing them with modern networking solutions at affordable prices. We provide high quality new and used cisco certified network equipment that enables our clients to organize their business environment and establish high quality networks within their organization’s infrastructure at affordable costs. Knowledge Computers offers high quality firewall support to implement high security network systems to safeguard the private servers of the company with as much ease as possible.
Cisco network hardware is perhaps the most popular and reliable networking hardware available in the market. Every entrepreneur tries to minimize his cost of running his company and also get the maximum benefits out of all his investments. However, Cisco hardware is very expensive and buying new networking equipment will surely raise the cost of initial setup of the organization’s network.
used cisco network equipment can help an entrepreneur achieve his objective of cost minimization and profit maximization by reducing the cost of setting up a network at the company while providing the high level functionality. Knowledge Computers also provides memory solutions for massive data storage which is often a requirement of many organizations especially those who need to establish a massive knowledge base.
From: http://malaysiandirectory.net/used-cisco-hardware/
Cisco network hardware is perhaps the most popular and reliable networking hardware available in the market. Every entrepreneur tries to minimize his cost of running his company and also get the maximum benefits out of all his investments. However, Cisco hardware is very expensive and buying new networking equipment will surely raise the cost of initial setup of the organization’s network.
used cisco network equipment can help an entrepreneur achieve his objective of cost minimization and profit maximization by reducing the cost of setting up a network at the company while providing the high level functionality. Knowledge Computers also provides memory solutions for massive data storage which is often a requirement of many organizations especially those who need to establish a massive knowledge base.
From: http://malaysiandirectory.net/used-cisco-hardware/
Monday, March 22, 2010
Core Knowledge Waiver for Cisco 360 Candidates
As the only CCIE training program authorized by Cisco, the Cisco 360 Learning Program is designed to accelerate expert-level competency and provide the tools that are needed to prepare candidates for the rigorous CCIE Routing and Switching and Voice lab exams.
Beginning April 1, 2010, Cisco will allow students who attend a Cisco 360 Learning Program workshop to request a waiver and skip the Core Knowledge section of the CCIE R&S or Voice lab exam.
Participating Cisco Authorized Learning Partners now also offer discounted Cisco 360 Learning Program bundles of R&S Self-Paced Lessons and Performance Assessments, providing students with additional training options. Check with your local Learning Partner for details. Finally, the eight Cisco 360 Learning Program R&S Self-Paced Lessons and four comprehensive lab-quality Performance Assessments are now available on the Cisco Learning Network Store.
Beginning April 1, 2010, Cisco will allow students who attend a Cisco 360 Learning Program workshop to request a waiver and skip the Core Knowledge section of the CCIE R&S or Voice lab exam.
Participating Cisco Authorized Learning Partners now also offer discounted Cisco 360 Learning Program bundles of R&S Self-Paced Lessons and Performance Assessments, providing students with additional training options. Check with your local Learning Partner for details. Finally, the eight Cisco 360 Learning Program R&S Self-Paced Lessons and four comprehensive lab-quality Performance Assessments are now available on the Cisco Learning Network Store.
Customers to benefit from Cisco-HP divorce
The networking giant announced late last week, would be remembered as a channel and HP Services Global Alliance Partners.
In an initiative announced the report published Tuesday in Cisco, John Byrne, director of Network Business Quarterly, TBR, clients expressed more favorable terms, and better support to see, and greater reductions resulting from the additional competition.
The move is a clear marketing strategy pushing Cisco UCS (Unified Computing System) Data Center Strategy, which will be its blade servers marries network services. However, Mr. Byrne said, large organizations will likely choose from HP, Cisco, when pressed, to switch between the server and newcomers courageous decision UCS Cisco announced in March.
He noted that Cisco was the split with HP "inevitable", since the move from Cisco in the market for servers.
Keith Goodwin, Senior Vice President of Cisco partners worldwide organization, said in an e-mail to ZDNet Asia: "In recent years, our relationship with HP by a partner for companies with different and conflicting visions of how d ' deliver value to develop the customer. "
HP maintained as a network of certified partners, would give the company access to confidential information from Cisco, such as roadmaps, Goodwin noted. "Given the development of the supply of our relations is simply no meaning to these benefits for HP," he said.
HP has also pushed his arm ProCurve Networking. The technology giant in the past year brought the ProCurve division in collaboration with its divisions of server and storage within its Technology Solutions Group.
Last September, HP has released a new range of ProCurve switches designed to integrate with its blade servers. An HP executive said at the time was in an interview with ZDNet Asia that the company would primarily compete with IBM and Dell Computer in the data center space and Cisco does not see as a threat.
In a reply by e-mail Tuesday a spokesman for HP told ZDNet Asia, the company would push the global reach and scale to use ProCurve portfolio to customers.
HP converged infrastructure architecture, announced in November last year on offers networking and HP's target market segment identical to UCS is unfounded.
Following the announcement by Cisco to separate relationships, HP said: "We do not take it in the best interest of the client in a proprietary attitude.
"We will provide clients with consulting, integration, management and support services for their heterogeneous environments, and ensure that our hardware and software platforms for all major network platforms are optimized.
TBR Byrne said, Cisco and HP, however, continue to be committed today, with divergence time. "As both companies to take first place in their respective markets, they share many companies with which they are a very strategic relationship.
"Therefore it is up to each company to" play nice "for now, to avoid negative impact on the activity of their customers," he said.
An opportunity for Cisco in emerging markets
In the view of analysts, the first opportunity for Cisco to lie with small businesses or new data centers.
Mike Allen, director of the chain in Asia for Cisco, said the company expects growth in emerging economies. "In our last earnings announcement, we saw two years of double digit growth over the year in the Asia-Pacific countries like China and India."
Cisco plans to focus on his message of virtualization and collaboration with customers in the region, Allen.
In a previous interview with ZDNet Asia, Michael Warrilow, Hydra SightSpeed CEO, said Cisco needs to convince customers to its network and server teams work together to ensure the adoption of products of UCS.
The IDC said to offer a comment at the time also focused UCS 'is for customers to build data centers from scratch to appeal.
Cisco announced earlier this month, has 400 people gathered at the NGC.
IDC for the third quarter 2009 figures showed that 50.7 percent of worldwide server blade market HP, IBM with 29.4 percent and Dell with 8.9 percent.
In an initiative announced the report published Tuesday in Cisco, John Byrne, director of Network Business Quarterly, TBR, clients expressed more favorable terms, and better support to see, and greater reductions resulting from the additional competition.
The move is a clear marketing strategy pushing Cisco UCS (Unified Computing System) Data Center Strategy, which will be its blade servers marries network services. However, Mr. Byrne said, large organizations will likely choose from HP, Cisco, when pressed, to switch between the server and newcomers courageous decision UCS Cisco announced in March.
He noted that Cisco was the split with HP "inevitable", since the move from Cisco in the market for servers.
Keith Goodwin, Senior Vice President of Cisco partners worldwide organization, said in an e-mail to ZDNet Asia: "In recent years, our relationship with HP by a partner for companies with different and conflicting visions of how d ' deliver value to develop the customer. "
HP maintained as a network of certified partners, would give the company access to confidential information from Cisco, such as roadmaps, Goodwin noted. "Given the development of the supply of our relations is simply no meaning to these benefits for HP," he said.
HP has also pushed his arm ProCurve Networking. The technology giant in the past year brought the ProCurve division in collaboration with its divisions of server and storage within its Technology Solutions Group.
Last September, HP has released a new range of ProCurve switches designed to integrate with its blade servers. An HP executive said at the time was in an interview with ZDNet Asia that the company would primarily compete with IBM and Dell Computer in the data center space and Cisco does not see as a threat.
In a reply by e-mail Tuesday a spokesman for HP told ZDNet Asia, the company would push the global reach and scale to use ProCurve portfolio to customers.
HP converged infrastructure architecture, announced in November last year on offers networking and HP's target market segment identical to UCS is unfounded.
Following the announcement by Cisco to separate relationships, HP said: "We do not take it in the best interest of the client in a proprietary attitude.
"We will provide clients with consulting, integration, management and support services for their heterogeneous environments, and ensure that our hardware and software platforms for all major network platforms are optimized.
TBR Byrne said, Cisco and HP, however, continue to be committed today, with divergence time. "As both companies to take first place in their respective markets, they share many companies with which they are a very strategic relationship.
"Therefore it is up to each company to" play nice "for now, to avoid negative impact on the activity of their customers," he said.
An opportunity for Cisco in emerging markets
In the view of analysts, the first opportunity for Cisco to lie with small businesses or new data centers.
Mike Allen, director of the chain in Asia for Cisco, said the company expects growth in emerging economies. "In our last earnings announcement, we saw two years of double digit growth over the year in the Asia-Pacific countries like China and India."
Cisco plans to focus on his message of virtualization and collaboration with customers in the region, Allen.
In a previous interview with ZDNet Asia, Michael Warrilow, Hydra SightSpeed CEO, said Cisco needs to convince customers to its network and server teams work together to ensure the adoption of products of UCS.
The IDC said to offer a comment at the time also focused UCS 'is for customers to build data centers from scratch to appeal.
Cisco announced earlier this month, has 400 people gathered at the NGC.
IDC for the third quarter 2009 figures showed that 50.7 percent of worldwide server blade market HP, IBM with 29.4 percent and Dell with 8.9 percent.
Sunday, March 21, 2010
Cisco CRS-3 Carrier Routing System
Cisco today announced a major advancement in Internet networking - the Cisco ® CRS-3 Carrier Routing System (CRS) - designed to serve as the foundation of the next-generation Internet and set the pace for the astonishing growth of video transmission, mobile devices and new online services through this decade and beyond.
With more than 12 times the traffic capacity of the nearest competing system, the Cisco CRS-3 is designed to transform the broadband communications and entertainment industry by accelerating the delivery of compelling new experiences for consumers, new revenue opportunities for service providers, and new ways to collaborate in the workplace.
Overview:
The Cisco CRS-3 triple the capacity of its predecessor, the Cisco CRS-1 Carrier Routing System, with up to 322 terabits per second, Which Enables the entire printed collection of the Library of Congress to be downloaded in just over one second, every man, woman and child in China to make a video call, simultaneously, and every motion picture ever created to be streamed in less than four minutes.
The Cisco CRS-3 Enables unified service delivery of web services and cloud with service spanning intelligence service provider Internet Protocol Next-Generation Networks (IP NGNs) and data center. The Cisco CRS-3 also provides unprecedented savings with investment protection for the nearly 5.000 Cisco CRS-1 deployed worldwide. Cisco's cumulative investment in the Cisco CRS family is $ 1.6 billion, further underscoring the company's commitment.
AT & T, one of the world's largest telecommunications companies, recently tested the Cisco CRS-3 in a successful completion of the world's first field trial of 100-gigabit backbone network technology, Which took place in AT & T's network live between New Orleans and Miami. The trial advances AT & T's development of the next generation of backbone network technology that will support the network requirements for the growing number of advanced services offered by AT & T to consumer and business customers, both fixed and mobile.
The Cisco CRS-3 is currently in field trials, and its pricing starts at $ 90,000 U.S.
Highlights and Capabilities for the Next-Generation Internet:
Unmatched Scale: With a proven multi-chassis architecture, the Cisco CRS-3 can deliver up to 322 Tbps of capacity, more than tripling the 92 Tbps capacity of the Cisco CRS-1 and representing more than 12 times the capacity of any other core router in the industry.
Single Core and Data Center / Cloud Intelligence Services: In addition to capacity requirements, the growth of mobile and video applications are creating new traffic patterns with multidirectional The increasing emergence of the cloud data center. The new Cisco Data Center Services System provides tight linkages between the Cisco CRS-3, Cisco Nexus family and Cisco Unified Computing System (UCS) to enable unified service delivery of cloud services. This intelligence also includes carrier-grade IPv6 (CGv6) and core IP / MPLS technologies that enabled new IP NGN architectural efficiencies required to keep pace with the rapidly growing market cloud services. Unique capabilities include:
Network Positioning System (NPS) - provides Layers 3 to 7 application information for best path to content, improving consumer and business experiences while reducing costs.
Cloud virtual private network (VPN) for Infrastructure as a Service (IAAS)-enables pay-as-you-go 'for compute, storage and network resources by automating Cisco CRS-3 and Cisco Nexus Inter-Data Center connections for Cisco UCS .
Unprecedented Savings: The Cisco CRS-3 offers dramatic operational expense savings and up to 60 percent savings on power consumption compared to competitive platforms. The Cisco CRS-3 also delivers significant capital expenditures savings and investment protection for existing Cisco CRS-1 customers. The new capabilities in the platform can be achieved by reusing the existing frame, route processors, fans and power systems with the addition of new line cards and fabric. These upgrades can be performed in-service and be provided by Cisco Services To ensure a smooth transition.
Silicon Innovation: The Cisco CRS-3 is powered by the new Cisco QuantumFlow Array Processor, Which UNIFIED The combined power of six chips to work as one, enabling unprecedented levels of service capabilities and processing power. Making this implementation even more unique is its ability to deliver capabilities with a fraction of the power required by lesser performing chipsets. The Cisco QuantumFlow Array chipset was designed to Provide the new system the ability to scale with the Ever Increasing Demands Being Placed on the IP NGN by the many different applications and trillions of devices being used by both businesses and consumers in the Zettabyte era.
With more than 12 times the traffic capacity of the nearest competing system, the Cisco CRS-3 is designed to transform the broadband communications and entertainment industry by accelerating the delivery of compelling new experiences for consumers, new revenue opportunities for service providers, and new ways to collaborate in the workplace.
Overview:
The Cisco CRS-3 triple the capacity of its predecessor, the Cisco CRS-1 Carrier Routing System, with up to 322 terabits per second, Which Enables the entire printed collection of the Library of Congress to be downloaded in just over one second, every man, woman and child in China to make a video call, simultaneously, and every motion picture ever created to be streamed in less than four minutes.
The Cisco CRS-3 Enables unified service delivery of web services and cloud with service spanning intelligence service provider Internet Protocol Next-Generation Networks (IP NGNs) and data center. The Cisco CRS-3 also provides unprecedented savings with investment protection for the nearly 5.000 Cisco CRS-1 deployed worldwide. Cisco's cumulative investment in the Cisco CRS family is $ 1.6 billion, further underscoring the company's commitment.
AT & T, one of the world's largest telecommunications companies, recently tested the Cisco CRS-3 in a successful completion of the world's first field trial of 100-gigabit backbone network technology, Which took place in AT & T's network live between New Orleans and Miami. The trial advances AT & T's development of the next generation of backbone network technology that will support the network requirements for the growing number of advanced services offered by AT & T to consumer and business customers, both fixed and mobile.
The Cisco CRS-3 is currently in field trials, and its pricing starts at $ 90,000 U.S.
Highlights and Capabilities for the Next-Generation Internet:
Unmatched Scale: With a proven multi-chassis architecture, the Cisco CRS-3 can deliver up to 322 Tbps of capacity, more than tripling the 92 Tbps capacity of the Cisco CRS-1 and representing more than 12 times the capacity of any other core router in the industry.
Single Core and Data Center / Cloud Intelligence Services: In addition to capacity requirements, the growth of mobile and video applications are creating new traffic patterns with multidirectional The increasing emergence of the cloud data center. The new Cisco Data Center Services System provides tight linkages between the Cisco CRS-3, Cisco Nexus family and Cisco Unified Computing System (UCS) to enable unified service delivery of cloud services. This intelligence also includes carrier-grade IPv6 (CGv6) and core IP / MPLS technologies that enabled new IP NGN architectural efficiencies required to keep pace with the rapidly growing market cloud services. Unique capabilities include:
Network Positioning System (NPS) - provides Layers 3 to 7 application information for best path to content, improving consumer and business experiences while reducing costs.
Cloud virtual private network (VPN) for Infrastructure as a Service (IAAS)-enables pay-as-you-go 'for compute, storage and network resources by automating Cisco CRS-3 and Cisco Nexus Inter-Data Center connections for Cisco UCS .
Unprecedented Savings: The Cisco CRS-3 offers dramatic operational expense savings and up to 60 percent savings on power consumption compared to competitive platforms. The Cisco CRS-3 also delivers significant capital expenditures savings and investment protection for existing Cisco CRS-1 customers. The new capabilities in the platform can be achieved by reusing the existing frame, route processors, fans and power systems with the addition of new line cards and fabric. These upgrades can be performed in-service and be provided by Cisco Services To ensure a smooth transition.
Silicon Innovation: The Cisco CRS-3 is powered by the new Cisco QuantumFlow Array Processor, Which UNIFIED The combined power of six chips to work as one, enabling unprecedented levels of service capabilities and processing power. Making this implementation even more unique is its ability to deliver capabilities with a fraction of the power required by lesser performing chipsets. The Cisco QuantumFlow Array chipset was designed to Provide the new system the ability to scale with the Ever Increasing Demands Being Placed on the IP NGN by the many different applications and trillions of devices being used by both businesses and consumers in the Zettabyte era.
Cisco IP Phone Feature
Voipfone offers a wide range of hosted VoIP services for small businesses and residential customers. The Advanced Service Provider Award awarded based PBX (News - Alert) functionality. Features such as call forwarding, integration of voicemail and music on hold service Voipfone tested to ensure they are fully compatible with the snom phones have been, according to company officials .
snom accreditation allows end users to help Voipfone the best of your snom phones with high-quality partners in other sectors of the VoIP network, they added.
"We work with Voipfone by one of our distributors provu established since 2005 and we are delighted that he has passed interoperability testing to work with us as a high level of service," said Nelly Monkhouse, Director of Sales United Kingdom for SNOM in a statement. "Here in SNOM, we proceed to align with partners that meet our high standards and help us ensure that our customers get the most out of their dedicated VoIP phones.
Voipfone, a founding member of the ITSPA, the United Kingdom, the trade group of the industry recommends snom phones to their customers for over five years and have developed confidence in the reliability, technology and professional support, according to company officials.
"It is this partnership of great phones and a large network that has enabled the Voipfone to win the 2009 UK Small Business VOIP Service Provider of the Year Award ITSPA" said Colin Duffy, CEO of Voipfone in a statement
snom develops and manufactures IP phones and similar devices based on the open standard Session Initiation Protocol (News - Alert), or "SIP" and TR-069/TR-111standard, the company said.
A special feature of snom phones is that the software is in the firmware of the phone - to facilitate user access to updates and new features. The phones also offer the flexibility and interoperability, according to company officials.
snom has launched its latest VoIP communication products and technologies presented at the SMB market for business and atITEXPO (News - Alert) East 2010 in Miami, held January 20-22. The exhibits include the snom 870 phone desktop touch screen and public address system AP1. snom snom OCS has also presented papers and its unified IP phone snom conference called Meeting Point, TMCnet
snom accreditation allows end users to help Voipfone the best of your snom phones with high-quality partners in other sectors of the VoIP network, they added.
"We work with Voipfone by one of our distributors provu established since 2005 and we are delighted that he has passed interoperability testing to work with us as a high level of service," said Nelly Monkhouse, Director of Sales United Kingdom for SNOM in a statement. "Here in SNOM, we proceed to align with partners that meet our high standards and help us ensure that our customers get the most out of their dedicated VoIP phones.
Voipfone, a founding member of the ITSPA, the United Kingdom, the trade group of the industry recommends snom phones to their customers for over five years and have developed confidence in the reliability, technology and professional support, according to company officials.
"It is this partnership of great phones and a large network that has enabled the Voipfone to win the 2009 UK Small Business VOIP Service Provider of the Year Award ITSPA" said Colin Duffy, CEO of Voipfone in a statement
snom develops and manufactures IP phones and similar devices based on the open standard Session Initiation Protocol (News - Alert), or "SIP" and TR-069/TR-111standard, the company said.
A special feature of snom phones is that the software is in the firmware of the phone - to facilitate user access to updates and new features. The phones also offer the flexibility and interoperability, according to company officials.
snom has launched its latest VoIP communication products and technologies presented at the SMB market for business and atITEXPO (News - Alert) East 2010 in Miami, held January 20-22. The exhibits include the snom 870 phone desktop touch screen and public address system AP1. snom snom OCS has also presented papers and its unified IP phone snom conference called Meeting Point, TMCnet
Friday, March 19, 2010
Cisco takes the greener path network
Cisco on Tuesday launched a three-phase plan to reduce the energy consumption of datacentres, network infrastructure and attached devices such as phones, video-surveillance cameras, wireless-access points and in the datacentre.
Cisco said the EnergyWise strategy, intended for Cisco Catalyst switches, is for measuring, reporting on and reducing the energy consumption of IP devices. The company also announced industry partnerships that it said could help reduce power consumption in buildings from lights, lifts, air conditioning and heating.
The first phase of the plan, to be launched in February, will cover network control of the Cisco Catalyst switches.
The second phase will be launched in the summer and will cover the control of IT resources. At the same time, the company claimed, it will also have expanded industry support of EnergyWise on devices such as PCs, laptops and printers.
The final phase, which is due in early 2010, will focus on building controls and will also be extended to cover the management of building system assets such as heating, ventilation and air conditioning, lifts, lights, employee-badge-access systems, fire-alarm systems and security systems.
According to Dave Frampton, general manager for the switching business unit at Cisco, the company is getting involved in green datacentre strategies because "[Cisco sits] at the centre so [Cisco is] the logical place to blend together all the middleware element".
"The IP network is the single pervasive element," he said.
EnergyWise is intended to provide "real-time, granular measurement capabilities to give chief information officers better visibility into energy savings across an entire organisation", Cisco said in its statement.
The EnergyWise programme is available to users of Cisco 2K and 3K switches at no charge, Frampton said.
Cisco said the EnergyWise strategy, intended for Cisco Catalyst switches, is for measuring, reporting on and reducing the energy consumption of IP devices. The company also announced industry partnerships that it said could help reduce power consumption in buildings from lights, lifts, air conditioning and heating.
The first phase of the plan, to be launched in February, will cover network control of the Cisco Catalyst switches.
The second phase will be launched in the summer and will cover the control of IT resources. At the same time, the company claimed, it will also have expanded industry support of EnergyWise on devices such as PCs, laptops and printers.
The final phase, which is due in early 2010, will focus on building controls and will also be extended to cover the management of building system assets such as heating, ventilation and air conditioning, lifts, lights, employee-badge-access systems, fire-alarm systems and security systems.
According to Dave Frampton, general manager for the switching business unit at Cisco, the company is getting involved in green datacentre strategies because "[Cisco sits] at the centre so [Cisco is] the logical place to blend together all the middleware element".
"The IP network is the single pervasive element," he said.
EnergyWise is intended to provide "real-time, granular measurement capabilities to give chief information officers better visibility into energy savings across an entire organisation", Cisco said in its statement.
The EnergyWise programme is available to users of Cisco 2K and 3K switches at no charge, Frampton said.
Cisco enters rack-mount server market
Cisco is to move into the rack-mount server business as part of its drive towards what it calls "unified computing '.
Unified computing, says the company, Involves combining network, virtualization and compute resources into a single system. Cisco's Unified Computing System (UCS) C-Series rack-mount servers, announced on Wednesday, add a new element to a portfolio that already includes UCS blade servers.
Like the UCS blade servers, Which were announced in March, the C-Series rack-mount servers are based on Intel's Xeon 5500 chips Nehalem.
Cisco's UCS range is the company's first foray into the server hardware business. The company is better known for its networking products.
Also on Wednesday, Cisco announced two new IT certification for individual customers and channel partners: Cisco Unified Computing Data Center Design Specialist and the Cisco Unified Data Center Computing Support Specialist.
The certifications cover skills such as storage networking, data center networking infrastructure, data center services and application virtualization.
Unified computing, says the company, Involves combining network, virtualization and compute resources into a single system. Cisco's Unified Computing System (UCS) C-Series rack-mount servers, announced on Wednesday, add a new element to a portfolio that already includes UCS blade servers.
Like the UCS blade servers, Which were announced in March, the C-Series rack-mount servers are based on Intel's Xeon 5500 chips Nehalem.
Cisco's UCS range is the company's first foray into the server hardware business. The company is better known for its networking products.
Also on Wednesday, Cisco announced two new IT certification for individual customers and channel partners: Cisco Unified Computing Data Center Design Specialist and the Cisco Unified Data Center Computing Support Specialist.
The certifications cover skills such as storage networking, data center networking infrastructure, data center services and application virtualization.
Thursday, March 18, 2010
Cisco services first for Omani reseller
The certification is the latest move by ABIT expand its technology and comes just months after he was named a Cisco Premier Partner.
The Cisco Smart Care Service is an offer of collaboration, Cisco Certified Partner with a service platform to build on Cisco Networking expertise to create new customized services for their customers.
The service is ABIT can provide its customers with continuous remote monitoring, network maintenance and full technical support for all voice and data network, as well as add-on services.
Dealers, Cisco specializations in unified communications solutions operation had to meet specific service, support and staff to obtain certification.
"Cisco is at the heart of our activities and certification first and Smart Care Partnership is a testimony of our continued commitment to our relationship," said Director Hisham Hassan.
"Given the increasing competitiveness in the Sultanate technology, we also continue to develop and improve our skills and capabilities to provide complete portfolio of Cisco solutions for our customers," he added.
Singapore Used Cisco Reseller
NetworkHardware
The Cisco Smart Care Service is an offer of collaboration, Cisco Certified Partner with a service platform to build on Cisco Networking expertise to create new customized services for their customers.
The service is ABIT can provide its customers with continuous remote monitoring, network maintenance and full technical support for all voice and data network, as well as add-on services.
Dealers, Cisco specializations in unified communications solutions operation had to meet specific service, support and staff to obtain certification.
"Cisco is at the heart of our activities and certification first and Smart Care Partnership is a testimony of our continued commitment to our relationship," said Director Hisham Hassan.
"Given the increasing competitiveness in the Sultanate technology, we also continue to develop and improve our skills and capabilities to provide complete portfolio of Cisco solutions for our customers," he added.
Singapore Used Cisco Reseller
NetworkHardware
Juniper Networks security talk from conferences
Its conference room near seasonal security in Las Vegas and a month of arrival, a presentation was given by Black Hat and Defcon.
Juniper Networks, then moved to a conference on the errors in the ATM software, has been a researcher plans to hold conferences in checkpoint security, according to complaints ATM provider.
In his lecture "Jackpotting Automated Teller Machines," Barnaby Jack intends to local and remote attack vectors discussed at an ATM and a live demonstration of an attack on an ATM unmodified.
The description of the conference, which was set at Defcon website appears to have been removed, however, said: "The most common attacks on ATMs usually involves the use of the card skimmers, or theft of these devices themselves. Rarely seen targeted attacks on the underlying software. This presentation is the steps I follow to analyze the interface and find a weakness in a number of popular new model ATM. "
Said in a statement, Juniper Networks, the company "Jack's believes that research is important to be presented at a public forum, which is at the level of security. However, the affected ATM provider, we expressed concern by the announcement, the research protected by its elements in their entirety. Given the size and potential exposure of this issue to other vendors, Juniper has set Jack to all interested suppliers to move sufficiently addressed the issues found his research. "
Juniper Networks is directed to other ATM providers to help them, ask for security risks in search of Jack discovered the statement.
Giving the company does not know what the builders were slot machines can be addressed in the discussion. Jack could not be reached for comment.
Safety issues related to ATM machines are a hot topic. Last month, we discovered, a computer forensics expert that Malware on ATMs, enabling criminals to steal account information and PINs have been discovered. Three people were arrested after stolen last year, the break in the Citibank ATM network inside 7-Eleven stores and PINs.
It is the second consecutive year that the format in one of two conferences, security has been given. Last year, a presentation on hacking smart cards in the Boston subway was used after a federal judge granted a request blocked Massachusetts Transit Authority for an injunction. The process was then released and contribute to improving the three MIT students who completed a muzzle finally agreeing to the transit system to its ticketing system.
And other researchers have encountered problems after having their conversations. In 2005, a security researcher position in his presentation at Defcon, how hackers could enter the Cisco routers, but hours later, Cisco Systems, brought an action against him. The case was eventually settled.
Things were even more dramatic in 2001 when the FBI took Russian crypto expert Dmitry Sklyarov into custody at his hotel in Las Vegas the day after their Defcon talk about insecurity in the e-book security software there.
Juniper Networks, then moved to a conference on the errors in the ATM software, has been a researcher plans to hold conferences in checkpoint security, according to complaints ATM provider.
In his lecture "Jackpotting Automated Teller Machines," Barnaby Jack intends to local and remote attack vectors discussed at an ATM and a live demonstration of an attack on an ATM unmodified.
The description of the conference, which was set at Defcon website appears to have been removed, however, said: "The most common attacks on ATMs usually involves the use of the card skimmers, or theft of these devices themselves. Rarely seen targeted attacks on the underlying software. This presentation is the steps I follow to analyze the interface and find a weakness in a number of popular new model ATM. "
Said in a statement, Juniper Networks, the company "Jack's believes that research is important to be presented at a public forum, which is at the level of security. However, the affected ATM provider, we expressed concern by the announcement, the research protected by its elements in their entirety. Given the size and potential exposure of this issue to other vendors, Juniper has set Jack to all interested suppliers to move sufficiently addressed the issues found his research. "
Juniper Networks is directed to other ATM providers to help them, ask for security risks in search of Jack discovered the statement.
Giving the company does not know what the builders were slot machines can be addressed in the discussion. Jack could not be reached for comment.
Safety issues related to ATM machines are a hot topic. Last month, we discovered, a computer forensics expert that Malware on ATMs, enabling criminals to steal account information and PINs have been discovered. Three people were arrested after stolen last year, the break in the Citibank ATM network inside 7-Eleven stores and PINs.
It is the second consecutive year that the format in one of two conferences, security has been given. Last year, a presentation on hacking smart cards in the Boston subway was used after a federal judge granted a request blocked Massachusetts Transit Authority for an injunction. The process was then released and contribute to improving the three MIT students who completed a muzzle finally agreeing to the transit system to its ticketing system.
And other researchers have encountered problems after having their conversations. In 2005, a security researcher position in his presentation at Defcon, how hackers could enter the Cisco routers, but hours later, Cisco Systems, brought an action against him. The case was eventually settled.
Things were even more dramatic in 2001 when the FBI took Russian crypto expert Dmitry Sklyarov into custody at his hotel in Las Vegas the day after their Defcon talk about insecurity in the e-book security software there.
Monday, March 15, 2010
Cisco shows off Internet super-router
Hyped as the router that would 'change forever the face of the Internet', Cisco has launched its new CRS-3 system as the box it predicts will stream video into the Net's darkest recesses.
To the casual eye, it looks like another cabinet full of flashing lights of the sort used by Internet carriers the world over, but to Cisco the CRS-3 (carrier routing system 3) is a pile of statistics. Capable of shifting up to 322Tbit/s, it has triple the capacity of its predecessor, the CRS-1, and is contentiously said to have 'twelve times' the capacity of its nearest competing system.
Powered by Cisco's packet-shifting QuantumFlow Array processor, Cisco sees it as the first step on the road to the forthcoming 'zettabyte era' (four orders of magnitude up from today's gigabit/gigabyte world), which enables "the entire printed collection of the Library of Congress to be downloaded in just over one second; every man, woman and child in China to make a video call, simultaneously; and every motion picture ever created to be streamed in less than four minutes," read the official release.
Why Cisco is choosing to tell the world about a chunk of Internet infrastructure most people are barely even aware exists is an interesting question in itself. It has more direct competition than it did during the infrastructure boom of the 1990s - the one that took the backbone architecture from megabits per second to gigabits per second and now on towards terabits per second - from companies such as Juniper, Alcatel-Lucent, and Huawei.
According to a recent Dell O'ro Group, during 2009 it lost market share in a number of market sectors, and its share of the core routing market into which the CRS-3 is pitched showed modest declines. Mostly this is driven by price. Cisco is still seen as the expensive option in some quarters.
But even in world of tough competition, the need for ever higher capacities remains, driven overwhelmingly by latency-sensitive applications such as video, which have started eating into the Internet's core capacity.
Cisco said the CRS-3 has been in field trials with AT&T for some time, including the showcase 100 Gigabit per second fibre network between New Orleans and Miami.
"We are entering the next stage of global communication and entertainment services and applications, which requires a new set of advanced Internet networking technologies," said AT&T Labs' CEO, Keith Cambron. "AT&T's network handled 40 percent more traffic in 2009 than it did in the previous year, and we continue to see this growth in 2010."
The starting price for the CRS-3 is $90,000 (£60,000).
To the casual eye, it looks like another cabinet full of flashing lights of the sort used by Internet carriers the world over, but to Cisco the CRS-3 (carrier routing system 3) is a pile of statistics. Capable of shifting up to 322Tbit/s, it has triple the capacity of its predecessor, the CRS-1, and is contentiously said to have 'twelve times' the capacity of its nearest competing system.
Powered by Cisco's packet-shifting QuantumFlow Array processor, Cisco sees it as the first step on the road to the forthcoming 'zettabyte era' (four orders of magnitude up from today's gigabit/gigabyte world), which enables "the entire printed collection of the Library of Congress to be downloaded in just over one second; every man, woman and child in China to make a video call, simultaneously; and every motion picture ever created to be streamed in less than four minutes," read the official release.
Why Cisco is choosing to tell the world about a chunk of Internet infrastructure most people are barely even aware exists is an interesting question in itself. It has more direct competition than it did during the infrastructure boom of the 1990s - the one that took the backbone architecture from megabits per second to gigabits per second and now on towards terabits per second - from companies such as Juniper, Alcatel-Lucent, and Huawei.
According to a recent Dell O'ro Group, during 2009 it lost market share in a number of market sectors, and its share of the core routing market into which the CRS-3 is pitched showed modest declines. Mostly this is driven by price. Cisco is still seen as the expensive option in some quarters.
But even in world of tough competition, the need for ever higher capacities remains, driven overwhelmingly by latency-sensitive applications such as video, which have started eating into the Internet's core capacity.
Cisco said the CRS-3 has been in field trials with AT&T for some time, including the showcase 100 Gigabit per second fibre network between New Orleans and Miami.
"We are entering the next stage of global communication and entertainment services and applications, which requires a new set of advanced Internet networking technologies," said AT&T Labs' CEO, Keith Cambron. "AT&T's network handled 40 percent more traffic in 2009 than it did in the previous year, and we continue to see this growth in 2010."
The starting price for the CRS-3 is $90,000 (£60,000).
Juniper and Dell align to target enterprises
Juniper Networks and Dell have signed a deal that will see the pair collaborate to offer combined networking solutions.
Under the agreement, networking products from Juniper will be offered under Dell's PowerConnect brand. The pair state that this move will allow customers to deploy a common network management platform and network operating system to help them reduce operating expenses.
The deal also includes plans to work together on open, standards-based solutions for virtualised data centres and to create technology solutions using Converged Enhanced Ethernet (CEE). This is intended to improve network economics.
"Networking is an important piece in providing customers with choices for how they optimise their data center operations to improve efficiency," said Brad Anderson, senior vice president of the Enterprise Product Group at Dell.
"This agreement will help address many of our customer's biggest challenges including a dramatic rise in security concerns, an increasingly dispersed workforce and challenges brought on with the advent of the virtualised data centre," added Anderson.
From Juniper's perspective, the partnership with hardware vendor Dell underlines its strategic concentration on the enterprise networking market.
This OEM agreement is another great step in our sustained and successful push into the enterprise market," said Gerri Elliott, executive vice president, strategic alliances at Juniper Networks.
"We have the only infrastructure that includes integrated security, routing and switching running on a single operating system. And that uniform approach is a great benefit to IT organisations, from the smallest to the largest, as they tackle the challenges of an increasingly decentralised landscape," added Elliot.
Under the agreement, networking products from Juniper will be offered under Dell's PowerConnect brand. The pair state that this move will allow customers to deploy a common network management platform and network operating system to help them reduce operating expenses.
The deal also includes plans to work together on open, standards-based solutions for virtualised data centres and to create technology solutions using Converged Enhanced Ethernet (CEE). This is intended to improve network economics.
"Networking is an important piece in providing customers with choices for how they optimise their data center operations to improve efficiency," said Brad Anderson, senior vice president of the Enterprise Product Group at Dell.
"This agreement will help address many of our customer's biggest challenges including a dramatic rise in security concerns, an increasingly dispersed workforce and challenges brought on with the advent of the virtualised data centre," added Anderson.
From Juniper's perspective, the partnership with hardware vendor Dell underlines its strategic concentration on the enterprise networking market.
This OEM agreement is another great step in our sustained and successful push into the enterprise market," said Gerri Elliott, executive vice president, strategic alliances at Juniper Networks.
"We have the only infrastructure that includes integrated security, routing and switching running on a single operating system. And that uniform approach is a great benefit to IT organisations, from the smallest to the largest, as they tackle the challenges of an increasingly decentralised landscape," added Elliot.
SolutionBase: Fortinet firewalls provide more bang for the buck than Cisco PIX
My company is planning a project to migrate from a traditional frame-relay network to a site-to-site VPN. As part of this project, we must decide on what firewall and VPN devices we will standardize on.
Currently, we have two remote site-to-site VPN test locations utilizing Cisco PIX 501 firewalls. These locations are connecting back to a Cisco IOS firewall and working successfully. Having configured the PIX firewalls myself, one of my concerns was the complexity of the configuration and troubleshooting. Once we standardize on a device and roll out the VPN network with these associated firewall/VPN devices, I'll turn this project over to the network administrator and the network support group.
I'd like the end solution to be as simple as possible to troubleshoot, monitor, and modify. While I like Cisco products and I like the idea of standardizing on a Cisco solution, I don't consider the PIX firewalls to be easy to configure, troubleshoot, or monitor. Sure, Cisco PIX devices do offer the PIX Device Manager (PDM), a Java Web-based interface for management. However, I still feel that, even with the Web-based interface, the PIX still lacks a great deal of user-friendliness and simplicity. Again, while I like Cisco products, in my capacity as project manager, I don’t want to have to say, "Here is the excellent solution I came up with, but yes, it is a pain to do many of the day-to-day tasks." I was curious if I could find a solution that does the job, but which the network support group would find easy to work with.
Enter Fortinet
I met with a security consulting firm and, after hearing my requirements, they recommended that I take a look at devices from Fortinet, a company that I had never heard of. The consulting firm told me that, yes, there are a large number of choices available in the VPN/firewall market; however, based on the devices they have looked at, they felt that selecting Fortinet offered "the most bang for the buck" in my case.
Some of you reading this may already be very familiar with Fortinet. For those who aren’t, here's a little background on the company. Ken Xie, the former founder and CEO of Netscreen, founded Fortinet in 2000. I heard that he left Netscreen because he believed strongly in the use of ASICs (Application Specific Integrated Circuits) to run devices like firewalls. At the time, Netscreen disagreed and Xie left to form Fortinet. Today, Fortinet’s Web site says that it is "the only provider of ASIC-powered, network-based antivirus firewalls."
This idea of using ASICs is interesting. I'm not a firewall architecture expert, but this is what I gathered from my research: Cisco devices use a standard RISC or AMD processor (just like you could find in a small UNIX server), RAM, and operating systems with applications. By using ASICs, Fortinet has dedicated chips that speed the processing of things like firewall filtering, encryption, virus scanning, and traffic shaping. By using these dedicated chips, Fortinet claims that they are the only provider that can screen traffic for viruses at "broadband rates." In other words, other firewall solutions that scan for viruses have higher latency than the Fortinet solutions, according to Fortinet.
Currently, we have two remote site-to-site VPN test locations utilizing Cisco PIX 501 firewalls. These locations are connecting back to a Cisco IOS firewall and working successfully. Having configured the PIX firewalls myself, one of my concerns was the complexity of the configuration and troubleshooting. Once we standardize on a device and roll out the VPN network with these associated firewall/VPN devices, I'll turn this project over to the network administrator and the network support group.
I'd like the end solution to be as simple as possible to troubleshoot, monitor, and modify. While I like Cisco products and I like the idea of standardizing on a Cisco solution, I don't consider the PIX firewalls to be easy to configure, troubleshoot, or monitor. Sure, Cisco PIX devices do offer the PIX Device Manager (PDM), a Java Web-based interface for management. However, I still feel that, even with the Web-based interface, the PIX still lacks a great deal of user-friendliness and simplicity. Again, while I like Cisco products, in my capacity as project manager, I don’t want to have to say, "Here is the excellent solution I came up with, but yes, it is a pain to do many of the day-to-day tasks." I was curious if I could find a solution that does the job, but which the network support group would find easy to work with.
Enter Fortinet
I met with a security consulting firm and, after hearing my requirements, they recommended that I take a look at devices from Fortinet, a company that I had never heard of. The consulting firm told me that, yes, there are a large number of choices available in the VPN/firewall market; however, based on the devices they have looked at, they felt that selecting Fortinet offered "the most bang for the buck" in my case.
Some of you reading this may already be very familiar with Fortinet. For those who aren’t, here's a little background on the company. Ken Xie, the former founder and CEO of Netscreen, founded Fortinet in 2000. I heard that he left Netscreen because he believed strongly in the use of ASICs (Application Specific Integrated Circuits) to run devices like firewalls. At the time, Netscreen disagreed and Xie left to form Fortinet. Today, Fortinet’s Web site says that it is "the only provider of ASIC-powered, network-based antivirus firewalls."
This idea of using ASICs is interesting. I'm not a firewall architecture expert, but this is what I gathered from my research: Cisco devices use a standard RISC or AMD processor (just like you could find in a small UNIX server), RAM, and operating systems with applications. By using ASICs, Fortinet has dedicated chips that speed the processing of things like firewall filtering, encryption, virus scanning, and traffic shaping. By using these dedicated chips, Fortinet claims that they are the only provider that can screen traffic for viruses at "broadband rates." In other words, other firewall solutions that scan for viruses have higher latency than the Fortinet solutions, according to Fortinet.
Sunday, March 14, 2010
Juniper unveils new brand
Juniper Networks has announced a major set of new solutions and partnerships which it says will "reinvent the experience and economics of networking".
The new releases include new processors, new Junos software, new solutions for cloud networking and security, and strategic partnerships
Kevin Johnson, CEO of Juniper said: "Networks are now clearly the hub of business and community around the world, and that's driving massive scale requirements for the next decade. Driven by our mission to connect everything and empower everyone, Juniper believes it's time for a new approach to networking. An approach based on smart systems and open software platforms. An approach that adapts to changing business dynamics. An approach that embraces partnership and unleashes innovation."
The new Junos software platform has been created to allow customers to directly program multiple layers of their networks. The platform includes the Junos network operating system, and the new Junos Space network application platform and Junos Pulse integrated network client.
In the processor field, Juniper announced a new Junos One family of processors, including the Junos Trio chipset with 3D Scaling technology that enables networks to dynamically support more subscribers, services and bandwidth. The Junos Trio will be delivered in new modular line cards and new 3.5-inch routers for Juniper MX Series, which the company says will provide up to 2.6 terabits per second of throughput, making them up to four times faster than the competition, while only using half as much power per gigabit.
The new releases include new processors, new Junos software, new solutions for cloud networking and security, and strategic partnerships
Kevin Johnson, CEO of Juniper said: "Networks are now clearly the hub of business and community around the world, and that's driving massive scale requirements for the next decade. Driven by our mission to connect everything and empower everyone, Juniper believes it's time for a new approach to networking. An approach based on smart systems and open software platforms. An approach that adapts to changing business dynamics. An approach that embraces partnership and unleashes innovation."
The new Junos software platform has been created to allow customers to directly program multiple layers of their networks. The platform includes the Junos network operating system, and the new Junos Space network application platform and Junos Pulse integrated network client.
In the processor field, Juniper announced a new Junos One family of processors, including the Junos Trio chipset with 3D Scaling technology that enables networks to dynamically support more subscribers, services and bandwidth. The Junos Trio will be delivered in new modular line cards and new 3.5-inch routers for Juniper MX Series, which the company says will provide up to 2.6 terabits per second of throughput, making them up to four times faster than the competition, while only using half as much power per gigabit.
Juniper blooms
There has been a great deal of announcements from Juniper regarding its strategy and product ranges in the last few months. How big is this time in terms of milestones for the company?
I would say this is probably after the founding of the company 12 years ago this is the biggest announcement ever since.
And it is a reactive move perhaps to the call, globally, for cloud computing to become a stronger part of the overall business and networking provisions today…
Yes, we believe that networks overall are changing, it is about access and about the user experience and it is about overall virtualisation of everything for enterprises. We don’t believe that it is scalable for business to continue to build their dedicated data centres and this is why we believe that on the whole virtualisation is going to be very important and this is why we call it cloud networking rather than cloud computing. I think it is much bigger than just the computing part.
And you claim you can really save money for the end-user in both CAPEX and in OPEX. This is a claim though, that many vendors have been making as it is obviously what the end-user wants to hear right now. So why and how is your claim different? Is it down to the flexibility of the cloud?
It is that element for sure, because you start to share resources, applications and application providers in their shared space and you don’t need all of the IT resources for assistance and maintenance.
And the other thing that I really believe is important is — how are you going to scale this massive ramp-up? We have shown you what happened with all the devices that there are now, it will break, if a company and search providers are not starting to think more strategically about the future, it will break. It is not for us, just announcing one product, it is about software, it is about network architecture, and scalability. It is also about how to do things differently than we have done before.
This is also you laying down the gauntlet to Cisco as it faces increasing competition from all sides. How will your ‘New Network’ strategy help you challenge Cisco here on a local basis?
In most of the markets we have become either the number one or the number two player. That is definitely one of the things, we have been very successful in competing with them in the high performance routing space, enterprise space and service provider’s space.
And Juniper has been very successful and taking second place in the security networking space and we are starting to move very aggressively with security in the pipeline. The good thing is we are not competing in the same space as IBM, Sun or Oracle, nor HP in a way, and if you look at Cisco they are really narrow, sort of fighting with their traditional rivals.
We stay, a pure play networking and security company, which provides Juniper a huge opportunity in the market and this is also why you have seen the OEM announcement with Dell and also with IBM, in which they are really working with Juniper.
Is the Middle East really ready for cloud computing on this scale that you have announced, because in many enterprises in this region are still looking at the consolidation of their infrastructure and are they really ready to move a lot of it into the cloud?
The good thing is that it is not an architecture that is out there over nothing. What we do is we provide a real gradual approach to it, you can start with our switching products and then you can expand to the infrastructure at their own pace. I think today all enterprises and service providers are suffering from the same challenges. One is the power supply, the space and physicality of how to manage it and how to introduce new applications and bring the total cost of ownership down for their customers.
I would say this is probably after the founding of the company 12 years ago this is the biggest announcement ever since.
And it is a reactive move perhaps to the call, globally, for cloud computing to become a stronger part of the overall business and networking provisions today…
Yes, we believe that networks overall are changing, it is about access and about the user experience and it is about overall virtualisation of everything for enterprises. We don’t believe that it is scalable for business to continue to build their dedicated data centres and this is why we believe that on the whole virtualisation is going to be very important and this is why we call it cloud networking rather than cloud computing. I think it is much bigger than just the computing part.
And you claim you can really save money for the end-user in both CAPEX and in OPEX. This is a claim though, that many vendors have been making as it is obviously what the end-user wants to hear right now. So why and how is your claim different? Is it down to the flexibility of the cloud?
It is that element for sure, because you start to share resources, applications and application providers in their shared space and you don’t need all of the IT resources for assistance and maintenance.
And the other thing that I really believe is important is — how are you going to scale this massive ramp-up? We have shown you what happened with all the devices that there are now, it will break, if a company and search providers are not starting to think more strategically about the future, it will break. It is not for us, just announcing one product, it is about software, it is about network architecture, and scalability. It is also about how to do things differently than we have done before.
This is also you laying down the gauntlet to Cisco as it faces increasing competition from all sides. How will your ‘New Network’ strategy help you challenge Cisco here on a local basis?
In most of the markets we have become either the number one or the number two player. That is definitely one of the things, we have been very successful in competing with them in the high performance routing space, enterprise space and service provider’s space.
And Juniper has been very successful and taking second place in the security networking space and we are starting to move very aggressively with security in the pipeline. The good thing is we are not competing in the same space as IBM, Sun or Oracle, nor HP in a way, and if you look at Cisco they are really narrow, sort of fighting with their traditional rivals.
We stay, a pure play networking and security company, which provides Juniper a huge opportunity in the market and this is also why you have seen the OEM announcement with Dell and also with IBM, in which they are really working with Juniper.
Is the Middle East really ready for cloud computing on this scale that you have announced, because in many enterprises in this region are still looking at the consolidation of their infrastructure and are they really ready to move a lot of it into the cloud?
The good thing is that it is not an architecture that is out there over nothing. What we do is we provide a real gradual approach to it, you can start with our switching products and then you can expand to the infrastructure at their own pace. I think today all enterprises and service providers are suffering from the same challenges. One is the power supply, the space and physicality of how to manage it and how to introduce new applications and bring the total cost of ownership down for their customers.
Thursday, March 11, 2010
Features of Fortinet appliances
Besides being interested in more user-friendliness and simplicity, some of the other features that attracted my interest in the Fortinet devices were:
The FortiGate product can do the same things that I was doing already with the PIX 501: firewall, VPN tunnels, and intrusion detection.
The FortiGate devices come with additional features that the PIX 501 does not support: antivirus functionality, RADIUS/LDAP user-based authentication with Web logging (syslog), intrusion prevention, Web content filtering, e-mail filtering (antispam), traffic prioritization within the VPN tunnel, and a fast, Web-based interface.
Fortinet also claims that, because it uses ASICs, the FortiGate firewalls are faster than Cisco PIX firewalls.
The FortiGate 50A costs about $500, the same price as the PIX 501 units I have been buying.
I really liked the idea of getting more for my money, so I agreed to demo the Fortinet devices (they didn’t know that I would eventually write a review).
The FortiGate product can do the same things that I was doing already with the PIX 501: firewall, VPN tunnels, and intrusion detection.
The FortiGate devices come with additional features that the PIX 501 does not support: antivirus functionality, RADIUS/LDAP user-based authentication with Web logging (syslog), intrusion prevention, Web content filtering, e-mail filtering (antispam), traffic prioritization within the VPN tunnel, and a fast, Web-based interface.
Fortinet also claims that, because it uses ASICs, the FortiGate firewalls are faster than Cisco PIX firewalls.
The FortiGate 50A costs about $500, the same price as the PIX 501 units I have been buying.
I really liked the idea of getting more for my money, so I agreed to demo the Fortinet devices (they didn’t know that I would eventually write a review).
SolutionBase: Fortinet firewalls provide more bang for the buck than Cisco PIX
My company is planning a project to migrate from a traditional frame-relay network to a site-to-site VPN. As part of this project, we must decide on what firewall and VPN devices we will standardize on.
Currently, we have two remote site-to-site VPN test locations utilizing Cisco PIX 501 firewalls. These locations are connecting back to a Cisco IOS firewall and working successfully. Having configured the PIX firewalls myself, one of my concerns was the complexity of the configuration and troubleshooting. Once we standardize on a device and roll out the VPN network with these associated firewall/VPN devices, I'll turn this project over to the network administrator and the network support group.
I'd like the end solution to be as simple as possible to troubleshoot, monitor, and modify. While I like Cisco products and I like the idea of standardizing on a Cisco solution, I don't consider the PIX firewalls to be easy to configure, troubleshoot, or monitor. Sure, Cisco PIX devices do offer the PIX Device Manager (PDM), a Java Web-based interface for management. However, I still feel that, even with the Web-based interface, the PIX still lacks a great deal of user-friendliness and simplicity. Again, while I like Cisco products, in my capacity as project manager, I don’t want to have to say, "Here is the excellent solution I came up with, but yes, it is a pain to do many of the day-to-day tasks." I was curious if I could find a solution that does the job, but which the network support group would find easy to work with.
Enter Fortinet
I met with a security consulting firm and, after hearing my requirements, they recommended that I take a look at devices from Fortinet, a company that I had never heard of. The consulting firm told me that, yes, there are a large number of choices available in the VPN/firewall market; however, based on the devices they have looked at, they felt that selecting Fortinet offered "the most bang for the buck" in my case.
Some of you reading this may already be very familiar with Fortinet. For those who aren’t, here's a little background on the company. Ken Xie, the former founder and CEO of Netscreen, founded Fortinet in 2000. I heard that he left Netscreen because he believed strongly in the use of ASICs (Application Specific Integrated Circuits) to run devices like firewalls. At the time, Netscreen disagreed and Xie left to form Fortinet. Today, Fortinet’s Web site says that it is "the only provider of ASIC-powered, network-based antivirus firewalls."
This idea of using ASICs is interesting. I'm not a firewall architecture expert, but this is what I gathered from my research: Cisco devices use a standard RISC or AMD processor (just like you could find in a small UNIX server), RAM, and operating systems with applications. By using ASICs, Fortinet has dedicated chips that speed the processing of things like firewall filtering, encryption, virus scanning, and traffic shaping. By using these dedicated chips, Fortinet claims that they are the only provider that can screen traffic for viruses at "broadband rates." In other words, other firewall solutions that scan for viruses have higher latency than the Fortinet solutions, according to Fortinet.
Currently, we have two remote site-to-site VPN test locations utilizing Cisco PIX 501 firewalls. These locations are connecting back to a Cisco IOS firewall and working successfully. Having configured the PIX firewalls myself, one of my concerns was the complexity of the configuration and troubleshooting. Once we standardize on a device and roll out the VPN network with these associated firewall/VPN devices, I'll turn this project over to the network administrator and the network support group.
I'd like the end solution to be as simple as possible to troubleshoot, monitor, and modify. While I like Cisco products and I like the idea of standardizing on a Cisco solution, I don't consider the PIX firewalls to be easy to configure, troubleshoot, or monitor. Sure, Cisco PIX devices do offer the PIX Device Manager (PDM), a Java Web-based interface for management. However, I still feel that, even with the Web-based interface, the PIX still lacks a great deal of user-friendliness and simplicity. Again, while I like Cisco products, in my capacity as project manager, I don’t want to have to say, "Here is the excellent solution I came up with, but yes, it is a pain to do many of the day-to-day tasks." I was curious if I could find a solution that does the job, but which the network support group would find easy to work with.
Enter Fortinet
I met with a security consulting firm and, after hearing my requirements, they recommended that I take a look at devices from Fortinet, a company that I had never heard of. The consulting firm told me that, yes, there are a large number of choices available in the VPN/firewall market; however, based on the devices they have looked at, they felt that selecting Fortinet offered "the most bang for the buck" in my case.
Some of you reading this may already be very familiar with Fortinet. For those who aren’t, here's a little background on the company. Ken Xie, the former founder and CEO of Netscreen, founded Fortinet in 2000. I heard that he left Netscreen because he believed strongly in the use of ASICs (Application Specific Integrated Circuits) to run devices like firewalls. At the time, Netscreen disagreed and Xie left to form Fortinet. Today, Fortinet’s Web site says that it is "the only provider of ASIC-powered, network-based antivirus firewalls."
This idea of using ASICs is interesting. I'm not a firewall architecture expert, but this is what I gathered from my research: Cisco devices use a standard RISC or AMD processor (just like you could find in a small UNIX server), RAM, and operating systems with applications. By using ASICs, Fortinet has dedicated chips that speed the processing of things like firewall filtering, encryption, virus scanning, and traffic shaping. By using these dedicated chips, Fortinet claims that they are the only provider that can screen traffic for viruses at "broadband rates." In other words, other firewall solutions that scan for viruses have higher latency than the Fortinet solutions, according to Fortinet.
Aptec gets Cisco business on Track
The TDME business was formed from the acquisition of Tech Data Middle East more than two years ago, and as Ali Baghdadi, President and CEO at Aptec explains, the time has come for the brand to be revamped.
"When we acquired Tech Data we chose a name which would give us the freedom of branding, but at the same time was close to Tech Data, so TDME stood for both TD Middle East and Track Distribution Middle East," he points out. "Now that Tech Data has gone, people know TDME, so we have just rebranded TDME into Track Distribution. Track is also going to get outside the boundaries of the Middle East, so the change is in preparation for that."
Baghdadi explains that Track will function as a "Cisco technology-centric" outfit that also provides solutions from complementary vendors such as Linksys, APC and McAfee.
The rebranding is being accompanied by a concerted push into the services market, with Aptec building on the foundations of its independent services business, ATS. "We have created within ATS a Cisco services group offering implementation, network audit services, project management and design to resellers which do not wish to invest in manpower," explains Baghdadi.
Track has access to a team of more than 30 certified engineers with expertise in Cisco installation and configuration. Resellers will be able to purchase the support and consultancy services from the company, and even market them as their own resources when completing a customer project if they wish.
In addition to the services element, Track is also pioneering an ‘ISV club', which seeks to facilitate relationships between local and global software developers on behalf of Cisco.
Aptec remains one of the most established technology distributors in the Middle East. The company was officially registered 30 years ago this month and next year it will celebrate an impressive three decades in business.
"When we acquired Tech Data we chose a name which would give us the freedom of branding, but at the same time was close to Tech Data, so TDME stood for both TD Middle East and Track Distribution Middle East," he points out. "Now that Tech Data has gone, people know TDME, so we have just rebranded TDME into Track Distribution. Track is also going to get outside the boundaries of the Middle East, so the change is in preparation for that."
Baghdadi explains that Track will function as a "Cisco technology-centric" outfit that also provides solutions from complementary vendors such as Linksys, APC and McAfee.
The rebranding is being accompanied by a concerted push into the services market, with Aptec building on the foundations of its independent services business, ATS. "We have created within ATS a Cisco services group offering implementation, network audit services, project management and design to resellers which do not wish to invest in manpower," explains Baghdadi.
Track has access to a team of more than 30 certified engineers with expertise in Cisco installation and configuration. Resellers will be able to purchase the support and consultancy services from the company, and even market them as their own resources when completing a customer project if they wish.
In addition to the services element, Track is also pioneering an ‘ISV club', which seeks to facilitate relationships between local and global software developers on behalf of Cisco.
Aptec remains one of the most established technology distributors in the Middle East. The company was officially registered 30 years ago this month and next year it will celebrate an impressive three decades in business.
Wednesday, March 10, 2010
Cisco Systems promotes WiFi tech
The products on display appear under Cisco's Linksys brand and three products in particular are being focused on: the WET610N wireless bridge, the NMH410 media hub and the WAG320N dual band wireless gateway.
"These products will help end users consume their media," says Amanulla Khan, Regional Manager MEA of Cisco's Consumer Business Group. "The NMH40 media hub makes it very easy for consumers to access their content wirelessly across their homes. Our media hub is far different from regular NAS devices which traditionally come from enterprise backgrounds, which makes those devices hard to configure. Our devices are easy to configure, we've taken the complexity out," explains Khan.
The NMH410 is capable of running three HD streams simultaneously and the company says this is thanks to its 5GHz dual band wireless-N design. This hub features a front-mounted LCD, packs a memory card reader and can be attached to a hard disk.
Khan is convinced that WiFi products sell themselves, saying, "People that adopt a simple WiFi network to use the internet on their laptops automatically realise there are greater possibilities with this technology. The bandwidth demands start low with basic internet sharing and then increase as users start accessing movies, music and other types of content over their networks.
"Wireless networks enable a great user experience, allowing consumers to interconnect their Xbox 360 or PlayStation 3 consoles, digital photo frames and media hubs," says Khan.
When pressed about Linksys' power-line networking hardware, Khan concludes, "We offer a full range of power-line networking hardware, but we believe it compliments WiFi. In big houses where range might be an issue, a power-line solution can help bridge the gap."
"These products will help end users consume their media," says Amanulla Khan, Regional Manager MEA of Cisco's Consumer Business Group. "The NMH40 media hub makes it very easy for consumers to access their content wirelessly across their homes. Our media hub is far different from regular NAS devices which traditionally come from enterprise backgrounds, which makes those devices hard to configure. Our devices are easy to configure, we've taken the complexity out," explains Khan.
The NMH410 is capable of running three HD streams simultaneously and the company says this is thanks to its 5GHz dual band wireless-N design. This hub features a front-mounted LCD, packs a memory card reader and can be attached to a hard disk.
Khan is convinced that WiFi products sell themselves, saying, "People that adopt a simple WiFi network to use the internet on their laptops automatically realise there are greater possibilities with this technology. The bandwidth demands start low with basic internet sharing and then increase as users start accessing movies, music and other types of content over their networks.
"Wireless networks enable a great user experience, allowing consumers to interconnect their Xbox 360 or PlayStation 3 consoles, digital photo frames and media hubs," says Khan.
When pressed about Linksys' power-line networking hardware, Khan concludes, "We offer a full range of power-line networking hardware, but we believe it compliments WiFi. In big houses where range might be an issue, a power-line solution can help bridge the gap."
Cisco plans to acquire Tandberg
The proposed deal, which has been endorsed by Tandberg's board of directors, is expected to close in the first half of 2010.
The acquisition will allow Cisco to take a lead in the video conferencing sector, which has traditionally been dominated by Tandberg and its US rival Polycom.
Cisco has invested heavily in its high end telepresence offering in recent years, but lacks the lower end desktop video conferencing products necessary to help gain traction in a fast growing sector estimated to be worth $34 billion.
Cisco is also expected to benefit from Tandberg's standards-based video conferencing technology, which is fully interoperable with standards-based equipment from rival vendors.
"This interoperability will benefit Cisco's customers, but also competitors and partners by accelerating customer interest in video collaboration globally," the company said in a statement.
John Chambers, CEO, Cisco cited a "shared vision" for collaboration and video conferencing technologies as one factor behind the proposed deal.
"Cisco and Tandberg have remarkably similar cultures and a shared vision to change the way the world works through collaboration and video communications technologies," he said.
"Collaboration is a $34 billion market and is growing rapidly-enabled by networked Web 2.0 technologies. This acquisition showcases Cisco's financial strength and ability to quickly capture key market transitions for growth," he added.
Once the deal is complete, Tandberg's CEO Fredrik Halvorsen is expected to lead the new ‘TelePresence Technology Group' within Cisco, reporting to Marthin De Beer, senior vice president of the company's Emerging Technologies Group.
Under the terms of the deal, Cisco will make a cash offer to purchase all the outstanding shares of Tandberg for 153.5 Norwegian Kroner per share, amounting to about $3.0 billion and representing an 11% premium on Wednesday's closing price of Tandberg's stock, and a 25.2% premium to the three-month volume weighted average closing price, Cisco said.
The acquisition will allow Cisco to take a lead in the video conferencing sector, which has traditionally been dominated by Tandberg and its US rival Polycom.
Cisco has invested heavily in its high end telepresence offering in recent years, but lacks the lower end desktop video conferencing products necessary to help gain traction in a fast growing sector estimated to be worth $34 billion.
Cisco is also expected to benefit from Tandberg's standards-based video conferencing technology, which is fully interoperable with standards-based equipment from rival vendors.
"This interoperability will benefit Cisco's customers, but also competitors and partners by accelerating customer interest in video collaboration globally," the company said in a statement.
John Chambers, CEO, Cisco cited a "shared vision" for collaboration and video conferencing technologies as one factor behind the proposed deal.
"Cisco and Tandberg have remarkably similar cultures and a shared vision to change the way the world works through collaboration and video communications technologies," he said.
"Collaboration is a $34 billion market and is growing rapidly-enabled by networked Web 2.0 technologies. This acquisition showcases Cisco's financial strength and ability to quickly capture key market transitions for growth," he added.
Once the deal is complete, Tandberg's CEO Fredrik Halvorsen is expected to lead the new ‘TelePresence Technology Group' within Cisco, reporting to Marthin De Beer, senior vice president of the company's Emerging Technologies Group.
Under the terms of the deal, Cisco will make a cash offer to purchase all the outstanding shares of Tandberg for 153.5 Norwegian Kroner per share, amounting to about $3.0 billion and representing an 11% premium on Wednesday's closing price of Tandberg's stock, and a 25.2% premium to the three-month volume weighted average closing price, Cisco said.
Tuesday, March 9, 2010
Blue Coat Systems
BLUE COAT PROVIDES ENTERPRISES WITH FIRST REAL-TIME ANTI-PHISHING PROTECTION FOR THE WEB
MALAYSIA, October 16, 2007 – Blue Coat Systems, Inc. (Nasdaq: BCSI), a leader in WAN Application Delivery and Secure Web Gateway, today announced that its Blue Coat® WebFilter™ for Blue Coat ProxySG® appliances now feature Real-Time Anti-Phishing protection. This capability—an industry first—can protect enterprise or organization employees by blocking access to phishing Websites or by warning users that they are attempting to open a phishing Web page that could expose them to potential fraud or theft.
Most of the industry’s currently available anti-phishing solutions provide protection solely by checking a user’s Web URL requests against a database of known phishing sites. Phishing sites, however, are generally short-lived and each day hundreds of new ones appear, so the practice of evaluating a requested page against a database is generally ineffective. Rather than solely depending on a database, the Blue Coat Real-Time Anti-Phishing protection technology is the first to assess a Website “on the fly” and examine it based on proprietary algorithms. This process can even be performed on sites using SSL-encryption.
Phishing: a Growing Threat
Phishing, the practice of luring an unsuspecting person to a counterfeit Website resembling a legitimate site and tricking the user to reveal logins, passwords credit card information and other private information, has resulted in a growing amount of identity theft, robbery and fraud. According to industry researchers, the average losses from phishing are now over $3,000 per incident and the total damages suffered by users victimized by phishing are well over $1 billion per year. Banking and retail sites, including Amazon.com, Ebay and PayPal, have been some of the most popular for criminals to impersonate with counterfeit sites using phishing schemes.
Phishing begins with a criminal sending a convincing looking email to a person and tricking the user to click on a link to a Web page that fraudulently purports to be a legitimate page from a bank, services company or retailer. A person may be tricked into revealing a user name and password or other information that would then give a criminal access to a bank, credit card or service or retail shopping account. The new Blue Coat Real-Time Anti-Phishing protection technology assesses the Web page being requested as the user clicks on the link. If the page is not found in the Blue Coat WebFilter database, a query is sent to a data center in Blue Coat Labs where the Web page is analyzed automatically in real time. The service will then categorize the page. If the Web page is categorized as a phishing site, the Blue Coat ProxySG appliance will block the requested Web page or warn the user. The entire process can be completed in between 250–750 milliseconds.
Real-Time Protection
Blue Coat Real-Time Anti-Phishing protection technology is the latest addition to the unique Dynamic Real-Time Rating (DRTR) service of the Blue Coat WebFilter product. Similar to the anti-phishing capability, URL requests for brand new or previously undiscovered Websites made by users of the WebFilter product can be assessed in real time and categorized as pornography, gambling, spyware sources or some other possibly dangerous or inappropriate Website. In addition, Blue Coat ProxySG appliances can automatically check for credential discrepancies of secure Websites that could indicate a rouge site.
“Phishing has become a lucrative vocation for criminals, and to date there has been very little standing in its way to thwart its success,” said Bethany Mayer, senior vice president, Worldwide Marketing, Blue Coat Systems. “Since the Web is constantly changing, it is important not to rely simply on protection from a static URL database. With new sites constantly popping up, the best protection for Web users comes from the ability to conduct real-time assessment and categorization, such as from Blue Coat Real-Time Anti-Phishing protection technology.”
Blue Coat WebFilter
Blue Coat WebFilter is a powerful web filtering solution that runs on Blue Coat ProxySG appliances. It helps enterprises, organizations and service providers protect their users and networks from Internet threats and abuse. While WebFilter utilizes an on-proxy database of over 15 million website ratings representing billions of web pages of real Internet usage, the product also uses DRTR to access and categorize new or previously undiscovered Websites.
Blue Coat ProxySG Appliances
ProxySG appliances protect enterprises or organizations against malware, including Web viruses and spyware, provide URL filtering and manage the use of Internet applications for policy or bandwidth consumption, including instant messaging, streaming media and peer-to-peer file sharing. ProxySG appliances also accelerate business-critical applications or content at the Internet gateway or across an organization’s Wide Area Network (WAN).
MALAYSIA, October 16, 2007 – Blue Coat Systems, Inc. (Nasdaq: BCSI), a leader in WAN Application Delivery and Secure Web Gateway, today announced that its Blue Coat® WebFilter™ for Blue Coat ProxySG® appliances now feature Real-Time Anti-Phishing protection. This capability—an industry first—can protect enterprise or organization employees by blocking access to phishing Websites or by warning users that they are attempting to open a phishing Web page that could expose them to potential fraud or theft.
Most of the industry’s currently available anti-phishing solutions provide protection solely by checking a user’s Web URL requests against a database of known phishing sites. Phishing sites, however, are generally short-lived and each day hundreds of new ones appear, so the practice of evaluating a requested page against a database is generally ineffective. Rather than solely depending on a database, the Blue Coat Real-Time Anti-Phishing protection technology is the first to assess a Website “on the fly” and examine it based on proprietary algorithms. This process can even be performed on sites using SSL-encryption.
Phishing: a Growing Threat
Phishing, the practice of luring an unsuspecting person to a counterfeit Website resembling a legitimate site and tricking the user to reveal logins, passwords credit card information and other private information, has resulted in a growing amount of identity theft, robbery and fraud. According to industry researchers, the average losses from phishing are now over $3,000 per incident and the total damages suffered by users victimized by phishing are well over $1 billion per year. Banking and retail sites, including Amazon.com, Ebay and PayPal, have been some of the most popular for criminals to impersonate with counterfeit sites using phishing schemes.
Phishing begins with a criminal sending a convincing looking email to a person and tricking the user to click on a link to a Web page that fraudulently purports to be a legitimate page from a bank, services company or retailer. A person may be tricked into revealing a user name and password or other information that would then give a criminal access to a bank, credit card or service or retail shopping account. The new Blue Coat Real-Time Anti-Phishing protection technology assesses the Web page being requested as the user clicks on the link. If the page is not found in the Blue Coat WebFilter database, a query is sent to a data center in Blue Coat Labs where the Web page is analyzed automatically in real time. The service will then categorize the page. If the Web page is categorized as a phishing site, the Blue Coat ProxySG appliance will block the requested Web page or warn the user. The entire process can be completed in between 250–750 milliseconds.
Real-Time Protection
Blue Coat Real-Time Anti-Phishing protection technology is the latest addition to the unique Dynamic Real-Time Rating (DRTR) service of the Blue Coat WebFilter product. Similar to the anti-phishing capability, URL requests for brand new or previously undiscovered Websites made by users of the WebFilter product can be assessed in real time and categorized as pornography, gambling, spyware sources or some other possibly dangerous or inappropriate Website. In addition, Blue Coat ProxySG appliances can automatically check for credential discrepancies of secure Websites that could indicate a rouge site.
“Phishing has become a lucrative vocation for criminals, and to date there has been very little standing in its way to thwart its success,” said Bethany Mayer, senior vice president, Worldwide Marketing, Blue Coat Systems. “Since the Web is constantly changing, it is important not to rely simply on protection from a static URL database. With new sites constantly popping up, the best protection for Web users comes from the ability to conduct real-time assessment and categorization, such as from Blue Coat Real-Time Anti-Phishing protection technology.”
Blue Coat WebFilter
Blue Coat WebFilter is a powerful web filtering solution that runs on Blue Coat ProxySG appliances. It helps enterprises, organizations and service providers protect their users and networks from Internet threats and abuse. While WebFilter utilizes an on-proxy database of over 15 million website ratings representing billions of web pages of real Internet usage, the product also uses DRTR to access and categorize new or previously undiscovered Websites.
Blue Coat ProxySG Appliances
ProxySG appliances protect enterprises or organizations against malware, including Web viruses and spyware, provide URL filtering and manage the use of Internet applications for policy or bandwidth consumption, including instant messaging, streaming media and peer-to-peer file sharing. ProxySG appliances also accelerate business-critical applications or content at the Internet gateway or across an organization’s Wide Area Network (WAN).
Leviton joins Cisco program
The Cisco Technology Developer Program is intended to develop integrated solutions using Cisco solutions and third party hardware and software.
As a member of the program, Leviton shares Cisco's strong commitment to customer service and satisfaction, and is required to undergo interoperability testing based on criteria set forth by Cisco. With Cisco Technology Developer Program member offerings such as Leviton Fiber Connect's High Density Data Centre Port Replicated Patch Panel Series, F8xLx-576 and interconnect infrastructure, customers can more quickly deploy a broad range of Cisco compatible business applications to enhance the capabilities, performance, and management of their network.
Leviton Fiber Connect's High Density Data Centre Port Replicated Patch Panel Series, F8xLx-576 and interconnect components have also completed interoperability testing with Cisco solutions.
As a member of the program, Leviton shares Cisco's strong commitment to customer service and satisfaction, and is required to undergo interoperability testing based on criteria set forth by Cisco. With Cisco Technology Developer Program member offerings such as Leviton Fiber Connect's High Density Data Centre Port Replicated Patch Panel Series, F8xLx-576 and interconnect infrastructure, customers can more quickly deploy a broad range of Cisco compatible business applications to enhance the capabilities, performance, and management of their network.
Leviton Fiber Connect's High Density Data Centre Port Replicated Patch Panel Series, F8xLx-576 and interconnect components have also completed interoperability testing with Cisco solutions.
Cisco’s new router delivers 322 tbps of capacity
Cisco has announced its CRS-3 Carrier Routing System (CRS) that the company says “is designed to transform the broadband communication and entertainment industry” owing to it offering a capacity of up to 322 Terabits per second.
The CRS-3’s 322 tbps of capacity more than triples the 92 tbps capacity of the Cisco CRS-1 and represents more than 12 times the capacity of any other core router in the industry.
With this kind of capacity, Cisco says that the entire printed collection of the Library of Congress can be downloaded in just over one second; every man, woman and child in China can make a video call, simultaneously; and every motion picture ever created can be streamed in less than four minutes.
The company has invested US $1.6 billion in the Cisco CRS family, and the CRS-3, which is currently in field trials, will have its pricing set at US $90,000. The CRS-3 is also said to offer up to 60 percent savings on power consumption compared to competitive platforms and Cisco CRS-1 customers will be able to upgrade to CRS-3 with the aid of Cisco Services.
Keith Cambron, president and CEO, AT&T Labs, says, "We are entering the next stage of global communication and entertainment services and applications, which requires a new set of advanced Internet networking technologies. AT&T's network handled 40 percent more traffic in 2009 than it did in the previous year, and we continue to see this growth in 2010. Having leading edge experience in managing the largest global data network, we are pleased to continue our close working relationship with Cisco and its groundbreaking Cisco CRS-3 platform."
Pankaj Patel, senior vice president and general manager, Service Provider Business, Cisco, has said, "The next generation Internet is upon us and we are confident that the Cisco CRS-3 will play a crucial role as service providers like AT&T deliver an exciting, new array of video, mobile, data center and cloud services. The Cisco CRS-3 is well positioned to carry on the tradition of the Cisco CRS-1, become the flagship router of the future and serves as the foundation for the world's most intelligent and advanced broadband networks."
The CRS-3’s 322 tbps of capacity more than triples the 92 tbps capacity of the Cisco CRS-1 and represents more than 12 times the capacity of any other core router in the industry.
With this kind of capacity, Cisco says that the entire printed collection of the Library of Congress can be downloaded in just over one second; every man, woman and child in China can make a video call, simultaneously; and every motion picture ever created can be streamed in less than four minutes.
The company has invested US $1.6 billion in the Cisco CRS family, and the CRS-3, which is currently in field trials, will have its pricing set at US $90,000. The CRS-3 is also said to offer up to 60 percent savings on power consumption compared to competitive platforms and Cisco CRS-1 customers will be able to upgrade to CRS-3 with the aid of Cisco Services.
Keith Cambron, president and CEO, AT&T Labs, says, "We are entering the next stage of global communication and entertainment services and applications, which requires a new set of advanced Internet networking technologies. AT&T's network handled 40 percent more traffic in 2009 than it did in the previous year, and we continue to see this growth in 2010. Having leading edge experience in managing the largest global data network, we are pleased to continue our close working relationship with Cisco and its groundbreaking Cisco CRS-3 platform."
Pankaj Patel, senior vice president and general manager, Service Provider Business, Cisco, has said, "The next generation Internet is upon us and we are confident that the Cisco CRS-3 will play a crucial role as service providers like AT&T deliver an exciting, new array of video, mobile, data center and cloud services. The Cisco CRS-3 is well positioned to carry on the tradition of the Cisco CRS-1, become the flagship router of the future and serves as the foundation for the world's most intelligent and advanced broadband networks."
Monday, March 8, 2010
Cisco splits from HP
In a statement, Cisco said that it will not renew HP's reseller contract when it ends in April, citing increased competition between the two in the data centre sector.
HP had been a strong partner for Cisco, but with the announcement of Cisco's Unified Computing System (UCS) data centre offerings in November, and HP's purchase of 3Com, Cisco decided that it wanted to terminate the relationship.
Keith Goodwin, senior vice president of Cisco's worldwide partner organisation said in a statement: "Being a Cisco Certified Channel Partner has numerous benefits including access to proprietary information (such as product roadmaps) and partner profitability initiatives. Given the evolution of our relationship it simply no longer makes sense to provide these benefits to HP."
The two companies have said they will continue to support existing customers.
Ovum analysts Adam Jura and Jens Butler said that the major winners will be Cisco's other major partners.
"In the cold light of day, it appears that HP needs Cisco more than Cisco needs HP, with the 3Com acquisition expected to still take some time to be completely integrated. In addition, the QLogic partnership expansion will also demand substantial time and effort to fully cascade through and convert into real business opportunity," said Ovum.
"Conversely, Cisco will need to be able to have better business value conversations with clients, as HP has been clearly superior in this area. With this change in direction, Cisco will still require someone to implement its products going forward. Hence, the major winners out of this will be the remaining partners, in particular Dimension Data (incorporating Datakraft), which is continuing to impress in its performance in the Cisco products and solutions implementation space. In light of Cisco's strategy of enabling versus competing against partner services offerings, expect, in particular, DiData to be blessed with more attention from Cisco going forward," the statement concluded.
HP had been a strong partner for Cisco, but with the announcement of Cisco's Unified Computing System (UCS) data centre offerings in November, and HP's purchase of 3Com, Cisco decided that it wanted to terminate the relationship.
Keith Goodwin, senior vice president of Cisco's worldwide partner organisation said in a statement: "Being a Cisco Certified Channel Partner has numerous benefits including access to proprietary information (such as product roadmaps) and partner profitability initiatives. Given the evolution of our relationship it simply no longer makes sense to provide these benefits to HP."
The two companies have said they will continue to support existing customers.
Ovum analysts Adam Jura and Jens Butler said that the major winners will be Cisco's other major partners.
"In the cold light of day, it appears that HP needs Cisco more than Cisco needs HP, with the 3Com acquisition expected to still take some time to be completely integrated. In addition, the QLogic partnership expansion will also demand substantial time and effort to fully cascade through and convert into real business opportunity," said Ovum.
"Conversely, Cisco will need to be able to have better business value conversations with clients, as HP has been clearly superior in this area. With this change in direction, Cisco will still require someone to implement its products going forward. Hence, the major winners out of this will be the remaining partners, in particular Dimension Data (incorporating Datakraft), which is continuing to impress in its performance in the Cisco products and solutions implementation space. In light of Cisco's strategy of enabling versus competing against partner services offerings, expect, in particular, DiData to be blessed with more attention from Cisco going forward," the statement concluded.
Knowledge Is Power: Cisco Announces Agenda for Networkers at Cisco Live 2010
Cisco (NASDAQ: CSCO) today announced the agenda for Networkers at Cisco Live 2010, taking place in Barcelona, 25-28 January. Based on the theme 'Knowledge Is Power,' Networkers at Cisco Live 2010 will equip delegates with the technical knowledge required to stay competitive in today's economy. For those unable to attend the event in Barcelona, an additional one-day virtual event will be held at Cisco Live on Tuesday, 26 Jan., incorporating key elements from the main agenda, such as the keynotes, technical training sessions and a virtual chat with Cisco keynoter Marthin De Beer. (Click the link for additional information and to register for the virtual event.)
Key Facts
Now in its 19th year, Networkers at Cisco Live is Cisco's European flagship annual technology conference and exhibition.
Agenda highlights will be available virtually on Cisco Live.
Keynotes this year will be delivered by leading technology thinkers Marthin De Beer, senior vice president of Cisco's Emerging Technologies Business Group, and Professor Bruce Thomas, director of the Wearable Computer Laboratory at the University of South Australia.
De Beer is a technology visionary who has led the development of innovative and leading-edge technologies such as Cisco TelePresence™, Digital Media Systems, IP Video Surveillance and Smart Grid solutions, cultivating a steady stream of new businesses that take Cisco into adjacent markets.
As a leading academic on wearable computers, augmented reality and virtual reality, Thomas works to make first-person perspective applications a reality. In addition to his keynote, Thomas will be giving live demonstrations of his current projects at the World of Solutions, the primary exhibition area for Networkers at Cisco Live 2010.
Event highlights
More than 240 technical training and educational sessions for delegates
Opportunity to meet with dozens of Cisco experts through the Meet the Engineer program and at the Cisco Technical Design Clinics on a one-to-one basis
Super Sessions on Collaboration and Data Centre
Onsite Innovation Centre celebrating 25 years of Cisco technology
World of Solutions, the interactive learning area of Networkers at Cisco Live 2010 featuring more than 60 exhibitors
Opportunity to see live webcasts of keynote sessions on Cisco Live!
Supporting Quotes
"Networkers at Cisco Live remains the most important customer event in our European calendar, bringing together more than 5,000 IT networking professionals from across Europe all under one roof. Under the theme 'Knowledge Is Power,' Networkers at Cisco Live 2010 will equip organizations with the technical knowledge, particularly in the area of new collaboration technologies, needed to stay competitive in today's economy," said Amanda Jobbins, vice president, European Marketing, Cisco.
Supporting Resources
Networkers at Cisco Live official website
View the event agenda
Delegate registration for Networkers at Cisco Live
Watch a personal invitation from Amanda Jobbins
Follow Networkers 2010 on Twitter
About Networkers at Cisco Live 2010
Following many years as the IT industry's leading educational, training and networking conference, Europe's flagship technology event Cisco Networkers will join the Cisco Live family in 2010. Continuing to meet the complex requirements of IT and communications professionals, Networkers at Cisco Live will equip delegates and their organisations with the technical knowledge needed to stay competitive in today's challenging economy. This must attend event takes place in the vibrant city of Barcelona and is not to be missed by anyone wanting to learn about smarter, more powerful approaches to the way we work, live, play and learn.
Key Facts
Now in its 19th year, Networkers at Cisco Live is Cisco's European flagship annual technology conference and exhibition.
Agenda highlights will be available virtually on Cisco Live.
Keynotes this year will be delivered by leading technology thinkers Marthin De Beer, senior vice president of Cisco's Emerging Technologies Business Group, and Professor Bruce Thomas, director of the Wearable Computer Laboratory at the University of South Australia.
De Beer is a technology visionary who has led the development of innovative and leading-edge technologies such as Cisco TelePresence™, Digital Media Systems, IP Video Surveillance and Smart Grid solutions, cultivating a steady stream of new businesses that take Cisco into adjacent markets.
As a leading academic on wearable computers, augmented reality and virtual reality, Thomas works to make first-person perspective applications a reality. In addition to his keynote, Thomas will be giving live demonstrations of his current projects at the World of Solutions, the primary exhibition area for Networkers at Cisco Live 2010.
Event highlights
More than 240 technical training and educational sessions for delegates
Opportunity to meet with dozens of Cisco experts through the Meet the Engineer program and at the Cisco Technical Design Clinics on a one-to-one basis
Super Sessions on Collaboration and Data Centre
Onsite Innovation Centre celebrating 25 years of Cisco technology
World of Solutions, the interactive learning area of Networkers at Cisco Live 2010 featuring more than 60 exhibitors
Opportunity to see live webcasts of keynote sessions on Cisco Live!
Supporting Quotes
"Networkers at Cisco Live remains the most important customer event in our European calendar, bringing together more than 5,000 IT networking professionals from across Europe all under one roof. Under the theme 'Knowledge Is Power,' Networkers at Cisco Live 2010 will equip organizations with the technical knowledge, particularly in the area of new collaboration technologies, needed to stay competitive in today's economy," said Amanda Jobbins, vice president, European Marketing, Cisco.
Supporting Resources
Networkers at Cisco Live official website
View the event agenda
Delegate registration for Networkers at Cisco Live
Watch a personal invitation from Amanda Jobbins
Follow Networkers 2010 on Twitter
About Networkers at Cisco Live 2010
Following many years as the IT industry's leading educational, training and networking conference, Europe's flagship technology event Cisco Networkers will join the Cisco Live family in 2010. Continuing to meet the complex requirements of IT and communications professionals, Networkers at Cisco Live will equip delegates and their organisations with the technical knowledge needed to stay competitive in today's challenging economy. This must attend event takes place in the vibrant city of Barcelona and is not to be missed by anyone wanting to learn about smarter, more powerful approaches to the way we work, live, play and learn.
About Cisco NetFlow
Cisco NetFlow is a Cisco developed flow technology that allows bandwidth monitoring of a network. NetFlow Analyzer is a software that uses Cisco NetFlow to monitor bandwidth and runs in windows and linux. Cisco routers/switching devices export NetFlow as UDP packets. Cisco NetFlow is one of the flows, among other flows, that is used to monitor bandwidth in the network. These Cisco NetFlow packets can be analyzed using NetFlow Analyzer, to monitor bandwidth, to gather information on the top talkers, applications and many other features. Network traffic analysis is one of the uses of NetFlow Analyzer. NetFlow Analyzer delivers easy-to-understand reports on in-depth traffic analysis and network bandwidth monitoring.
Cisco NetFlow allows for extremely granular and accurate bandwidth monitoring by recording network traffic into the device cache. Since network traffic has a flow nature to it, the NetFlow accounting data that is built in the cache, characterizes the IP traffic being forwarded. Various screen shots of the network traffic report that can be generated using NetFlow Analyzer have been given here.
Cisco NetFlow data records exported by routers and switches consist of expired traffic flows with detailed traffic statistics useful to monitor bandwidth and network traffic analysis. These flows contain information about source and destination IP addresses along with the protocols and ports used in the end-to-end conversation.
This exported NetFlow data is collected and analyzed by NetFlow Analyzer to generate reports on top hosts, top applications, top conversations and top talkers using the bandwidth in your network.
Cisco NetFlow combined with NetFlow Analyzer yields valuable information about the behavior of traffic and bandwidth monitoring on your network. Armed with this information, it is easier to make critical decisions on bandwidth capacity, security, and optimal usage of network infrastructure.
NetFlow traffic statistics
The latest version of NetFlow Analyzer supports Cisco Netflow version 5, version 7 & version 9 exports.
While NetFlow version 5 is the most used version supported on routers, NetFlow version 7 is an enhancement that exclusively supports NetFlow with Cisco Catalyst 5000 series switches equipped with a NetFlow feature card (NFFC). NetFlow version 7 is not compatible with Cisco routers. NetFlow version 9 is the recent addition to the series.
Cisco NetFlow allows for extremely granular and accurate bandwidth monitoring by recording network traffic into the device cache. Since network traffic has a flow nature to it, the NetFlow accounting data that is built in the cache, characterizes the IP traffic being forwarded. Various screen shots of the network traffic report that can be generated using NetFlow Analyzer have been given here.
Cisco NetFlow data records exported by routers and switches consist of expired traffic flows with detailed traffic statistics useful to monitor bandwidth and network traffic analysis. These flows contain information about source and destination IP addresses along with the protocols and ports used in the end-to-end conversation.
This exported NetFlow data is collected and analyzed by NetFlow Analyzer to generate reports on top hosts, top applications, top conversations and top talkers using the bandwidth in your network.
Cisco NetFlow combined with NetFlow Analyzer yields valuable information about the behavior of traffic and bandwidth monitoring on your network. Armed with this information, it is easier to make critical decisions on bandwidth capacity, security, and optimal usage of network infrastructure.
NetFlow traffic statistics
The latest version of NetFlow Analyzer supports Cisco Netflow version 5, version 7 & version 9 exports.
While NetFlow version 5 is the most used version supported on routers, NetFlow version 7 is an enhancement that exclusively supports NetFlow with Cisco Catalyst 5000 series switches equipped with a NetFlow feature card (NFFC). NetFlow version 7 is not compatible with Cisco routers. NetFlow version 9 is the recent addition to the series.
Sunday, March 7, 2010
Strengthen your network defenses with these four steps
What are network defenses?
At first, the subject of network defenses might seem redundant or very general. However, there’s nothing redundant or general about this area. Network defenses address the issues involved in connecting networks to each other and in operating a network as a whole. Network defenses don’t address things such as external firewalls or dial up connections, since the perimeter security layer covers these. Nor do network defenses cover individual servers and workstations, since the host-defenses layer covers these. Instead, network defenses cover things like protocols and routers.
Internal firewalls
Just because the subject of network defenses doesn’t cover external firewalls, it doesn’t mean that it doesn’t cover firewalls at all. One of the first steps that I recommend taking toward securing your network defenses is to enable internal firewalls where possible. Internal firewalls are basically the same as external firewalls. The main difference is that their primary job is to protect the machine against traffic that is already on your network. There are a couple of reasons for implementing internal firewalls.
First, imagine for a moment that a hacker or a virus was able to manipulate your external firewall in a way that allowed all varieties of traffic to flow through it. Normally, this would mean that it was open season against your network. However, if you had enabled internal firewalls, the internal firewalls would block the malicious packets that the external firewall had let slip through.
The other main reason for enabling some internal firewalls is that many attacks tend to be internal in nature. At first, you might hear this statement and think that an internal attack couldn’t possibly happen on your network, but I’ve seen internal attacks and other security breaches in every company that I’ve ever worked for.
At two of the places that I used to work, people in other departments who were hacker or administrator wannabes thought that it would be cool to probe the network to see how much information they could acquire. In both cases, they had no ill intent (or so they said), they were just looking to impress their friends by hacking the system. Whatever their motivation, they did attempt to break through the network’s security. You’ve got to protect your network from people like this.
In other places that I’ve worked, I’ve seen people bring in unauthorized software that was infected with Trojan horses (remember “Back Orifice”?). These Trojan horses would then broadcast on specific ports. The firewall was powerless to stop malicious packets from entering the network because the packets were already on the network.
This actually brings up an interesting point: Most of the techs I know configure their external firewalls to block all but a few inbound ports and to allow all outbound traffic. I recommend being just as picky with the outbound ports as you are with the inbound ports because you never know when a Trojan horse could be using some obscure port to broadcast information about your network to the world.
Internal firewalls ideally should be placed on each PC and on each server. There are several good personal firewall products on the market, such as Norton’s Personal Firewall 2003 from Symantec. However, you may not have to spend a dime on an internal firewall for your workstations as Windows XP contains its own built in personal firewall.
To enable the Windows XP firewall, right-click on My Network Places and select the Properties command from the resulting shortcut menu to display the Network Connections window. Next, right-click on the network connection that you want to protect and select Properties. Now, select the Advanced tab and then click on the check box in the Internet Connection Firewall section. There’s also a Settings button that you can click to enable any ports that should remain open. Although the Windows XP firewall is intended as an Internet firewall, it works great as an internal firewall as well.
Encryption
The next step that I recommend taking is to encrypt your network traffic. Begin by implementing IPSec wherever possible. However, there are a few things that you need to know about implementing IPSec security.
When you configure a machine to use IPSec, you have the option of configuring IPSec to either request encryption or to require encryption. If you configure IPSec to require encryption, then any machine that the machine attempts to connect to will be informed that encryption is required. If the other machine is capable of IPSec encryption, then a secure channel will be established and the communications session will begin. If, on the other hand, the other machine is incapable of IPSec encryption, then the communications session will be denied because the required encryption can’t occur.
The request encryption option works a little differently. When a machine requests a connection, it also requests encryption. If both machines support IPSec encryption, then a secure channel is established and communications begin. If one of the machines doesn’t support IPSec encryption, then the communications session is established anyway, but the data simply isn’t encrypted.
For this reason, there are a couple of things that I recommend doing. First, I recommend placing all of the servers within a site on a secure network. This network should be completely isolated from the normal network. Each server that users require access to should have two network cards, one for connecting to the main network and the other for connecting to the private server network. The server network should consist of only servers and should have a dedicated hub or switch.
By implementing such a configuration, you create a dedicated backbone between the servers. All server-based traffic, such as RPC traffic and traffic used for replication, can flow across this dedicated backbone. By doing so, you’ve helped to secure the server-based traffic and you’ve increased the amount of available bandwidth on the main network.
Next, I recommend implementing IPSec. For the server-only network, IPSec should be configured to require encryption. After all, this network consists of nothing but servers, so unless you’ve got UNIX, Linux, Macintosh, or some other non-Microsoft server, there’s no reason why all of your servers shouldn’t support IPSec. Therefore, you’re perfectly safe requiring encryption.
Now, for all of the workstations and the server connections on the primary network, you should configure the machines to request encryption. By doing so, you’ve achieved the optimal balance between security and functionality.
Unfortunately, IPSec can’t distinguish between network adapters on multihomed computers. Therefore, unless a server is attached exclusively to the server network, you’ll want to use the request encryption option or else clients may not be able to access the server.
Of course IPSec isn’t the only type of encryption available for your network traffic. You must also consider how you’ll secure traffic that flows through your perimeter and the traffic flowing across your wireless networks.
Wireless encryption tends to be a touchy subject these days because the wireless networking devices are still evolving. A lot of administrators view wireless networks as inherently insecure because of the fact that network packets are flying through the air and anyone with a laptop and a wireless NIC card can intercept those packets.
While there are certainly risks associated with wireless networks, in some ways, wireless networks are even more secure than wired networks. The reason is that the primary mechanism for encrypting wireless traffic is WEP encryption. WEP encryption ranges in strength from 40 bit on up to 152 bit or even higher. The actual strength depends on the lowest common denominator. For example, if your access point supports 128-bit WEP encryption, but one of your wireless clients only supports 64-bit WEP encryption, then you’ll be limited to using 64-bit encryption. These days, however, just about all wireless devices support at least 128-bit WEP encryption.
What many administrators fail to realize is that just because wireless networks use WEP encryption, it isn’t the only encryption type that they can use. WEP encryption simply encrypts whatever traffic is flowing across the network. It doesn’t care what type of traffic it is encrypting. Therefore, if you are already encrypting data with IPSec, as you should be, then WEP will simply provide a second level of encryption to the already encrypted data.
Network isolation
If your company is very big, then there’s a good chance that you have a Web server that hosts the company’s Web site. If this Web server doesn’t require access to a backend database or to other resources on your private network, then there’s no reason to place it on your private network. Why run the risk of someone using a Web server as an entry point to your private network when you can fix the problem by isolating the server into its own network?
If your Web server does require access to a database or to some other resource on your private network, then I recommend placing an ISA Server between your firewall and the Web server. Internet users will communicate with the ISA Server rather than with the Web server directly. ISA Server will proxy requests between the users and the Web server. You may then establish an IPSec connection between the Web server and the database server and an SSL connection between the Web server and the ISA Server.
Packet sniffers
After you have taken the necessary steps to secure the traffic flowing across your network, I recommend occasionally using a packet sniffer to monitor network traffic. This is just a precautionary step because it allows you to see what types of traffic are actually present. If you detect unexpected packet types, you can see where those packets are coming from.
The biggest problem with protocol analyzers is that they can be used as a hacker tool. I used to think that it was impossible to detect someone that was using a packet sniffer on my network because of the nature of packet sniffing. Packet sniffers simply watch traffic flowing across the wire and report the contents of each packet. Since packet sniffers don’t transmit packets, how could you possibly detect them?
It’s actually easier than you might think to detect packet sniffing. All you need is a bait machine. The bait machine should be a workstation that no one knows exists except for you. Make sure that the bait machine has an IP address, but is not a part of a domain. Now, place the bait machine on the network and generate some packets. If someone is sniffing the network, the sniffer will pick up the packets that the bait machine produces. The problem is that the sniffer will know the machine’s IP address, but not its host name. Usually, the sniffer will do a DNS lookup to try to determine the machine’s host name. Since you are the only one who knows about the machine, no one should be doing DNS lookups on the machine. Therefore, if you check the DNS logs and see that someone has been doing DNS lookups on your bait machine, then there’s a good chance that the detected machine is sniffing the network.
Another step that you can take toward preventing sniffing is to replace any existing hubs with VLAN switches. The idea is that these switches create virtual networks between the sender and the recipient of a packet. No longer does the packet flow to every machine on the network. Instead it flows directly to its destination. This means that it would be difficult for someone who might be sniffing the network to get anything useful.
These types of switches have another benefit as well. With a standard hub, all of the nodes fall into a single collision domain. This means that if you have 100 Mbps of total bandwidth, then the bandwidth is divided among all of the nodes. However, with a VLAN switch, each virtual LAN has a dedicated amount of bandwidth that it doesn’t have to share. That means that a 100 Mbps switch could potentially handle many hundreds of Mbps at a time, all on different virtual networks. Implementing VLAN switches will improve both security and efficiency.
At first, the subject of network defenses might seem redundant or very general. However, there’s nothing redundant or general about this area. Network defenses address the issues involved in connecting networks to each other and in operating a network as a whole. Network defenses don’t address things such as external firewalls or dial up connections, since the perimeter security layer covers these. Nor do network defenses cover individual servers and workstations, since the host-defenses layer covers these. Instead, network defenses cover things like protocols and routers.
Internal firewalls
Just because the subject of network defenses doesn’t cover external firewalls, it doesn’t mean that it doesn’t cover firewalls at all. One of the first steps that I recommend taking toward securing your network defenses is to enable internal firewalls where possible. Internal firewalls are basically the same as external firewalls. The main difference is that their primary job is to protect the machine against traffic that is already on your network. There are a couple of reasons for implementing internal firewalls.
First, imagine for a moment that a hacker or a virus was able to manipulate your external firewall in a way that allowed all varieties of traffic to flow through it. Normally, this would mean that it was open season against your network. However, if you had enabled internal firewalls, the internal firewalls would block the malicious packets that the external firewall had let slip through.
The other main reason for enabling some internal firewalls is that many attacks tend to be internal in nature. At first, you might hear this statement and think that an internal attack couldn’t possibly happen on your network, but I’ve seen internal attacks and other security breaches in every company that I’ve ever worked for.
At two of the places that I used to work, people in other departments who were hacker or administrator wannabes thought that it would be cool to probe the network to see how much information they could acquire. In both cases, they had no ill intent (or so they said), they were just looking to impress their friends by hacking the system. Whatever their motivation, they did attempt to break through the network’s security. You’ve got to protect your network from people like this.
In other places that I’ve worked, I’ve seen people bring in unauthorized software that was infected with Trojan horses (remember “Back Orifice”?). These Trojan horses would then broadcast on specific ports. The firewall was powerless to stop malicious packets from entering the network because the packets were already on the network.
This actually brings up an interesting point: Most of the techs I know configure their external firewalls to block all but a few inbound ports and to allow all outbound traffic. I recommend being just as picky with the outbound ports as you are with the inbound ports because you never know when a Trojan horse could be using some obscure port to broadcast information about your network to the world.
Internal firewalls ideally should be placed on each PC and on each server. There are several good personal firewall products on the market, such as Norton’s Personal Firewall 2003 from Symantec. However, you may not have to spend a dime on an internal firewall for your workstations as Windows XP contains its own built in personal firewall.
To enable the Windows XP firewall, right-click on My Network Places and select the Properties command from the resulting shortcut menu to display the Network Connections window. Next, right-click on the network connection that you want to protect and select Properties. Now, select the Advanced tab and then click on the check box in the Internet Connection Firewall section. There’s also a Settings button that you can click to enable any ports that should remain open. Although the Windows XP firewall is intended as an Internet firewall, it works great as an internal firewall as well.
Encryption
The next step that I recommend taking is to encrypt your network traffic. Begin by implementing IPSec wherever possible. However, there are a few things that you need to know about implementing IPSec security.
When you configure a machine to use IPSec, you have the option of configuring IPSec to either request encryption or to require encryption. If you configure IPSec to require encryption, then any machine that the machine attempts to connect to will be informed that encryption is required. If the other machine is capable of IPSec encryption, then a secure channel will be established and the communications session will begin. If, on the other hand, the other machine is incapable of IPSec encryption, then the communications session will be denied because the required encryption can’t occur.
The request encryption option works a little differently. When a machine requests a connection, it also requests encryption. If both machines support IPSec encryption, then a secure channel is established and communications begin. If one of the machines doesn’t support IPSec encryption, then the communications session is established anyway, but the data simply isn’t encrypted.
For this reason, there are a couple of things that I recommend doing. First, I recommend placing all of the servers within a site on a secure network. This network should be completely isolated from the normal network. Each server that users require access to should have two network cards, one for connecting to the main network and the other for connecting to the private server network. The server network should consist of only servers and should have a dedicated hub or switch.
By implementing such a configuration, you create a dedicated backbone between the servers. All server-based traffic, such as RPC traffic and traffic used for replication, can flow across this dedicated backbone. By doing so, you’ve helped to secure the server-based traffic and you’ve increased the amount of available bandwidth on the main network.
Next, I recommend implementing IPSec. For the server-only network, IPSec should be configured to require encryption. After all, this network consists of nothing but servers, so unless you’ve got UNIX, Linux, Macintosh, or some other non-Microsoft server, there’s no reason why all of your servers shouldn’t support IPSec. Therefore, you’re perfectly safe requiring encryption.
Now, for all of the workstations and the server connections on the primary network, you should configure the machines to request encryption. By doing so, you’ve achieved the optimal balance between security and functionality.
Unfortunately, IPSec can’t distinguish between network adapters on multihomed computers. Therefore, unless a server is attached exclusively to the server network, you’ll want to use the request encryption option or else clients may not be able to access the server.
Of course IPSec isn’t the only type of encryption available for your network traffic. You must also consider how you’ll secure traffic that flows through your perimeter and the traffic flowing across your wireless networks.
Wireless encryption tends to be a touchy subject these days because the wireless networking devices are still evolving. A lot of administrators view wireless networks as inherently insecure because of the fact that network packets are flying through the air and anyone with a laptop and a wireless NIC card can intercept those packets.
While there are certainly risks associated with wireless networks, in some ways, wireless networks are even more secure than wired networks. The reason is that the primary mechanism for encrypting wireless traffic is WEP encryption. WEP encryption ranges in strength from 40 bit on up to 152 bit or even higher. The actual strength depends on the lowest common denominator. For example, if your access point supports 128-bit WEP encryption, but one of your wireless clients only supports 64-bit WEP encryption, then you’ll be limited to using 64-bit encryption. These days, however, just about all wireless devices support at least 128-bit WEP encryption.
What many administrators fail to realize is that just because wireless networks use WEP encryption, it isn’t the only encryption type that they can use. WEP encryption simply encrypts whatever traffic is flowing across the network. It doesn’t care what type of traffic it is encrypting. Therefore, if you are already encrypting data with IPSec, as you should be, then WEP will simply provide a second level of encryption to the already encrypted data.
Network isolation
If your company is very big, then there’s a good chance that you have a Web server that hosts the company’s Web site. If this Web server doesn’t require access to a backend database or to other resources on your private network, then there’s no reason to place it on your private network. Why run the risk of someone using a Web server as an entry point to your private network when you can fix the problem by isolating the server into its own network?
If your Web server does require access to a database or to some other resource on your private network, then I recommend placing an ISA Server between your firewall and the Web server. Internet users will communicate with the ISA Server rather than with the Web server directly. ISA Server will proxy requests between the users and the Web server. You may then establish an IPSec connection between the Web server and the database server and an SSL connection between the Web server and the ISA Server.
Packet sniffers
After you have taken the necessary steps to secure the traffic flowing across your network, I recommend occasionally using a packet sniffer to monitor network traffic. This is just a precautionary step because it allows you to see what types of traffic are actually present. If you detect unexpected packet types, you can see where those packets are coming from.
The biggest problem with protocol analyzers is that they can be used as a hacker tool. I used to think that it was impossible to detect someone that was using a packet sniffer on my network because of the nature of packet sniffing. Packet sniffers simply watch traffic flowing across the wire and report the contents of each packet. Since packet sniffers don’t transmit packets, how could you possibly detect them?
It’s actually easier than you might think to detect packet sniffing. All you need is a bait machine. The bait machine should be a workstation that no one knows exists except for you. Make sure that the bait machine has an IP address, but is not a part of a domain. Now, place the bait machine on the network and generate some packets. If someone is sniffing the network, the sniffer will pick up the packets that the bait machine produces. The problem is that the sniffer will know the machine’s IP address, but not its host name. Usually, the sniffer will do a DNS lookup to try to determine the machine’s host name. Since you are the only one who knows about the machine, no one should be doing DNS lookups on the machine. Therefore, if you check the DNS logs and see that someone has been doing DNS lookups on your bait machine, then there’s a good chance that the detected machine is sniffing the network.
Another step that you can take toward preventing sniffing is to replace any existing hubs with VLAN switches. The idea is that these switches create virtual networks between the sender and the recipient of a packet. No longer does the packet flow to every machine on the network. Instead it flows directly to its destination. This means that it would be difficult for someone who might be sniffing the network to get anything useful.
These types of switches have another benefit as well. With a standard hub, all of the nodes fall into a single collision domain. This means that if you have 100 Mbps of total bandwidth, then the bandwidth is divided among all of the nodes. However, with a VLAN switch, each virtual LAN has a dedicated amount of bandwidth that it doesn’t have to share. That means that a 100 Mbps switch could potentially handle many hundreds of Mbps at a time, all on different virtual networks. Implementing VLAN switches will improve both security and efficiency.
10 tips for troubleshooting slowdowns in small business networks
Network congestion and slowdowns--whether caused by faulty hardware, negligent users, viruses or spyware applications gone wild, or other factors--lead to serious headaches for network administrators and support personnel. By keeping a wary eye tuned for the following 10 items, IT professionals can help prevent the most common causes of network slowdowns.
#1: Bad NICs
Intermittent network errors, particularly those isolated to a specific workstation or server, can often be traced to a failing network interface card. When you believe a network adapter may be failing, visually inspect the card's LED link lights.
A solid green (or amber) LED indicates the NIC has a good active physical connection with another network device, such as a network switch or router (blinking LEDs typically indicate the NIC possesses an active connection and is processing network traffic). If the LED is not lit green, it's likely the network adapter is disabled within Windows or doesn't have an active connection to the network. It's also possible the cable plugged into the NIC is connected to a nonfunctioning wall-jack or faulty network port.
If you can rule out nonfunctioning wall-jacks and faulty network ports (the easiest method of doing so is to connect the same network connection to a laptop known to have a properly functioning network adapter), and if the network adapter is properly enabled and configured in Windows, it's likely the NIC is bad and requires replacement.
#2: Failing switches/routers
Many network slowdowns are foreshadowed by strange occurrences. For example, regular Web traffic may work properly, but e-mail may stop functioning. Or, regular Web traffic may work properly but attempts to connect to any secure (HTTPS) sites may fail. In other cases, Internet access simply ceases across the board.
Often the best remedy for inconsistent network outages and/or slowdowns is to reboot or power cycle the network's routers/switches. If local network connectivity exists (if users can view and access network shares) but they are not receiving e-mail from external users or cannot access the Internet, rebooting or power cycling the WAN modem can often return the network to proper operation.
If you're having to reboot or power cycle a piece of network equipment consistently, make sure that it's connected to a quality uninterruptible power supply. Power fluctuations often result in confused switches and routers. If a network device is connected to a good UPS and still frequently experiences trouble, it may be necessary to replace the failing switch, router, or modem.
#3: Daisy chaining
As organizations grow, particularly small businesses, outside IT contractors often implement simple solutions. Many consultants choose to simply add a five-port router to an existing four-port router/firewall. Small businesses everywhere boast just such a setup.
However, as switches are added to a network, data packets must navigate additional hops to reach their destination. Each hop complicates network routing. Depending upon the amount of traffic a network must support--and even a small dentist's or doctor's office can easily stress 10/100 Mbps systems due to X-ray imagery, patient file information, and other data--the addition of an extra hop or two can spell the difference between a smooth running network and one that frequently slows employee productivity to unacceptable levels.
Resist the urge to daisy chain multiple network switches and routers. Instead, plan for capacity. Or if unforeseen growth has resulted in successive connected switches, eliminate as many devices as possible through consolidation to a more potent and scalable unit.
#4: NetBIOS conflicts
NetBIOS, still in use on many Windows NT 4.0 networks in particular, contains many built-in processes to catch and manage conflicts. Occasionally, however, those processes don't handle conflicts properly. The result can be inaccessible file shares, increased network congestion, and even outages.
Guard against NetBIOS conflicts by ensuring older Windows systems all receive the most recent service packs. In some cases, Windows NT 4.0 systems having different service packs will generate telltale NetBT (ID 4320) errors.
Strange network behavior can also occur when two systems are given the same computer name or when two systems both believe they serve the master browser role. Sometimes the error will log itself as Event ID 8003 in a server's system log. Disabling WINS/NetBT name resolution (only if it's not required) can eliminate such issues.
If disabling NetBT is not an option, such errors can often be eliminated by identifying the second system that has the same computer name within the same domain and giving it a new name or by restarting the Netlogon Service on the domain controller. Yet another option for eliminating legacy NetBT issues is to search a system's LMHOSTS file for inaccurate or outdated entries. Some IT professionals claim they've solved similar errors by disabling and re-enabling the NIC on the offending system.
#5: IP conflicts
Windows typically prevents two devices with the same IP address from logging on to the same network (when using DHCP). But occasionally, two systems with the same address wind up on the same network. For example, one system could receive an address automatically, while another computer logs on using a static address specified by a user. When such conflicts occur, network slowdowns result (and the systems sharing the same address frequently experience outages).
Troubleshoot IP address conflicts by ensuring you don't have a rogue DHCP server on the network. Confirm, too, that configured DHCP scopes don't contain overlapping or duplicate entries and that any systems (such as servers and routers) that have been assigned static IP addresses have been excluded from the DHCP pools.
#6: Excessive network-based applications
Occasionally, networks are overrun by the applications they power. For example, a physician's office that uses a Web-based patient and practice application will commonly have every workstation logged on to the program during business hours. Retrieving data from the patient database and consistent monitoring of appointment and scheduling information alone can place stress on even a well-architected network.
Add in the fact that each workstation is likely tuned to e-mail (and many offices are turning to VoIP) and it's easy to see how introducing a few streaming audio/video files to the mix (either in the form of online music services, news videos, or instructional medical presentations and Webinars) can unacceptably slow a 10/100 Mbps network's performance.
Implement policies--and if necessary, hardware-based Web filtering tools--to prevent applications from overwhelming available network bandwidth. Make sure employees understand they're not to stream unnecessary audio and video files. Further, when working with VoIP, be sure adequate data pipes are in place to manage both voice and data traffic.
#7: Spyware infestation
Spyware, the scourge of the last few years, finally appears to be meeting its match in business environments. The development of potent anti-spyware tools, combined with effective end user policies, is reducing the impact of spyware in many organizations. Windows Vista includes Defender, a decent anti-spyware application powered by the popular Giant engine.
However, infestations still occur, particularly on older systems that haven't been properly safeguarded. Implement strong user policies and either gateway-based protection or individual client applications to prevent spyware programs from consuming precious network bandwidth.
#8: Virus infestation
Just as spyware is proving containable within business environments, so too are viruses. That said, despite an administrator's best efforts--including firewall deployment, routine and consistent Windows patching, and the use of regularly updated antivirus programs--viruses do get through. The result can bring a network to a standstill.
For example, many viruses place Trojan programs on Windows systems, where they can wreak havoc. In addition to leveraging a system's ability to send e-mail to forward hundreds (if not thousands) of spam messages an hour, viruses can corrupt network configuration.
Defend against virus threats to network performance by ensuring firewalls, Windows updates, and antivirus programs are properly configured and maintained.
#9: Insufficient bandwidth
Sometimes, a network just doesn't have the throughput it requires. As with # 6--excessive network-based applications--some environments demand more bandwidth than others.
When a network does bog down, several options typically exist for increasing capacity. Besides boosting up- and downstream speeds, some offices may require additional dedicated connections. From multiple T1s to DS3s to even optical carrier-grade connectivity, many potential solutions exist.
Further, some organizations may need to upgrade existing 10/100 Mbps networks to gigabit speeds. By upgrading NICs, cabling, and devices to 10/100/1000 Mbps equipment--and replacing any remaining hubs with switches--many firms can realize significant capacity gains. In other cases, it may be necessary to subnet networks to localize particularly intense traffic to specific network segments.
#10: DNS errors
DNS configuration errors can lead to numerous network failures and generalized slow performance. When no DNS server is available on a local LAN, local systems may have trouble finding one another or accessing local resources because they'll have trouble finding service locator records that assist Windows systems in communicating with Active Directory. Worse, systems with no local DNS server or those workstations having DNS servers several hops away may experience delays or flat outages in accessing Web sites and extranets.
Try placing DNS servers as close to network systems as possible. Although adding DNS services to existing servers places greater demand on those boxes, properly configured machines can remain secure and noticeably enhance response times to external resources.
Also, always check to ensure systems are configured to use the proper DNS servers. Network architectures change over time, yet older workstations (particularly those set to use static addressing) occasionally are forgotten and continue operating using outdated DNS settings. As your organization and ISP update DNS systems, be sure workstations and other routing equipment actually receive the updates.
#1: Bad NICs
Intermittent network errors, particularly those isolated to a specific workstation or server, can often be traced to a failing network interface card. When you believe a network adapter may be failing, visually inspect the card's LED link lights.
A solid green (or amber) LED indicates the NIC has a good active physical connection with another network device, such as a network switch or router (blinking LEDs typically indicate the NIC possesses an active connection and is processing network traffic). If the LED is not lit green, it's likely the network adapter is disabled within Windows or doesn't have an active connection to the network. It's also possible the cable plugged into the NIC is connected to a nonfunctioning wall-jack or faulty network port.
If you can rule out nonfunctioning wall-jacks and faulty network ports (the easiest method of doing so is to connect the same network connection to a laptop known to have a properly functioning network adapter), and if the network adapter is properly enabled and configured in Windows, it's likely the NIC is bad and requires replacement.
#2: Failing switches/routers
Many network slowdowns are foreshadowed by strange occurrences. For example, regular Web traffic may work properly, but e-mail may stop functioning. Or, regular Web traffic may work properly but attempts to connect to any secure (HTTPS) sites may fail. In other cases, Internet access simply ceases across the board.
Often the best remedy for inconsistent network outages and/or slowdowns is to reboot or power cycle the network's routers/switches. If local network connectivity exists (if users can view and access network shares) but they are not receiving e-mail from external users or cannot access the Internet, rebooting or power cycling the WAN modem can often return the network to proper operation.
If you're having to reboot or power cycle a piece of network equipment consistently, make sure that it's connected to a quality uninterruptible power supply. Power fluctuations often result in confused switches and routers. If a network device is connected to a good UPS and still frequently experiences trouble, it may be necessary to replace the failing switch, router, or modem.
#3: Daisy chaining
As organizations grow, particularly small businesses, outside IT contractors often implement simple solutions. Many consultants choose to simply add a five-port router to an existing four-port router/firewall. Small businesses everywhere boast just such a setup.
However, as switches are added to a network, data packets must navigate additional hops to reach their destination. Each hop complicates network routing. Depending upon the amount of traffic a network must support--and even a small dentist's or doctor's office can easily stress 10/100 Mbps systems due to X-ray imagery, patient file information, and other data--the addition of an extra hop or two can spell the difference between a smooth running network and one that frequently slows employee productivity to unacceptable levels.
Resist the urge to daisy chain multiple network switches and routers. Instead, plan for capacity. Or if unforeseen growth has resulted in successive connected switches, eliminate as many devices as possible through consolidation to a more potent and scalable unit.
#4: NetBIOS conflicts
NetBIOS, still in use on many Windows NT 4.0 networks in particular, contains many built-in processes to catch and manage conflicts. Occasionally, however, those processes don't handle conflicts properly. The result can be inaccessible file shares, increased network congestion, and even outages.
Guard against NetBIOS conflicts by ensuring older Windows systems all receive the most recent service packs. In some cases, Windows NT 4.0 systems having different service packs will generate telltale NetBT (ID 4320) errors.
Strange network behavior can also occur when two systems are given the same computer name or when two systems both believe they serve the master browser role. Sometimes the error will log itself as Event ID 8003 in a server's system log. Disabling WINS/NetBT name resolution (only if it's not required) can eliminate such issues.
If disabling NetBT is not an option, such errors can often be eliminated by identifying the second system that has the same computer name within the same domain and giving it a new name or by restarting the Netlogon Service on the domain controller. Yet another option for eliminating legacy NetBT issues is to search a system's LMHOSTS file for inaccurate or outdated entries. Some IT professionals claim they've solved similar errors by disabling and re-enabling the NIC on the offending system.
#5: IP conflicts
Windows typically prevents two devices with the same IP address from logging on to the same network (when using DHCP). But occasionally, two systems with the same address wind up on the same network. For example, one system could receive an address automatically, while another computer logs on using a static address specified by a user. When such conflicts occur, network slowdowns result (and the systems sharing the same address frequently experience outages).
Troubleshoot IP address conflicts by ensuring you don't have a rogue DHCP server on the network. Confirm, too, that configured DHCP scopes don't contain overlapping or duplicate entries and that any systems (such as servers and routers) that have been assigned static IP addresses have been excluded from the DHCP pools.
#6: Excessive network-based applications
Occasionally, networks are overrun by the applications they power. For example, a physician's office that uses a Web-based patient and practice application will commonly have every workstation logged on to the program during business hours. Retrieving data from the patient database and consistent monitoring of appointment and scheduling information alone can place stress on even a well-architected network.
Add in the fact that each workstation is likely tuned to e-mail (and many offices are turning to VoIP) and it's easy to see how introducing a few streaming audio/video files to the mix (either in the form of online music services, news videos, or instructional medical presentations and Webinars) can unacceptably slow a 10/100 Mbps network's performance.
Implement policies--and if necessary, hardware-based Web filtering tools--to prevent applications from overwhelming available network bandwidth. Make sure employees understand they're not to stream unnecessary audio and video files. Further, when working with VoIP, be sure adequate data pipes are in place to manage both voice and data traffic.
#7: Spyware infestation
Spyware, the scourge of the last few years, finally appears to be meeting its match in business environments. The development of potent anti-spyware tools, combined with effective end user policies, is reducing the impact of spyware in many organizations. Windows Vista includes Defender, a decent anti-spyware application powered by the popular Giant engine.
However, infestations still occur, particularly on older systems that haven't been properly safeguarded. Implement strong user policies and either gateway-based protection or individual client applications to prevent spyware programs from consuming precious network bandwidth.
#8: Virus infestation
Just as spyware is proving containable within business environments, so too are viruses. That said, despite an administrator's best efforts--including firewall deployment, routine and consistent Windows patching, and the use of regularly updated antivirus programs--viruses do get through. The result can bring a network to a standstill.
For example, many viruses place Trojan programs on Windows systems, where they can wreak havoc. In addition to leveraging a system's ability to send e-mail to forward hundreds (if not thousands) of spam messages an hour, viruses can corrupt network configuration.
Defend against virus threats to network performance by ensuring firewalls, Windows updates, and antivirus programs are properly configured and maintained.
#9: Insufficient bandwidth
Sometimes, a network just doesn't have the throughput it requires. As with # 6--excessive network-based applications--some environments demand more bandwidth than others.
When a network does bog down, several options typically exist for increasing capacity. Besides boosting up- and downstream speeds, some offices may require additional dedicated connections. From multiple T1s to DS3s to even optical carrier-grade connectivity, many potential solutions exist.
Further, some organizations may need to upgrade existing 10/100 Mbps networks to gigabit speeds. By upgrading NICs, cabling, and devices to 10/100/1000 Mbps equipment--and replacing any remaining hubs with switches--many firms can realize significant capacity gains. In other cases, it may be necessary to subnet networks to localize particularly intense traffic to specific network segments.
#10: DNS errors
DNS configuration errors can lead to numerous network failures and generalized slow performance. When no DNS server is available on a local LAN, local systems may have trouble finding one another or accessing local resources because they'll have trouble finding service locator records that assist Windows systems in communicating with Active Directory. Worse, systems with no local DNS server or those workstations having DNS servers several hops away may experience delays or flat outages in accessing Web sites and extranets.
Try placing DNS servers as close to network systems as possible. Although adding DNS services to existing servers places greater demand on those boxes, properly configured machines can remain secure and noticeably enhance response times to external resources.
Also, always check to ensure systems are configured to use the proper DNS servers. Network architectures change over time, yet older workstations (particularly those set to use static addressing) occasionally are forgotten and continue operating using outdated DNS settings. As your organization and ISP update DNS systems, be sure workstations and other routing equipment actually receive the updates.
Subscribe to:
Posts (Atom)