JustinGrant.IT

You see, Cisco’s corporate fighting style is ‘the art of fighting, without fighting’.  Believe me, it sounds far more epic when Brue Lee delivers that line…  Anyhow, there seems to be a lot of noise of late about Cisco and HP going toe to toe in the server market.  HP has likened Cisco to plumbers and Cisco in return has embraced their inner Mario, with a somewhat bizarre post on how cool plumbers are in the Netherlands.  Meanwhile, bloggers are having a field day and talking the whole thing up.  I expect Don King to get involved shortly.

Seriously though, as Christofer Hoff suggests, I think the point has been largely missed.  Cisco will not try to enter the server market in the traditional way, they would get smashed.  HP and other server vendors are simply too big, too strong and it would not be a profitable exercise.  Rather, Cisco will try to develop the data centre using virtualisation into something new, something different; something that they can dominate.  Their vision as I see it, is to have a generic chassis with a processing blade, an interface blade and a storage blade.  The application services, network services and storage services will all be virtualised software and abstracted from the hardware.  This is the ultimate vision in virtualisation and Cisco’s heavy investment in VMware gives some support to this predictive claim. 

Disrupting the data centre market is essential for Cisco to win major market share.  So called battles for market share, where Cisco release a traditional blade server, are far too costly.  Cisco’s strategic management have listened to Bruce – disruptive innovation is the art of fighting without fighting.   I have previously commented on how Cisco are using FCoE as a technology to cultivate a new unique market for data centre switches.  However, this is only the beginning.  Expect the winner to be the one that changes to rules of the game altogether.

Justin Data Centre Cisco, Data Centre, HP, predictions, Switching

…Keep reading to the end folks because I have a cool free gift for you!

I had a very productive meeting with Infoblox today who I feel make a much underrated appliance.  Infoblox is the quite achiever of network appliances.  If you haven’t come across it before, basically the Infoblox takes care of all your network services such as DNS, RADIUS, TFTP, DHCP, NTP and IP address management (IPAM).  Now I know this doesn’t sound that thrilling but having these protocols on a distributed appliance has many advantages – reliability, scalability, distribution, security and low management overhead.  However, these benefits are not immediately obvious and often overlooked.

The responsibility of network services has traditionally been the domain of the server team.  With an appliance, the server team can now focus exclusively on their servers and applications, while the networks team have full control over the network service protocols and underlying hardware.  While, it doesn’t sound like much, this makes the deployment and troubleshooting of new services much smoother.

I have found that IP address management just isn’t done very well.  Excel spreadsheets don’t cut the mustard.  How IP capacity management, auditing and reporting is done by enterprises, I just don’t know.  Also, if you don’t have IPAM, forget about using IPv6!

The integration of IPAM, DNS and DHCP yields many unexpected benefits in terms of ‘seeing’ the network and controlling what is going on from an operation sense.  It also helps to plan growth of networks and design a tight IP plan that is nicely route summarised.

NTP is really quite boring but can be very important for applications and auditing.  I heard that one hospital database was sourced off a broken NTP server and was consequently allocating medicine at the wrong time of day.  I don’t think that it was true but it made for a great story.  How many NTP sources have you seen with no security applied and would potentially accept updates from a bogus source?

Then there is site survivability.  Many applications now rely on these underlying network protocols, which if hosted at a data centre, are not available if the WAN link is lost.  Consider a VoIP system which is centralised.  The handset requires TFTP, DHCP and RADIUS (backing into AD) for authentication.  Your users are going to be quite angry to discover that the WAN is down *and* they can’t call you to log a fault (i.e. complain).

A virtualised version of Infoblox can also run on a Cisco ISR with AXP, meaning that the above bevy of goodness can be packaged into the remote office router.

Now just to prove that Infoblox are extra awesome, they have released a freeware version of their IPAM software for you to download.  So there are no excuses for those Excel spreadsheets now!

Justin Free Gifts, Intelligent Application Delivery Cisco, Free Stuff, Infoblox, Intelligent Application Delivery

It seems that Gartner agrees with the sentiment that IT needs to get smarter in a downturn economy.  Doing more with less doesn’t mean blanket cost cutting and organisations, which resort to drastic across the board measures are likely to miss out on growth opportunities.

Further to my introduction on Frugal IT Strategies, I would like to comment on WAN optimisation.  Personally, I feel that these technologies have been overlooked in the past and will really begin to shine now in a downturn market.  One of the reasons that WAN optimisation has been ignored in the past is the mistaken assumption that more bandwidth will lead to better application delivery.  In addition to this, I feel that vendors and solution integrators have in the most part placed the cart before the horse when presenting this technology.  That is they focus on WAN acceleration before, visibility, evaluation and traffic shaping.  In doing this, the ‘accelerated’ solution often adds little value as the wrong applications as well as the right ones are getting accelerated.

Web 2.0, including social media, has invaded our workspace and whether organisations like it or not, won’t go away.  In fact, embracement of this media will bring many indirect advantages (this in itself needs a follow up blog).  However, use of this technology must be shaped by an organisation so that business critical applications are not adversely impacted.

I doubt that many organisations that have employed WAN acceleration measured how much of their web traffic to a remote site was Facebook, YouTube or Gmail related.  I wouldn’t be at all surprised if recreational use of the web at remote sites was as high as fifty percent of the total traffic.  Organisations can gain visibility of this traffic, via appliances such as Blue Coat’s (formerly Packeteer) PacketShaper.  With visibility of a WAN link, traffic shaping and QoS decisions are no longer a stab in the dark estimate and thus much more effective.

 Taking the above measures frees the path for WAN acceleration to be truly effective.  These are the more traditional ‘optimisation’ technologies such as compression, TCP and other protocol optimisation, byte caching and object caching.  It seems however, that some LAN protocols, like CIFS, are so cumbersome over a WAN that acceleration technology alone yields some benefit.  However, a holistic view, incorporating visibility and traffic shaping before acceleration will deliver far better results, meaning less operational costs and ultimately a better bottom line.

Justin Intelligent Application Delivery Blue Coat, Intelligent Application Delivery, WAN Optimisation

Fair enough!  I’ll admit it, I can’t spell.  I’m atrocious.  My wife laughs heartily at my feeble attempts to spell everyday words.  My shopping lists are a tragic comedy – a verbal misspelt slaughter and molestation of the English language.  However, I stand behind my defence that spelling in English simply has no rules.  It’s crazy!

“Aha!”, you say, “what about ‘i before e except after c’?  That’s a rule.”  Well it’s weird.  Either this is the height of some counterfeit, foreign science or insufficient leisure time was given to the species that created this rule.  Neither explanation is sufficient to me, so the rule is forfeit.   Naturally, when I was at school I pointed these broken rules out and was subsequently labelled a smart-ass.  You see, “Some things are spelt different.” I was told.

Then there are the Heteronyms an evil subset of the Homonyms.  When I came across these I shed a tear and began to tear up my paper.  English words refuse to make sense and are tantamount to refuse.  You see, “Some things, although different, are spelt the same.” I was told.

Conversely, this insanity does not exist in mathematics, where rules are consistent, can be demonstrated and can be proven.  You don’t have things “Mathed” differently.  Imagine if for instance:

• All even numbers are divisible by two.  The exceptions are 412, 90, 888, -174 and 16.  These are just mathed differently for no given reason.
• All numbers are different and do not equal each other.  The exception is 67 which is equal to the square root of two.  I know it breaks the rules but it is just mathed that way.
• The sum of the square of the opposite and adjacent sides of a right angled triangle is equal to the square of its hypotenuse.  Unless of course you have recently had a visit from a long lost Norwegian cousin, in which case, tough luck buddy.

Given the stronghold of logic that presents itself in mathematics, this doesn’t happen.  Thus, technology and science can exist and things don’t spontaneously disappear, combust or fly off into the universe for no given reason.  So next time you see somebody misspell a word, be benevolent and restrain your ridicule, for chances are, they are simply applying a broken rule.

Justin Geek mathematics, rants

CTOs are going to have a tough time during this economic downturn as they deal with drastically cut capital and operational budgets.  However, more competition caused by less overall demand, will place higher demands on IT resources.  So a problem exists – How to delivery more performance from the same IT resources but at a lower cost?  The key lies in better utilisation of your current IT infrastructure – granting premium access to those IT systems or services that add the most value to the organisation.

Firstly, many organisations have redundant infrastructure; networks, servers and storage that are not being utilised.  While redundancy is an essential component to business continuity, unused infrastructure is a luxury that can be ill afforded in tough economic times.  Instead, active-active IT designs that allow full use of an organisations resources should be employed over a primary-backup design. 

But what about recovering after a failure?  If one application or network fails, wouldn’t that overload those remaining?  This is certainly possible and it comes down to thorough risk management.  What is acceptable risk in an organisation and how can the consequences of a risk be treated and minimised (rather than throwing redundant hardware at the problem).  Intelligent Application Delivery is one method of this risk management in practice.

Similar tradeoffs can also be obtained in storage.  When capacity is nearing its limit more creative approaches are now needed rather than adding another disk array.  Instead, the types of information that is being stored should be organised in terms of its importance.  An ERP database should definitely be stored on the primary SAN.  However, six month old office documents that haven’t been opened for the last three months need to be stored, but are better placed on less expensive disks.  To achieve this level of intelligent storage, file access needs to be virtualised and abstracted from the server layer.  F5 have an excellent whitepaper explaining exactly this.

Justin Data Centre, Intelligent Application Delivery F5, Intelligent Application Delivery, SAN

Last Friday evening, I and a bunch of friends went to see the Game On exhibition at the Queensland State Library.  The inner geek in me was very excited about this event and the night didn’t disappoint.  Strolling down the dark corridor lined with arcade cabinets brought back some vivid memories of childhood, with titles like Fatal Fury, 1942, Galaga, Xevious – all on free play.  Additionally there was pretty much every console there too from the oldies on display downstairs to the current and last generations upstairs.

Probably the best part of the evening was playing Spacewars! on a DEC PDP-1:

Playing Spacewar! on a PDP-1

This game was developed in 1968 making it officially the world’s first and oldest videogame.   You could actually witness the mainframe toiling away by observing the flickering LEDs on its control panel.  Although largely a piece of 1960’s geek ‘bling’, the panel also served a practical use of displaying the machine’s registers and memory buffers. 

The game itself was surprisingly responsive and playable.  The gravity felt real, the ship’s engines thrust and the bullets exploded your enemy’s vessel.  Quite a feat of engineering that was so insanely far ahead of its time that it is still difficult for me to comprehend. 

I later found out that the PDP-1 was a very elaborate emulator and not the real deal, leaving me feel a little cheated.

Other highlights include:

• The Magnavox Odyssey (1972) – the first home videogame
• Discs of Tron
• Missile Command
• Puckman – Not Pac-Man but an original Puckman!
• An Atari Jaguar running some Jeff Minter inspired weirdness
• An original Donkey Kong Game and Watch – (ahh the memories…)
• Playing four player Bomberman on a Sega Saturn
• Being awesome at “The Way of the Exploding Fist” on C64 – twenty years later

TIE Fighter Pilot Playing Galaga

In true geek style, a bunch of Imperial Storm Troopers also paid a visit, along with their Sith Lord – Darth Vader.  I don’t care how cowardly this sounds but having a six and a half foot evil Jedi looming over your shoulder while playing Dig-Dug is very disconcerting. 

I don’t however have much respect for the Imperial troop training regime.  The TIE Fighter pilot totally sucked at Galaga and the Imperial Scout Trooper was being thumped by some ten year old kid in Halo.  It’s completely clear to me now why they were so readily defeated by a tribe of Ewoks.

There were a few notable omissions which I would like to have seen at Game On; most notably a Panasonic 3DO and a Sega Nomad.  However, all-in-all it was an excellent coverage of videogames both new and old.

Justin Geek games

The IT industry has really been spoiled over the last five or so years.  The Web 2.0 boom and wider economic good times has led to potential problems being bypassed with more, better and faster hardware.  However, now that we are in a global economic downturn, the capital and sometimes operations expenditure isn’t there to continue in this manner.  IT needs to get smarter and do more with less.

One area that can help reduce costs and maximise profits is ‘Intelligent Application Delivery’.  Intelligent Application Delivery is best described as a mix between your business logic and network content switching.  It works by having the network differentiate between profitable or important application transactions and then handling these in the best possible manner.  A typical network doesn’t have visibility of a particular application transaction.  It treats all business the same.

To illustrate this, consider a brokerage on a huge trading day when the IT infrastructure is running at capacity.  Unless Intelligent Application Delivery is introduced, the network can’t tell the difference between a $100 trade and a $1,000,000 trade.  Thus both receive poor service, when ideally the organisation should be looking after its most profitable traffic.

Most importantly, Intelligent Application Delivery isn’t that difficult to implement.  Nearly all web and application hosting environments will be using some sort of load balancing technology.  The key here is to choose a load balancer that has the capabilities to inspect and make intelligent decisions on application layer traffic.  I have been using the F5 Big-IP platform exclusively for over three years now for a wide range of customers such as banks, hospitals and government bodies.  The iRules scripting engine of the Big-IP allows for application delivery decisions to be made that reflect the underlying business rules of the organisation.  When designed correctly, your application network can help to maximise your profits and minimise expenses by making intelligent traffic decisions. 

Justin Intelligent Application Delivery Big-IP, F5, Intelligent Application Delivery

I was recently discussing with a colleague the lack of decent GUI’s for network appliances.  We both agreed that for cutting edge network devices in today’s market, it presents poorly to pull up a CLI for configuration.  Now I’ll admit; there are some tasks best served from a CLI, especially scripted type tasks – that’s why I use both (at least on devices that have a decent GUI option).  If you need an example I would highly recommend F5 Network’s Big-IP V9 GUI.  I haven’t had a customer that didn’t like it.  In fact they find the interface intuitive and can configure some of the more complex tasks the box performs easily.

Some vendors however seem to wear their cumbersome CLI as a badge of merit.  There seems to be an old culture lurking that real engineers use CLI and GUI’s are inferior.  Well that may well be the case if the GUI’s developed are cumbersome and not fully featured.  However, the Web 2.0 savvy engineer will expects a powerful GUI and CLI, along with an API to make further integration tasks possible.  Some vendors have a lot of catching up to do.

Justin General Big-IP, CLI, F5, GUI

While Fibre Channel over Ethernet (FCoE) is a really cool technology that is bound to revolutionise the data centre, I’m personally looking forward to how a number of challenges will be overcome. 

Firstly, the technical:  I’m not the only one to think that certain vendors are jumping the gun here and would like to see some agreed upon standards.  From a more geeky perspective, how can a synchronous protocol, fibre channel, be delivered reliably over an asynchronous protocol, Ethernet?  This has often intrigued me and I would love to spend some time getting into the details of this.  It’s not as if this sort of thing hasn’t been done before, E1 over Ethernet exists, so I’m sure the technical issues can be overcome with FCoE too.  The real challenge I see is how other real time data such as voice and video can be reliably interleaved with the fibre channel.  This is all about integration remember!

Then there are the cultural and operational issues.  What is going to happen to enterprise storage teams?  Do they get merged into the data operations team?  What will become of the SAN specialist?  I really don’t know.  My guess however, is that five years down the track, servers, switches, storage, pretty much everything in the data centre will be virtualised into a module based chassis.  Specialist engineers will exist but there will be much more of an overlap in skill set.

I’m no Nostradamus here so if you feel I’m misguided, please feel free to comment…

Justin Data Centre FCoE, predictions, SAN

If you have been keeping an eye out around the network switching arena over the last year, you certainly would have witnessed Cisco’s new Nexus switches.  Until this recent effort from Cisco, there was negligible difference between chassis based switches for the enterprise (not carrier) core and the data centre.  They were essentially the same switch, employed in different roles.  With enterprise layer-3 switching maturing as a technology, this move represents some well timed market development from Cisco.  

So why employ a Nexus switch in the data centre over a ‘standard’ enterprise switch with the bandwidth capacity required?  Well, I don’t think that it is the front-to-back air flow, or integrated cable management, even though they were much needed enhancements from the 6500 range.  The only functional difference of any significance would be the inclusion of Fibre Channel over Ethernet (FCoE).  The pitch is that you can save on infrastructure costs by integrating both SAN and LAN architecture.  It makes sense in theory but it will be interesting to see the market’s reaction to this move.  It certainly explains Cisco’s large investment in the development of FCoE, still a largely unproven technology.

If Cisco is successful in this strategy, we can expect to see data centre switches open up a whole new product segment.  Ideally, this will force Cisco’s competitors to into this arena, while they milk the last few years of their 6500 cash cows.

Justin Data Centre Cisco, FCoE, Nexus, Switching