In the late 1990s and early 2000s when it became too difficult for large companies to manage their own WAN footprints, they adopted managed multiprotocol label switching (MPLS) services. These offered a simple connection at every location and offloaded the complexities of building large-scale routed networks from enterprises to the service provider.The advent of cloud computing, however, changed the dynamics of MPLS forever. Enterprises not only needed ubiquitous site-to-site connectivity, but also required better performance from the network to support Software as a Service-based business applications hosted in third-party data centers. In addition, video was becoming a standard mode of communication for corporate meeting and training applications, boosting the need for more bandwidth across the network.To read this article in full or to leave a comment, please click here
In the late 1990s and early 2000s when it became too difficult for large companies to manage their own WAN footprints, they adopted managed multiprotocol label switching (MPLS) services. These offered a simple connection at every location and offloaded the complexities of building large-scale routed networks from enterprises to the service provider.The advent of cloud computing, however, changed the dynamics of MPLS forever. Enterprises not only needed ubiquitous site-to-site connectivity, but also required better performance from the network to support Software as a Service-based business applications hosted in third-party data centers. In addition, video was becoming a standard mode of communication for corporate meeting and training applications, boosting the need for more bandwidth across the network.To read this article in full or to leave a comment, please click here
I was recently invited to participate on a panel at a major IT conference, where questions from the audience provided an interesting window into the top issues that networking professionals are dealing with as part of their organizations’ digital transformation.Every enterprise, it seems, is planning a cloud strategy. On closer inspection, most are already using the cloud in the form SaaS ERP and CRM applications like Salesforce, NetSuite, etc. These applications have performed well enough on top of traditional, legacy networks.However, newer, more multi-dimensional cloud applications are forcing businesses to look for ways to make their networks more agile. One of these is Microsoft Office 365. Microsoft is aggressively investing in their infrastructure to provide a superior experience for users. Nevertheless, the enterprise network, and more specifically the wide area network (WAN), remains one of the biggest impediments to providing an on-premise caliber quality of experience for cloud applications. Finding the most efficient exit to Office 365 and best performance server are usually the culprits.To read this article in full or to leave a comment, please click here
I was recently invited to participate on a panel at a major IT conference, where questions from the audience provided an interesting window into the top issues that networking professionals are dealing with as part of their organizations’ digital transformation.Every enterprise, it seems, is planning a cloud strategy. On closer inspection, most are already using the cloud in the form SaaS ERP and CRM applications like Salesforce, NetSuite, etc. These applications have performed well enough on top of traditional, legacy networks.However, newer, more multi-dimensional cloud applications are forcing businesses to look for ways to make their networks more agile. One of these is Microsoft Office 365. Microsoft is aggressively investing in their infrastructure to provide a superior experience for users. Nevertheless, the enterprise network, and more specifically the wide area network (WAN), remains one of the biggest impediments to providing an on-premise caliber quality of experience for cloud applications. Finding the most efficient exit to Office 365 and best performance server are usually the culprits.To read this article in full or to leave a comment, please click here
Internet of Things (IoT) devices are soon expected to outnumber end-user devices by as much as four to one. These applications can be found everywhere—from manufacturing floors and building management to video surveillance and lighting systems.However, security threats pose serious obstacles to IoT adoption in enterprises or even home environments for sensitive applications such as remote healthcare monitoring. IoT security can be divided into the following three distinct components:
Application service
End device
Transport
Although all three are critical for systemwide security, this post will address only transport security.To read this article in full or to leave a comment, please click here
Internet of Things (IoT) devices are soon expected to outnumber end-user devices by as much as four to one. These applications can be found everywhere—from manufacturing floors and building management to video surveillance and lighting systems.However, security threats pose serious obstacles to IoT adoption in enterprises or even home environments for sensitive applications such as remote healthcare monitoring. IoT security can be divided into the following three distinct components:
Application service
End device
Transport
Although all three are critical for systemwide security, this post will address only transport security.To read this article in full or to leave a comment, please click here
Internet of Things (IoT) devices are soon expected to outnumber end-user devices by as much as four to one. These applications can be found everywhere—from manufacturing floors and building management to video surveillance and lighting systems.However, security threats pose serious obstacles to IoT adoption in enterprises or even home environments for sensitive applications such as remote healthcare monitoring. IoT security can be divided into the following three distinct components:
Application service
End device
Transport
Although all three are critical for systemwide security, this post will address only transport security.To read this article in full or to leave a comment, please click here
Just as the internet changed everything, a new revolution known as the Internet of Things (IoT) promises to produce even greater disruption. Primarily because IoT sensors will be utilized everywhere—in hospitals to monitor medical devices, in factories to supervise operations, in buildings for controlling temperature and lighting, etc. Data from these sensors will be used for operations management, predictive maintenance and much more. Meanwhile, all of these applications are typically integrated with an enterprise’s IT infrastructure. As such, they are introducing a variety of new security challenges.+ Also on Network World: DDoS attacks using IoT devices follow The Manchurian Candidate model +
Just like in current IT environments, there is no security silver bullet that can protect IoT devices from every possible cyber threat.To read this article in full or to leave a comment, please click here
Just as the internet changed everything, a new revolution known as the Internet of Things (IoT) promises to produce even greater disruption. Primarily because IoT sensors will be utilized everywhere—in hospitals to monitor medical devices, in factories to supervise operations, in buildings for controlling temperature and lighting, etc. Data from these sensors will be used for operations management, predictive maintenance and much more. Meanwhile, all of these applications are typically integrated with an enterprise’s IT infrastructure. As such, they are introducing a variety of new security challenges.+ Also on Network World: DDoS attacks using IoT devices follow The Manchurian Candidate model +
Just like in current IT environments, there is no security silver bullet that can protect IoT devices from every possible cyber threat.To read this article in full or to leave a comment, please click here
Over the past few years most organizations have significantly increased their reliance on the Internet, primarily due to the outsourcing of utility applications like email, unified communications, ERP, CRM, etc. to SaaS providers. Cloud-based applications provide IT organizations with an agile and cost effective means for expanding the range of services they provide and delivering new productivity tools requested by teams, departments or lines of business.Despite this growing adoption of cloud services, many enterprises have resisted connecting their remote offices directly to application providers over the public Internet. This is due to the fact that direct access at every branch introduces compliance issues. The only way to mitigate these is by creating extensive security policies at each location. Imagine having 3,000 sites with each requiring its own set of policies that need to be set-up and maintained. This is the definition of a management nightmare.To read this article in full or to leave a comment, please click here
Over the past few years most organizations have significantly increased their reliance on the Internet, primarily due to the outsourcing of utility applications like email, unified communications, ERP, CRM, etc. to SaaS providers. Cloud-based applications provide IT organizations with an agile and cost effective means for expanding the range of services they provide and delivering new productivity tools requested by teams, departments or lines of business.Despite this growing adoption of cloud services, many enterprises have resisted connecting their remote offices directly to application providers over the public Internet. This is due to the fact that direct access at every branch introduces compliance issues. The only way to mitigate these is by creating extensive security policies at each location. Imagine having 3,000 sites with each requiring its own set of policies that need to be set-up and maintained. This is the definition of a management nightmare.To read this article in full or to leave a comment, please click here
When applications were exclusively hosted in the corporate data center, remote sites had much lower bandwidth and each required its own WAN optimization device. According to conventional wisdom, if we increase bandwidth, performance will improve. However, without decreasing latency, application performance will continue to suffer—no matter how much bandwidth we throw at the network.Four main things contribute to latency:
Propagation delay
Serialization delay
Queuing delay
Processing delay
Propagation delayThis is the delay between two endpoints. For example, propagation delay is based on the speed of light measured at 5ms per 1000Km. The one-way propagation delay between a data center in New York and a branch in San Jose would be at least 24ms. This assumes a direct fiber path and no router hops, in which case the propagation delay will be significantly higher. For large carriers, one-way delays average 35-45 msec.To read this article in full or to leave a comment, please click here
When applications were exclusively hosted in the corporate data center, remote sites had much lower bandwidth and each required its own WAN optimization device. According to conventional wisdom, if we increase bandwidth, performance will improve. However, without decreasing latency, application performance will continue to suffer—no matter how much bandwidth we throw at the network.Four main things contribute to latency:
Propagation delay
Serialization delay
Queuing delay
Processing delay
Propagation delayThis is the delay between two endpoints. For example, propagation delay is based on the speed of light measured at 5ms per 1000Km. The one-way propagation delay between a data center in New York and a branch in San Jose would be at least 24ms. This assumes a direct fiber path and no router hops, in which case the propagation delay will be significantly higher. For large carriers, one-way delays average 35-45 msec.To read this article in full or to leave a comment, please click here
Previously, I discussed the benefits of using regional performance hubs to support new data patterns associated with the increasing use of cloud applications such as Salesforce.com and Office365.Just as business applications have transitioned to an “as a service” model, so will many network-based functions such as firewalls, IPS, IDS, etc. using network function virtualization (NFV). Although there hasn’t much been public discourse yet on WAN Optimization as a service, it is ideally suited for being “NFV-ed.”+ Also on Network World: Reinventing the WAN +To read this article in full or to leave a comment, please click here
Previously, I discussed the benefits of using regional performance hubs to support new data patterns associated with the increasing use of cloud applications such as Salesforce.com and Office365.Just as business applications have transitioned to an “as a service” model, so will many network-based functions such as firewalls, IPS, IDS, etc. using network function virtualization (NFV). Although there hasn’t much been public discourse yet on WAN Optimization as a service, it is ideally suited for being “NFV-ed.”+ Also on Network World: Reinventing the WAN +To read this article in full or to leave a comment, please click here
Over the past few years, there has been a significant increase in the amount of enterprise network traffic to and from Asia Pacific due to globalization. In my recent visit to the region, I engaged in some interesting discussions around the WAN. For example, one of the biggest costs for large financial institutions are point-to-point dedicated leased lines between their regional and global offices called International Private Leased Circuit (IPLC). These circuits are typically provided by a carrier to offer auto re-routable network for maximum uptime and data protection.One of my recommendations to executives I spoke with was to consider the internet as an alternate transport. The typical response I received was, “I’m not conformable moving my real-time applications to the Internet because of its best effort model and lack of quality of service.”To read this article in full or to leave a comment, please click here
Over the past few years, there has been a significant increase in the amount of enterprise network traffic to and from Asia Pacific due to globalization. In my recent visit to the region, I engaged in some interesting discussions around the WAN. For example, one of the biggest costs for large financial institutions are point-to-point dedicated leased lines between their regional and global offices called International Private Leased Circuit (IPLC). These circuits are typically provided by a carrier to offer auto re-routable network for maximum uptime and data protection.One of my recommendations to executives I spoke with was to consider the internet as an alternate transport. The typical response I received was, “I’m not conformable moving my real-time applications to the Internet because of its best effort model and lack of quality of service.”To read this article in full or to leave a comment, please click here
In a traditional WAN infrastructure, the control plane and data plane are tightly coupled, typically congruent, and cannot be separated due to how they are integrated with each network device. This architecture served the networking needs of enterprises well until now, since most data flows were structured around data centers with centralized exits.
However, the emergence of cloud computing and new dynamic business requirements that involve communicating with multiple partners and suppliers have forced enterprises to embrace new connectivity models. Today, enterprises need secure access to both partners and cloud provider infrastructures. This new model requires a different policy structure that is very difficult to instantiate and maintain within a legacy MPLS WAN.To read this article in full or to leave a comment, please click here
In the past few years, enterprise computing has experienced major upheavals brought about by cloud apps, Wi-Fi, mobility, and BYOD. The enterprise WAN, meanwhile, has not evolved much since it was transformed into an MPLS Layer 3 VPN infrastructure more than a decade ago. Things are about change.
Based on my experience with customer deployments, more than 50% of enterprise traffic from branches is currently Internet-bound. This is due to outsourcing of utility applications, including email, search, voice, video and collaboration, not to mention cloud application use.
Despite this trend, enterprises have resisted using the public Internet to provide remote offices with direct access to cloud applications. This is primarily due to compliance issues, especially in the financial and healthcare industries. Doing so would require extensive security policies at each location and would introduce a management nightmare. The alternative, backhauling traffic to the corporate DMZ, is not feasible. To read this article in full or to leave a comment, please click here
Khalid Raza