The Atomic Weight of Policy
The OpenDaylight project put out a new element this week with their Helium release. The second release is usually the most important, as it shows that you have a real project on your hands and not just a bunch of people coding in the back room to no avail. Not that something like that was going to happen to ODL. The group of people involved in the project have the force of will to change the networking world.
Helium is already having an effect on the market. Brocade announced their Vyatta Controller last week, which is based on Helium code. Here’s a handy video as well. The other thing that Helium has brought forth is the ongoing debate about network policy. And I think that little gem is going to have more weight in the long run than anything else.
The Best Policy
Helium contains group-based policies for making groups of network objects talk to each other. It’s a crucial step to bring ODL from an engineering hobby project to a full-fledged product that can be installed by someone that isn’t a code wizard. That’s because most of the rest of the world, including IT people, don’t speak in specific Continue reading
SDN Use Case: Content Filtering
K-12 schools face unique challenges with their IT infrastructure. Their user base needs access to a large amount of information while at the same time facing restrictions. While it does sound like some corporate network policies, the restrictions in the education environment are legal in nature. Schools must find new ways to provide the assurance of restricting content without destroying their network in the process. Which lead me to ask: Can SDN Help?
Online Protection
The government E-Rate program gives schools money each year under Priority 1 funding for Internet access. Indeed, the whole point of the E-Rate program is to get schools connected to the Internet. But we all know the Internet comes with a bevy of distractions. Many of those distractions are graphic in nature and must be eliminated in a school. Because it’s the law.
The Children’s Internet Protection Act (CIPA) mandates that schools and libraries receiving E-Rate funding for high speed broadband Internet connections must filter those connections to remove questionable content. Otherwise they risk losing funding for all E-Rate services. That makes content filters very popular devices in schools, even if they aren’t funded by E-Rate (which they aren’t).
Content filters Continue reading
Why is Lync The Killer SDN Application?
The key to showing the promise of SDN is to find a real-world application to showcase capabilities. I recently wrote about using SDN to slice education networks. But this is just one idea. When it comes to real promise, you have to shelve the approach and trot out a name. People have to know that SDN will help them fix something on their network or optimize an troublesome program. And it appears that application is Microsoft Lync.
MIssing Lync
Microsoft Lync (neè Microsoft Office Communicator) is a software application designed to facilitate communications. It includes voice calling capability, instant messaging, and collaboration tools. The voice part is particularly appealing to small businesses. With a Microsoft Office 365 for Business subscription, you gain access to Lync. That means introducing a voice soft client to your users. And if it’s available, people are going to use it.
As a former voice engineer, I can tell you that soft clients are a bit of a pain to configure. They have their own way of doing things. Especially when Quality of Service (QoS) is involved. In the past, tagging soft client voice packets with Cisco Jabber required setting cluster-wide parameters for all clients. It Continue reading
An Educational SDN Use Case
During the VMUnderground Networking Panel, we had a great discussion about software defined networking (SDN) among other topics. Seems that SDN is a big unknown for many out there. One of the reasons for this is the lack of specific applications of the technology. OSPF and SQL are things that solve problems. Can the same be said of SDN? One specific question regarded how to use SDN in small-to-medium enterprise shops. I fired off an answer from my own experience:
Since then, I’ve had a few people using my example with regards to a great use case for SDN. I decided that I needed to develop it a bit more now that I’ve had time to think about it.
Schools are a great example of the kinds of “do more with less” organizations that are becoming more common. They have enterprise-class networks and needs and live off budgets that wouldn’t buy janitorial supplies. In fact, if it weren’t for E-Rate, most schools would have technology from the Stone Age. But all this new tech doesn’t help if you can’t find a way for it to be used to the fullest for the purposes of Continue reading
SLAAC May Save Your Life
A chance dinner conversation at Wireless Field Day 7 with George Stefanick (@WirelesssGuru) and Stewart Goumans (@WirelessStew) made me think about the implications of IPv6 in healthcare. IPv6 adoption hasn’t been very widespread, thanks in part to the large number of embedded devices that have basic connectivity. Basic in this case means “connected with an IPv4 address”. But that address can lead to some complications if you aren’t careful.
In a hospital environment, the units that handle medicine dosing are connected to the network. This allows the staff to program them to properly dispense medications to patients. Given an IP address in a room, staff can ensure that a patient is getting just the right amount of painkillers and not an overdose. Ensuring a device gets the same IP each time is critical to making this process work. According to George, he has recommended that the staff stop using DHCP to automatically assign addresses and instead move to static IP configuration to ensure there isn’t a situation where a patient inadvertently receives a fatal megadose of medication, such as when an adult med unit is accidentally used in a pediatric application.
This static policy does lead Continue reading
Moscone Madness
The Moscone Center in San Francisco is a popular place for technical events. Apple’s World Wide Developer Conference (WWDC) is an annual user of the space. Cisco Live and VMworld also come back every few years to keep the location lively. This year, both conferences utilized Moscone to showcase tech advances and foster community discussion. Having attended both this year in San Francisco, I think I can finally state the following with certainty.
It’s time for tech conferences to stop using the Moscone Center.
Let’s face it. If your conference has more than 10,000 attendees, you have outgrown Moscone. WWDC works in Moscone because they cap the number of attendees at 5,000. VMworld 2014 has 22,000 attendees. Cisco Live 2014 had well over 20,000 as well. Cramming four times the number of delegates into a cramped Moscone Center does not foster the kind of environment you want at your flagship conference.
The main keynote hall in Moscone North is too small to hold the large number of audience members. In an age where every keynote address is streamed live, that shouldn’t be a problem. Except that people still want to be involved and close to the event. At both Cisco Continue reading
Do We Need To Redefine Open?
There’s a new term floating around that seems to be confusing people left and right. It’s something that’s been used to describe a methodology as well as used in marketing left and right. People are using it and don’t even really know what it means. And this is the first time that’s happened. Let’s look at the word “open” and why it has become so confusing.
Talking Beer
For those at home that are familiar with Linux, “open” wasn’t the first term to come to mind. “Free” is another word that has been used in the past with a multitude of loaded meanings. The original idea around “free” in relation to the Open Source movement is that the software is freely available. There are no restrictions on use and the source is always available. The source code for the Linux kernel can be searched and viewed at any time.
Free describes the fact that the Linux kernel is available for no cost. That’s great for people that want to try it out. It’s not so great for companies that want to try and build a business around it, yet Red Hat has managed to do just that. How can they Continue reading
Maybe MU-MIMO Matters
As 802.11ac becomes more widely deployed in environments I find myself looking to the next wave and the promise it brings. 802.11ac Wave 1 for me really isn’t that groundbreaking. It’s an incremental improvement on 802.11n. Wave 1 really only serves to wake up the manufacturers to the fact that 5 GHz radios are needed on devices now. The real interesting stuff comes in Wave 2. Wider channels, more spatial streams, and a host of other improvements are on the way. But the most important one for me is MU-MIMO.
Me Mi Mo Mum
Multi-user Multiple-Input Multiple-Output (MU-MIMO) is a huge upgrade over the MIMO specification in 802.11n. MIMO allowed access points to multiplex signals on different channels into one data stream. It accomplished this via Spatial Division Multiplexing (SDM). This means that more antennas on an access point are a very good thing. It increases the throughput above and beyond what could be accomplished with just a single antenna. But it does have a drawback.
Single-user MIMO can only talk to one client at a time. All the work necessary to multiplex those data streams require the full attention of a single access point for Continue reading
IPv6 and the VCR
IPv6 isn’t a fad. It’s not a passing trend that will be gone tomorrow. When Vint Cerf is on a nationally televised non-technical program talking about IPv6 that’s about as real as it’s going to get. Add in the final depletion of IPv4 address space from the RIRs and you will see that IPv6 is a necessity. Yet there are still people in tech that deny the increasing need for IPv6 awareness. Those same people that say it’s not ready or that it costs too much. It reminds me of a different argument.
IPvcr4
My house is full of technology. Especially when it comes to movie watching. I have DVRs for watching television, a Roku for other services, and apps on my tablet so the kids can watch media on demand. I have a DVD player in almost every room of the house. I also have a VCR. It serves one purpose – to watch two movies that are only available on a video tape. Those two movies are my wedding and the birth of my oldest son.
At first, the VCR stated connected to our television all the time. We had some movies that we Continue reading
The Pain of Licensing
Frequent readers of my blog and Twitter stream may have noticed that I have a special loathing in my heart for licensing. I’ve been subjected to some of the craziest runarounds because of licensing departments. I’ve had to yell over the phone to get something taken care of. I’ve had to produce paperwork so old it was yellowed at the edges. Why does this have to be so hard?
Licensing is a feature tracking mechanism. Manufacturers want to know what features you are using. It comes back to tracking research and development. A lot of time and effort goes into making the parts and pieces of a product. Many different departments put work into something before it goes out the door. Vendors need a way to track how popular a given feature might be to customers. This allows them to know where to allocate budgets for the development of said features.
Some things are considered essential. These core pieces are usually allocated to a team that gets the right funding no matter what. Or the features are so mature that there really isn’t much that can be done to drive additional revenue from them. When’s the Continue reading
I Can’t Drive 25G
The race to make things just a little bit faster in the networking world has heated up in recent weeks thanks to the formation of the 25Gig Ethernet Consortium. Arista Networks, along with Mellanox, Google, Microsoft, and Broadcom, has decided that 40Gig Ethernet is too expensive for most data center applications. Instead, they’re offering up an alternative in the 25Gig range.
This podcast with Greg Ferro (@EtherealMind) and Andrew Conry-Murray (@Interop_Andrew) does a great job of breaking down the technical details on the reasoning behind 25Gig Ethernet. In short, the current 10Gig connection is made of four multiplexed 2.5Gig connections. To get to 25Gig, all you need to do is over clock those connections a little. That’s not unprecedented, as 40Gig Ethernet accomplishes this by over clocking them to 10Gig, albeit with different optics. Aside from a technical merit badge, one has to ask themselves “Why?”
High Hopes
As always, money is the factor here. The 25Gig Consortium is betting that you don’t like paying a lot of money for your 40Gig optics. They want to offer an alternative that is faster than 10Gig but cheaper than the next standard step up. By giving you a cheaper option Continue reading
Security Dessert Models
I had the good fortune last week to read a great post from Maish Saidel-Keesing (@MaishSK) that discussed security models in relation to candy. It reminded me that I’ve been wanting to discuss security models in relation to desserts. And since Maish got me hungry for a Snicker’s bar, I decided to lay out my ideas.
When we look at traditional security models of the past, everything looks similar to creme brûlée. The perimeter is very crunchy, but it protects a soft interior. This is the predominant model of the world where the “bad guys” all live outside of your network. It works when you know where your threats are located. This model is still in use today where companies explicitly trust their user base.
The creme brûlée model doesn’t work when you have large numbers of guest users or BYOD-enabled users. If one of them brings in something that escapes into the network, there’s nothing to stop it from wreaking havoc everywhere. In the past, this has caused massive virus outbreaks and penetrations from things like malicious USB sticks in the parking lot being activated on “trusted” computers internally.
A Slice Of Pie
A more modern security Continue reading