Michael McNamara

technology, networking, virtualization and IP telephony

Big Switch Networks – Big Tap Monitoring Fabric

by

While attending Networking Field Day 11 we stopped in to see the folks from Big Switch Networks. Big Switch has applied their SDN fabric solution to provide a very cost effective means of providing a virtual network tap within the Data Center. We heard from Kyle Forester, Big Switch Founder, and Rob Sherwood, CTO, among others.

I walked away with the following quote, I apologize that I didn’t write down exactly who said it. We’re “getting away from being the dumb plumber”.  Big Switch is using their fabric to make multiple copies of traffic and pass those copies to a services node which can provide de-duplication, packet slicing or regex pattern matching.

You’ll find all the videos and presentations for Tech Field Day 11 on the website;

http://techfieldday.com/appearance/big-switch-networks-presents-at-networking-field-day-11/

Big Switch has a virtual lab which you can work with to try out their solutions and management tools, labs.bigswitch.com. I believe it’s built more around their Big Cloud Fabric. Scratch that they have their Big Monitoring Fabric in there.

In the real world working at a large e-commerce retailer I have the need to provide multiple copies of all Internet traffic for security, IDS/IPS, for customer service, IBM Tealeaf and for general network troubleshooting and performance. If your network is small enough you can usually accomplish this for a few SPAN or mirror ports but if you have a larger network you’ll need something like a Gigamon appliance and potentially inline taps which can be rather expensive. Big Switch has a solution that is very cost competitive compared and worth the look if you are in the market.

Cheers!

NetScout presents Fluke Network’s TruView Live

by

While at Networking Field Day 11 we stopped in to NetScout and heard from the Fluke Networking folks regarding TruView Live, a SaaS (software as a service) solution with both hardware and software based probes intended to provide both performance and availability metrics from various locations. The product has the unique ability to actual place a SIP based IP phone call as opposed to just simulating the traffic from a call. As a person responsible for over 550 locations around the globe the ability to monitor in near real-time both the network performance and availability really peaked my inner geek. There’s not a day that I don’t read or hear some comment that the network is slow. Often that’s not the case but it’s up to the network engineer to disprove that statement. The challenge becomes measurably easier if that engineer has the appropriate tools at his/her disposal.

TruView_PulseNetScout provided a TruView Pulse 1000 to each delegate. I assembled mine shortly before starting this draft and connected it to my home personal network. I then registered for a 15-day trial and claimed my TruView Pulse 1000 in the TruView portal. I proceeded to add SaaS solutions such as Office 365, ADP and Salesforce.com to my monitoring dashboard from my Pulse 1000 (Pennsylvannia) along with global Global Pulse endpoints from California, Sydney, Tokyo and Virginia. When I tried to add a custom test I found that I could only add web GET or POST tests. There were no ICMP or traceroute tests although I believe the presenters commented that they were in the roadmap.

TruViewLivePortalWith that all setup I was left with a fairly simple dashboard which listed the four applications I was testing along the top from the five locations along the left side.  Colors were used to indicate various state of health. You could drill down and bring up some of the detailed graphs which provided a breakdown of the performance, similar to a waterfall detailing the steps necessary to establish the actual web connection.TruViewGraph

A few the Networking Field Day delegates compared TruView Live against NetBeez, a competing product.

It was surprising that the SSL certificate had expired on the NetBeez website, in their defense it only expired yesterday so I’m sure that it will be quickly corrected. (Note: their SSL certificate has been renewed as of February 7, 2016)

The TruView Pulse 1000 (pictured above) is fairly small and is relatively easy to deploy at a remote office or store. Just note the MAC address, ship the device to the remote office and have someone connect it to a PoE switch port that has Internet access and that’s all there is to it. I’m interested to see how this solution is going to mature, I can imagine a number of additional useful features.

Cheers!

Skyport Systems – Is SkySecure right for everyone?

by

At Networking Field Day 11 I had the privilege of visiting Skyport Systems in Mountain View, CA and hearing first hand about their product offering, SkySecure. At first I thought Doug Gourlay was talking about some next-gen firewall until I realized that the solution itself included the X86 virtualization.

Let’s start with the definition from the Skyport Systems website:

The SkySecure System is designed to host critical and exposed application workloads that are the highest priority for the business to protect. The solution is an implementation of hyper-secured infrastructure that integrates compute, security, virtualization and policy in a pre-configured, managed infrastructure platform. The components listed below operate as a single turn-key system inclusive of all necessary software and hardware. This allows the system to maintain a secure configuration throughout its existence by providing embedded, layered, and compartmentalized security starting at the point of manufacture and verified continually throughout its existence.

SkySecureArchitectureLet me boil that down, if just for me. In short SkySecure is a near turn-key ultra secure virtualization platform (based on Xen) relying on  hardware based security IO co-processors and Trusted Hardware Platform (TPM) chips to validate the integrity of the system. It provides network microsegmentation along with per-VM firewall and DMZ capabilities among it’s many features.

One of the most alluring features to me with experience in Healthcare and Retail industries is the clientless footprint of the solution on the actual guest VM. There’s literally nothing to install onto the Windows or Linux guest VM, no management agent, no firewall or proxy agent, nothing. With fairly stringent regulations around HIPAA and PCI compliance the ability to secure a system from the rest of the network without touching the system itself is very useful indeed. This is especially useful when looking at ShieldWeb

The presentation included a memorable quote from a comment made to a Brian Krebs story titled, Target Hackers Broke in Via HVAC Company. The quote, “If you think technology can fix security, you don’t understand technology and you don’t understand security.”, really defines the challenges facing IT with respect to security. In my opinion security is always a delicate balance between completely open and completely locked down. The users would like it completely open while the security professionals and auditors would like it completely locked down. It’s important to strike an even balance and I would argue that Skyport Systems has a solution that can help provide that balance.

In the age of whitebox servers, SkySecure is a highly specialized solution that includes hardware, software and management components that can be leveraged to secure extremely critical applications and highly sensitive systems.

As a disclaimer I received no compensation for my attendance of Networking Field Day 11 from Gestalt IT or any of the sponsors. Gestalt IT did provide for my travel arrangements, hotel accommodations and meals while in Santa Clara, CA.

Cheers!

How much security is enough?

by

We had a lively round table debate about “how much security is enough?” during Networking Field Day 11. It’s certainly not a pure networking question which some in the room debated is no longer, or perhaps has never been, the network engineer’s responsibility, but a large number of networking professionals these days are still charged with keeping the digital landscape clear of threats within their employers networks.

The argument put forth was essentially that it is cheaper for companies to take the data breach hit than feed the ever growing IT security budgets because there are no penalties or little downsides for the many business that are involved in what has become a daily occurrence of customer and/or credit card data theft from a resulting data breach. Greg suggests that companies might be better suited investing in a good public relations firm to help manage any public crisis that might arise. I wouldn’t agree that there aren’t any downsides although I would reluctantly agree that large businesses appear to be emerging relatively unscathed from these incidents. The emergence of data breach insurance, also known as cyber liability insurance, gives additional credence that large business look at security and data breaches as a simple math problems.

The formula might look like this;

( (Revenue Loss + Breach Related Costs) – Breach Insurance) < IT Security Spend

In short the financial penalty for losing your customer data doesn’t justify the IT security spend needed to actually sure the the data. So it’s cheaper for large businesses to essentially take the financial hit for a data breach rather than spend the considerable resources need to secure the data, application or solution.

There’s certainly validity to the overall point that there’s little motivation for large businesses to spend significant resources on overall IT security. In an article entitled, “Why companies have little incentive to invest in cybersecurity” by Benjamin Dean, Benjamin provides numerous facts and supporting evidence to suggest that there’s little motivation for large businesses to heavily invest in protecting customer information. Benjamin provides data from both the Target and Home Depot breaches that supports the argument and ultimately ponders if additional governmental oversight will be needed to close the loop.

I would counter with this point, when has any large business spent any more than it absolutely needed on anything.  I can’t tell you how often I’ve stood in front of a budget committee and been told that I’ll just need to make do with the capital or operating funds that I have available no matter the strategic importance to the business operation or ROI.

What do you think?

Is additional government oversight needed to get large business to take more responsibility?

Cheers!

Image Credit: Aap Deluxe

Networking Field Day 11 wraps up as Jonas arrives

by

It’s been a very busy but exciting week here in San Jose, CA attending Networking Field Day 11.

We had presentations from Skyport Systems, NetScout (formerly Fluke), Big Switch, Silver Peak, Dell, Cisco and Citrix. The folks over at Gestalt IT brought together a who’s who list of technology and networking professionals, and I was honored to be included among them. The discussions covered a wide breadth of topics and technology. Over the next few weeks I hope to find the time to post some of my thoughts and perspective on each of the presentations.

It was great to meet Brandon, Dominik, Ethan, Greg, Jason, John, Jon, Jordan, Matt, Phil, Terry, Stephen and Tom. If you missed any of the presentations you can see them again by visiting the Tech Field Day website and clicking on the specific presentations made at Networking Field Day 11.

2016_JonasWinterStorm-scaleI had hoped to be writing this from the plane but I’m currently writing this from the Biltmore Hotel and Suites since my return flight was canceled. I’ll hopefully be flying out tomorrow via Chicago and then on to Philadelphia. I’m hearing that the snow is really falling and blowing in the Philadelphia suburbs thanks to Winter Storm Jonas. The forecast is for 18″-24″ of snow for the Philadelphia area. I’m not sure I would describe it as a snowmageddon, but there’s definitely going to be a lot of snow to deal with whenever I return to Philadelphia. I can only imagine what the economy parking lot will look like at the Philadelphia airport.

Stay safe everyone!

Cheers!

Recent Posts

Categories

SUBSCRIBE BY EMAIL