Thursday, May 01, 2008 3:16 PM/EST
There are two big 10 Gigabit Ethernet "drops" coming out of Interop (held in Las Vegas, April 2008.) The first is price and the second is power. I talked with switch maker Arastra, which announced general availability of its 24- and 48-port 10G Ethernet switches in the approximately $400 per port price range. Ed Khatuka from optical communications at JDSU (JDS Uniphase) told me about 10G Ethernet transceivers that are going from 15 watts to 5.5 watts of power per port. These price and power reductions can approach important thresholds for data center managers who are considering a migration path to 10G Ethernet direct-attached networks for servers and storage (the convergence of server and storage networks continued at Interop as well). Here's an Intel blog post that I found useful in explaining transceiver technology and the alphabet soup of terms used in 10G Ethernet networking. Other 10 Gig products that...
Wednesday, April 30, 2008 6:55 PM/EST
In order to give Cisco's Catalyst 4900M switch a run for its money, I took the unit to Ixia's newly inaugurated iSimCity test and measurement center in Santa Clara, where I subjected the switch to Layer 2 and Layer 3 tests, alongside a set of power consumption tests. I conducted performance tests on a 4900M unit that was outfitted with two WS-X4904-10GE half cards that each carried four 10 Gigabit Ethernet fiber ports. Taken together with the 4900M's eight fixed 10GE ports, this brought my test unit to 16 ports of full line-rate 10GE capacity. I generated test traffic with Ixia's Optixia XM12 IP performance tester chassis with six LSM10GXM3-01 cards that each had three 10GE ports. I conducted all of the tests in store-and-forward mode, in which the frame size was subtracted from the latency calculation to single out latency introduced by the 4900M. Our first set of tests...
Tuesday, April 29, 2008 10:34 AM/EST
Proper planning and implementation are vital to the success of any enterprise IT deployment, but these issues loom particularly large for a product such as Cisco's Catalyst 4900M switch, which is meant both to serve a foundational role in your network infrastructure and to change--through its swappable card slots--as your organization shifts from 1G to 10G Ethernet. For implementation advice and detailed pricing breakdowns for the hardware that I tested in my Catalyst 4900M review, I worked with representatives from the San Francisco office of FusionStorm, a Cisco Gold Certified Partner with offices across North America. To be clear, Cisco provided the actual 4900M that I tested and also provided special engineering support to help ensure that product testing proceeded expeditiously. As I learned while working with FusionStorm, some seventy percent of the hardware costs of the Cisco 4900M switch tied up in the half cards and transceivers that an...
Thursday, April 10, 2008 7:41 PM/EST
Cisco, Microsoft and the Trusted Computing Group for the third year in a row sat down and alternately hugged, kissed and politely swatted at each other. This is the second year I've attended the RSA session on the future of NAC -- which is intentionally not spelled out because the acronym means different things to Cisco and the rest of the world. The bottom line is that NAC (network access control or Network Admission Control) is a noticeable but still relatively undersized part of the security market, despite years of media and marketing attention. According to Lawrence Orans, an analyst at the Gartner Group who has spent the last five years tracking NAC, the market in 2007 was estimated at about $250 million compared with about $3 billion spent on firewalls and about $750 million spent on IDS (intrusion detection systems). The theme set forward by Orans was "overcoming obstacles...
Tuesday, April 08, 2008 7:54 PM/EST
San Francisco (4/8/2008)--The "Mitigating Virtual Machine Security Vulnerabilities" panel with newcomer Fortisphere, old-timer Configuresoft and nonprofit security adviser the Center for Internet Security was so popular that RSA officials had to turn away hundreds of attendees. I'll summarize the most important things that system and network managers should consider when securing virtual machines, but first let me say that Fortisphere is one of the most interesting companies at RSA. I had a chance to sit down with Fortisphere's Chris Farrow yesterday in a private briefing. In a nutshell, Fortisphere tags VMware virtual machines with a kernel-level driver so that the machine and any children that are cloned or snapshotted from the VM can be tracked as it moves around the virtual environment. OK, so here's what came up at the panel. Watch guest-to-guest communication. Can your IDS or firewall products secure against guest communication on the same host? Most likely...
Tuesday, April 08, 2008 1:28 PM/EST
Moderator: Burt Kaliski, Scientist, RSA Laboratories and Director, EMC Innovation Network 10:25 RSA Conference, San Francisco, CA 4/8/2008 Panelists: Whitfield Diffie, Vice President and Fellow Chief Security Officer, Sun Microsystems Martin Hellman, Professor Emeritus of Electrical Engineering, Stanford University Ronald Rivest, Viterbi Professor of Electrical Engineering and Computer Science, MIT Adi Shamir, Professor, Computer Science Department, Weizmann Institute of Science WD: [We're seeing a] call to action where there should be a call to question. Instead of a call based on a Cold War approach. The essential problems of building secure crypto systems seem for all practical purposes to be solved. We've worked on it for 80 years. We have a pure barrier objective that stands. On the other hand, Internet security is a mess. Gossler at Sandia Nat'l labs says the adversary sits on the other side and picks at your infrastructure. In information assurance, the development cycles in...
Tuesday, April 01, 2008 5:05 PM/EST
I asked Adam Bosnian from privileged access management maker Cyber-Ark what sessions he thought would be interesting at RSA. He's going to the application security sessions. In years past, he's seen these sessions focus on application coding security tools to look for buffer overflows or other coding errors that could create a security risk. I'll also be interested to see if, because of SOA, app makers will focus on making apps while leveraging security products such as Cyber-Ark's newly announced Enterprise Password Vault 4.5 to take care of access management. This isn't the first time I've heard a security company talk about wanting to see app makers give over access management to a specialized company instead of building access management from scratch. And the features in the latest version of Enterprise Password Vault include a verification process that checks the stored password with the credential used on the target system...
Thursday, March 13, 2008 5:23 PM/EST
IBM announced its acquisition of enterprise single-sign-on vendor Encentuate on March 12. Ian Yip has interesting analysis of the deal here. I've been following Passlogix and Encentuate for years and I have to agree with Ian on the business analysis. Also what this means for IBM customers who bought ESSO from IBM....
Wednesday, March 12, 2008 6:46 PM/EST
VMware and Citrix XenServer cordially traded shots at the annual N-Square dinner hosted by the Internet Research Group on March 11 at Ming's Restaurant in Palo Alto. (The "Happy Family" was delicious, and it was a nice place for a group meeting.) IRG (Internet Research Group) principal Peter Christy started off the main event of the evening by forbidding marketing-speak and introducing Nand Mulchandani, a senior director at VMware and Simon Crosby the CTO of XenSource at Citrix. Both Mulchandani and Crosby agreed that customers who were facing security problems most often did so because they incorrectly implemented virtualization, or improperly configured the virtual infrastructure once it was in place. Crosby made the case that open was better than proprietary because the code base is open to examination by the most paranoid minds including the National Security Agency. Further that the NSA contributes innovative advances in virtualization security along with...
Friday, March 07, 2008 5:23 PM/EST
Ray Sirois, IT manager for water engineering firm Wright-Pierce has a problem with Autodesk's AutoCAD 2008. Sirois took the unusual step of issuing a press release announcing that his company would stop work on any upgrade plans until performance problems are resolved. The backstory is that in 2004, my former colleague Henry Baltazar wrote a review of Riverbed Technology's Steelhead application acceleration/WAN bandwidth optimization products. Baltazar also wrote a case study featuring Sirois and Wright-Pierce, one of the first U.S. customers of Riverbed. Then, Sirois was a very satisfied customer. Today, he's frustrated at what he calls a lack of communication and corrective action from Autodesk. For the record, he remains a very satisfied customer of Riverbed. Today, according to Sirois, when a user saves a file in AutoCAD 2008, the contents of the DWG (the native format for AutoCAD drawings) file are reordered. This reordering makes the file appear...
|
|
