There was a time when you didn’t have to be a rocket scientist or a network engineer for that matter to figure out the driving need for enterprise data communication systems.
Go back less than 10 years and the bulk of innovation in networking focused on one requirement: more bandwidth, more bandwidth and more bandwidth.
Along came switched Ethernet and, through that technology, the ability to squeeze gigabits per second onto copper cable. The need for speed has taken a back seat to other areas of development. Today’s enterprise network equipment incorporates better-than-ever designs coupled with Layer 2 to Layer 7 intelligence that makes switching and routing gear near rock solid in terms of reliability.
The present and future, among other things, sees the focus of innovation shifted to addressing things like security concerns and greater network intelligence. More and more network infrastructure equipment and solutions today come equipped with built in encryption/authentication capability and/or firewalls imbedded in routers, switches and even network interface cards (NICs).
Modern enterprise networks are smarter than ever, as equipment makers build in caching capabilities for moving applications and data closer to users and smart agents and other probes that make the task of managing networks that much easier and richer.
So, what’s in store for tomorrow? Where is innovation in enterprise networking focused and what’s looming on the horizon as far as advancements likely to be seen sooner or later?
Here are some possibilities, brought to light during discussions with senior managers and chief engineering architects associated with leading manufacturers of network equipment and solutions.
Here’s an area that ranks top of mind for customers and equipment makers. Vendors are focusing tremendous effort in network products and solutions innovation. There are many aspects to consider when it comes to security: defending against external intrusion, data stolen from the inside and securing data that travels across public networks. Each of these requires a different type of solution.
“The important thing you must realize about security is that you are either one step ahead or one behind those who are trying to break in,” said Nick Hallwood, director of solutions strategy for 3Com Corp. “There will always be the next problem to solve.”
According to Eugene Lee, a vice-president for enterprise computing for Cisco Systems Ltd., the key challenge in IT security innovation is to make it an inherent and imbedded function in all network computing devices, especially infrastructure hardware. However, technology innovation will drive beyond simple built-in security capability.
“The next phase is to make the network behave like a physical organism,” Lee said. “So, if the network becomes infected, then make it protect itself. Like human bodies, it needs to happen organically.”
That will mean imbedding all sorts of security functions and processes within network infrastructure and other connected devices. Not only that, but building in intelligence that makes these pieces all work together – so that from a security perspective the whole is much greater than the sum of the parts, so to speak.
According to Hallwood and Lee, it’s a matter of building network infrastructures that have high intelligence to provide security, more intelligent devices, which collaborate with one another through a common fabric. The result becomes an inherent system that has the ability to not only detect intrusions, infections and other events, but then invokes or triggers a response.
Cisco is at least one vendor starting down the path of building within its equipment an intelligent network security fabric, through efforts to create what are called “shun” functions: things like intrusion detection that dynamically and automatically adjusts QoS parameters, VLANs and control lists in the event of a breach and as an effort to defend against further attacks.
“It’s a defence against what is perceived as an attack,” Lee said. “It’s the way to think about where networks are going in the space of security.”
Power Over Ethernet
The notion of running DC power through an Ethernet-based Category 3 or 5 connection is not a new idea. In fact, it was often perceived among the main inhibitors to the adoption of LAN-based telephony since not having electrical current running through LAN cabling meant telephone handsets had to be located near power outlets, a prospect considered not always convenient or practical.
But according to Kelly Kanellakis, director of Technology (Canada) for Enterasys Networks Inc., power over Ethernet in the form of universal network-based DC power that delivers power to devices over an Ethernet jack is coming.
“It’s going to take years for this to be rolled out,” Kanellakis admitted. “Standards are just being defined now, but people are just beginning to develop it.”
What we’re talking about here is standard-based electrical power that replaces the grid for small devices – things like Palm pilots and other network-connected PDAs and “appliances” that could be powered through network cables rather than batteries or traditional power outlet sources.
The idea would be to create a universal power source type that would exist all over the world. Network cables that provide current is not a revolutionary idea, but addresses pragmatic issues. It is a convenience and Kanellakis said he expects this sort of innovation to give the consumer market a tremendous push in adoption of networked devices because it will change how consumer products are built, particularly small mobile devices that require communications. Instead of powering them separately, you use the communication link.
“The reality is that once you have such a power source, the next products to adapt to it are wireless access points,” he said. Kanellakis explained that a key practical application in the enterprise space would be for wireless access points, which could be powered by the hard-wired cable itself.
“That [ability] would significantly reduce the cost of deploying wireless access points and potentially speed adoption, because it becomes easier to deploy.”
Wireless Data Technology
Laptop manufacturers are beginning to ship equipment with wireless LAN-ready function and it’s expected these will become much more standard features by the end of this year and beginning of next. PDA and other handheld devices are expected to be next.
These devices, then, will have the ability to connect to wireless LANs – not to be confused with connectivity to cellular networks. The next phase will be to provide roaming capability built into wireless devices that automatically switch communication modes or the networks to which they are attached. So you walk into a particular business location and your laptop, handhelds and other portable computing devices autosense the communication sources available and activate themselves to link up accordingly, without having to configure the connection yourself.
According to Kanellakis: “The chipsets for such capabilities are in development, so we’re only a couple of years away from seeing products.”
Hallwood agrees, saying it should soon be possible to create automated connections to telephone networks, wireless networks and data networks. He points to Bluetooth technology as among the enablers to such automation.
“Once all devices come equipped with Bluetooth,” Hallwood said, “then it won’t be long before applications that provide seamless synchronization (also) appear.”
The effort to eliminate multiprotocol networks continues. Cisco’s Lee describes it as the broader trend towards convergence, explaining that enterprises in the future will look to make their network infrastructures as consistent as possible.
“There continue to be other networks within the enterprise that customers want to make seamless and consistent,” Lee said, explaining that many banks still operate between three and nine different network types that services such applications as automated bank machines, telephone systems and computing systems. “Enterprises want to converge these into one system.”
Of course Cisco, and many other vendors, believe IP-based technology is the current best bet for convergence. But there are serious questions about IP’s ability to provide everything that’s needed. The key challenge is in that technology’s ability to handle multimedia communications and to prioritize application and function-specific traffic.
“We’ll continue to see more intelligence in branch routers, switches and all points of entry into networks,” Lee said.
Wireless Bandwidth Boost
OK, so there’s still a need for speed and more bandwidth, but the focus is on boosting wireless technology performance. According to 3Com’s Hallwood, over the next year or two bandwidth increases for wireless will be among the key areas of focus in network technology innovation.
“There’s still a bottleneck in (radio) technologies, where the top end is 54 Mbps,” he said. The limiting factor is the bandwidth available in the radio spectrum, which has a theoretical limit to how many packets per second can be squeezed through a radio frequency. According to Hallwood, compression will be a key to cranking up wireless performance.
“The same situation once existed in wired connections,” Hallwood said, explaining that the once-held belief prior to switch technology was that Ethernet performance could not be increased much beyond 10 Mbps.
“I have no doubt that there are people working on solutions that will eventually provide higher speeds and capabilities (with radio wireless).”
You visit a business partner’s office and your computing devices automatically connect to that location’s network, providing you with “visitor-level” access to things like the Internet of some corporate information. Of course, employees have other levels of access, depending on their privileges and job functions.
Take the same concept and go a step further. You go to a coffee shop for your regular morning java hit and have wireless LAN access to the Internet. If you’re a paying subscriber, you might conceivably have full high-speed access. Conversely, if you’re an infrequent client, you might only have low-speed access to a corporate intranet.
The concept is called visitor-based networking and there are systems that provide elements of this sort of function today.
“The trick is having all the back-end billing systems set up that understand how to do that,” Kanellakis said. “Most telephone companies have these systems and it’s a matter of getting all networks to do that.”
It’s a great idea from a retailer’s standpoint. Fast food restaurants could provide remote access through a Wireless LAN and charge visitors a fee, based on usage. Such a service could be an enticement for regular customers, to keep them coming in, and to encourage others to be more regular patrons.
Think about pay-per-use cellular telephones. Revenues earned through these services accounts for a sizeable number of dollars earned by wireless and cellular communication service providers.
“Why not pay-per-use wireless LANs, which might conceivably generate large revenue,” Kanellakis said. Think of what these services could do for coffee shops and fast-food restaurants like McDonald’s in terms of creating new revenue streams. The fast-food giant’s goal is to have locations with a couple of kilometres of each other within urban centres, so it’s conceivable that McDonald’s could become a deliverer of wireless Internet connectivity, given such close proximity of locations, Kanellakis said.
This is the idea of creating a network that personalizes itself to you rather than the devices you happen to be using. That means the network is ascribed rights to the user based on identification provided through whatever computing device that user happens to be using.
“Conceivably, that means I can pick up somebody else’s machine, and (through it) identify myself (to a server location) and have the network and its resources adapt to who I am,” Kanellakis said.
The implications here would potentially address a wide range of security issues regarding the current frustration of securing devices. Beyond that, such networks would dynamically offer different levels of service to people – again, depending on their profiles and access rights.
But what identifier to use? Currently passwords and user codes primarily serve that function today, but in the future it’s conceivable identifiers might be smart cards containing a person’s user profile and rights, which would be placed into a standard slot in computers and other network access devices.
What about biometric technologies such as fingerprints and retinal scans?
“I’m not a big fan,” Kanellakis said. “The issue with biometrics is…those images are stored somewhere digitally and I simply have to steal a file that has coded your fingerprints or whatever into it. It’s the same problem as stealing passwords. Actually it’s a bigger problem because I can get a new password. I can’t get a new finger.”
Multimedia and SIP
SIP, or Session Initiation Protocol, is a technology designed to allow multimedia sessions over IP or any underlining communication technology and between any SIP-enabled devices. The standard continues to evolve and it is now imbedded within the latest versions of Microsoft Windows.
The biggest hindrance to SIP, according to Kanellakis is that firewalls today and networks in general aren’t designed to handle these sessions. Routers, firewalls and VPNs don’t support SIP today and what’s currently being used are devices called bypass boxes (SIP proxies), which act as proxies to handle SIP traffic and sessions. These are only now coming to market, but ultimately what will be needed are SIP proxies actually imbedded into traditional network infrastructure equipment like routers and switches.
“That’s the direction we’re taking,” Kanellakis said, saying SIP proxies will quickly usurp router and switch-attached proxy devices, and likely be introduced as free or low-cost enhancements to network equipment. “We don’t think companies want to pay for the separate box.”
The SIP standard can be imbedded across a multitude of devices – it doesn’t matter if it’s a telephone, laptop, PDA or other computing appliance. As long as it is SIP-enabled you can use any and all of these devices to communicate with others, who in turn may be using different SIP-enabled devices to communicate with you.
The first iterations of SIP proxy-equipped network gear should be available early next year.
McLean is director of outsourcing and IT utility research for IDC Canada Ltd. in Toronto. He can be reached at [email protected].