Given the increase in real-time and multimedia traffic, networks are expected to be smarter than ever. The problem is that sometimes a so-called “intelligent network” is really an idiot savant: very good at executing a few specific things at lightning speed, but lacking judgment as to their relevance or appropriateness, and unable to perform some essential tasks.
The networking companies have been addressing this issue for some time, and their work has been both aided and complicated by the fact that networks are becoming completely IP-based. These vendors are also continuing to move out of a hardware-focussed, gear-head approach, and toward networks that have application-specific intelligence.
For Vikas Butaney, Cisco’s director of product marketing in the access technology group, the key to network intelligence is managing bandwidth at the edge, and to do that applications must be prioritized.
“We see more video being deployed into businesses for training and communication purposes, along with voice and even telepresence. As a result, we’ve been driving more real-time applications that need deep packet inspection.” Intelligent networks, enabled by cheaper equipment and aggressive moves by carriers, are now being delivered to mid-sized companies and those larger enterprises that have struggled to deliver rich application availability to branch offices. For Cisco, central to this is its “Empowered Branch”, based on the Cisco Integrated Services Router and Catalyst 2960 Series Switches.
“We focus on remote offices,” says Butaney. “From bank branches all the way to a small doctor’s office or clinic.” Tim Lambie, vice president Americas international for Juniper Networks, offers a similar message.
This is counter-intuitive given the usual emphasis on the end-user, but Lambie’s observation can be considered as simply a better way to deliver on an SLA.
All Lambie is suggesting is that networks perform better when they’re approached from an application, as opposed to a subscriber, perspective. And that this is true on both the carrier and the enterprise side of the equation.
“At the edge a secure port is the only network access point. A smart network knows if you’re safe, if an individual can access that network, but beyond that it is all application driven.”
And, although intelligent networks are application driven, the approach is more and more generic, and not necessarily specific to given applications. Why? Because this is true “intelligence,” in which applications live in one ecosystem, as opposed the savant’s over-ride of specific applications no matter the context. Enterprise applications are now becoming more topical, with overlay networks allowing for the “multiplay” of voice, video and data, as well as wireless backhaul, over a common IT infrastructure.
Cisco and Juniper have been at this for a while, but if network intelligence is really about applications, then everything has to work and allow for certain application overrides, and not just in the context of real-time requirements for VoIP or video.
Solace Systems in Ottawa has a telecom-based product for content aware infrastructure that is used by service providers and large enterprises. Peter Ashton, vice-president of product marketing for Solace, explains that his company can provide a powerfully intelligent overlay.
“Our layer can not only move the content around, it can also understand it. If you have a high dollar-value purchase order, this is more valuable than just web surfing traffic, but today’s IP networks can’t understand this.”
It’s true that most networks today can’t tell the difference between Web services and regular surfing at port 80. Solace solves this with hardware modules for routing and transformation.
“This is a custom product on custom silicon,” says Ashton. “It has high throughput and very low latency. This is a big thing in financial services. We’re based on a total hardware data path, there is no OS that is going off and flushing buffers, refreshing. The hardware approach is 10 to 100 times faster than software, and that includes persistent messaging. If you’re moving $100 million from one account to another it has to get there.”
It also helps for the network to know what’s important, and for that to be for more than real-time applications. In essence today’s intelligent network is involved in highly sophisticated content management. It doesn’t just organize it and know where it is, it also prioritizes it and moves it. Solace, for example, can transform content into different formats and to different devices.
“We can define class of service,” says Ashton. “This is not just to an IP address, but also on content, such as putting a purchase order ahead of an inventory report.”
This level of intelligence, however, isn’t being utilized by the average mid-market company, though Solace does see a market for a simpler solution. Solace’s vision when the company started was that the solution would live on the telecom network: multi-tenancy capabilities were built in, and it can be virtualized to hundreds of customers. But that hasn’t happened as of yet. Most business has been with large enterprises.
Which brings us back to the big networking equipment vendors. Running everything on a unified IP layer means that networks can be smart while also having a pervasive security stance and WAN optimization. All of this has to happen at the edge, too; often it is simple geography that will determine if the connection is T1, DSL, or cable.
In the case of Cisco, its products will automatically create multiple queues, not only putting voice into real-time but also assessing service delivery. Is the organization using Citrix, file sharing, Oracle for business applications? It’s possible to look more deeply into the packet to promote or demote applications. YouTube, though “real-time”, is easily put in the back.
Juniper’s Lambie offers an example of how the move to Services Oriented Architecture has made the identification and use of applications more intelligent.
“Micro SLAs allow network managers to define an application as a service,” he says. “If you look at a gaming or a movie download service, all of the experience components need to be built into the delivery of that application.”
Certain things are then preset — like hardware networking, software endpoint compatibility, and vulnerability assessments on individual nodes before confirming an IP address — with all applications now understood as part of a communications infrastructure.
“Once policy is set, then devices need to be able to communicate on a standard protocol,” says Lambie. “This is not always through a policy manager. High performance infrastructure needs to make dynamic changes, with the focus entirely on the applications. When intelligence moves toward the edge this is a bigger challenge than focusing on the core. It’s really a function of scale.”
Many enterprises just assume network connectivity, but often the protocol has to be spoofed. Securing speeds and application availability is particularly valuable in the satellite space, where there is more than enough bandwidth, but latency is high. WAN optimization can allow for a deeper look into the packet, allowing TCP acknowledgments to travel back and forth on delay-sensitive networks, including the likes of retailers using satellite systems and, as it increases in popularity, 3G cellular networks.
In the end, it’s this kind of flexibility, visibility, and execution that separates the network that functions as an impractical genius from the one that applies practical intelligence.