HP Networking
Discover how the new HP Networking combines the technologies and alliances of 3Com, ProCurve and TippingPoint into the next networking leader.

Displaying articles for: August 2010

Very large L2 networks for cloud and virtualization

488iE0F3D23D9C9DDACBThe trend towards virtualization is driving a significant shift in how the industry and customers approach networking in the Data Center. One only has to look at the last 12-18 months of headlines and press articles from the enterprise sector to see that the data center has a renewed focus in the eyes of the vendors and has become a key battleground for industry and customer mindshare in IT, and in particular networking.  The bevy of new products, architectures, technologies and even standards are defining 'data center networking' a distinct and unique branch of networking, where previously it was all but indistinguishable from campus/LAN networking products and tech.

 

This activity has essentially been driven by a shift in technology in the server realm. The popularity of blade systems and advent of multi-core CPU's has enabled the widespread adoption of virtualization technologies. Server virtualization has in turn enabled CIO's to embrace new efficiency and cost models in the data center (aiding another trend, that of rapidly increasing utility costs) and more importantly, to embrace new computing use models such ascloud computing and next gen 3-tier application architectures that can scale and shift computing resources dynamically based on business needs.


SearchNetworking.com Raises Questions About Cisco's Security Strategy

SearchNetworking.com had a thought-provoking article yesterday by Shamus McGillicuddy about Cisco’s network security strategy. The concern that the market has is that, “As Cisco Systems expands into selling servers and consumer electronics, the company is also abandoning key security products, leaving some customers questioning its overall network security strategy.”

 

Freelance blogger and network architect Greg Ferro, who was at our network blogger day events earlier this week, commented in the article, "I have people questioning Cisco's viability in the market. The other vendors are pouring on the FUD as Cisco pulls out. It seems like they are throwing away market share."

 

As an HP enthusiast, it would be easy to jump on the bashwagon, but that would be too easy. Instead I’ll focus on some important points customers are facing today and some important decisions the HP security team is making.

 

Notably, these moves by Cisco are an acknowledgement that the network security market is very challenging, and evolving rapidly. In Cisco’s defense, they probably made some very early bets on security technology that didn’t pan out the way they hoped, notably Security Information and Event Management (SIEM), which they acquired, and NAC, which they developed largely in-house. That’s not to say there aren’t important features here, but they aren’t big growth generators. As security solutions are becoming more complex and addressing a wider range of threats and policy enforcement capabilities, it’s going to be difficult for large vendors to maintain a lead in all areas.

 

Since you can’t lead in all areas, major vendors like HP and Cisco will have to do three things: 1) paint a strategic direction for customers so they can invest long term, 2) focus on differentiating technologies where they want to lead, and 3) partner well. HP Networking is becoming more successful in each of these areas, especially since the acquisition of 3Com and TippingPoint. For example, TippingPoint is still the perceived leader in the IPS space and we continue to grow our investment here accordingly, focusing on our differentiation, and deepening the integration with HP. HP is also partnering in a number of areas where we don’t have industry-leading solutions, such as branch office UTM appliances.

 

HP is also taking the lead in security for virtualized data centers, which is a strategic direction for us and our customers. In my last blog post, I went into some detail about our Secure Virtualization Framework (SVF) which was very well received during our blogger day festivities, and stood out as a strong strategic advantage for HP Network Security. We will continue to define the technology direction here for the market, particularly as it relates to the data center. We don’t expect to invest in “me too” products that we’ll have to abandon later as they lag best-of-breed solutions.

 

But the security market is changing rapidly, particularly as security services that could be applied at desktop endpoints now are migrating into the network infrastructure (Intel, are you listening?). Shared networks, all the way up to multi-tenant clouds are shifting the way we have to think about network security and apply security policies. More and more, the network is becoming the focus for security enterprise wide. Expect more changes to come, and more shifting landscape in the network security space from all vendors.

Labels: security

Unified Communications & Collaboration at #HPNetworkDay

I had an opportunity to talk to Manfred Arndt about HP Networking's UC&C or Unified Communications and Collaboration strategy, and called into Manfred's #HPNetworkDay presentation to listen to the discussion.

 

The session started with a lively debate over the definition of UC&C - and whether it is best delivered as a service via public clouds; or as an enterprise offering through a IT hosted by the enterprise as a private cloud.  The point was also made that one size does not fit all, and that UC&C requirements vary depending on your business needs, the individual role within an organization, and demographic/geographic preferences – for example, with a hospital taking advantage of wireless voice and location based services, but a call-center needing a completely different set of applications.  Greg (@etherealmind) suggested that his iPhone delivered enough UC&C for his needs.

 

Click through to the article to read more about how UC&C isn't just voice or video, how an open standards-based network is critical to support UC&C, and how you can build the business case to move to UC&C. The slides from the presentation are embedded at the end of the post.

HP Network Security Welcomes Industry’s Top Networking Bloggers for Briefings and Demos

I’m excited to be one of the hosts for HP’s Tech Bloggers Day(s) this week (Aug. 23-24, Twitter hashtag #HPNetworkDay). The list of blogger attendees includes: Jeremy Gaddis (http://evilrouters.net), Greg Ferro (http://etherealmind.com), Alex Williams (http://www.readwriteweb.com/enterprise), John Obeto (http://absolutelywindows.com), and Andy MCaskey (http://sdrnews.com). Naturally, I’ll be covering HP Networking’s recent security news and strategy, particularly our focus on the data center and recent news about security virtual environments and our Secure Virtual Framework (SVF).

 

Security for virtual environments is known to be a challenging technology, and it’s increasing in importance as organizations continue to consolidate their data centers, while both server and network virtualization becomes ever more prevalent. I usually sum up the problem for audiences by pointing out the dichotomy of having the industry’s leading in-line IPS appliance from TippingPoint, and the challenge of placing any physical device “in-line” in a virtualized data center environment where: 1) applications and virtual machines are always migrating between hosts (if not data centers) and 2) may not even hit a “real” network when two virtual machines on the same host share east-west traffic that, by policy, should be analyzed and secured. Security devices, of course, whether an IPS or Firewall, have to be in-line with the network flow to enforce policies and block malicious traffic.

 

There are few optimal solutions to this challenge, and even fewer standards between the various constituent vendors, but the approach developed by HP TippingPoint is rather elegant in design, simple to deploy and manage in large data centers, and takes advantage of the best features of our S-Series IPS appliances. The SVF consists of: 1) a highly scalable N-Platform IPS appliance, 2) a software layer deployed into the Hypervisor that redirects relevant traffic (per the security policy desired) to the external (outside the host server) IPS box, and 3) management extensions to the VMware management platform that manages and configures the virtual machines and hypervisors and defines the security policies to be enforced.

 

In the case of two applications resident on the same server host, this kind of traffic redirection introduces some network hops that may not otherwise be required, but the overall latency is extremely minimal when you consider that only the east-west traffic ever would require inspection (north-south traffic can be handled as it enters the data center), and that only certain east-west traffic applies, depending on application zones and policies. This inspection policy may apply to only PCI-related data accessed from applications outside a particular trust zone, which the redirection engine in the hypervisor can determine and redirect.

 

Arguably (and this is why technology is so fun, there are always design issues and points of contention, aren’t there?), a better approach could be to put an entire IPS in software in the hypervisor or the virtual machine itself. This may result in better overall performance, but greatly depends on the amount of traffic being inspected and what is being analyzed by the IPS. The HP TippingPoint appliances are purpose designed for high-throughput and parallel processing of various analytical filters that no software-based IPS can compare to. But ultimately, both approaches are valid and customers will want to have the choice.

 

We look forward to the vigorous debate, sharing more details, and a demo of SVF for our blogger guests, as well as sharing more details and strategy of our HP TippingPoint S-series product family.



Editor's note: We captured a short video of Gary just after his presentation in which he summarizes what he discussed:



3 trends driving changes in the network - Paul Congdon

I had a chance to listen into Paul Congdon's session at the #HPNetworkDay and captured some of the major enterprise IT trends he's thinking about that will influence networks over the next 3-5 years. Paul Congdon is a HP Fellow, who's a founding member of our CTO office, has been in networking for >25 years, and is leading figure in a number of networking standards activites. Paul talked about 3 of the trends that are driving change in the networking space - XaaS, E2EV, and the future of convergence.
Labels: HPNetworkDay

Welcome to the first HP Network Day #HPNetworkDay

Blades and Storage have hosted TechDays before, and now it's the turn of HP Networking. Five bloggers from around the world, descend on Roseville for two days of a big deep dive to see what HP ProCurve and 3COM have become! follow #HPNetworkDay via Twitter
Search
Follow Us


About the Author(s)
  • Editor and writer with 12+ years experience in the corporate software and technology sectors.
  • Teri is responsible for the social media program for the HP Networking and HP Storage business units. Teri has has held global roles in IT, Operations, Sales, Partner Programs, Communications, and Marketing at HP.
Labels