animind - Fotolia
For a while now, white-box switching has been largely the domain of hyperscaleparticipants like Google, Amazon and Facebook that have the resources to afford the technology. According to Andrew Lerner, an analyst at Gartner, that gap between traditional integrated switching and white-box switching will start to close. How will this happen? Lerner says there are a few different deployment models: network switching vendors allowing their software to run on white-box hardware; network switching vendors allowing other vendors' software to run on their hardware; or infrastructure software vendors like VMware and Microsoft certifying hardware switches, and providing the networking software or operating system. Lerner calls this idea bright-box switching, also known as "branded label switching."
Read more about the benefits of bright-box switching, according to Lerner.
Multinode server platforms versus blade servers
Current Analysis analyst Steven Hill wonders if the popularity of high-density multinode server platforms is due to their capabilities or if their usefulness is exaggerated because of the sudden popularity. He also suggests that these platforms are simply small-scale versions of blade servers. Cisco's UCS M-series, Dell's X2 series and HP's DL1000 Multi-Node server have blade server counterparts. Hill points out similarities such as "shared resources for power and cooling, input/output that is aggregated at the chassis and the ability to hot-swap server modules without disrupting chassis-level operations." While he doesn't say this is a bad thing, he points out that it's interesting these systems are hardware-based and not targeted at the virtualization market.
Read why Hill says the success of these servers could mean a lot for traditional hardware vendors.
Cloud Security Alliance creates affordable security defense technology
Securing your network on a tight budget may have gotten easier, says blogger David Monahan in an Enterprise Management Associates Inc. blog. The Cloud Security Alliance (CSA), a non-profit think tank of volunteers, recently held a hack-a-thon to test its software -defined perimeter (SDP) security initiative. For a month, amateurs, self-taught enthusiasts and hackers -- as well as trained professionals from more than 100 countries -- tried various tactics to breach the perimeter. None of the attacks was successful. SDP works by sealing a perimeter around a network in the cloud, demilitarized zone (DMZ) or data center. Dense security layers are the key to intrusion prevention. "Yes, a key can be extracted from a certificate, and yes, some [one-time passwords (OTPs)] can be guessed, but the odds on being able to do both to render a guess of a 64-bit OTP (that’s a number the size of a trillion, trillion or 1×10^24) and work out the certificate issues and falsify the [security assertion markup language] assertion are just too great a combination on a per-attack basis," explains Monahan. Because the SDP is based on open source technology, the only things users are responsible for buying are the hardware, operating system and certificates.
Read more about how the Software Defined Perimeter works.
Virtualization and data center networks
PacketLife blogger Jeremy Stretch wrote that server virtualization has made building a data center network more difficult because of the challenges of Layer 2 network and MAC address aggregation. Among the major challenges of Layer 2 networks are determining how to get rid of forwarding loops and large MAC table sizes with too many addresses for switches to memorize. When it comes to MAC aggregation, Stretch wrote, "Historically, the problem with MAC addresses has been that they are both globally unique (mostly) and pseudo-random." While virtualization adds more complexity, Stretch says, the technology actually might be giving users some control over the process -- for example, the ability to match MAC addresses to virtual machines. He uses VMware as an example, "VMware VMs typically use the OUI 00:50:56, with the lower 24 bits generated by some dynamic function. Unlike in the physical world, there's nothing preventing us from writing rules dictating what MAC addresses get assigned to a VM."
Read more of what Stretch says about virtualization and data center networks.