Static Networks, Billowing Expectations
Networks are joining more devices and more powerful systems everyday; this thirty year mega trend won’t be slowed by a troubled global economy or the howls of doom and gloom merchants. While many investors may indeed question the network infrastructure 1.0 leaders about what their next few quarters will look like, the real questions should be about where this dynamic of relentless connectivity and billowing expectations will take us.
Cisco (CSCO) has predicted that there will be 14 billion IP addresses by 2010. Virtualization is entering the data center and there is already a meme explosion underway about the promise of cloud computing. Mix in RFID, wireless/VoIP, consolidation and other enterprise IT initiatives and you have the makings of some serious turbulence facing CIOs managing networking initiatives tasked with fulfilling vast, billowing expectations with incremental-based (and in some cases shrinking) budgets.
This could drive an explosion in new IT potentials or a painful series of enterprise micro events as CIOs wonder what happened to the usually available and secure network. Now more than ever IT initiatives will depend on automation and heightened connectivity for success.
I think Cisco has handled this topic deftly by lowering short term expectations while setting a bigger stage with this recent and more forward-looking Chambers video. I think Cisco is correct in suggesting that the network will become more strategic to the business for many recession survivors and “thrivers”. It also has to become more intelligent. CIOs will be investing in making their teams more productive through automation and connectivity intelligence in order to reconcile static networks with billowing expectations.
F5 Networks (FFIV) also seems to be seeing where this is going as well, and is also discussing this new, dynamic network Infrastructure 2.0. I think both Cisco and F5 understand the implications of what we’re witnessing and are positioning themselves to reap the vast benefits while other players (who don’t get it or are ill-positioned to reap the benefits) obsess about the economy.
Virtualization Already Pushing the Envelope
VMware (VMW) and Microsoft (MSFT) are now pushing the envelope with virtualization solutions that are adding more server movement and more automation in the data center while the network security players watch another month go by without a solution to the “connectivity intelligence problem” posed by the mobile VM being protected by a static, manually-tuned appliance applying policies based on location or zone. Rich Miller said it all weeks ago:
The theme I noted most at VMworld 2007 a year ago was "security." This year, it seemed noticeably absent. My sense is that the industry has yet to catch up and capitalize on VMsafe. Because all of the "next generation" of offerings from VMware and the independent providers are still in development, no one made too much of security issues.
The issue comes down to static infrastructure incapable of keeping up with all of the new IP addresses and devices and initiatives and movement/change already taking place in large enterprises. The notion of application, endpoint and network intelligence thus far has been hamstrung by the lack of dynamic connectivity, or connectivity intelligence. So virtualization gets boxed in when it comes to the data center within hypervisor VLANS, or virtualization-lite.
VMware’s Biggest Threat Isn’t Microsoft
Virtualization-lite is VMware’s biggest threat looking forward, not Microsoft. Virtualization-lite is a Microsoft ally that will help it make tactical line extension inroads while VMware attempts to fully exploit first-mover advantage. VMware is on the front line of the move to infrastructure 2.0 even if it doesn’t realize it yet. It needs dynamic infrastructure to accelerate the virtualization of the production data center; and the network security needs it to deliver on the VMsafe promise.
Without fully-enabled VMotion, the business case for virtualization looks a lot like the “mime in a box” routine; it’s still interesting, but it is not compelling enough to get enterprises to virtualize large portions of their data centers, because the promised (and sizable) savings payoff is trapped within VLAN spaghetti deployments. Limited motion means crimped savings and flexibility.
Billowing Clouds: Omnipotent or Ominous?
Yet there is even more pressure threatening the static network as cloud computing arrives on the IT scene, promising cloudplexes filled with racks and stacks of blade servers powering and moving VMs while reducing IT costs via more efficient services. I’m still asking what the competitive advantage is of a very large data center (whether it’s in Quincy, WA or Lenoir, NC) if network infrastructure cannot keep track of where these packets are flying? If 25% of DNS servers are still vulnerable to Kaminsky flaw, just how far can cloud computing go?
However, the cloud introduces a factor that scares the “bejeezus” out of most IT administrators: a dynamic world that gives the appearance of a complete lack of control. How does IT control the security of their data and communications between their own facilities, the Internet and third party cloud providers? How do they secure the performance of systems running over the Internet? Is it possible to have any view into the health and stability of a cloud vendor's own infrastructure in a way meaningful to the Network Operations Centers we all know and love?
Placing robust enterprise apps in the cloud may be akin to pocketing the “savings” from going without health insurance. There are already infrastructure integrity issues emerging; Cricket Liu and Dan Kaminsky have already advised us that we’re in a new era of DNS. That’s a tactful way of saying that the decades old services that are at the core of pretty much every TCP/IP network have flaws that need to be fixed. And many are still addressing them manually and some have still not addressed them
You can read a roundup of recent DNS security news here. The issue is clear: cloud depends on very high network integrity, or the intelligence of what is connected to what. Yet many think that we’re just in another “speeds and feeds” race with more powerful systems. Very few are considering new mobility dynamics and the potential mess that could emerge if dynamic systems and endpoints are connected by static, manually managed networks empowered by static budgets.
Gartner addressed some of the networking aspects of cloud in their June 23rd paper, "You Can’t Do Cloud Computing Without the Right Cloud (Network).” F5 mentioned this at MacVittie’s recent DevCentral blog. Yet the network requirements (according to some experts) for cloud seem to be focused purely on scale and throughput and not the flexibility and integrity of the infrastructure, which is what I think ended up raining on VMware’s VMsafe and the paucity of offerings for protecting mobile VMs.
Urquhart is also among the first to talk about the network as a critical cloud enabler (again from his Wisdom of Clouds blog):
When it comes to infrastructure, I have been arguing that the network must take more of a role in the automation and administration of public, private and hybrid clouds. However, let me add that I now think enterprises should look at the network as a point of control over the cloud. Not necessarily to own all of that control--services such as RightScale and CohesiveFT, or cloud infrastructures such as Cassatt or 3TERA have a critical role to play in orchestration and delivery of application services.
VMware charged into the data center and ran head-on into unanticipated static infrastructure demands, either internally or in the product planning rooms of its technology partners. Cloud is destined to repeat the Charge of the Light Brigade if it doesn’t learn from VMware’s lessons.
Infrastructure 2.0 is the Catalyst for What’s Next
This chasm between rising IT expectations and sobering network infrastructure budgets and realities has set the stage for a highly resilient and lucrative boom in dynamic infrastructure enabled by companies (like Infoblox) which automate core network services like DNS/DHCP and even IP address management. This automation enables smaller network teams to manage larger and more complex networks than what was otherwise possible, delivering the levels of availability, scale and control needed for Infrastructure 2.0. About 20% of the Fortune 500 companies are now automating those services in at least some capacity.
Automating these services delivers a new level of connectivity intelligence between applications, networks and endpoints. Think of this intelligence as a kind of Cambrian explosion precursor for IT. Dynamic and intelligent connectivity between networks, applications and endpoints set up pre-conditions for massive innovation and concomitant wealth creation in the networking space. If you like the explosion taking place today in social networks as people sign up to track others in real time, imagine the potential for network infrastructure. (Hint: you won’t need ads and eyeballs to monetize a dynamic network.)
Like water is seen as being a requirement for the formation of intelligent life, connectivity intelligence is a requirement for the evolution of dynamic infrastructure, or Infrastructure 2.0. Advancements in network intelligence enable advancements in endpoint intelligence and application intelligence, and so on.
Connectivity intelligence enables real-time tracking and interconnectedness between networks, applications and endpoints. The lack of connectivity intelligence has driven up networking costs and heightened pressures on already tight budgets. This recent Computerworld MarketVibe survey is the smoking gun. It shows mundane, error-prone IPAM (IP address management) tasks escalating as networks grow, producing diseconomies of scale. It doesn’t take a giant abstract leap to suggest that IPAM is a metaphor for a range of tired, manual processes that have been hidden in the bowels of growing IT spends.
These manual processes will be eliminated as the network becomes more dynamic, more powerful and more intelligent. The networking industry will become strategic again to the enterprise business.
VMware and Microsoft are delivering hypervisors that automate the creation, removal and movement of servers yet the network hasn’t evolved to a point it can keep up with those factors of change. And just how far will cloudplexes go if they depend on the integrity of a static network experiencing unprecedented pressures? In essence, this is the conundrum that VMware already faces, which creates massive new opportunities for Cisco, F5 Networks and others, despite economic woes. After all, budget tightening will only put more scrutiny on tired manual processes. And without automation, these networks will become progressively more expensive as more IP addresses are added.
Disclosure: Long Cisco.