Data centre saviours

IT managers are always looking for ways to improve efficiency in the data centre. This endlessly dynamic part of the business is notoriously difficult to manage and secure with companies constantly struggling to optimise performance. Some notable emerging technologies, however, are promising to solve these problems.

  • E-Mail
By  Simon Duddy Published  October 26, 2004

|~|netscaler-guy_m.jpg|~|“Consolidation is the way the business is going. Now that the technology makes it possible, aggregating functions in to one device is another way of adding value to the user,” — Bisham Kishani, product manager for US Telecommunication, a distributor of NetScaler products in the region.|~|IT departments are increasingly being asked to implement advanced applications to add an edge to the business. But if these applications are not managed correctly they can create a drag on resources that will result in benefits not being realised or, in a worst case scenario, may even grind the business to a standstill. Efficient management of the data centre is therefore critical. Technology, as well as being a cause of complexity and headache for the IT manager, can play a key role in buttressing the business. Hardware appliances such as Layer 4-7 switches, network virtualisation and autonomic computing are all vying for the attention of the IT manager and offering cost savings, greater efficiencies and less intensive management. Layer 4-7 application switches sit between the data centre and the wide area network (WAN) and aim to make interaction between the two run more smoothly, by carrying out a combination of tasks that can include load balancing, security monitoring and off-loading web traffic. IDC estimates that the market for these devices will grow to almost US$800 million by 2008, which represents a sizeable sum for a niche product segment, reflecting the pressing priorities in the data centre. The market is led by Cisco with 40% share, according to IDC but small companies, such as Radware, Array Networks and NetScaler, are grabbing headlines with their combination devices for the data centre. Traditionally, a device would carry out one task for example load balancing or secure sockets layer (SSL) acceleration, but the increasing trend is towards consolidated devices. The primary driver behind this is cost, with consolidated devices allowing the data centre manager to avoid investment in several discrete devices. This development is a natural step in the evolution of the data centre, which has seen the addition of several types of niche devices that can improve performance or protect it from attack. However, these devices often have redundant features, are costly and difficult to manage and support. It makes sense to aggregate these functions into one device. “Consolidation is the way the business is going,” says Bisham Kishani, product manager for US Telecommunication, a distributor of NetScaler products in the region. “Now that the technology makes it possible, aggregating functions in to one device is another way of adding value to the user,” he adds. Indeed cost cutting is very much the core business of the Layer 4-7 application switches, with the products developed to combat slow server performance caused by issues such as data transmission using transmission control protocol (TCP). Although TCP sessions are short, they are typically numerous and can have a telling effect on server performance. Layer 4-7 devices allow IT managers to offload TCP traffic from the server, which allows them to concentrate on their core processing tasks. With many companies aiming to deliver enterprise resource planning (ERP) and customer relationship management (CRM) applications to remote employees over the WAN or the internet, vendors are seeing an opportunity to facilitate these without companies’ requiring large scale investment in servers and infrastructure. The trend towards consolidation means that the devices are branching out from their application optimisation heartland and towards areas such as security. On one hand this makes sense, as their strategic position just outside the network is the perfect place to counter some of the newest threats to emerge from the internet, such as memory resident viruses. “With security threats becoming more sophisticated each day, an application switch adds an extra and important layer in the security architecture of a data centre. Different techniques can be utilised from wire speed access control lists to spam prevention,” says Yarob Sakhnini, regional technical manager, Foundry Networks. “Since application switches can see deep inside the packets it will become a very logical and effective layer in providing intelligent network based spam prevention, if the switch has very high processing capabilities,” he explains. It also makes sense for IT managers to aggregate security functions on one appliance, as it is easier to manage a combined device, rather than separate appliances, perhaps from different vendors. With many discrete devices, security loopholes can appear if policy is not uniformly and rigorously imposed. “With the Nauticus [Sun’s secure data centre switch], network designers can stop worrying about where to process SSL,” says Hein Vandermerwe, senior data centre architect, Sun Microsystems. “Concerns about network blind spots and privacy loopholes disappear, since all SSL handling and load balancing is integrated through a single node. The Nauticus can decrypt incoming traffic, apply firewall and load balancing policies to the clear-text contents, and then re-encrypt the data before sending it on,” he explains. While these are undoubted boons for the data centre, logically this argument falls down when the possibility of the appliance failing is brought into question. It is bad enough to lose one security function through device failure but to lose several could be catastrophic. “My biggest concern would be single point of failure,” says Justin Doo, Middle East & Africa managing director for security firm Trend Micro. “You’d really need to build in redundancy if it was going to be truly secure. Alternatively you could have a very strong supply chain agreement, that is, a vendor always having a minimum of 50% of your installed appliances in stock and available within a working day. An additional concern would be if one of the component sets started to perform poorly — how easy is it to get off-box?” he adds. For this reason, there will always be those businesses that prefer to use discrete security devices, even if it proves to be more expensive and a greater management headache. Advances in Layer 4-7 application switches are also playing an important role in encouraging greater virtualisation in network infrastructure. Many analysts are tipping a virtualised network to complete the triangle of virtualised IT segments in the data centre, with virtualised storage and server concepts already relatively common. “We expect virtualisation of private infrastructure to take the whole data centre to a virtualised platform, although this will take five or six years,” says Luis Leamus, senior vice president, Executive Directions, Meta Group. Virtualisation can work as the glue that binds Layer 4-7 switches to the rest of the data centre and this makes it central to the plans of many vendors. Cisco is emphasising its intelligent information network (IIN) vision, rather than specific solutions, and tying the infrastructure to the overall architecture becomes key. “We have a five year goal for an intelligent infrastructure. We’re putting more intelligence into the network but we don’t want the Layer 4-7 solutions to be isolated. It’s more about the data centre architecture than the point solution,” says Marc Gullop, systems engineer, Cisco South Gulf. “For example, we have a partnership with IBM so that Tivoli can provision Cisco network equipment and we partner with HP and Oracle so our infrastructure can integrate into their intelligent data centre architectures,” he explains. This increased use of virtualisation can bring increased management headache, however. Access control and isolation rules are vital components of any implementation and need to be handled correctly. “This is an important consideration. If this is not pre-designed, there can be potential problems with customers of one virtual environment accidentally or intentionally getting into another environment,” says David Lynch, vice president of marketing, Array Networks. “The flexibility of the solution is another important factor. This is not an environment where one security policy, or even look and feel will work for every customer group that is connected,” he adds. End users face another dilemma when looking at this market, as smaller players like Array Networks and NetScaler offer promising solutions along with more established players like Cisco, f5 Networks and Foundry. While the smaller companies cannot match the breath of Cisco’s vision, they can make claim to more robust solutions in niche areas. “NetScaler has the advantage of the highest performing application switch platform in the market and we are focused on enhancing our competitive advantage over Cisco and Nortel by extending our optimisation technologies to cover all IP based traffic,” says Mark Edge, senior director NetScaler EMEA. However, smaller companies cannot match the research and development clout of companies like Cisco, as well as their worldwide, well-established support network. The realm of application switches is where a lot of the action is taking place in terms of increasing efficiencies on traffic flow and bolstering security but no matter how confident an IT manager is about his network, monitoring and fast troubleshooting of problems is critical. This is where autonomic computing comes in. At the moment, if you want to know what’s going on in a network you have to use software agents to poll activity. This is time consuming and inefficient but if you have intelligence built into network elements, for example routers, you can get realtime information on network status. While on-router autonomic technology is still in its infancy, the practice of building self-protecting and self-healing features into the data centre is not a new one in the Middle East. “The Middle East is using the latest systems management tools and technologies to a very advanced extent,” says Bashar Kilani, manager of IBM’s software group for the Middle East, Egypt, Pakistan & North Africa. “The only difference between data centres here and anywhere else is the volume of transactions. In terms of infrastructure we are not lagging behind,” he adds. One example of an enterprise in the region deploying autonomic computing methods is Dubai municipality. It has installed IBM’s Tivoli Enterprise Systems Management solution, which includes Management Framework, NetView, Enterprise Console and Tivoli Decision Support (TDS) modules. The municipality uses these tools to monitor its critical systems, identify the root cause of problems and summon engineers to fix them. “We use autonomic features such as SMS alerting to let engineers know if something goes wrong outside our working hours. This means that we can diagnose a problem and fix it before the next shift starts, which has greatly enhanced the availability of our network operations centre (NOC),” says Abdulla Ali Al Madani, head of Dubai Municipality’s operations & network services section. “We use the technology only to cover our critical applications and if the issue is not resolved after one hour, the systems sends a reminder message,” he adds. The main thrust of autonomic computing is getting to the root of the problem quickly. If the network has a problem then the middleware and application layers above it will also exhibit symptoms. However, it makes more sense to immediately tackle the underlying problem rather than more apparent symptoms. While diagnostics are autonomic computing’s forte and bring greater efficiencies, availability, cost savings and lighter management demands, it can also yield less expected benefits, such as granting the enterprise greater visibility into running costs. Dubai Municipality has been using its Tivoli software to track the utilisation of its WAN circuits. “The system allows us to track WAN circuits and measure them against cost. For example, we could see that a WAN circuit, which costs x amount of dollars was working 94% of the time. So, we can then see that we were paying for 6% of the time when it was not working,” says Mohammed Ismail Ali, team leader of Dubai Municipality’s NOC. The key idea behind autonomic computing and investing in virtualised or consolidated switches is to try to achieve better results by working smarter, rather than cranking up processor power and network bandwidth. As it looks ahead, the Dubai Municipality will focus on process to enhance its existing virtual tools. “Having successfully run our NOC operations for slightly over a year now, we have been taking an inward look to fine tune the underlying processes and the team skills and numbers to gear us up for the forthcoming challenges for enhancements and autonomic computing,” says Indranil Guha, head of Dubai Municipality’s network services unit. That said, tuning the enterprise effectively into autonomic processes requires big changes among employees. For a start, even with reasonably user-friendly tools from vendors, a certain amount of re-training is required. This coupled with the shift in attitudes needed and potential conflicts between departments mean that the path to going virtual is littered with obstacles. “A barrier could be the conflict of interest between different departments, especially within a large enterprises,” says Osamah Hussameddin, business manager, Data Centres, HP. “This makes it difficult to share IT infrastructure. In these cases, the CIO or maybe even the CEO will have to force the cost saving,” he adds. With these inhibiting factors in mind, autonomic computing is still on the horizon for most enterprises rather than a pressing concern. However, with so many giants of the IT world throwing their weight behind the concept, it should not be long before companies in the Middle East can start to realise serious business benefits from more autonomic features in the network. “IBM, Sun and HP have got good aspirations to reduce operational costs by creating as little hands-on technology management as possible but it’s still a vision,” says Larry Velez, programme director, infrastructure strategies, Meta group. “On our trend line, we predict that by 2008 autonomic computing will start to demonstrate value and those companies that have invested strongly in one vendor technology, will be first to benefit and may be able to reduce their IT management staff by half,” he adds. In many senses the data centre is the engine room of the enterprise, powering the movement and storage of data, which the business needs to survive. New technology can make things easier for the data centre but these technologies can be difficult to deploy and require significant investment in time as well as money. The secret to maintaining an efficient and well-oiled engine room is as much to do with proper process and understanding the enterprise as technology but lately advances have made IT managers sit up and take notice. These potential data centre saviours cannot be ignored.||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code