Tuesday, May 29, 2012

Sify To Offer Videomeet Through Partners

To address growing needs of emerging businesses and enterprise for affordable video conferencing solutions, Sify Technologies in partnership with Vidyo has launched videomeet, a video conferencing as a service.


Priced at Rs 2,000 per user per month or Rs 3 per user per hour, the service enables users to initiate high-definition, multi-point video collaboration on multiple devices without dedicated networks. It also eliminates need for a Multipoint Control Unit (MCU) or any other video conferencing device at the premises of the customer, reducing total cost of ownership


The service is network-agnostic, and also supports all operating systems and devices including smart phones and tablets. The company is rolling out two models -- a fixed rate for unlimited videoconferencing access, or a pay-as-you-go service.

Sify will rope in customers in the banking and SMB segments.


“As per Gartner by 2015, more than million workers globally will run corporate-sponsored VC from their desktops. This is a great opportunity. We will also tap partner-led opportunities in other verticals. From September, we will look for customers in the education segment,” said Harsha Ram, DGM, Products, Enterprsie Services, Sify.


He added, “Currently only CXOs are using VC, while frontline executives hardly access the services. Our offering would enable all employees to interact over VC, making companies more agile and nimble.”


Elaborating on pricing, he informed that the prices of personal desktops ranged between Rs 2.5 lakh and Rs 10 lakh. There is zero cost for mobile phones while subscription cost is very competitive. We will also provide gateway to existing Cisco, Polycom users.”


Sify’s GTM strategy will be in two parts -- the enterprise deals, which would be direct deals, and the other would be for the emerging enterprises. The networking partners in 700 cities and its sales executives in 60 cities will sell the offering through partners in tier-2 cities. “60 percent of our sales take place through IT and telecom resellers. Videomeet will be a part of our overall product portfolio,” Ram said.



Sunday, May 27, 2012

Meet the First 2 Cisco Certified Architect (CCAr) – The Highest level Technical Design Certification from Cisco Systems

Meet the First Two Cisco Certified Architects Part 1


Meet the First Two Cisco Certified Architects Part 2





Meet the First Two Cisco Certified Architects Part 3


 
 

MTU Myth Busters

MTU – Maximum Transmission Unit, always not take importance by anyone, until someone hits by its never-seen & unpredictable results that's break communication. That is the same we faced (me and my team) at Leading Service Provider of Pakistan. MTU is normally termed as the maximum amount of information that can be sent in the Packet….but this is not the right thinking. MTU is the Physical layer characteristics, so better to say…its the maximum amount of information (data) can be sent in the Frame (e.g. Ethernet Frame). As per standard frame, maximum amount of Packet size accommodate in Ethernet frame is 1500B. 


But if packet size is more than 1500B due to any reason, than Layer 2 informs Layer 3 to fragment the information as it cannot be fit into Ethernet frame. Initially it was observed that physical Media technology was not as stable & reliable as today, so Internet Architect suggest to prefer fragmentation, as they only have to re-transmit that small part of segment, not the complete information again. But this puts lots & lots of load on Layer 3 device responsible for fragmentation.


What are the reasons, when our normal HTTP or application traffic does not able to communicate? where Did MTU hits? Lets check it out…

Here are some overhead facts to carry Application/Presentation/Session Layer [Normally termed as Data] information,

•TCP Header = 20B
•GRE = 24B
•IPv4 Header = 20B or IPv6 Header = 40B
•MPLS Header = 4B to 16B (Including L3VPN, FRR TE, AToM Control Word)
•Ethernet Header = 14B
•VLAN/Trunk = 4B & Q-in-Q = 8B

Here are some examples where the end to end communication breaks for certain customers/applications, while all other service work well.

When everything goes well,






Consider the network with default config i.e. MTU 1500 for most of the FastEthernet interfaces (now a day’s Gig Ethernet interface have Jumbo enable by default for some vendors).


If any PC behind Router A want to send the Data and configured MTU at interfaces is 1500 than maximum data coming from A/P/S layers should be calculated based on following,

Data = 1500 – 20 (TCP) – 20 (IPv4) – 14 (Ethernet) = 1446B

This 1446B is usually considered as safe payload from Customer devices to pass all the application data w/o dropping somewhere in between Source & Destination. So if customer set MTU of its CE WAN interface than usually its CE router will do the fragmentation (if required) and usually the traffic will not drop in the transit. There are ways that Service Provider can set DF (Don't Fragment) bit on the incoming customer traffic, so that their Core routers will not be overloaded with Fragmentation process.

But there are scenarios, where the traffic with 1446B can be drop. Lets discuss those,


1) If Service Provider support MTU of 1500B and use VLAN trunk on any intermediate node connectivity:






In this scenario Router B & C are connected over the Ethernet Trunk Link, means there comes another 4B of VLAN TAG overhead. Now if the same 1446B of traffic come in from Customer router A, than it cannot pass over B-C link. Here is the calculation,



1446 (Data) + 20 (TCP) + 20 (IPv4) + 14 (Ethernet) + 4B (VLAN TAG) = 1504B (Required MTU)


If customer application mark the DF bit in Application or SP marked the same for informing customer traffic than Router B will not do the Fragmentation and traffic will be dropped. To resolve this issue, B-C link should support atleast 1504B.

Let’s discuss another scenario as an example:

2) If Service Provider support MPLS along with VLAN tagging.

 
In this scenario Service Provider network B-C-D support MTU of 1504B. Router C & D are connected over the Ethernet Trunk Link and also running MPLS, means there comes 4B of VLAN TAG overhead and 4B of MPLS Label overhead. Now if the same 1446B of traffic come in from Customer router A, than it can pass over B-C link, but not over C-D link. Here is the calculation,


1446 (Data) + 20 (TCP) + 20 (IPv4) + 4 (MPLS Label) + 14 (Ethernet) + 4B (VLAN TAG) = 1508B (Required MTU)

Similarly, if customer application mark the DF bit in Application or SP marked the same for informing customer traffic than Router C will not do the Fragmentation and traffic will be dropped. To resolve this issue, C-D link should support atleast 1508B.


 
 
 
 
The case is worse when Service Provider run MPLS Traffic Engineering and Customer traffic is carried over VPN, this will add additional overhead up to 12B, if Q-in-Q supported than additional 4B, if IPv6 is the transport protocol than IP header overhead will increased to 40B, instead of 20B of IPv4 header. Further if customer is using GRE tunneling than 24B of GRE overhead will be added.


So in the Nut Shell, its Service Provider responsibility to support the maximum MTU that can accommodate all sort of customer services including its own like MPLS etc. To the safe side if service provider enables Jumbo MTU (9192B) in its Access & Core network than almost all possible services can run w/o issue.


Vendors & MTU:

Now look at the MTU in the perspective of Vendors (Cisco, Juniper and Windows/Linux Machine). Cisco & Juniper implementation of MTU is bit different and specially when we try to verify the supported MTU using PING.


Juniper Implementation:


Lets discuss here MTU at Gigabit Ethernet Interface (Other interface have different default/maximum MTU – Check here). By default Physical Interface MTU is 1514 and if we configure Physical MTU other than the default value than underlying protocols will inherit the MTU from physical interface. We can also configure different MTU value on Protocol level as compared to the inherited one – The one reason to do that is to match the MTU on the remote device specially in case of OSPF neighborship, which cannot be established until both end IP MTU is same. The Protocol MTU cannot be more Physical MTU and its important to maintain the protocol header difference between IP & Layer 2, else Juniper will not allowed configuration commit. Here is the example from my M320 router, showing Physical Interface MTU 9100 (configured) and IP protocol MTU is drive from it (9100-18 = 9082B). Since it’s also configured with VLAN TAG 4B overhead will be added over 14B Layer 2 overhead, that's why we deduct 18 from physical interface MTU to get IP MTU.

falikhan@sydlab@M320-m2-re0> show interfaces ge-0/0/1


Physical interface: ge-0/0/1, Enabled, Physical link is Up
Link-level type: Ethernet, MTU: 9100, Speed: 1000mbps, MAC-REWRITE Error: None, Loopback:
Logical interface ge-0/0/1.621 (Index 95) (SNMP ifIndex 531)
Flags: SNMP-Traps 0×4000 VLAN-Tag [ 0x8100.621 ] Encapsulation: ENET2
Protocol inet, MTU: 9082
Protocol inet6, MTU: 9082
Protocol mpls, MTU: 9070

If interface also configured with MPLS address family than 12B (3 labels) overhead will be added.

When we PING from Juniper CLI, of size 1000B, it means, 1000B is ICMP payload, which will be encapsulated in ICMP header of 8B, which will be encapsulated in 20B IPv4 header and finally in 14+4B Layer 2 Ethernet frame overhead. So actually Bytes on wire will be 1000+8+20+14+4=1046B.

Now if we need to test that how much maximum size PING we can send to remote host via interface ge-0/0/1 (over IP network – No MPLS)? So the answer is 9082 (IP MTU) – 20 (IP Header) – 8 (ICMP header)= 9054B. Let’s test it,


falikhan@sydlab@M320-m3-re0> ping 10.250.22.1 logical-system SD31 source 10.250.23.1 size 9054 do-not-fragment

PING 10.250.22.1 (10.250.22.1): 9054 data bytes

9062 bytes from 10.250.22.1: icmp_seq=0 ttl=64 time=8.923 ms
9062 bytes from 10.250.22.1: icmp_seq=1 ttl=64 time=8.888 ms

^C

— 10.250.22.1 ping statistics —

2 packets transmitted, 2 packets received, 0% packet loss

round-trip min/avg/max/stddev = 8.888/8.905/8.923/0.017 ms

Note: I have configured Logical Router on M320 to simulate the multiple routers network.


falikhan@sydlab@M320-m3-re0> ping 10.250.22.1 logical-system SD31 source 10.250.23.1 size 9055 do-not-fragment

PING 10.250.22.1 (10.250.22.1): 9055 data bytes

ping: sendto: Message too long
ping: sendto: Message too long

^C

— 10.250.22.1 ping statistics —

2 packets transmitted, 0 packets received, 100% packet loss

This test shows that when Juniper router tries to PING using ICMP payload of 9055, it need IP MTU to support atleast 9083. But since currently supported IP MTU on interface is 9082, the maximum IP packet that can pass through this interface (w/o fragmentation) is 9054.

Just to clarify, by default for IPv4 traffic Router perform fragmentation i.e. if I remove do-not-fragment knob from PING, it can let it 9055 or higher payload ICMP packet over the same interface.

falikhan@sydlab@M320-m3-re0> ping 10.250.22.1 logical-system SD31 source 10.250.23.1 size 9055

PING 10.250.22.1 (10.250.22.1): 9055 data bytes

9063 bytes from 10.250.22.1: icmp_seq=0 ttl=64 time=9.685 ms

^C

— 10.250.22.1 ping statistics —

1 packets transmitted, 1 packets received, 0% packet loss

round-trip min/avg/max/stddev = 9.685/9.685/9.685/0.000 ms

falikhan@sydlab@M320-m3-re0> ping 10.250.22.1 logical-system SD31 source 10.250.23.1 size 1000

PING 10.250.22.1 (10.250.22.1): 1000 data bytes

1008 bytes from 10.250.22.1: icmp_seq=0 ttl=64 time=1.569 ms
1008 bytes from 10.250.22.1: icmp_seq=1 ttl=64 time=1.552 ms

^C

— 10.250.22.1 ping statistics —
2 packets transmitted, 2 packets received, 0% packet loss

round-trip min/avg/max/stddev = 1.552/1.560/1.569/0.008 ms

falikhan@sydlab@M320-m3-re0> ping 10.250.22.1 logical-system SD31 source 10.250.23.1 size 6000

PING 10.250.22.1 (10.250.22.1): 6000 data bytes

6008 bytes from 10.250.22.1: icmp_seq=0 ttl=64 time=6.179 ms
6008 bytes from 10.250.22.1: icmp_seq=1 ttl=64 time=6.173 ms

^C

— 10.250.22.1 ping statistics —
2 packets transmitted, 2 packets received, 0% packet loss

round-trip min/avg/max/stddev = 6.173/6.176/6.179/0.003 ms


Cisco Implementation:

Cisco implementation is bit different from Juniper. There you can specify the MTU on different families and if IP MTU is larger than physical interface MTU, it will not give you error like Juniper. But if only Physical interface MTU is define, underlying protocol will inherit MTU settings from physical interface. Another difference need to understand that when we do the “show interface” command on Cisco CLI, it will show only Physical interface MTU, to check IP MTU on the same interface, we need to run “show ip interface” command.


Here is the example from my Cisco router, showing Physical Interface MTU 1500 (default) and IP protocol MTU is configured as 1300B (1500 by default).



Router(config)# interface f0/0
Router(config-if)# ip mtu 1300


Router# show interface f0/0

FastEthernet0/0 is up, line protocol is up
Hardware is Gt96k FE, address is c200.5867.0000 (bia c200.5867.0000)
Internet address is 10.0.0.1/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255


Router# show ip interface f0/0

FastEthernet0/0 is up, line protocol is up
Internet address is 10.0.0.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1300 bytes

When we PING from Cisco CLI, of size 1000B, it means,

This 1000B consist of ICMP payload, ICMP Header (8B) and IP Header (20B), which will be encapsulated in 14B Layer 2 Ethernet frame overhead. So actually Bytes on wire will be 1000+14=1014B. But important point to mention here is that actual Payload transferred is actually 1000B – 8B (ICMP) – 20B (IP) = 972B only. NOTE: if we testing some customer application/service via IXIA or other testing tool (not via PING) than we need to consider ICMP & IP payload along with the DATA payload.

Now if we need to test that how much maximum size PING we can send to remote host via interface f0/0 (over IP network – No MPLS)? So the answer is pretty simple, packet size equals to the configured IP MTU value = 1300B, because it contains all the overheads of IP & ICMP. Let’s test it,


Router#ping 10.0.0.100 size 1001 df-bit

Type escape sequence to abort.

Sending 5, 1001-byte ICMP Echos to 10.0.0.100, timeout is 2 seconds:


Packet sent with the DF bit set
.…

Success rate is 0 percent (0/3)


Router#ping 10.0.0.100 size 1000 df-bit

Type escape sequence to abort.

Sending 5, 1000-byte ICMP Echos to 10.0.0.100, timeout is 2 seconds:

Packet sent with the DF bit set

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 9/18/39 ms


Router#





Saturday, May 26, 2012

Juniper Networks More Than Doubles the Capacity of the Network Core With New Upgrades for T Series Routers


 
Next Generation Multi-Chassis Support for T4000 and T1600 Routers Delivers Unmatched System Scalability and Superior Investment Protection

 

 
Juniper Networks (NYSE: JNPR), the industry leader in network innovation, today announced a new capacity upgrade to the TXP multi-chassis routing system for all existing Juniper Networks® T4000 and T1600 core routers. Multi-chassis systems continue to be a critical technology for service providers to scale their network infrastructure while ensuring operational continuity and optimizing capital expenditures. The new TXP system more than doubles the capacity of the previous generation and delivers customers greater scalability and investment protection by extending the lifespan and performance of their network infrastructures built on T Series Core Routers. This capacity upgrade is done in-service and provides service providers with the financial and operational flexibility to expand network capacity where it is needed to support the growing bandwidth requirements driven by immense online video, social media and ever expanding cloud services and content.

 
News Highlights


The rising adoption of always connected devices and rich media applications worldwide places tremendous demands on service provider infrastructures, causing network and equipment scaling requirements to grow rapidly. To address these challenges in an economical and operationally sustainable manner, service, content and application providers alike require solutions with unprecedented financial and operational flexibility and scale.

 

 
Juniper Networks T Series IP/MPLS multi-service core routers provide the leading features and multi-terabit scale that service providers need to handle massive growth in core bandwidth requirements. The field-proven in-service upgradability provides customers guaranteed access to future T Series platform innovation, resulting in unmatched investment protection.

With the introduction of the T Series in 2002, Juniper pioneered the "modern" IP core router and redefined the market with its innovative architecture that has allowed our customers to flexibly and economically grow their network by taking advantage of the unique in-service upgrade capabilities that were engineered into the platform from the start. Since the first shipment in 2002, well over 7,000 T Series routers have been deployed in the top 200 networks worldwide allowing billions of users to enjoy the services offered by their service provider every day.

 

  
The TXP multi-chassis routing system supports the following key functionality:

 
  • Up to 4X T4000 and 8X T1600 system capacity  
  • Up to 22 Terabits per second (Tbps) of capacity
  • Future capacity expandable up to 64 Tbps

 
 Simplified pay-as-you grow installation and expansion with standards-based cabling and pluggable optics

 

 Juniper's scalable and flexible multi-service core architecture with carrier-grade reliability and guaranteed high-performance can efficiently deliver a wide breadth of revenue-generating services while minimizing both capital and operational expenditures, ensuring customers can achieve:

 
  • Continued scaling of existing multi-service core with a proven platform that is future ready
  •  Investment protection for current T Series customer base
  •  Operational simplicity with the flexibility to grow seamlessly
  •  In-service upgrade to provide continuity and no user interruption
 
The upgrade for the TXP multi-chassis system will be available for shipment in the fourth quarter 2012.

 

 Supporting Quotes

 

China Mobile Communications Corporation (CMCC)

 
"Juniper has been an excellent partner in helping us as we grow and evolve our network to meet increasing customer demands and the expanded capabilities of the TXP Multi-chassis system are a promising way to help us continue to expand our existing infrastructure."

 
-- Jianming Zhou while visiting Juniper in his capacity as General Manager of the Technical Department at China Mobile Communications Company (CMCC).

 

 
Juniper Networks

 
"Service providers are dependent on the infrastructure they build to deliver profitable services, but they must also be nimble and flexible to scale these services. Investment protection, operational continuity and future-ready scalability are critical components in infrastructure purchasing decisions. Expanding the capabilities of Juniper's TXP multi-chassis system, which is deployed in numerous networks worldwide, is clearly aligned with this strategy."

 
-- Daniel Hua, senior vice president and general manager, Core Business Unit, Juniper Networks

 

Infonetics Research

 
"In order to scale their networks today, large service providers use the multi-chassis capabilities of their core routers, as scaling requirements continue to grow. Juniper's expansion of the TXP multi-chassis system will help operators meet their growth challenges due to the TXP's flexible scaling, operational continuity, and investment protection -- three components of any service provider's expansion strategy. This latest generation TXP features the innovation in the multi-chassis interconnect of off-the-shelf pluggable optics and industry-standard cabling to nicely reduce the cost and operational complexity of deploying and managing multi-chassis systems."

 
-- Michael Howard, principal analyst, Infonetics Research

 

Network News: Juniper, Brocade, Ciena


Juniper

Juniper Networks (JNPR) announced a new capacity upgrade to the TXP multi-chassis routing system for all existing Juniper Networks T4000 and T1600 core routers. The new TXP system more than doubles the capacity of the previous generation and delivers customers greater scalability and investment protection by extending the lifespan and performance of their network infrastructures built on T Series Core Routers. The TXP multi-chassis routing system supports up to 22 Terabits per second (Tbps) of capacity with future scalability up to 64 Tbps. The upgrade for the TXP multi-chassis system will be available for shipment in the fourth quarter 2012.”Service providers are dependent on the infrastructure they build to deliver profitable services, but they must also be nimble and flexible to scale these services, said Daniel Hua, senior vice president and general manager, Core Business Unit at Juniper. “Investment protection, operational continuity and future-ready scalability are critical components in infrastructure purchasing decisions. Expanding the capabilities of Juniper’s TXP multi-chassis system, which is deployed in numerous networks worldwide, is clearly aligned with this strategy.”


Brocade
 
Brocade (BRCD) announced it has outlined its strategy for software-defined networking (SDN). In support of this strategy, Brocade also announced that it has integrated hardware based OpenFlow support in the Brocade MLX Series of routers and related Brocade NetIron platforms, enabling customers to deploy SDN at wire-speed 100 Gigabit Ethernet (GbE) performance. The company’s SDN strategy includes resilient and auto-forming Ethernet fabrics, network virtualization, delivering OpenFlow in hybrid mode, open API’s, and a cloud management and orchestration interface. ”Software-defined networking is a networking paradigm to transition wide-area data networking from a pure transport business to a model that allows providers to optimize traffic flows based on a centralized, customizable control plane by utilizing technologies such as OpenFlow. This will enable service providers to offer cloud applications with on-demand end-to-end SLAs and innovative service offerings,” said Nathan Raciborski, co-founder and CTO, Limelight Networks. “We are working closely with Brocade and other SDN technology leaders to innovate and deliver rich cloud based content services to our customers.”



Ciena

Ciena unveils intelligent control plane software. Ciena (CIEN) unveiled OneConnect Intelligent Control Plane, its next generation control plane software. OneConnect introduces a new level of programmability and advanced virtualization features for the Wide Area Network (WAN) as well as enables rich policy-based control more extensively across the network. The OneConnect software will be available on Ciena’s multi-layer 6500 Packet-Optical Transport platform. OneConnect supports ASON and GMPLS industry standards, allows rich policy-based programming, provides virtualized Optical-VPN services, has latency-aware routing capabilities and can simultaneously run SONET/SDH and OTN control plane capabilities. “Ciena’s intelligent control plane software acts as the brain of the network by allowing service providers to fine tune their networks to be more intelligent and to quickly respond to changing network demands – without manual intervention,” said Steve Alexander, senior vice president and chief technology officer at Ciena. ”OneConnect is the result of Ciena’s 12 years of success in optical control plane design and innovation. With today’s announcement, we are extending that leadership across the entire network and also giving our customers new revenue streams through latency-based routing and Optical VPNs for new and yet to be discovered virtual, dynamic service offerings.” Ciena also announced that Indiana Fiber Network (IFN) will deploy Ciena’s 5430 Packet-Optical Reconfigurable Switching System (RSS) and OneConnect intelligent control pane software to expand the capacity and service flexibility of its backbone network.




R.I.P. Cisco Cius--Another Tablet Bites the Dust

Cisco is pulling the plug on its Cius tablet. Despite the fact that the Cius never really went head to head with more consumer-centric tablets, the Cisco device is nevertheless the latest victim of the iPad’s dominance.

The tablet market seems to finally be evolving into an actual tablet market rather than a strictly iPad market with a bunch of wannabe also-rans. The current crop of tablets from Samsung, Toshiba, and Asus offer compelling features at a reasonable cost. However, the Cius is following in the footsteps of the HP TouchPad and won’t be sticking around to join the fray.

You might be saying to yourself, “Cisco had a tablet?” If so, you’re forgiven. Aside from the initial unveiling and hoopla when Cisco announced the Cius, it hasn’t really been in the spotlight. That’s because Cisco only offered it to enterprise customers through partner channels. You couldn’t just pick one up at Best Buy.

Even if you could, the $750 price tag would probably convince you to just buy an iPad, or consider any of the many Android tablet alternatives that offer more features and performance for a fraction of the cost. As a tablet, the Cius is a relatively capable--yet unremarkable--7-inch Android device.

So, if the Cius isn’t even offered through consumer retail channels, and wasn’t positioned to compete with the Apple iPad, why did it ultimately lose to the iPad? BYOD.

A Cisco research study revealed that 95 percent of the organizations surveyed allow some form of BYOD (Bring Your Own Device), and that more than a third (36 percent) fully embrace the BYOD concept by providing full IT support for employee-owned devices. Basically, if nearly all companies allow users to bring their own iPad to work there’s no longer a market for an over-priced enterprise-centric tablet.

Explaining the decision to discontinue the Cius, Cisco’s OJ Winge stated in a blog post, “These stats underscore a major shift in the way people are working, in the office, at home and on-the-go, a shift that will continue to gain momentum.”

Winge adds, “Based on these market transitions, Cisco will no longer invest in the Cisco Cius tablet form factor, and no further enhancements will be made to the current Cius endpoint beyond what’s available today.”

Even if BYOD weren’t a factor, the cost of a Cius would be hard for IT to justify. Cisco has a solid reputation and is trusted as a provider of enterprise infrastructure, but if a business can buy a 7-inch Samsung Galaxy Tab 2 for $250, why would it spend three times that amount for a Cius?

Rather than competing in the tablet market, Cisco will focus on meeting the software needs of tablet users across all platforms with tools like Jabber and WebEx.

Cisco Takes Its Lumps, Keeps Developing Video Meeting Tools

Courtesy - IDG News

Cisco Systems owned up to some miscalculations in its video collaboration strategy but showed off some promising future capabilities in a briefing with media this week.

The company's video meeting business is best known for its TelePresence Meeting Systems, especially the high-profile three-screen meeting rooms that include Cisco-designed furniture and cost hundreds of thousands of dollars. But Cisco is now looking beyond those swanky environments toward mobile devices that can bring video meetings to participants wherever they are.

One platform intended as part of that strategy, the company's Android-based Cius tablet, has been cut from future development plans, said Barry O'Sullivan, senior vice president and general manager of the Collaboration Technology Group, during the briefing at Cisco on Thursday afternoon. Cisco discussed the move in a blog post later on Thursday. The Cius will still be available for companies that specifically want a device issued and tightly controlled by the IT department, but Cisco won't be developing more form factors for the platform, O'Sullivan said.

Cisco now acknowledges most enterprises let employees bring their own tablets to work, citing its own survey that said 95 percent of companies have a BYOD (bring your own device) policy.

"When we talk to them about the Cius tablet, they say, we love the collaboration experience on Cius, but can you please take that software and put it on other devices?" O'Sullivan said.

"Our strategy for the future is all about software," O'Sullivan said.

The next chapter in that push is a new client for Jabber, Cisco's voice, video, instant-messaging and presence platform, coming this summer. Jabber clients are already available for Apple iOS and for Research In Motion's BlackBerry platform, as well as Windows PCs, and will soon come out for general Android tablets, he said.

The new Jabber client will allow users to take video calls on PCs, tablets and Cisco TelePresence systems and transfer the calls from one platform to another. Cisco APIs (application programming interfaces) allow Jabber functions to be integrated into Microsoft Outlook so users can find contacts and start Jabber calls from Outlook, and this integration will be expanded in the new versions.

At the briefing, Cisco demonstrated Jabber sessions being moved among different platforms. It also showed users of third-party videoconferencing systems, including Microsoft Lync and a Polycom HDX system, becoming full participants in a Cisco TelePresence meeting. Cisco's inclusion of industry standards including SIP (Session Initiation Protocol), H.323 and H.264 make this possible, the company said.

The full-scale TelePresence platform is still marching forward despite the new emphasis on bringing in diverse clients. And real-time translation of telepresence meetings is back on Cisco's roadmap.

In late 2008, Cisco video chief Marthin De Beer said that he expected that feature to go on sale with 20 languages in the second half of 2009. But a year later, Cisco said the system's accuracy wasn't high enough and the company didn't even have a forecast for when it would go on sale.

Cisco is still working on it, said De Beer, now senior vice president of Cisco's Video and Collaboration Group.

"It's coming along. It's not quite real-time yet," De Beer said. "It's a little bit too expensive still to do that and the technology's not ... perfected enough." But De Beer once again expects the feature to be commercially available within a year or two. Cisco does offer translation of a recorded meeting within a few minutes, he said.

The Cisco TelePresence systems already installed in enterprises are being used about six hours per day on average, De Beer said. But new mobile video options may be hurting another business Cisco once promoted as a big potential market, of videoconferencing suites for rent in hotels and airports, he said.

"It is being used. It has not gone pervasive, it has not gone big," De Beer said. "We've sold probably hundreds of units in that space." The Marriott hotel chain has set up suites in multiple of its locations, he said. But the rentals, which in some cases were priced at hundreds of dollars per hour, may not be necessary down the road.

"Now that video becomes pervasive on your iPad, on your smartphone and your PC, maybe that use case will actually diminish," De Beer said.

Thursday, May 24, 2012

Juniper Touts New Kit To Meet Mobile Challenge

Juniper’s new switches help ease admin burden of integrating smartphones into corporate network


Juniper Networks has launches a new range of switches and security software to help ease the problem posed when staff access the corporate network with a growing number of smartphones and tablets.

Juniper’s new offerings – including three new Ethernet switches, a new wireless LAN controller and new mobile security software for Apple iOS- and Google Android-based devices – are being offered under the vendor’s “Simply Connected” networking umbrella.


Admin Burden

The products are designed to make it easier for enterprise IT administrators to deal with the influx of mobile devices being brought into work by employees looking to access the applications and data on the corporate network. The days of IT administrators giving employees business-issued mobile devices to access the network is over, according to Dhritiman Dasgupta, director of product marketing for Juniper’s data center and LAN team.

“Today, you can’t do that anymore,” Dasgupta said in an interview with eWEEK.

In a trend dubbed BYOD – or bring your own device – employees are now coming to work with their personal smartphones and tablets looking to get access to the network, causing a lot of management and security headaches for IT staffs. The trend is putting tremendous pressure on enterprise IT staffs to find a way to enable wider access while keeping the network secure and manageable. That pressure is only increasing as C-level executives also want to use their iPads and smartphones, Dasgupta said.



Other network vendors, including Cisco Systems and Hewlett-Packard, also are working to provide enterprises with the tools needed to address the BYOD trend. For example, Cisco offers its Identity Service Engine for both wired and wireless networks to enable businesses to track “visitors” to their corporate networks. HP enables both wired and wireless access through its Mobile Access Solution products.

New Switches

Included in the Simply Connected portfolio, which was introduced 28 September, are three new Ethernet switches. Two of the switches – the EX3300 and the EX2200-C – are available immediately. The EX3300 is a compact and scalable offering for converged networking environments. It offers 24 and 48 10/100/1000-T access ports, and supports the 802.2 Power Over Ethernet+ (PoE+) standard. The switches also utilise Juniper’s Virtual Chassis offering, enabling enterprises to manage up to six of the switches as though they were a single switch.


The EX2200-C Ethernet switch, which is aimed at smaller environments – micro branches, conference rooms and classrooms – is a compact switch.

The third switch, the EX6200 switch, which has 10 slots for Switch Fabric Route Engine modules and I/O line cards, will ship in the fourth quarter.


Security Software

In addition, Juniper is offering the WLC880 Wireless LAN controller, aimed at mainstream wireless deployments in midsize and large sites. It supports up to 256 access points and brings new software capabilities, including Juniper’s Networks Spectrum Management. It supports 802.11n access points.


Juniper also is rolling out the Junos Pulse Mobile Security Suite, which offers an integrated and centrally managed solution that addresses security around network access, anti-malware, anti-theft and remote management for a wide range of mobile devices.


The software enables enterprises to manage Apple iPhones, iPads and iPod Touches, including remote locking and wiping lost or stolen devices; setting and enforcing security and pass-code policies; provisioning VPN and WiFi settings; and inventorying device applications. It also enables them to provision and remove Microsoft Exchange profiles and restrict specific apps for iOS devices.


There also is full Layer 3 Secure Sockets Layer (SSL) VPN, automatic app revocation and malware removal for certain smartphones and tablets running Google’s Android mobile OS.

“Each of these products work well,” Dasgupta said. “When they’re put together, they can do fabulous things.”

He said Juniper is utilising a number of advantages it has over its larger rivals – in particular, Cisco and HP – including the common Junos operating system and partnerships with the likes of Dell and IBM.


Juniper Video Conferencing Push With Vidyo Funding

Networking vendor Juniper is moving into video conferencing after investing in video startup Vidyo
Juniper Networks is to add video capabilities to its networking portfolio after making a funding investment in video conferencing company Vidyo.

Vidyo officials announced 22 May that Juniper, through its Junos Innovation Fund, was investing in the company, and that the plan is to integrate Vidyo’s video collaboration technology with Juniper’s product lineup.

Funding Deal

Juniper’s investment was announced as part of Vidyo’s Series D round of funding, though company officials did not say how much Juniper is investing.

Vidyo over the past few years has raised $97 million (£61m), and officials said in September that the company had raised $22.5 million (£14.2m) as part of its Series D round.


Cisco Systems and Polycom are the top vendors in a video conferencing market that analysts expect will continue to grow as businesses look for ways to improve employee productivity, enhance collaboration with workers, partners and customers, and reduce operating expenses, including travel costs. The increased mobility of the workforce is also driving the need for greater video capabilities across multiple devices, including laptops, smartphones and tablets. Analysts with market research firm IDC are predicting that the worldwide enterprise video conferencing market, which hit $2.7 billion (£1.7bn) last year, will grow to $3.2 billion (£2bn) in 2012.

The market also has become increasingly competitive, with Cisco and Polycom being pressed by smaller rivals looking to offer more cost-effective alternatives that provide the same performance capabilities.



In addition, networking and unified communications (UC) vendors also are looking to add video capabilities to their product lineups, either through in-house development, partnerships or acquisitions. For example, Avaya in March announced plans to buy Radvision, a video conferencing company that had fallen on hard times since partner Cisco bought rival Tandberg for $3.3 billion (£2bn) in 2010.


Alcatel-Lucent in July 2011 rolled out its own offering, the Visual Collaboration suite, a combination of home-grown technology and partnerships.


Juniper itself in 2010 announced a partnership with Polycom, but little appeared to come out of that alliance. Now, the networking company is turning to Vidyo.


Video Trend

“As the use of video in the enterprise and on end devices continues to expand, our customers are seeking new ways to improve video delivery,” Jeff Lipton, vice president of venture and strategic investments at Juniper, said in a statement. “Vidyo is an emerging player that is driving innovation in software-based video conferencing, and we believe its leading technology will improve the experience and economics of video communications alongside advances in networking technologies.”


Vidyo has seen significant growth over the past year. The 225-employee company in April announced 82 percent growth in billings over the previous year, which came at a time when both Cisco and Polycom saw disappointing first-quarter numbers for their video collaboration businesses. Vidyo officials said the company has more than 1,850 customers, not only in the enterprise, but also in health care, education and government.


The company offers a software-based solution that includes the VidyoRouter platform that brings video conferencing to multiple devices, including smartphones, tablets, PCs and telepresence systems. Vidyo introduced a virtualized version of VidyoRouter in March. Last year, the company unveiled Vidyo Panorama, which officials said brings high-quality video conferencing at a much lower cost than room-based systems from Cisco and Polycom.


“Juniper Networks’ strategic investment in Vidyo is a solid endorsement of our vision and a recognition of how rapidly the video conferencing market is expected to grow in the near future,” Vidyo founder and CEO Ofer Shapiro said in a statement. “We see Juniper as a kindred spirit, itself a pioneer in its industry, having revolutionised networking for over 16 years.”

Thursday, May 3, 2012

Juniper Delivers With Simply Connected Portfolio

Big vendors like Cisco, HP, IBM and Juniper are big on creating big programs that do big things. The problem? The programs are often long on vision and short on details because the purpose isn’t to define product roadmaps, but to state direction.



Juniper, however, has great vision and follow-through. Juniper's Simply Connected program, which debuted in October, aims to simplify access anywhere and anytime. New additions extend the company’s management framework into more devices and better access controls. That's great news if you’re a Juniper shop, but does little for you if you aren't.


Juniper’s Simply Connected portfolio allows enterprises to uniformly apply a user or device policy to any device anywhere, and at any time. Having a uniform policy lays the foundation of a consistent user experience while letting IT set adequate controls on IT assets or user-owned devices. Juniper is extending its security portfolio down into entry-level products like the SRX 110 appliance, which supports all the UTM features of its larger SRX brethren but is aimed at small-office locations. Juniper also announced two entry-level access points, the WLA 322 and WLA 321, which support the same access control features as Juniper’s higher-end APs.


Juniper is adding user- and role-based access policies on the wireless access points, the SRX and its AppSecure application firewall. While address-based policies work well in a server environment where hosts are known ahead of time or many users are accessing a common server, controlling user access requires discovering and communicating user and role information to policy decision points so the correct policy is applied wherever a user connects.


AppSecure, which runs on SRX appliances, controls access to web applications based on user or role. Web applications are sophisticated and modular in nature: While Facebook is a web application, it also has thousands of other applications that run and interact with the user. AppSecure can control what users can do within web applications such as Facebook, enterprise web-based applications, or communications software like Skype and IM.


Juniper is also enhancing its mobile client Junos Pulse, with the ability to monitor and control applications on mobile devices such as Apple's iOS and Android. The iOS Pulse client had posture checking and that same capability is on Android. Like its desktop host checking tool, Juniper's SRX, UAC and other equipment can use the posture check to determine access rights. The Pulse client communicates with the SRX appliances, EX switches and wireless access points using Juniper UAC Enforcement Protocol . Junos Pulse uses the same user-based policy management, allowing IT to enforce policies that target groups, rather than taking a one-size-fits-all approach.


Juniper isn’t alone in trying to unify user access policies across devices, access methods and locations. Cisco's TrustSec offers a similar promise to unify security policies and features across its campus, data, remote-office and mobile product lines. Like most programs, these overarching policy management products tend to support a limited set of products.


Standards like the Trusted Computing Group’s Trusted Network Connect, some of which is co-developed in the IETF Network Endpoint Assessment working group, would help foster a broader set of vendor products, if only more vendors would adopt the standard or get involved with the process. If you want unified access policies across numerous vendor products, you're generally out of luck.