IT's biggest hitters are fighting for supremacy in the switch and router market.
Enterprises now depend on their networks and the systems that drive them more absolutely than ever, demanding the level of availability and QOS (Quality of Service) formerly found only in carrier voice services.
Increasingly, enterprise IP networks carry voice anyway but on top of that they have to support multiple services at ever higher speeds reaching 10Gbps today, increasing to 40Gbps - and then 100Gbps - over the next few years. As a result, the switches and routers providing the fabric of enterprise networks are caught in a spiral of increasing data throughput, reliability, scalability and complexity. There is also a trend towards switching at the level of applications or content rather than just IP packets, in order to improve security, manage traffic better, and provide differentiated levels of service.
Vendors agree broadly over how to meet these challenges, largely through greater levels of integration both within and between individual boxes, but differ over how to achieve these goals depending on their history, along with the capabilities and breadth of their product ranges.
The leading players, notably Cisco but also increasingly Hewlett-Packard ProCurve, Juniper networks, and Huawei Telecom, aim to provide the whole enterprise network, arguing that enables costs to be cut, with greatest efficiency, more effective support for multiple services, and superior integration.
On the other hand smaller players with strong products but only partial coverage of the whole internetworking spectrum, such as Foundry Networks, Extreme Networks, and Force 10, also agree that enterprise customers increasingly want single points of contact for resolving problems. Therefore they have been forging alliances to assemble complete packages that go beyond just the networking, hoping to compete with Cisco that way. Foundry, for example, assembled some impressive names for its Ironpowered Technology Alliance Programme announced in February 2008, designed to deliver end-to-end switching and routing integrated with applications. Programme partners include Microsoft, Oracle, SAP, and Symantec; so Foundry hopes the programme will provide a leg up into enterprises that would otherwise have dismissed its switches as point solutions.
A key point though is that many enterprises (certainly larger ones) do not directly choose their routers and switches themselves, as was noted by Tony Haigh, associate director at the IT and telecoms consultancy Mason Communications. "In the enterprise router area a lot of services are provided by carriers, who own the edge routers themselves," he says.
Therefore router vendors have to woo service providers, in many cases even when selling into enterprises. This might appear to favour Juniper in its bid to enter the enterprise arena with its recently-launched EX range of switches, as the company has a strong presence already in the carrier arena. Haigh believes, however, that Cisco would still have the edge in the enterprise market, whoever actually chooses the products, because of its ability to supply the complete suite of internetworking products, along with its global presence and support strength. "The Cisco reseller network will be hard to replicate," Haigh notes.
Even so, Juniper Networks hopes to repeat in the enterprise switching market the success it had early this decade in the carrier routing field, where it posed a serious challenge to Cisco. Cisco's enterprise switch sales are 14 times greater than its nearest rival HP ProCurve by revenue, and Juniper wants to make a more significant inroad by exploiting its carrier credentials, and in particular, the investment already made in its Junos operating system, enabling features to be rolled out across the whole product range via a single software release.
"The Junos operating system has been deployed in carrier networks for 12 years and delivers greater reliability than others," says Juniper's Trevor Dearing, solutions manager for EMEA. "The integrated security features for the first time provide best in class security embedded into infrastructure products. Customers have had very little choice for the past few years and now they have."
Cisco also has an operating system spanning its products, IOS, but has faced a continual challenge to maintain compatibility across its range with the need to innovate and match smaller, nimbler rivals attacking specific niches. Juniper believes Cisco has slipped-up in dealing with this challenge in the case of the Nexus 7000 data centre switch, launched in January 2008. This switch unites fibre channel SAN (storage area networking) and Ethernet switching within one platform, with the ability to centrally manage storage and server virtualisation from a single point.
Cisco decided that this new level of functionality and integration requires a brand new operating system to support it. Called NX-OS, this is to some extent a fusion between IOS spanning Cisco's routers and Ethernet switches, and SAN-OS serving fibre channel switches. However, it has led Jupiter to extol the virtues of having all its products running under Junos, and does appear to weaken Cisco's argument of end-to-end harmony. It could be argued that Nexus is not much more compatible with other Cisco products than a switch from Juniper, Foundry, or Extreme.
Conversely, the NX-OS operating system may have given Cisco the edge when it comes to virtualisation. Juniper has introduced 'virtual chassis' technology, both for its EX switches and carrier class T series routers, enabling performance and control functions to be scaled independently. A reasonable question would be how this differs from a conventional stackable system. Juniper's answer is that it combines the 'pay-as-you-go' economics, small footprint, and low power/cooling of stackables with the high availability and speed of chassis-based platforms.
Cisco on the other hand achieves virtualisation within individual switches via its VDC (virtual device contexts) technology. This allows virtual switches to be created within a single system, each with its own dedicated software and hardware, with separate management along with isolation of traffic and faults. In essence, Cisco is replicating in a switch the kind of virtualisation capability found in large servers. In the case of the Nexus 7000 switch, VDC allows up to 250 processes to run simultaneously.
New generation: CISCO ASR
Needless to say, Cisco also emphasised the virtualisation support within its ASR (aggregation services router) launched in March 2008, the fruit of a $250m development programme. For the first time, Cisco incorporated two separate images of its IOS operating system in the ASR, which is designed to operate as a router at the edge of carrier or large data centre networks, offering up to 20Gbps throughput, shortly to increase to 40Gbps with 100Gbps planned by 2010. The second IOS image is on hot standby, enabling new services to be deployed without disrupting operation.
"Say that tomorrow you want to turn on a video Telepresence application for an enterprise," says Cisco's worldwide director of service provider marketing Suraj Shetty. "Now you would need an IOS upgrade. So you upgrade the standby IOS with the new version, and then switch the standby to active. The standby is then the old IOS and can be upgraded as well."
The most striking feature of the ASR, though, is the high level of process integration that can be achieved, by virtue of the new ASIC called Quantum Flow, manufactured by Texas Instruments to Cisco's specification.
This processes traffic in flows rather than individual packets, identified by higher level metrics, enabling the ASIC to incorporate firewall, deep packet inspection, session border control, the switching to interconnect multiple boxes, and broadband aggregation (for applications such as IPTV). With other vendors, separate boxes are needed for these functions, according to Shetty.
However, 'other vendors' counter by arguing that this integration comes at a price when many of the functions are not needed by the average enterprise.
In fact, HP ProCurve makes a virtue of not being a significant player in the carrier market by contending that this enables it to streamline its products for the enterprise at attractive price points, avoiding unnecessary baggage.
"If you take our latest core switch introduced half a year ago (ProCurve Switch 8212zl, released September 2007) that is optimised and focused on the enterprise core switch area," says Gijs Zandvoort, ProCurve's EMEA product marketing manager. "Products we are competing against are mostly from much broader design centres, used in a service provider world."
Cisco argues though that enterprises are increasingly going to be integrating more complex functions into routers and switches, and that use of a powerful ASIC will enable this to be done efficiently with minimal power consumption. Indeed, power efficiency has shot up the league table of mandatory features driven by a combination or environmental evangelism and escalating energy prices, and this in turn is impinging on the debate over the relative merits of ASICs and generic processors.
The high power and scale economies of current multicore generic processors make them competitive contenders for a range of functions previously deemed to require dedicated ASICs, offering the advantage of faster time to market, and greater scope for upgrading. Juniper for one believes that generic processors have a great future for integrating functions such as deep packet inspection that Cisco is doing in its Quantum Flow ASIC. One reason some vendors do favour the ASIC is that this makes it easier to protect their intellectual property, according to Mason Communications' Haigh. "The thing about an ASIC is it's quite difficult to replicate," observes Haigh.
Where multicores don't score
But the clinching argument in favour of ASICs, at least for the fundamental switching and packet forwarding, lies in the need to optimise power consumption as throughput rates continue to increase towards 100Gbps, according to Martin Lund, VP and GM for the Network Switching Line of Business at ASIC maker Broadcom.
"While the multi-core trend is increasing, this will be primarily in the data processing area," says Lund. "The power and performance requirements needed, especially at 10GbE, 40GbE and beyond, demands a performance level that is still out of reach for multi-cores to compete in this area." Lund points out that further power savings and performance improvements will be achieved when the latest generation of 65nm process technology starts to be implemented in routers and switches over the coming two years.
Many existing systems, such as Cisco's ASR, use the previous round of 90nm process technology (the figure equating roughly to the width of lines within which logic gates are etched).
The chip though is only one factor in power consumption, which is a highly complex issue with great scope for improvement. Put simply, the challenge is to vary the power supplied constantly so that it is just the minimum required to execute processes active at a given time. Innovation on this front has come at the bottom end of the internetworking field from vendor D-Link, probably best known for its wireless home routers. D-Link is now targeting the SME market with its Green Ethernet switches, launched in February 2008, which claim to cut power consumption by 40 per cent over rival products for a typical workload; although according to Dave Smith, VP business solutions, D-Link Europe, the actual savings will depend on factors such as application, level of use, and link lengths.
D-Link cuts power consumption in two ways: first, when a link is inactive, it is placed in standby mode, although with the capability for fast switch-on when activity is detected; second, the system detects the link length and adjusts the power to the minimum level needed to operate over that, rather than catering for the maximum length permitted by the standard.
Apart from 'greenness', D-Link acknowledges the importance of reliability and integration right across the enterprise spectrum, with a growing reluctance by customers to have a plethora of boxes serving different functions.
This, along with the trend towards Deep Packet Inspection in order to deliver better QOS and security, unites the field, while divisions remain over implementation factors, especially whether and where to use off-the-shelf silicon.