Tom Hollingsworth


Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

See more from this blogger

Networking, Security, And Grand Unified Theory

Security has been a hot topic in the networking world recently. For example, Martin Casado, CTO of networking at VMware, has been talking quite a bit about his vision for security. He appeared on the keynote stage with Pat Gelsinger at Interop Las Vegas and talked at length about the increasing amount of IT spending focused on security. He also laid the groundwork for his next big project, namely the integration of open policy-driven security through initiatives such as the OpenStack Congress project.

Casado's shift from open networking to security should not be surprising. He was once involved in the intelligence community early in his career, so he's well versed in security. Many think that this move signals his departure from the networking he has spent the last few years building. I believe it's exactly the opposite.

In the world of physics, there exists an idea that the fundamental forces of the universe are actually very similar in a given energy state. This has been proven time and again via experimentation no matter how dissimilar they may initially look. This Grand Unified Theory works because these forces behave in the same predictable manner at a high-energy level.

On the surface, networking and security seem very different. Networking is fundamentally about the delivery of packets from one location to another. IT security is more about making sure packets don't get delivered based on a set of conditions. The two ideas couldn't be more different. Or could they?

What Casado is suggesting with his policy-based security could apply equally to networking as well. Why should restricting packet flows be the domain of security? Why should the network only be concerned with delivery? The context of a policy allows the systems to determine if a packet should be delivered or not. There is no need for external firewalls or detection devices. Security is integrated into the network, just as the fundamental forces are integrated at a high energy state.

This software-defined Unified Theory makes networking and security the same. Policy will determine how best to utilize resources for delivery or non-delivery. The constructs created to handle these decisions -- firewalls, IPS, and other devices -- will cease to exist as their functions are integrated into the larger network. This is only possible due to the integration of security features due to software.

[Read about other use cases Martin Casado envisions for network virtualization in "VMware's Casado: Network Virtualization The Right Way."]

The basis for these ideas has already been explored in VMware's NSX; you can attach firewalls and load balancing devices to the end host with little added effort. The security is integrated into the network hypervisor.

The implications of this integration are huge for both the networking and security teams in IT organizations. Now, both teams can rapidly deploy services and applications without confusion and delay. Plain language can be used to describe outcomes without worrying about syntax issues between a security access control entry and a network access control list. Security is also an inherent part of the system at all levels rather than being spread thinly to critical areas.

The end result for physics and IT are the same. By understanding the higher order interactions of the individual forces in the world, we gain a clearer picture of their behavior and can better plan for the future. As we learn how security and networking are linked and behave as one, our future systems will contain both elements in the correct proportions.

Tom Hollingsworth, CCIE #29213, is a former VAR network engineer with 10 years of experience working with primary education and the problems they face implementing technology solutions. He has worked with wireless, storage, and server virtualization in addition to routing and switching. Recently, Tom has switched careers to focus on technology blogging and social media outreach as a part of Gestalt IT media. Tom has a regular blog at http://networkingnerd.net and can be heard on various industry podcasts pontificating about the role technology will play in the future.


Related Reading


More Insights


Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Next Gen Network Reports

Research and Reports

Network Computing: April 2013



TechWeb Careers