Newsletter Sign-Up FaceBook LinkedIn Twitter Subscribe INTEROP LOCATIONS:   LAS VEGAS  •   TOKYO  •   MUMBAI  •   NEW YORK

Archive for 2006

Oct 16th, 2006 | Brian Chee

Hawai’i rattles, then loses power statewide - The Honolulu Advertiser

Brian Chee


Picture from the Honolulu Advertiser used without permission…mea culpa. Sorry folks, but this is just to help out since the Honolulu Advertiser web site is currently being inundated with web requests…I will remove this once the load goes down a bit….the full article is at the link below…many thanks to the dedicated journalists at the Honolulu Advertiser.

Hawai’i rattles, then loses power statewide

Source: Hawai’i rattles, then loses power statewide - The Honolulu Advertiser
By Dan Nakaso
Advertiser Staff Writer

So one of the prices of paradise is that I live in an active volcanic region and we get some tremblers once in a while. However not since the 60’s have we had one quite this big. The wife and I were shaken out of bed around 7am HST with a 6.7 shake, then minutes later a 5 aftershock that had a longer duration tossing some books off a shelf and knocking a few pictures off the wall. The overall status is that no one was badly hurt in the quake and since Hawaii is an active volcanic region our buildings are designed to handle tremblers like this.

So what does this have to do with technology, well I’m glad you asked. KSSKRadio.com is our biggest prime time radio station (2nd only to a station in Los Angeles) and they were setup to stream to a maximum of 60,000 internet listeners. When news of the quake hit, their internet service provider found themselves in a rare situation where all 60,000 licenses were gobbled up within a couple hours of the initial CNN story. Even this Honolulu Advertiser article about the quake took me almost 5 minutes to load due to the huge demand around the world.

My favorite example is the Victoria Secret Lingerie show made infamous on the internet a few years ago. Load balancing is now a way of life, but just how much can you anticipate? The reality is that you can only load balance what you already have setup. What we’re going to be examining in the Honolulu lab in the coming weeks is how data center virtualization could have solved this massive unexpected load. The scenario is to have the vendor migrate a monolithic server (ie. one that takes up ALL of a standard server) and migrate it to a virtual environment. Then based upon demand, move the virtual image to a dedicated blade, and as an optional feature, then add more virtual images on dedicated blades as demand grows. Maybe I should pay a visit to the folks at the Honolulu Advertiser to talk about just how this can work for them?

Who knows, maybe I can get Sergey from Coyote Point (they load balancers we used for the show) to come along with me?

/brian chee

Oct 16th, 2006 | admin

Podcast: Interview with Richard Wolf - Part 2 of 2 (GM of Office Graphics Services, Microsoft)

admin

Richard WolfThis podcast is the second in a two-part conversation I had with Richard Wolf, the General Manager for Office Graphics Services at Microsoft. Wolf oversees Visio and Powerpoint, and in this podcast, he talks about the new features and capabilities of Powerpoint 2007.

(In case you missed it, here is part 1, which focuses on Visio.)

Continue Reading »

Oct 12th, 2006 | admin

Podcast: Interview with Richard Wolf - Part 1 of 2 (GM of Office Graphics Services, Microsoft)

admin

Richard WolfIn this podcast, I talk to Richard Wolf, the General Manager for Office Graphics Services at Microsoft. Wolf oversees two major business applications within the Microsoft Office suite: Visio and Powerpoint. In this podcast, which is the first in a two-part series, Wolf talks about the new features and capabilities of Visio 2007, the upcoming version of Microsoft’s drawing and diagramming application. Wolf and I met at Interop New York, where he was showing off the upcoming version and all of the great new features it has for IT managers. In part 2 of this podcast interview, which will be released next Monday, Wolf will explain what users can expect from Powerpoint 2007.

Continue Reading »

Oct 5th, 2006 | Robert Ballecer, SJ

See Packet. See Packet sit. cPacket Run!

Originally Posted on TheTechStop.net

For most system administrators, network monitoring is like car insurance: we know we should have it — we know we’ll regret doing without it — we know that it can provide all sorts of interesting and useful purposes — and yet somehow the muss and fuss involved in getting it right and understanding its utility is overcome by the desire to “get in and go.” The usefulness of network monitoring tools is eclipsed only by the difficulty in getting many of those tools running, or in the learning curve to decipher the information coming off those same tools.

cPacket Networks hopes to change all that with their cVu 1000 Distributed Appliance for active network traffic inspection and response.


The cVu1000 on Paper

  • Transparent monitoring
  • Real-Time Traffic Analysis
  • Interactive trafic Administration and Filtering
  • Zero Latency Taps
  • Intuitive “Drill Down” menu
  • SFP Interfaces for GigE and Fiber on all ports
  • Traffic Passthrough and Mirroring
  • Distributed Monitoring with centralized Storage and Analysis

Backstory
cPacket Networks was a relatively late arrival to Interop NY ‘06. They came into the Belmont warehouse in the waning days of hotstage with four of their cVu 1000 Distributed Appliances. It was my responsibility to find those units appropriate homes where they could tap and monitor the traffic running through the more interesting parts of our network. After a quick tutorial on how the devices worked, we agreed to use the cVu 1000s to monitor four particular segments of the eNet: show floor, classrooms, registration and press.

Installation was straighforward — we use Systimax QDs to connect fiber umbilicals from the core switches to the show floor racks. The cVu 1000 came populated with GigE copper modules, but since they use standard SFP ports, we were able to swap the GigE copper modules for fiber units. Placing the units inline was a simple matter of plugging the fiber that originally went from the QD to the switch into the “A” port of the cVu and running the “B” passthrough back to the switch. Installation didn’t necessitate any changes in our network topology and we immediately began seeing trafic statistics on the built-in LCD screen on the front of the unit.

I like the cVu 1000s — they’re small, easy to install, feature-packed on paper, and cPacket’s engineers are hard-working, honest uberGeeks. They claim that their custom-developed ASIC allows for deep inspection of every packet at linespeed without adding latency to the network. Still, with monitoring vendors like Fluke, Network Physics, Network General, Gigamon, Groundworks, and others already on the Interop train, I didn’t know what to expect from cPackets and their little black box.

Trial-by-Fire
So… the questions — Did the cVu 1000 make monitoring any easier? Did the unit live up to its promises of transparent, zero-latency taps? Did it have an intuitive, drill-down interface that made it easy to isolate, diagnose and correct network problems? Did cPacket Networks come up with a formula for shifting monitoring from a “what happened” to a “what’s going to happen” paradigm?

After seeing the cVu 1000 go through a trial-by-fire of being in the enterprise-class network that we call the Interop eNet, my answer would have to be a loud and resounding, YES.

The cVu 1000 is the first standalone, in-rack monitoring tool that I have been able to master in under 30 minutes. Their interface is extremely intuitive — reporting is divided into “live” and “historical” groups which give users immediate access to the statistics that matter, like bandwidth consumption and DNS requests/replies. Data can be represented in a variety of user-configurable graphs and charts. Users can easily switch between the various cVu 1000s installed in the network and drill-down their views from hours to seconds in order to locate spikes, drops or attacks.

These screens give a good representation of the information that the cVu 1000 makes availible in real-time. It is important to note that the interface was very responsive: Over the course of the show I never experienced a freeze, hickup or drop in my live or historical views through the cVu 1000 status screen.

Show Impressions
The first thing that I have to note is how useful the built-in LCD becomes once it is deployed. Not only does it give the administrator an immediate confirmation of whether or not traffic is passing through the network, the bandwidth counters are surprisingly informative even with such limited real-estate.

The day that the full network was up and running, the cPackets guys introduced me to the status screen and gave me a quick (10 minute) tutorial. From that point on the cVu 1000 became my first stop whenever NetServ (Network Services Help Desk) received a complaint about connectivity or speed. I was amazed at how quickly I was able to learn the interface and at how useful the cVu 1000 was in diagnosing problems — within 4 hours of collecting data we were able to isolate several ARP storms from the registration area, DA attacks over the classroom wireless, DNS problems in the Press area and bandwidth hogs on the show floor.

Conclusions
Even though I didn’t get as much time with the cVu 1000 as I would have liked, my brief experience with the unit, and with the cPacket guys, tells me that they have a winner. The cVu 1000 is an amazingly versatile piece of monitoring gear that is easy to install, easy to use and designed with scalability in mind. I can’t wait to use it in the eNet for Interop Las Vegas, and this time I plan to try the mirroring and filtering functions of the unit.

Sep 26th, 2006 | Robert Ballecer, SJ

Lantronix WiBox

Originally posted on TheTechStop.net

Sometimes, it just needs to work.

High port density serial console servers are nice, as is the ability to dramatically expand the feature set of a particular piece of hardware. I’m all for rack-mounted monsters that can manage umpteen devices with redundant redundancies and network performance to brag about. In fact, my Interop time is mostly spend burried elbows-deep into advanced technologies from our partners and sponsors in order to obtain those very bragging rights.

But sometimes, as I mentioned above, it just needs to work. — More than that, sometimes it just needs to work in a form factor that is inconspicuous, at a power consumption that sips rather than chugs, with a port density that doesn’t leave a ridiculous number of empty spots, and a price point that doesn’t leave the average user crying in their beer. Add in the portability of a wireless bridge and you might just have the inklings of what the Lantronix WiBox has to offer.

Lantronix came to Interop looking for a chance to give our engineers a crack at their gear. The WiBox comes everything you need to get a 802.11b to serial bridge up and running. (DB9 Null Modem Cable, Power Adapter, antenna and software) The specs of the WiBox are impressive given the unit’s diminutive size and its low power consumption. (It is just a bit larger than a cigarette box.)
  • Detachable RP-SMA Antenna
  • Two DB9 Serial Ports with support for RS-232, RS-422 and RS-485
  • WEP / WPA and TKIP Wireless encryption
  • 256 bit AES “End-To-End” Encryption
  • Support for 9-30 VDC Power
  • Less than 2 Watts Max Power Consumption
The setup of the WiBox is straightforward. Power the device, connect Port 1 to your computer, fire up your favorite terminal program. A few keystrokes later and you’re in the setup screen. From there you can enable HTTP access, change network settings, configure the wireless portion of the box and setup your desired security policy.
Once you’ve completed the initial setup of the WiBox and it has associated with either an Access Point or within an Ad-Hoc network, you will be able to access the HTTP enabled configuration page. From these menus you can configure every parameter of the box according to you liking and device requirements.
The remainder of the setup is just as easy as the initial configuration. You have complete control over security and encryption policy, serial settings, tunnel and endpoint parameters — Everything you need to connect the WiBox to a serial-enabled device.

If that was all that the Wibox had to offer, it would be plenty for most users who are looking for a portable serial console server with minimal power requirements and a slick web-enabled GUI. However, the engineers at Lantronix were not content to simply let the WiBox be a low-power, small form-factor device. They added a software switch that allows the WiBox to operate in a mode that swaps performance for added power savings. (Our lab tests showed the WiBox operating at below 1 Watt while in this mode.) Lantronix included a well-developed modem emulation mode that allows the WiBox to act as a modem for remote equipment that needs to “dial into” the network.

Best of all the software features is Lantronix’ Com Port Redirector software. I’ve used several com port clients that allow me to connect to tunnels via virtual serial ports on my machine, but the Lantronix software is the first one that I used that flawlessly connected to both serial management interfaces on the network gear in the lab AND my custom servo application through their serial gateways.

The applications for the WiBox are limited only by your imagination. At Interop, I used the various WiBoxes to provide serial management of switches that were in places where running our secondary network, “access ether” was impractical. They are more than suitable for use within a management network, but they would be equally at home deployed in off-grid locations where power is at a premium. The two-serial setup begs to be installed with remote data-gathering devices where one port could be used for data transfer and the other for management. The WiBox’ rugged construction and form-factor seems perfect for industrial or hazardous-duty deployment

Sep 25th, 2006 | Brian Chee

Splunk 2.1 update

Brian Chee

I had the opportunity to play with Splunk for the first time in the article Splunk makes log-file searches a slam dunk InfoWorld Test Center April 28, 2006 By Brian Chee where I found a superbly crafted piece of software for mining golden nuggets in the mass of syslog info found in just about any modern IT organization. My only reservations were a relatively unforgiving configuration that involved editing XML files, and a lack of integration with modern monitoring consoles. I guess the Splunkers and I were thinking alike, since this news story broke not long after my story appeared: Splunk touts partnership with CA InfoWorld News 2006-05-01 By China Martens, IDG News Service shutting me up immediately.

Not to be left standing still, the Splunkers have been very busy doing an even better job at mining those golden nuggets…here are some screen shots taken live at the Interop New York show…

Here is a screen shot of some live log files of folks getting caught in our HoneyNET aka the Extreme Sentriant named RochMotel.

Just to make life easier, the Splunkers broke up the InteropNET traffic into catagories to make the data even easier to find.

So if your log traffic gets really hot and heavy, you can setup distributed Splunk servers to split the load. In this case we broke it up by NOC1 or NOC2, and show floor.

In this case, my Splunk tour guide drilled down to find the source of some possible wireless issues.

Sep 23rd, 2006 | Robert Ballecer, SJ

Layer 0 Security - Axis Communications

First Posted on TheTechStop.net

Now that the show is over and the crates have been packed, there’s time for the team to catch our collective breath. While we’re doing that, I want to look at a revelation that the members of the InteropNet had during the show….

We need PHYSICAL security.

We may have some of the best security engineers in the industry, driving advanced security solutions from Juniper and Extreme, but somehow we missed the very simple fact that the best designed and implemented network on the planet is only as secure as the environment that houses it.

During the show we had two incidents without our Network Operations Centers. In NOC 2 we had an unknown individual rummage through the belongings of the NOC members, stealing an expensive digital SLR camera. In NOC 1 we had an intruder make himself at home at the Fluke table, not stealing anything, but nonetheless being an unwanted visitor.

We were relatively lucky this time: a digital camera can be replaced and the intruders didn’t compromise the network. Several years ago at an Interop conference in Atlanta we were not so lucky, with somebody stealing all the laptops and several diagnostic tools from the NOC. In any case, I think we now know that a few see-through walls and a guard at the door isn’t enough security.

Thankfully, we have Axis Communications as a Solutions Provider.

Axis was once again in the NOC with their advanced network video products. We had an Axis 221 camera watching NOC 1, an Axis 211 viewing the area in front of the PEDs, an Axis 214ptz (Pan/Tilt/Zoom) camera sitting in the Network Services Area, a variety of 205 and 207w cameras overseeing the show floor area, and Axis Camera Station software to aggregate the video into one screen and provide motion sensing and recording functions. Truly we had an impressive array of video security up and running within the simple-to-use Axis family. The deployment was made even more simple by the fact that the 211 and the 221 are native POE capable and all the other cameras are low-power as to allow POE dongles.

Unfortunately I set up the cameras and the software as a way for people outside the show to view what was going on in the conference instead of using best-practices deployment for security. This meant that I didn’t deploy any cameras in NOC 2 where the digital SLR was stolen, I didn’t have overlapping coverage, and I didn’t dedicate a storage server for recording images when the Axis Camera Station detected movement. — Several of us were able to view the intruder in NOC 1 from our hotel rooms, but we never had a clear picture of his face.

Still, it seems that even the mere presence of the cameras was enough to safeguard the gear in the NOC 1 racks. While the security guard may not have been able to keep the intruder out, at least we knew he was there. Though we clearly need to improve our deployment of the Axis solutions, at least this incident should light a fire and force us to protect layer 0.

So… you can expect to see my reviews of the various Axis cameras. You can expect to see a writeup on the Axis Camera Station software. You can expect to hear about the myriad number of ways that the Axis gear can be used to tighten security… But most of all you can expect the Axis presence to grow at the next Interop.

Sep 23rd, 2006 | Robert Ballecer, SJ

Summer of Lantronix Lovin’

First posted on TheTechStop.net

Part of our efforts to keep the network up and running have been served well by gear that several support solutions vendors have sent to the show to be in our “engineering sandbox.” These companies send us various networking solutions from management and monitoring to storage and security, all for the experience of being in a true live Enterprise-Class network. More than that, by dropping their products in our sandbox (ready for our engineers to configure, deconstruct, critique and imagine) these steath vendors gain the invaluable resource of the combined experience of the Interop engineers.

To that end, Lantronix has sent us a wonderful uberGeek care package!

Pictured above are some of the products that Lantronix asked us to include in our network. The first picture is of the Lantronix SecureLinx SLC serial console server and the SLK IP KVM just mounted in PED 60 on the show floor. The SLC pictured here is an 8-port serial console server. The SLK IP KVM provided a secure interface to easily access any attached workstation or server at the BIOS level through a browser. We were using it to remotely configure some of our Axis and C-Packets servers.

The second photo shows the new Lantronix EDS4100 4-port serial console server. This device is not only a compact unit that includes features normally found only on much more expensive, rack-mounted units, but it is also POE powered. It is fully programmable and can provide standard tunneling to any of the 4 serial ports as well as SSH encrypted connections. My favorite feature is the serial tunneling software that gives users a secure virtual com port on their computers.

The last picture shows the Lantronix WiBox 2-port 802.11b wireless serial console server. This device is about the size of a pack of cigarettes and is a tinkerer’s dream. We used it at the show to give us serial management capabilities for some of our Extreme gear that was at the very edge of the network where running a second physical line for the management network wouldn’t be practical. By using the WiBox, we were able to deploy switches in very remote or inaccessible locations with the confidence of having a separate link for management in case there was a problem that disrupted connectivity through the switch. Furthermore, the WiBox reduced the deployment load from a primary switch, a management switch and a serial console server to just the switch and the WiBox.

Several of the engineers in the NOC were able to come up with even more imaginative uses for the gear, but I’ll save those experiments for another blog. We’ll be posting more in-depth reviews on this gear in the days to come.

As impressive as the gear was the reason why Lantronix decided to become a Support Solutions provider for Interop. Lantronix sent us this equipment with a single mandate: play. — No demands on placement — No contracts for marketing time — No drama over interoperating their products alongside those of their competitors. :: Instead, they wanted our engineers to dream up fresh applications and features for their products and to find a natural, organic place for them in our network.

Put simply: They understand that Interop isn’t just about where the technology is… but where it NEEDS to go. They get that Interop is about the network. — We hope to repay their understanding by putting their gear at the center of some very exciting, very uberGeek creations. — Stay Tuned!

Sep 22nd, 2006 | Brian Chee

RealOps: IT Process Automation Software

Brian Chee

The InteropNET is more than just a production network feeding the show floor, class rooms and meeting rooms at the Interop trade show. Traditionally its also been a big sandbox to test out emerging technologies. One of the InteropNET Team long time members brought in RealOps to show how they can automate just about anything that a sysadmin would want to do with recurring processes.

Link to RealOps: IT Process Automation Software

Steve Bavington of RealOps twisted a few arms to jump into the fray at HotStage (In Belmont, California where we pre-build the InteropNET) and dropped in a RealOps server to help the team automate the on the fly reconfiguration of the GigaMon box at the show. In this case the process on the RealOps server had a web front end that would allow us to click on a button to reconfigure the GigaVue so that the tap between our external router and our primary switch would get swapped to a different analysis tool.


The Web GUI to swap where one of our analysis tools looked in the network


The process flow diagram


A weather map showing status of nodes by changing colors and shapes of the icons on the map.


What some of the code looks like under the hood.

Brian Chee is a researcher at the University of Hawaii School of Ocean and Earth Sciences and Technology (SOEST) and runs the Advanced Network Computing Lab. He is also a Senior Contributing Editor with InfoWorld Magazine. As a 12 year veteran of the InteropNET Team, Brian was the VOICE team lead for the New York 2006 Interop Show.

Sep 22nd, 2006 | Brian Chee

New connectivity tools

Brian Chee

The folks at Transition Networks keep adding to their huge line of doodads that convert one thing to another. I’ve been using their products for a heck of a long time and we’ve just recently tried out a firewire to single mode fiber optic media converter for an underwater observatory near the fabled Banzai Pipeline.

So while I strongly encourage you to get a full catalog, here’s just a few things that caught my eye here at the Interop NY’06 show at the Javits center.

  • WDM that allows a single 100tx copper or gig copper to be transmitted full duplex over a single multimode or single mode fiber
  • Duplex fiber media converters that add in 802.3af Power Over Ethernet
  • Duplex fiber media converters that do both POE and a pair of two wire serial ports (combined they make a single 3 wire bi-directional serial port)
  • If you’re using their chassis solution you can have both near and far side GUI based mgmt in-band to the far end
  • USB console so that you no longer have to find your USB to serial dongle to configure smart devices

PowerDsine is expanding their line line of both 802.3af and high power midspan power injectors but what many don’t know is they they have some pre-standard high power injectors that can even power the new tilt-pan-zoom survaillance cameras through the use of special splitters. With plug-and-play ease the InteropNET Team was able to simply drop them into place and power the phones all around the Interop show in New York. Take a hard look, I was VERY surprised at the depth of their product documentation when I found a table that documented various pre-standard devices that could still be accomodated using conversion dongles.

Brian Chee is a researcher at the University of Hawaii School of Ocean and Earth Sciences and Technology (SOEST) and runs the Advanced Network Computing Lab. He is also a Senior Contributing Editor with InfoWorld Magazine. As a 12 year veteran of the InteropNET Team, Brian was the VOICE team lead for the New York 2006 Interop Show.

Next »