NEW YORK - Cisco will release a new version of its core IOS operating system in the coming months that is more modular, flexible and secure, company executives said last week.

The advance will let users add features to routers and switches without taking them offline, and help companies speed the deployment of services such as VoIP, quality of service and security while minimizing the risk of glitches.

Some users and analysts say the Internetwork Operating System (IOS) improvements were a long time coming, while others contend that such an architectural change could engender a new set of network problems for router administrators.

Mike Volpi, senior vice president of Cisco's Routing Technology Group, outlined the IOS plans last week during an interview with Network World editors.

"Modularity means you have the ability to partition," Volpi said. "So you have a real-time kernel that runs underneath it, rather than the classic embedded kernel of IOS." This partitioning will make the operating system more reliable by reducing downtime because of bug fixes, feature additions, upgrades or unplanned events, he said.

Versions of IOS run on almost all Cisco equipment, from small-office to carrier-class routers and the company's Catalyst enterprise switches, security appliances and Wi-Fi gear.

Click to see:

The software's current architecture is tightly bundled, even monolithic, experts say. IOS includes a base software image with embedded features that are compiled for specific builds to perform certain tasks - from IP and legacy protocol support to firewalling and VoIP.

"To put a feature on a router, you can't just add the little pieces you want," says James Boney, author of the book Cisco IOS In A Nutshell. "You have to upload a whole new IOS version and then reboot," he says. "If you get it wrong, you have to do it over."

Even though IOS is still monolithic, Volpi said the software has become more partitioned over the last few years. Chunks of feature code are now separated, so they don't interfere with each other or with core routing functions.

While an entire IOS image still must be loaded during feature upgrades, the partitioning has set the stage for the new modular IOS architecture.

"Most of the newer [IOS feature] modules have been reasonably well partitioned off already," Volpi says. "They may not have the Posix-like API, [similar] to a Unix operating system, but those are relatively easy to add because we designed it with that modularity in mind."

He adds Cisco also will continue to support IOS as it exists today.

A modular IOS is something Cisco has been cooking for years, says Frank Dzubeck, president of consulting firm Communications Network Architects.

"It's going to be an improvement, in that it will be extremely more stable in the long run," Dzubeck says. It also could help users deploy IOS-based gear faster in large networks. Before new IOS builds are put on live networks today "a lot of regression testing has to be done, which can take months because you might turn on one option that affects others," he says.