Next-generation LANs, branches under consideration

NEW YORK -- The next-generation LAN will be mobile, secure, intelligent and service- vs. speed-oriented, experts at the Interop New York conference said here this week.

At the same time, branch office architectures are also evolving, inheriting more applications, services, features and functions usually contained at corporate headquarters sites. Experts shared these viewpoints in two separate sessions at this week’s conference.

LAN architectures are undergoing a “fundamental change” in order to support future applications able to be securely accessed anytime, anywhere from any place, says Chris Silva, an analyst at Forrester Research.

“Ubiquitous computing is the next big thing,” Silva says, driven by globalization, virtualization and collaboration. “Thirty percent of enterprises are making use of public Wi-Fi or public cellular data.”

Architectures optimized for distributed applications in 2005 evolved into those focused on security and IT consolidation in 2006, he says. This year’s wave will be LAN infrastructures designed to accommodate disaster recovery and further consolidation.

Enterprises want their networks to function as a utility, and wireless coverage will drive infrastructure deployments, Silva says. With that, he believes IEEE 802.11n wireless LANs and WiMAX will become pervasive in the 2011 to 2013 timeframe.

Along with ubiquity, users will demand security and integration with wired and voice infrastructures. That’s fine with wireless companies like Trapeze Networks and secure switching vendors like ConSentry.

Components of the “new” LAN include mobility, security and identity-based networking – the ability to configure users access and services, vs. switch and router ports, says David Cohen, Trapeze director of marketing.

The LAN architecture will encompass a hybrid of distributed forwarding and centralized forwarding based on the application: distributed for latency-sensitive traffic like voice over WLAN and “.11n ready” applications; and centralized for security-sensitive traffic like guest access, Cohen says.

Switches will support “virtual stacking,” Cohen says, in which capacity is pooled and automatically assigned, remapped and balanced across access point when they are added to or subtracted from the network.

The ability to support transparent roaming for voice will go a long way in determing how users construct their WLAN networks, Cohen argues. So will security, says Jeff Prince, chairman and CTO of ConSentry Networks.

That’s why users will migrate to secure switching with network access – or admission – control (NAC) capabilities becoming integrated table stakes for LAN switches.

“The LAN is a much more open place,” Prince says. “All of the family jewels sit in the network.”

LANs have failed to keep up with the proliferation of malware, regulatory requirements like Sarbanes-Oxley and the need for greater visibility into user behavior, Prince argues. As examples, he noted recent breaches at companies like TJ Maxx, DuPont and Boeing.