- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
Network World - Not familiar with the terms "session border controller" or "session delivery network"? Don't worry. Andy Ory, CEO of fast-growing Bedford, Mass.-based Acme Packet, is more than happy to share his passionate vision of how SBCs and SDNs -- and the emerging era of "opt-in communications" -- will change your business and the world. In this installment of the IDG Enterprise CEO Interview Series, Ory spoke with IDGE Chief Content Officer John Gallant about how Acme Packet is bringing identity, security and control to the wilds of the Internet, and why the world's top carriers -- and a growing number of enterprise IT shops -- are relying on the company to reduce costs and develop a whole new generation of network services.
Your technology is widely used within service providers and, thus, widely used by enterprises, but Acme Packet might not be a company that IT leaders are really familiar with. Explain what a session border controller is, and what you mean by the concept of a session delivery network.
From a very high level -- and I'm going to make it a little simpler than it actually is -- the reason that the telephone system works is that it has a signaling system. A signaling system is like a series of traffic lights. Imagine that we go to New York City and we're sitting in Midtown at three o'clock in the afternoon in a cab. Now, let's say I have a little button, an app on my iPhone. I hit it and it turns off every traffic light in Midtown. What happens? We all grind to a halt. Nothing goes anywhere. If you remove a signaling system, all heck breaks loose, chaos ensues and nothing can go anywhere on the network. Well, we're building a signaling system for the Internet.
A session delivery network is an overlay network that has both signaling and media, but it's able to control, select, enforce and manage tasks, and manage the packets -- like the cars -- that are part of these flows. It provides things that the networks themselves can't. [With the Internet] you can't actually select an end-to-end path or enforce it. Why do you want to select an end-to-end path? Well, there may be quality, cost, source-based preferences. There are lots of reasons you may want to select something one way versus another. And then you want to manage it, police it. Just because you admit somebody onto the highway, you need to make sure that they only ship so much along that path, because you have a lot of other people sharing that path. If oversubscription ensues, things don't work, particularly with interactive communication. It's OK if it takes an extra 300 or 400 milliseconds for your email to download. It's not OK if that happens with interactive voice or video communication.
So we're building an overlay network for the global IP network so that things work, and that people can experience application service delivery that's consistent with what they normally expect in a circuit-switched world where the path is actually a physical path that's constrained and managed.
Can you put that into concrete terms for someone who's used to using the Internet for voice and all kinds of things these days? What does your technology do behind the scenes that they don't see?
We do things like trust, security, identity, reliability, capability and privacy. Here's an example. When your home phone rings, you don't even answer anymore without checking the caller ID, if you're like most Americans. If it says "out of area," you don't answer it. That's part of a signaled communication, right? It tells you, this call is from your mom or your dad. Things like identity are really important, and on the Internet everything is anonymous and free. That's the real problem. Anyone can send you emails. You can't really stop it. It's very, very difficult. But emails don't interrupt your supper; a telephone call does.
The other thing is that the Internet's broken as it relates to trust and security. I'll give you an example. Let's say you're a client of Bank of America. But you know Bank of America can't send you any emails that you're going to open. I don't open emails from financial institutions. First of all, I don't trust any emails that I get anyway. But if you open an email from Bank of America and it said that you know your account's been compromised and you need to provide your passport or your license to reply to this email so you can prevent any additional identity theft, would you do it? No, of course not.
BEYOND ACME PACKET: Ex-Acme Packet VP forms startup Plexxi
You have no trust that that's really coming from your financial institution. But what's interesting is that you go home and you find a letter with a 22 cent or 40-cent bulk-rate canceled postage, and it's on Bank of America letterhead with the red stripe across it. You open it up. It's Bank of America stationery and it says your account's been compromised, you've got to dial this 10-digit number to prevent any additional theft, and you do it. And what's even more curious is that when you pick up that terminal on that network, and you enter those 10 digits, here's what's going to happen. Somebody's going to answer the phone that's going to lie to you about their name and where they are. You're never going to meet them, nor are you ever going to expect that you're going to be able to contact them again, but you're going to tell them everything: who you are, where you live, what your account number is, perhaps even your Social Security and billing address. It's really amazing. Because you trust that the 10-digit address you entered into that terminal is where that service provider, that network took you.
So when you begin to think about things like trust, the models come out of closed, privately managed, end-to-end signal networks. They don't come out of the Internet. So, a session delivery network can provide many-to-many trust capability, which actually is really important. But there are a lot of other things that we do, too, and I'll put them in the context of enterprise communications, because your [readers] are more IT- and enterprise-oriented.
Have at it.
I have enormous amounts of bandwidth from Verizon FiOS to my home, but so do all my neighbors. All of that bandwidth hits some sort of aggregation point and oversubscription is just a fact of life. The Internet is a loose confederation of a million different clouds of networks that share IP packets on a best-effort basis. That works well for best-effort communications, but doesn't work well when [you need] quality, when you have an SLA requirement, the packet loss, latency and jitter that eats a telephone call or an interactive video. I have FiOS, but if I have one kid downloading a high-def Apple TV movie, another kid involved in a high-def video game experience and my grill catches fire, I want to be able to dial 911 and I want the network to recognize it. I want it to actually get through the morass of all the other stuff that's not as important and I want it to go to the right law enforcement or safety agency so someone can show up in a timely fashion to prevent my home from burning down.