Interop Reporter’s Notebook: VoIP security still spotty

Observations from our reporters at Interop New York. Check back for updates through the week.

Heard in and around Interop this week:

VoIP security still spotty

A frank assessment of the state of VoIP and security technologies came from Gregory Lebovitz, technical director and solutions architect at Juniper Networks, at an Interop session on Tuesday.

“No [intrusion-prevention system] or firewall vendor supports all VoIP protocols and technologies," said Lebovitz, whose company’s products claim to offer a measure of security for VoIP nets. “If [security vendors] are telling you that they support all VoIP technologies they’re lying. There just isn’t anyone who supports everything today."

Lebovitz said users must ask security product vendors what specific VoIP equipment and protocols are supported on their intrusion detection/prevention systems and firewall; product names and numbers should be asked, and users should test these combinations of security and VoIP gear in a lab before buying.

“It’s not that we’re not trying; we want to get there," Lebovitz said. “But there’s only [so little] resources being devoted to write [so much of the] code that will be needed to get there."

Cisco’s Chambers moves into world politics

While CEOs from Juniper and CA gave keynote talks the Interop conference in New York this week, Cisco CEO John Chambers apparently has better things to do — such as rubbing elbows with world leaders at the Clinton Global Initiative conference, which is taking place in the city this week. Chambers was expected to join First Lady Laura Bush, Bill and Melinda Gates, Afghanistan President Hamid Karzai, Lance Armstrong and 900 other invited guests at Bill Clinton’s high-powered powwow, with topics such as world poverty, climate change and religious and ethnic conflict on the agenda. Chambers and his entourage were seen Wednesday morning entering the Sheraton New York Hotel and Towers, where the conference was held — and where a significant portion of Interop attendees were staying. Show-goers said getting a cab to Interop’s venue at the Javits Centerl was challenging, as security personnel and black SUVs made a tight ring around the 7th Avenue hotel.

WAN optimization vs. thin clients

One Interop session pitted the optimization and thin client options against each other as means to “slim down branch offices" and reduce poor performance to distributed locations, especially for companies that have consolidated data centers or centralized their applications. Despite a discussion that had panelists debating the merits of tunneling traffic, compressing encrypted content and caching dynamic data, no technology came out on top.

The panel included speakers from Silver Peak, Expand Networks, Riverbed and Citrix.

One audience member representing Cisco was able to add his thoughts on the growing market, albeit with some healthy competitive digs from panelists. Cisco recently joined more than a dozen vendors battling for WAN optimization dollars with its Wide-Area Application Service -- if with some healthy competition. While some criticized Cisco for coming a bit late to the market, others pointed out the market is immature and bound to be dramatically different within three years.

Eric Siegel, a senior analyst with research firm Burton Group, moderated the panel and said WAN optimization technologies will help users. “The payback on the technology will blow your socks off. Socks will be in the air," he told attendees. “Even if it’s obsolete in a few years, the results you can get today with these technologies will give you much happier end users."

Application networking, not the other way around

A majority of network managers polled today would probably reveal that along with their responsibilities to keep network available and performing well, they must also keep an eye on application performance. A panel at Interop Tuesday featured representatives from Crescendo Networks, Foundry Networks and Cisco, each discussing how their respective product has the ability to accelerate, secure and optimize applications on the network. The vendors detailed the challenges network managers face today trying to keep sophisticated multitiered applications running smoothly.

Hooman Beheshti,  Crescendo vice president of technology, discussed how technology that understands application behavior — which his company loads onto application front-end boxes — will speed processing times.

“If networks can better understand specific applications and anticipate application requests, then networks can help speed content generation," he said.

Foundry supported adding intelligence to the network, but more for security purposes.

“The past few years, we really shot ourselves in the foot by deploying many application and networking technologies that are complex and can be uncontrollable. Things like wireless, mobile, VoIP and Web applications must have been wondering how do I control my network," said Gopala Tumuluri, director of product marketing at Foundry. Tumuluri said to get the control, or security, needed on advanced networks supporting such applications, “you are going to need more than just a packet-forwarding switch" and must embed intelligence into the network devices.

“If you put more application intelligence in the network, you reduce the number of servers you have to maintain and you can increase productivity in a few areas, your own and your employees' productivity," said Mark Weiner, director of data center solutions for Cisco.

Despite the difficulty in understanding application behavior on today’s networks, the panelists agreed that network vendors should load their gear with more intelligence to better support applications — but not have them take on the entire burden of a server.

“You do not want network-centric devices to move up to where they will inherit the server problems," Tumuluri said. Nor do you want application developers getting the privilege of tweaking networks.

“I don’t think any of us want application developers looking at router configurations," Beheshti said. “I don’t want application code residing in the network, but there are things that can be done to make the application run better on the network."

Copyright © 2006 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022