Five readers discuss their favorite network products and services.
| ||||||
As a multinational bioscience company, we were looking to extend our U.S.-based e-commerce presence to customers and distributors in Asia and Europe. Early testing with several key distributors looked promising, except for consistent feedback that performance was too slow. Millipore consolidated its IT infrastructure several years earlier, scaling back data centers in France and Japan to reduce costs and management complexities. But external visitors to Millipore.com needed to access our centralized infrastructure in Massachusetts, and geographically remote locations were experiencing latency delays of up to seven seconds on our site.
Because of the highly dynamic nature of the e-commerce applications and the tight integration with our central back-end database, traditional Web caching and externally hosted solutions created their own set of problems. Fortunately, we discovered Netli's NetLightning service, which met several important criteria. Because we had a large production site in use by customers in several regions, any product needed to be easy to implement without disrupting current customers. We also were working with a small staff focused on bringing new functionality online; we couldn't afford to be distracted by modifications or special configurations of our applications or network infrastructure. Third, the solution would need to support highly dynamic pages that would be generated on the fly for each user.
Within minutes of us turning on NetLightning, customers began to see performance improvements. The service has been instrumental in the recent launch of our e-commerce store in Japan, with a high level of customer satisfaction and rapid growth. Immediately after we began subscribing to NetLightning, our customers were able to access our e-commerce site up to 77% faster. The 8,000 to 10,000 scientists and engineers who come to our site every day are getting a rich array of technical information and media delivered much faster and more reliably than ever.
| ||||||
Lawrence Berkeley National Lab's enterprise network, LBLnet, is an Ethernet in a star topology that provides connectivity for some 12,000 devices. About 10 years ago, we migrated from a shared to a switched infrastructure, leading to gradual "blindness" as we installed new switches and removed old hubs and probes.
We began to install network taps so we could troubleshoot the network. [Network taps, like GigaVUE, are used to create permanent test access ports for passive monitoring. A tap can be set up between any two network devices, such as switches, routers and firewalls.] In the last four years, the need for network security has been more demanding than ever. So in addition to using taps for troubleshooting, we deliver tapped subnets for intrusion detection/prevention and forensic analysis. The need for tapping LBLnet has become even more crucial.
Why use taps and not port mirroring on switches? The decision boils down to whether or not you're willing to accept frame loss and jitter in the system design. Switches have buffers, processors and operating systems. Further, their primary function is not to "mirror" frames. It's a simple fact of life that switches have bugs, some more than others. There are times when bugs that have nothing to do with port mirroring will affect the ability to deliver frames to the troubleshooting and security equipment. Worse yet, bugs with port mirroring can affect the ability to deliver production traffic. Compare this with a simple passive tap, which has no CPU, operating system or buffers. It simply couples some of the transmitted energy from the transmission line to another output port.
An integrated network tap provides the best of both worlds. It integrates passive tap technology into a system that also provides features associated with switching - filtering and aggregation of lower-speed ports to a higher-speed port (several Fast Ethernets into one Gigabit Ethernet). Filtering and aggregation take the burden off the machines that capture and analyze packets, so we can use fewer and lower-cost machines to build the system.
(The opinions in this article are solely Bennett's. LBNL does not endorse products or services.)
| ||||||
We use IT Guru to identify problems with applications on LANs and WANs. I bought this tool out of self-defense, because when applications don't function the way the user expects, the problem is always "the network is dragging!"
IT Guru analyzes N-tiered transactions. For instance, a Web-based transaction might go from the client's browser to a Web server, a Lightweight Directory Access Protocol server, an application server, a database server and back. We run a baseline of critical transactions under ideal conditions to get transaction profiles. We place an agent on the client PC and each server along the way. The analyst then tells the tool to capture all conversations between the client PC and the Web server, and so on. IT Guru then puts all those conversations together so we get an end-to-end view. These measurements give us transaction timings that are the basis for our service-level agreements.
If the transaction goes from 2 to 60 seconds, an analyst using this tool quickly can identify the specific server or the network link where the delay is occurring. He compares the baseline trace to the 60-second trace and the source of the problem is usually obvious. We might find that we need to perform maintenance on a database. If that's the case, the database server will show increased times from first request-in to last data-out. We can then resolve the problem and get the client back in service much more quickly than we previously could.
An interesting problem we had was with our "Planogram" application, which tells our grocery store managers exactly how to lay out the shelves with products. It uses a relational database to store data and objects. A category manager was running a simple rename of a product from "green beans" to "French cut green beans." Everyone knew that this transaction should take no more than a second, but it was taking almost a minute. We put IT Guru on the problem and learned that the transaction was passing a 4M-byte JPEG file in the stream. When we showed the developer the trace, he quickly fixed the problem.
| ||||||
This is the most effective service we've ever put in. It's a proprietary VPN delivered as a managed service. Illinois Tool Works is very decentralized, with more than 625 business units in 44 countries. A lot of these businesses came through acquisitions made over the last 10 years, and each one has its own software and systems. Through this managed service, Corente provides us with a secured network and lets us push out any new IT applications that we need to provide to the business units around the world.
Corente saves us time by providing the latest software patches and feature enhancements that the business units need. We started using this in 2001, and it has enabled us to seamlessly connect a wide array of disparate systems and provide a secure network infrastructure. That infrastructure lets us send secure financial information, e-mail, voice, video and other data throughout the global enterprise.
Previously, we used multiple frame relay services from a variety of providers to connect our business units, which was very expensive. During these last few years of cost containment, we replaced the majority of frame relay connections with the Corente VPN at an estimated savings of $5.5 million. The service also was very easy to deploy. We had all the business units up and running in less than a year.
| ||||||
This product is miles ahead of the phone switches we used before because it's so easily configurable either offsite or onsite. It's also easily scalable to support the growth of our business, and configurable either as a voice PBX using circuit-switched lines or an IP telephony server using high-speed dial-up access or direct leased lines. That's important, because we're planning to use VoIP communications at some point in the future. The product also has an integrated voice recorder, which saves the expense and maintenance of a separate device, and frees up valuable rack space. IP Office has become an indispensable tool in the management of our phone and voice processing needs of our different offices.
We installed the switch initially at our Boca Raton, Fla., branch office in July 2004, and our president was so impressed that he asked us to install it in our New York office. We also are putting a switch in our Chicago office. IP Office supports applications such as enhanced messaging and Web-enabled conferencing. Our employees can manage their phone calls using a graphical interface, and they can get phone messages in the form of e-mails.
We're in a flux period, and a lot of our brokers frequently move around to different offices. The fact that this product enables such easy configuration of lines makes it valuable. We have cut down on the amount of time it takes us to configure new lines from five or six hours a month per office to about 20 minutes per month. We don't have to go to an outside vendor to program the switch, as we did in the past.
Violino is a freelance writer covering business and technology. He can be reached at bviolino@optonline.net.