Your power perspectives

Who’s got the network power? Executives say Cisco is on top, but on its heels are many niche security vendors.

Ask network executives which vendor wields the most power in their network today and they’ll say Cisco, but ask them which holds the second-highest place, and many will name a niche security vendor.

With an estimated 70% enterprise market share, it’s no surprise that most users say they rely on Cisco for the bulk of their network infrastructure. “There’s safety in that market share,” says Bill Ashton, director of IT for the town of Herndon, Va., which uses Cisco for its VoIP network. “No IT exec I’ve ever heard of has been fired for deciding to go with Cisco.”

The network giant is so well entrenched that few organizations look elsewhere for network gear. “We’re a Cisco shop, and that’s who we are, and it’s who we stay with,” says Kent Hargrave, CIO at Overlake Hospital Medical Center in Bellevue, Wash., which uses Cisco for its wireless and wired network infrastructures. “I’m not going to look at anyone else.”

But many users are beginning to see the problems of going solely with all-powerful Cisco. “When companies get very big, they tend to be a bit complacent,” says Greg Chottiner, CIO of University of Maryland University College (UMUC), a public distance-learning university in Adelphi, Md. (see “Chasing the big one”). UMUC’s core network is Cisco, but its VPNs, firewalls and Web-acceleration technology hail from Juniper Networks. “It’s tough turning that large ship to respond to customers. Many times, Juniper responds faster, and its products are cheaper, because it doesn’t have Cisco’s overhead,” Chottiner says.

Security rivals

Almost all agree that the area where Cisco doesn’t navigate quickly or well enough is security. “Cisco is vulnerable on the security side, though it doesn’t want to hear that,” says Joe Granneman, manager of networking and data security at Rockford Health System in Rockford, Ill. “A lot of companies are beating it and gaining power.”

Granneman’s network, though based on Cisco switches, relies on Juniper’s NetScreen firewalls and Top Layer Networks’ intrusion-prevention systems (IPS). “On the security side, I really like Top Layer. Its devices aren’t terribly expensive, and they just tend to run,” he says. “I think those niche players are the ones who will succeed, because that is something that Cisco is trying to do but doesn’t do well.”

Even staunch Cisco supporter Overlake Medical Center agrees security isn’t Cisco’s strong suit. “We use Aventail for our SSL VPN,” says Jeff Bernstein, network engineer at the hospital group. “It’s one clear area where we said Cisco just isn’t really strong. We did an evaluation and found that both Juniper [with its Neoteris technology] and Aventail had better products, and we decided on Aventail.”

Herndon’s Ashton says straying from Cisco in security, especially in the light of recent vulnerabilities within Cisco’s IOS and its IPS-configured routers makes sense. “When you have diverse and rising threats that you have to continually try and stay one step ahead of, the best practices in security dictate that you go with best of breed, in IPS [and intrustion-detection systems], firewall, remote access, host protection and so on,” he says. “Smaller companies in these niches have an appeal. Cisco is trying to sell homogenous security products that just don’t work as well.”

Beyond Cisco and security firms, Microsoft, IBM and Citrix Systems all are well positioned in today’s networks, users say.

“We have migrated to IBM hardware,” says Brian Young, vice president of IT at Creighton University in Omaha, Neb. “Its new blade servers allow us to ramp up capacity on demand for things like registration or Webcasting a sports event or graduation. IBM definitely wields power here.”

Young also cites Microsoft as a key vendor, adding that its power works to his school’s benefit. “The one thing Microsoft has done is that it’s forced a lot of application vendors to think about how they’ll integrate with Active Directory or Exchange or different types of Windows-based environments,” he says. “In that sense, it makes it easier for us to integrate applications into the campus.”

Citrix is a rising networking star at Rockford Health System, primarily because of its ease of management and key security features, Granneman says. “We’re putting computers now in places where they haven’t been in the past, like in patient rooms,” he says. “But how do you maintain a computer in a patient room?”

Thin-client pricing has come down on par with cheap PCs, but Granneman says he figures Citrix can save $200 per client in management and maintenance costs. Citrix also uses less bandwidth, which is ideal in wireless situations, and it offers better security than traditional PC solutions.

“I have people at home who want to access health data, but how do I keep that data from hitting their home PC?” he says. “With Citrix, the data never resides on the client. It’s more secure. Citrix has a strong future.”

Open source power

Another player that wields considerable power in today’s networks is not a vendor, but a movement: open source.

“Being an airline, we’re obviously under a lot of dollar strain,” says Devin York, senior manager for IT financial systems at Continental Airlines, a large HP user based in Houston. “We use open source where it makes sense. It’s definitely making inroads in the server world, where you don’t need a nice GUI.”

York uses HP 9000 Superdome servers to consolidate more than 50 application servers for six departments. “We’re starting to see Linux ramp up at the high end, on the multiprocessor Superdomes and all your cell board technology-type systems. It’s definitely getting more powerful.”

Open source also is powerful in the network tool arena. “It’s really saved us, because we’ve been able to use open source tools to provide a lot of value as an IT organization to fix network issues, especially security issues,” Granneman says.

Granneman uses several open source tools, including the Snort IDS, the Nessus vulnerability scanner and the Ethereal network sniffer. These all perform the same or better than commercial tools, but at no cost, he says. That is, until recently. He predicts that open source is beginning to fade as a network powerhouse, now that many tools are bought and commercialized.

“Open source used to work for users’ benefit, but lately, I’m not so sure. [Check Point] bought Snort, Nessus closed its source and is going to fee-based signature updates, and I’m just waiting for Ethereal to go away,” he says. “It’s the best network sniffer you can get – you’d pay a fortune for something like that from Network General, and I’ve never been able to get one of those in the budget.”

Power wanting

Some network markets are still waiting for an all-powerful contender to emerge, users say. These include desktop-security management, integrated network and security management, and end-to-end data encryption.

“Today, desktop security is unstructured,” UMUC’s Chottiner says. “There are hundreds of companies that do antispyware and antispam, but there isn’t one company that stands above and takes this all together and provides one all-inclusive solution. I think that’s a place where we could use a little more power.”

Another area is network-security management. “There’s usually an application that comes along that changes the world a little bit, like Mosaic did,” Granneman says. “In networking, I think the power will go to the one vendor that can integrate network management and network security. There’s a lot of integration required and an enormous amount that could be done.”

The vendor that pushes a standardized way to handle encryption throughout the life cycle of data is poised to gain power, Continental’s York says. “Today, we have to spend a lot of money reengineering things and making sure data is protected and we’re compliant with privacy regulations,” he says. “But in the future, you hope that some vendor, software or hardware, builds it in in a standard way so you don’t have to worry about it.”

Creighton’s Young agrees, noting that he finds PKware, with its SecureZip data encryption and PKzip compression, a step in the right direction. “PKware is an up-and-comer that is making strides, because it has already decided that we live in a networked world and its 100% focus is your need to protect yourself in that environment,” he says.

Today’s rising fuel costs and volatile stock market make for a risky financial environment, and that opens the door for smaller companies to grab network power, he adds. “When we’re financially strapped, it makes it an opportune time to look at the players who are smaller in the market but really want to make some inroads,” he says. “It may be more risky, but it’s cheaper and more innovative. Sometimes that’s where the power is.”

Cummings is a freelance writer in North Andover, Mass. She can be reached at jocummings@comcast.net.

Previous Power story: The most powerful companiesNext Power story: Columnists select power winners

>