Rehearsals over, IPv6 hits Broadway June 6

IPv6 will go fully live on June 6. That's the date when 50-plus access networks and more than 2,500 websites -- including Google, YouTube, Facebook and Yahoo -- will turn on support for the long-anticipated upgrade to the Internet's main communications protocol and leave it on for good.

World IPv6 Launch Day is being coordinated by the Internet Society, which is promoting IPv6 as the best strategy for ensuring that the Internet continues to grow as address space becomes increasingly scarce with IPv4, the original version of the Internet Protocol.

Participants in World IPv6 Launch Day are trying to drive home the message to techies worldwide that it's time to start deploying IPv6.

"If you've been waiting to deploy IPv6, there is no reason to continue waiting," says Leslie Daigle, chief Internet technology officer with the Internet Society (ISOC). "There are customers who will view your website over IPv6 now. It isn't experimental. It's out there for real."

BACKGROUND: Leading ISPs, websites commit to June 6 start date for IPv6

Some of the largest ISPs have signed on for World IPv6 Day, including Comcast, AT&T, VerizonWireless and Time Warner here in the United States. Each has agreed to enable IPv6 for 1% of their subscribers by Wednesday.

"One percent was chosen as a metric because it is a big deal," Daigle explains. "It represents a serious commitment by the network operators to provide IPv6. In order to get to 1%, you have to have IPv6 enabled on a considerably larger percentage of your customer base because not everybody has a home router that can do IPv6 or equipment that is configured to use IPv6. To get to 1%, [one ISP executive] estimates that you have to have 10% or more of your network enabled."

Comcast met its goal of IPv6-enabling 1% of its subscribers on May 24. 

"We've launched IPv6 to a third of our network at this point," said John Brzozowski, chief architect for IPv6 and distinguished engineer with Comcast. "We will be deploying it to the rest of our network over the balance of this year and likely beyond 2012. At this point, the momentum is there for IPv6, and we are making significant strides in penetration and the number of people that have IPV6 available to them."

Equally significant is the participation by content delivery networks such as Akamai and Limelight.Akamai carries between 20% and 30% of the Internet's Web traffic on any given day, so its support of IPv6 is a boon for the new protocol. Among Akamai's customers are Apple, Lands' End, Ticketmaster and Travelocity.

World IPv6 Launch Day is designed to "send enough IPv6 traffic toward content providers to give them confidence that the big access providers are serious about IPv6 and that they should leave it on at their front doors," Daigle says.

Thousands of popular websites have agreed to permanently enable IPv6 by Wednesday. Some, including Facebook, have already turned on IPv6 in production mode. Other World IPv6 Launch Day participants include: consumer-oriented websites such as Bing and Netflix; U.S. government agencies including NASA and the Census Bureau; universities such as Indiana University and the University of Pennsylvania; and network vendors such as Cisco and Check Point.

"World IPv6 Launch Day is a lot larger than people understand," says John Curran, president and CEO of the American Registry for Internet Numbers (ARIN), which doles out IPv4 and IPv6 addresses to network operators in North America. "It's not a small decision for the major content providers to turn on IPv6 and leave it on. From now on, everything they roll out will be on IPv4 and IPv6."

Additionally, four home networking equipment manufacturers -- Cisco, D-Link, NDM Systems and ZyXel Communications -- have agreed to enable IPv6 by default on their home router products by the June 6 deadline.

"There are other home router vendors that are mostly there [with IPv6 support] but for one reason or another haven't gone through the certification process," Daigle says. "We have definitely met our mark in terms of raising awareness with the CPE equipment vendors that IPv6 is real."

Created in 1998 by the Internet Engineering Task Force, IPv6 offers an expanded addressing scheme but is not backward compatible with IPv4. While IPv4 uses 32-bit addresses and can support 4.3 billion devices connected directly to the Internet, IPv6 uses 128-bit addresses and can connect up a virtually unlimited number of devices: 2 to the 128th power.

The Internet needs IPv6 because it is running out of IPv4 address space. The free pool of unassigned IPv4 addresses expired in February 2011, and in April 2011 the Asia-Pacific region ran out of all but a few IPv4 addresses being held in reserve for startups. The European registry is expected to deplete its supply of IPv4 addresses in August, and ARIN next summer.

Network and website operators have two choices when it comes to IPv6: They can either support both protocols in what's called dual-stack mode, or translate between IPv4 and IPv6. Until now, most have been unwilling to make the upgrades required to support IPv6 because IPv6 traffic has been so scarce.

That's expected to change after June 6, when IPv6 traffic is expected to surge. While the most recent estimates are that IPv6 represents less than 0.5% of all Internet traffic, participants in World IPv6 Launch Day are hoping to drive IPv6 up to 1% or more of Internet traffic.

BACKGROUND: Lack of IPv6 traffic stats makes judging progress difficult

"One [college] campus expects that on June 6, 50% percent of its network traffic will be IPv6 because its top four most-visited sites are participating in World IPv6 Launch Day," Daigle says. "It might surprise some enterprises how much IPv6 traffic they will see if their users are going to Google, Facebook or Yahoo."

The anticipated surge of IPv6 traffic after June 6 is expected to bring new security threats along with it.

In February, Arbor Networks reported the first-ever IPv6-based distributed denial-of-service attacks. While IPv6 security incidents remain rare, experts predict that as more Internet traffic flows over IPv6, DDoS attacks, malware and other threats will follow.

Experts say enterprise network managers should upgrade their DDoS detection, intrusion protection and deep packet inspection systems to support IPv6.

"It's time for the enterprise to make sure that their security devices are IPv6-enabled, that they have the ability to look at IPv6 traffic and to create rules for it and do intrusion detection," advises Bob Hinden, one of the creators of IPv6 and a Check Point fellow. "Most host operating systems -- Windows Vista, 7, Mac OS, Linux, IOS and Android -- all have IPv6 in them. Even though they may not think they have IPv6 turned on, there might be tunneled traffic coming from outside their enterprise. It's important that the enterprise know what's going on with IPv6 in their network."

Read more about lan and wan in Network World's LAN & WAN section.

Read more »

Cerf: IPv6 'launch' was 20 years in the making

The official World IPv6 Launch event, which began at 8 p.m. EDT yesterday, passed with little if any attention from the typical Internet user. For some in the Internet engineering community, however, the day marked the culmination of two decades' worth of work.

SLIDESHOW: Why the Internet needs IPv6

"For some of us, it's been 20 years since we began working on next-generation IPNG, which ultimately became IPv6," says Google chief Internet evangelist Vint Cerf, who created a fully dual-stacked IPv4/IPv6 network for the National Science Foundation as long ago as 1995.

Work on the IPv6 project has quickened substantially in recent years, and the success of last year's IPv6 test day proved an encouraging prelude to yesterday's nearly trouble-free endeavor.

Nevertheless, there's still a lot of work to be done, according to Cerf. One of the key advantages of IPv6 is its ability to provide direct point-to-point connectivity, rather than routing everything through central intermediaries.

"A phone call, for example, has the property that when you dial a number, the guy at the other end's phone rings. You don't have to go to a rendezvous point, you don't have to have logged in, you don't have to do any of the things we do today with chat and things like that," he says. "With IPv6, we are going to reinvent the IPv4 system as it was when it was first designed and built, where anybody could initiate a connection to anybody else, as opposed to going through some intermediary or going through a Webserver."

The concept of the "Internet of things," according to Cerf, is another one that IPv6 will enable, and he hasn't been slow to embrace it himself.

"I'm running a v6 network in my house right now that's monitoring the state of temperature, humidity and light levels in every room in the house every five minutes and then storing that data in a server down in the basement. ... That data now gives me very, very good engineering information about how well the heating, ventilation and air-conditioning systems work all year round," he says.

Cerf says that IPv6 usage should grow quickly moving forward.

"I hope over the course of the next six months that we'll get a better sense of how rapidly the capability spreads. Most of the time, the edge devices [routers and switches] already have [IPv6] capability, it's just that the ISPs haven't turned it on," he says.

Email Jon Gold at jgold@nww.com and follow him on Twitter at @NWWJonGold.

Read more »

Top-Level Domain Name Grab: ICANN Reveals Results

From .app to .blog and .google to .windows, corporations are staking their claims on a new set of top-level domain names, which will be issued by the Internet Corporation for Assigned Names and Numbers (ICANN).

On Wednesday, ICANN released the full list of top-level domain names for which it's received applications. On the list of 1930 applications are lots of huge companies, staking claims on domain extensions such as .visa, .toyota, and .mcdonalds.

Companies are also seeking control of generic terms, such as .hotel, .pizza and .football--in some cases with multiple companies vying for the same domain. If these companies can't settle on who gets what, ICANN will ultimately have to decide through a set of string contention procedures.

Not surprisingly, major Internet companies are among the biggest applicants for the new top-level domains. Google, for instance, seeks more than 101 top-level domains including .android, .youtube and .search. Amazon wants to claim 76 domains for its own, including .amazon, .kindle and .video. Apple has only applied for one top-level domain: .apple.

What's the point of having your own top-level domain? As Forbes reports, companies may want to use these extensions for security or promotional purposes. For instance, a bank could tell customers to look for the company's name at the end of a URL to know they're in the right place. A consumer brand such as Nike could host user-generated pages under its own top-level domain, so brand loyalists could have simple, Nike-branded fitness pages to call their own.

But not everyone is convinced this is a good idea. Matt Ingram, writing for GigaOM, calls the process a “train wreck” that will cause unnecessary chaos. He notes that companies will have to spend time and effort (not to mention money, at $185,000 per domain application) just to acquire any name that might be associated with their business. The new domains could also create conflicts if ICANN hands out generic terms to specific companies. For instance, Ingram argues, Amazon could theoretically control who gets to use .book in their URLs.

For average Internet users, though, the real issue might be familiarity. Today, most companies stick with .com, .net or .org. Even the rare exceptions that already exist, such as .biz and .co, cause confusion. (Quick, how many Websites do you know of that use either extension?) Looking at the full list of applied-for names, it's hard not to feel overwhelmed by all the possibilities.

In any case, the expansion of top-level domains is inevitable, as ICANN plans to bring the first batch online in early 2013, The Guardian reports. Ultimately, it will be up to the applicants to use them in useful, memorable ways--not as Internet vanity plates.

Follow Jared on Twitter, Facebook or Google+ for even more tech news and commentary.

Read more »

Oracle buys Xsigo for software-defined networking

Oracle said Monday it has inked a deal to buy software-defined networking vendor Xsigo Systems, in a move that will support Oracle's ongoing foray into cloud computing. Terms of the acquisition, which is expected to close within a few months, were not disclosed.

The announcement comes a week after VMWare said it would buy Xsigo competitor Nicira for US$1.26 billion.

Software-defined networking has become one of the hottest topics in the networking industry of late.

Xsigo's technology can create virtualized pools of networking capacity, allowing resources to be delivered dynamically according to computing needs, and used much more efficiently, according to its website.

Its customers include Verizon, Softbank and British Telecom.

Xsigo's tools will be combined with Oracle's Oracle VM server virtualization technology, according to a statement.

This year, Oracle began moving aggressively into cloud computing with a public cloud service that will deliver on-demand business applications as well as a Java PaaS (platform as a service) and cloud database.

Oracle's approach to cloud computing relies heavily on virtualization. While the Xsigo acquisition seems focused on increasing performance and cost savings within Oracle's data centers, the vendor is also seeking to use virtualization as a point of differentiation.

For example, Oracle CEO Larry Ellison [cq] has criticized the multitenant software architectures used by many cloud vendors, which allow a number of customers to share a single application instance.

On Oracle's cloud, applications get their own virtual machines, both for more flexibility over upgrades and for additional security, Ellison said during an event earlier this year. "Modern virtual technology is how we offer safety."

Chris Kanaracus covers enterprise software and general technology breaking news for The IDG News Service. Chris's e-mail address is Chris_Kanaracus@idg.com

Read more »

HP aims three-part effort at network virtualization

Hewlett-Packard is readying three new software capabilities that are designed to help enterprises pool their computing and storage resources across a network.

The advances should make it easier for IT departments to link data centers spread around the world, shield multiple tenants' virtual machines from each other and control storage from virtualized appliances.

HP is adding the features to its HP Converged Infrastructure arsenal, which is part of the company's SDN (software-defined networking) strategy, according to Kash Shaikh, director of marketing for HP Networking. In at least one case, it's positioning the technology directly against products from Cisco Systems, which is its main rival as SDN takes shape.

To combine geographically dispersed data centers into a virtual whole so data and virtual machines can be moved among them, HP plans to introduce later this year its HP EVI (Ethernet Virtual Interconnect) software. EVI will take what has been a complex, months-long project and reduce it to a "single touch" task that takes just minutes, Shaikh said. EVI is a feature coming to HP's 12500 Switch Series that will ship on future switches and be available free to current customers. It can link as many as eight data centers.

Moving VMs across a data center requires switched Layer 2 networking, but most wide-area networks use Layer 3 routing. To overcome this barrier, EVI creates a tunnel through the Layer 3 network by encapsulating the packets traveling between the data centers, Shaikh said. Rival Cisco already has software that can do this, called OTV (Overlay Transport Virtualization), but it charges extra for that software, Shaikh said.

Another software enhancement to the 12500 switch, called MDC (Multitenant Device Context), allows for segregating the resources of multiple tenants in a virtualized environment without buying separate switches. This secures the data and applications of one department or cloud service customer from other tenants.

It's possible to do this now, but it typically requires a separate physical switch for each tenant, Shaikh said. Other methods, such as multiple virtual LANs, don't guarantee the security that's needed, he said.

MDC can create separate logical switches within a 12500 switch, each dedicated to one tenant. The switches are completely isolated from each other, according to Shaikh. This has the same effect as setting up separate switches but reduces hardware cost and complexity, he said. MDC also works with EVI, so multiple tenants can take advantage of resources across many data centers, he said.

HP is also set to release a new product next month, called StoreVirtual VSA, for virtualizing storage management. The software is based on VSA (virtual storage appliance) technology from LeftHand Networks, which HP acquired in 2008.

VSA puts the functions of a physical storage appliance into a VM, allowing users to manage storage volumes without dedicated hardware that takes up space and power. The virtual appliance and the volume it manages appear to an administrator like a physical storage node. StoreVirtual VSA can run on any x86-based server platform and work with a mix of VMware and Hyper-V hypervisors. That cross-vendor capability sets it apart from other products on the market, said Dale Degen, SAN marketing manager for HP Storage.

The idea behind the StoreVirtual software is to bring the benefits of virtualization, including flexibility and cost and power savings, to storage management. It includes features for resiliency and can work with information-protection tools, according to HP. Virtualizing these capabilities can cut costs and power consumption significantly, the company says. LeftHand originally aimed this technology at remote offices and small and medium-sized businesses, but it's becoming attractive to larger organizations too, according to Degen.

At this point, StoreVirtual VSA is intended mainly for direct-attached storage, Degen said. But he sees the launch of the product, which is due to ship in September starting at US$700 per license, as a coming-of-age moment for the LeftHand technology. HP will continue to invest in the product and is working on additional features for higher capacity and performance, he said.

Stephen Lawson covers mobile, storage and networking technologies for The IDG News Service. Follow Stephen on Twitter at @sdlawsonmedia. Stephen's e-mail address is stephen_lawson@idg.com

Read more »

AT&T suffers DNS outage

Some AT&T customers are being affected by a failure in the carrier's DNS (Domain Name System) servers that began Wednesday morning.

Initial reports indicate the failure is hitting companies across the U.S., but few details are immediately available.

"We are currently experiencing DNS issues which could affect DMS (Digital Media Solutions) clients who also host their DNS with ATT," the carrier said in a short message posted to a service status on its Managed Services website. "Our Network Operations team is aware of the problem and is working the issue."

"Our highest level of technical support personnel have been engaged and are working to mitigate the issue," AT&T said.

The status message said there is "no estimated time" for restoring the service.

AT&T did not respond to several requests for comment.

DNS is responsible for converting human-friendly domain names into the numeric IP (Internet protocol) addresses that computers use to route data. When it fails, computers are unable to route data to its intended destination, even though the destination server remains online and accessible.

"We got our first report of problems at 6:31am Pacific time," said Daniel Blackmon, director of software development, at Worldwide Environmental Products. The company tests vehicle emissions and has remote units deployed that report back to central servers.

"The problems mean none of the equipment we have in the field can contact our servers, and there is a limit to the amount of information they can hold offline."

(More to come)

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news forThe IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address ismartyn_williams@idg.com

Read more »

Cisco revenue inched up in Q4

Cisco Systems posted a small sales gain of 4 percent and a larger boost in profit for its fiscal fourth quarter on Wednesday.

The company's revenue hit US$11.7 billion for the quarter ended July 12, up 4 percent from a year earlier. Its net income rose 56 percent from the year-earlier quarter, to $1.9 billion. Cisco earned $0.36 per share.

Economic woes in Europe continue to weigh on the global outlook for the tech industry, Chairman and CEO John Chambers said on a conference call to discuss the results. Cisco's unit orders for Europe, the Middle East and Africa fell 6 percent in the fourth quarter.

"It will be as tough as you're hearing" in Europe, Chambers said. Among other factors, the major European service providers don't expect to make major capital expenditures in the second half of this year, he said.

Cisco said it did see some signs of growth in the U.S., though those might not signal a continuing trend, Chambers said.

Revenue from Cisco's core businesses of switching and routing was relatively flat overall, and its collaboration business saw an 8 percent decline, led by falling Telepresence videoconferencing revenue. Strong points included the Unified Computing System server platform, which saw order growth of 58 percent, and wireless, with revenue up 22 percent. Service-provider rollouts of Wi-Fi hotspots are now in full swing, helping to drive wireless growth, Chambers said.

Chambers said Cisco is still committed to its partnership with VMware and EMC despite VMware's recent acquisition of SDN (software-defined networking) startup Nicira. The company has long experience at partnering with competing vendors, he said. In the so-called VCE partnership, EMC contributes storage and VMware provides virtualization software for combined data-center packages.

"I think you'll see us work this out," Chambers said.

"We fully will control our own destiny, not to be dependent on anyone in terms of our long-term strategy, although strategic partnerships must be a part of achieving that strategy," he said.

Cisco is well-positioned to compete in network virtualization because it will require more than software, Chambers said. Cisco's strength in network hardware will play a key role, he said.

"We think it's going to be ASICs, hardware and software combined," Chambers said, referring to the application-specific integrated circuits Cisco makes for many of its switches and routers.

Cisco is continuing to adjust its organization and product lines even after carrying out a broad reorganization announced last year, which cut $1 billion of annual expenses and more than 12,000 jobs. In May, the company killed its Cius tablet, and just last week it announced the elimination of about 1,300 more positions.

Cisco faces numerous challenges to go with its wide-ranging product portfolio. One of the largest is the transformation many observers expect with SDN, which may leave some of Cisco's equipment out of the loop. During the quarter, the company announced its own network programmability architecture, called Cisco Open Network Environment. And just last week, the company disclosed it is developing a new, low-latency data-center switch, the Nexus 3500, probably aimed at rivals using Infiniband.

Not counting one-time items, the company recorded earnings per share in the quarter of $0.47, just over the $0.46 forecast by analysts surveyed by Thomson Reuters. Quarterly revenue also slightly beat analysts' expectations of $11.7 billion.

For the current quarter, Cisco forecast year-over-year revenue growth of between 2 percent and 4 percent, and earnings per share growth of 45 percent to 47 percent. That forecast excluded the company's recently completed $5 billion acquisition of video software vendor NDS Group.

For the full 2012 fiscal year, Cisco reported revenue of $46.1 billion, up 7 percent from fiscal 2011, and earnings per share of $1.49, up 27 percent from 2011.

Also on Wednesday, Cisco announced a new capital allocation strategy that includes increasing its quarterly dividend by 75 percent to 14 cents per share. The company committed itself to returning 50 percent of its free cash flow to shareholders in the form of dividends and stock repurchases.

Read more »

Intel's Vision For a Wireless Future Could Be Bunny Ear PCs

At the Intel Developer Forum, there is one must-see keynote that many attendees unfortunately miss because it comes last. This keynote, by Intel CTO Justin Rattner, whose taste of whimsy makes his presentations more memorable than most, gives us a glimpse of what's coming soon from Intel Labs.

This wasn't always the case. About a decade ago, these presentations tended to promise the impossible. This point hit home when Rattner, wearing psychic headgear that moved artificial ears according to mood, opened with a video showcasing a decade-old keynote given by his predecessor, Pat Gelsinger, now CEO of VMware.

What Gelsinger promised-and Intel is, a decade later, planning to deliver-is the first analog radio built from digital technology. The engineers watching that keynote in the early 2000s thought that was impossible and, likely came close to a coronary upon seeing Gelsinger's promise, but they developed it anyway.

This advancement is now a cornerstone of Intel's wireless future and will be key to the company's capability to compete with long-time digital radio makers for future smartphones, tablets and other small, connected devices from sensors to micro robotics. Let's explore this unwired future.

Digital Analog Radios Coming to a Smartphone Near You?

Ratter demonstrated the first true digital analog radio, which could break an existing innovation barrier: analog doesn't scale down well. According to Intel, once you shrink under 100 nanometers, performance drops off a cliff and the technology becomes nonviable.

IDF News: Intel Works to Extend Mobile Device Battery Life By Solving Radio Problems

IDF News: Intel's New Itanium Chip, Poulson, to Launch Later This Year

This is very different than digital technology, which becomes cheaper and faster as it shrinks, until the limits of Moore's Law are reached. Digital's innovation curve has given us devices that have increased in performance massively while at the same time dropping in price sharply. The analog limit, on the other hand, has us bottlenecked on bandwidth at the moment. It's the reason we are seeing throttling and other problems associated with network capacity limits.

By going back to scratch and basically reinventing the analog radio around digital technology, Intel can demonstrate an analog radio that scales according to digital rules. While it performs in line with its analog counterpart, it can now scale and improve with the rest of the system. Critically, it can also be built into the same chip with other digital components, which paves the way for the same dramatic improvements in performance and cost reductions. This is Intel's key weapon as it moves into smartphones-and it significantly increases the probability that your future smartphone will have Intel inside.

Intel Shows Off Wireless Monitor Connections, Biometric Security

One of the biggest problems associated with the new class of thin ultrabooks and smartphones is ports. The size of the port often limits just how thin the device can be made, and the resulting cable-which you have to carry and, let's be honest, often forget-greatly contributes to problems associated with ease of use.

Rattner showcased WiGig, which allows a device to generate a wireless gigabit stream that's subsequently received by a projector, monitor(s) or TV. Not only does this eliminate of a socket and cable, but it's a massive improvement in terms of being able to connect these devices in the home and at your desk. While Intel isn't alone here-this is a standard effort-it does suggest that VGA, HDMI and DVID cables and sockets could be made obsolete within the next two years.

IDF News: Intel's Perlmutter Eyes Thinner Laptops for Haswell Chips IDF News: Intel Hopes to Double Ultrabook Battery Life with Haswell Chip

Meanwhile, we have been arguing that passwords are not secure enough since the 1970s, yet there's no widely deployed alternative. Fingerprint readers come closest, but they've proven to be unreliable and difficult to use, and, while they can log you in, they don't track when you leave.

This week, Intel showcased a palm scanner that can read your hand from a distance and reportedly connect more quickly and more securely than most fingerprint readers. Coupled with a second sensor such as an accelerometer in a tablet, you get quick and easy security and a product that locks up whenever the user walks away.

Authentication occurs at the device level; then the device validates that the user is who he represents himself to be. No passwords are used in the process. This makes authentication faster, easier, more reliable, far more secure-and wireless.

Intel: Imagining the Future of Wireless Power

Intel is also in the midst of an aggressive effort to broadcast power to a device. While this wireless charging effort isn't as far along-it's due in 2014-combined with Intel's other work it promises a future where you don't have to carry cables, remember passwords, worry about someone stealing your digital stuff or think about battery life. In such a world, your devices know who you are; access is automatic, instant, and secure, and the only thing you worry about is getting the job done. Simply put, the technology just works.

News: Consortium Working on Wireless Laptop Charging Specification

This will force us to rethink the fundamental designs of these devices. If you don't have to physically connect a device to anything, then it could be anything built into a case, an article of clothing or any other object you might carry but never actually put on a desk. This path suggests that the PCs of the future may not be seen or heard but will still be wherever you are. In fact, they may look more like the bunny ears that Rattner wore on stage than any of us are willing to admit now.

Rob Enderle is president and principal analyst of the Enderle Group. Previously, he was the Senior Research Fellow for Forrester Research and the Giga Information Group. Prior to that he worked for IBM and held positions in Internal Audit, Competitive Analysis, Marketing, Finance and Security. Currently, Enderle writes on emerging technology, security and Linux for a variety of publications and appears on national news TV shows that include CNBC, FOX, Bloomberg and NPR.

Follow everything from CIO.com on Twitter @CIOonline, on Facebook, and on Google +.

Read more »

vCloud vs. vSphere: VMware explains security changes

In unveiling its VCloud suite at its annual conference this week, VMware took pains to explain how the security model for it differs significantly from that of its existing vSphere cloud computing virtualization operating system both in terms of functionality and naming conventions.

VMWORLD 2012: VMware declares death to vRAM pricing

SLIDESHOW: Hottest products from VMworld 2012 

VMware's foundation security technology up until now has been called vShield, and it's basically a technical approach in vSphere that involves a set of APIs (typically for an extra fee charged) in its Edge and App data-center products to support agentless use of third-party security products. The vShield model also includes VMware's native security, such as its firewall functionality, that can be used in vSphere.

The vCloud suite, expected to ship next month, will include vSphere as part of three basic vCloud software types, says Jonathan Gohstand, director of product marketing for networking and security. And it will include vDirector management, too. But VMware is stepping away from using the vShield moniker, preferring to call it "vCloud Networking and Security," or VCNS.

In addition, what has been called vShield Endpoint (the API from VMware that has been used to support agentless anti-malware scanning with third-party software products, for example), is being pushed directly into the hypervisor, and there will no longer be a separate API fee charged for using this, Gohstand says.

VCloud's VCNS as a whole is going to be discussed more in terms of capabilities intended for standard use or high-availability, which would include failover, he points out. VCNS is also encompassing software-based networking such as vxLAN, introduced by Cisco and VMware last year. But it does not yet include any components that might later be made available through the Nicera acquisition concluded by VMware just last week, Gohstand emphasizes.

The vShield APIs in vSphere have sought to define agentless use of security technologies because agent-based software in a virtualized environment can lead to performance issues such as the well-known "anti-virus storms" when agent-based software kicks off a scanning process that proves to be overwhelming . VMware's vShield agentless architecture is designed to lessen the load in that process by assigning the third-party security software a separate place as a security module that can link into tiny hooks to conduct a scan on data.

Several vendors, including McAfee, have sought to convince VMware to expand its APIs to go beyond agentless since there are times when agent-based software is said to be more effective, especially with malware isolation and removal.

Gohstand acknowledges these concerns, and though he says VMware expects to continue with its agentless approach in APIs because it does see the "demand for offloading" the security function, he adds that VMware recognizes there "could be a hybrid" approach in which both agentless and agent-based capabilities would be supported in third-party software.

The VCNS APIs are going to be broadened in the future. Gohstand also says that VMware is taking a more open approach to working with third-party security vendors to ensure their products work in the VMware security model with vCloud. Until now, VMware has worked primarily in a tight ecosystem in which it chose security-industry partners (such as Trend Micro) very selectively to work on technical issues. But now VMware anticipates a less constricted approach with security vendors in getting products to support VCNS in vCloud.

"The doors are opened," Gohstand says. He says the idea is that security vendors should be able to more easily create software to support VCNS APIs. VMware will be keeping an eye on this based on the willingness of vendors to join the VMReady software developer program for networking and security, take mandatory training and submit products for automated testing.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com.

Read more »

Dell: SDN won't turn enterprise switches into commodity gear for 3-5 years

Software-defined networking won't turn enterprise switches into an inexpensive commodity until three to five years from now, according to Arpit Joshipura, the former Force10 Networks executive who now manages Dell's networking products.

The original promise of SDN (software-defined networking), which puts most higher-level network functions into software, was to make switches into mere forwarding engines that may be interchangeable and cost far less than they do now, said Joshipura, head of product management and marketing at Dell Networking, at a press briefing on Thursday.

"Three years ago, the big driver of SDN was, 'If I do this, I'll get $1,000 switches,'" Joshipura said. However, cheaper gear isn't the current payoff for those deploying SDN, because most implementations will remain in hybrid networks with traditional gear for a long time, he said.

"For the next three to five years, until we get to mainstream SDN, cost is not the primary driver of SDN," Joshipura said.

Today's enterprise switches need to make many decisions on their own, which requires they be equipped with sophisticated, expensive ASICs (application-specific integrated circuits). SDN is designed to eventually put all network decision-making in controllers, which can be implemented in software and run on standard x86 servers. Easier data-center management and new network capabilities are also seen as eventual benefits of SDN.

However, most organizations will migrate to SDN over a long period while holding on to their investments in traditional gear, Joshipura believes. In fact, SDN has barely cracked live deployment so far, being implemented primarily in higher education and in Web companies, he said. Mainstream enterprise adoption will require more enhancements and standardization. "Slowly logic moves out from the switch into a controller," Joshipura said.

IT shops will see benefits along the way, Joshipura said. Most importantly, controllers will make it be easier to provision switches, he said.

Though Dell originally built its business on standardized, price-driven products, namely PCs, it now may have something to fear from commoditization. More than half of the company's business now is based on its own intellectual property, according to Joshipura. Through a series of acquisitions, including its buyout of high-end networking vendor Force10 last year, Dell is now going up against broad-based giants such as Cisco Systems, Hewlett-Packard and IBM to supply all the elements of a data center.

When switches do become cheap commodities, Dell has a plan for remaining relevant in that new world of networking, Joshipura said. It wants to extend SDN beyond its current realm to give organizations more flexibility and management capabilities.

Today, through the emerging OpenFlow protocol, SDN has only been standardized between a controller and the so-called data plane, where switches forward packets, he said. Dell wants to offer APIs that reach all the way up to the hypervisor. It plans to optimize its software for the key hypervisors, including VMware's ESX and Microsoft's Hyper-V as well as the open-source OpenStack framework, while remaining hypervisor-agnostic, Joshipura said.

"If you can do that, where you can simplistically connect any of these hypervisors ... into any controller and any switch, now you have the makings of a software-defined network," Joshipura said. If organizations move from ESX to Hyper-V or OpenStack, they will be able to stay with Dell, he said. "Let the giants fight. We will keep our customer value and our secret sauce here," Joshipura said.

Joshipura played up the benefits of Dell's acquisition of Force10. Since the deal closed about a year ago, Dell Networking has increased its investment and workforce in R&D by one-and-a-half times, he said. Just within the former Force10 group, which serves large enterprises, R&D has grown from 400 to 650 employees, he said.

Dell Networking also includes the PowerConnect line, aimed more at smaller customers. Revenue for the whole networking group went up 94 percent from a year earlier. Meanwhile, the division has doubled its force of networking sales specialists.

Also since the acquisition, the Force10 business has doubled its customer base from the approximately 1,400 it had on its own, Joshipura said.

Read more »

Dell joins the ranks of systems pre-configured for VDI

Dell and VMware announced a partnership this week through which the two companies will sell a bundled system with server, network and storage components in support of virtual desktop infrastructure (VDI).

Dell's new vStart for VDI is based on VMware's View 5.1 VDI software and Citrix XenDesktop 5.6. The rack-mountable hardware bundle is validated in various capacity configurations, depending on the size of the business.

Additionally, plug-ins are available for both VMware and Microsoft Hyper-V configurations.

On the hardware side, the vStart for VDI includes Dell's new 12th generation PowerEdge servers, as well as Dell Compellent and EqualLogic storage and Dell Force10 networking.

There are four configurations or models: the vStart 1000 for enterprises and the vStart 200, vStart 100 and vStart 50 for smaller companies. Currently, only the vStart 1000 for mid-sized firms and the vStart 50, for small- and medium-sized companies are shipping.

The vStart 50 is for organizations with up to 300 users. The vStart 1000 is for mid-market enterprises with up to 4,000 users.

Dell's vStart for VDI 1000

The configuration for vStart for VDI 50 includes a PowerEdge 710 server, a PowerConnect switch and optional EqualLogic storage. The configuration for vStart for VDI 1000, which is designed for enterprises that want to create private clouds and host mission-critical applications, includes a PowerEdge 710 server or servers, a Force10 switch and Compellent storage.

Dell's vStart also uses its Wyse P20 zero client for VMware View and the new, high performance Dell Wyse Z50D thin client. The Dell Wyse P20 zero client for VMware View provides graphics performance for CAD and other high-end worker-level office productivity applications. The Dell Wyse Z50D thin client offers a user interface for processor-intensive applications such as HD video and 3D modeling.

VMware's View allows IT administrators to create a single desktop image gold master, which is used as a base image for groups of desktops. The gold images include the OS and applications to be used by the desktops. With a gold master image of all desktops, less storage is needed for redundant OS and application instances.

The market for private cloud-style systems in support of VDI has grown significantly over the past three years. Some are products bundled together by one or more vendor, while others are purpose-built appliances.

For example, EMC, Hewlett-Packard and NetApp, have entered into agreements with server, software and networking vendors to offer bundled products.

In 2009, through its Virtual Computing Alliance (VCE), EMC began offering a bundled product called Vblock. Vblock integrates Cisco's Unified Computing System (UCS) servers and networking switches with EMC storage arrays and VMware vSphere hypervisor software for public and private cloud services.

Earlier this month, SimpliVity emerged from its development stage to reveal its OmniCube. The OmniCube is a 2U (3.5-in. high) array that comes standard with eight 3TB hard disk drives and four 250GB solid-state drives (SSDs), which act as accelerators for hot data, such as OLTP databases or VDI environments. The number of hard drives versus SSDs can be adjusted, depending on performance or capacity needs.

Earlier this week, Scale Computing revealed its HC3 "datacenter-in-a-box" for mid-sized companies.

Market research firm Gartner frequently recommends that its clients use standardized vendor offerings for virtual desktop workloads, according to Chris Wolf, a research vice president.

"That approach takes all of the guesswork out of the architecture," he said in an email response to questions from Computerworld. "Virtual desktops are a unique workload with different performance and storage I/O profiles, compared to typical server application workloads. In addition, organizations need to deploy new data center infrastructure for desktop virtualization projects. Because they have a clean slate, they are able to start with a proven architecture."

Appliance solutions are often ideal for smaller scale deployments such as with small businesses or branch offices. They don't require a SAN and offer great performance. Both approaches such as vBlock and virtual desktop appliances have their place in the industry.

"Customers are increasingly turning to cloud client computing technologies to solve their business challenges," Tarkan Maner, general manager of Cloud Client Computing at Dell, said in a statement. "...Through our strategic relationship with VMware, we have devised a number of turnkey VMware View configurations, reference architectures and incentives to provide our joint partners with the tools needed to rapidly provide enhanced value to customers and prospects in the mid-market segment."

The vStart 1000 is available in configurations for either Microsoft Hyper-V or VMware vSphere, and can have eight, 16, 24 or 32 blades. The configuration is managed with Dell Management Software, which provides IT asset provisioning and audit reports.

Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and health care IT for Computerworld. Follow Lucas on Twitter at @lucasmearian or subscribe to Lucas's RSS feed. His e-mail address is lmearian@computerworld.com.

Read more »

VMware will integrate Intel's TXT security tech into vSphere 5.1

The latest version of VMware's vSphere cloud platform will integrate Intel's trusted execution technology (TXT), a Xeon server feature that provides a new layer of hardware-based security.

MORE VMWORLD: VMworld 2012: New VMware Horizon Suite delivers apps, data to any device

SLIDESHOW: Hottest VMworld products 

Intel cloud infrastructure group general manager Jason Waxman said in a statement that the move will help address key cloud security threats.

"Intel TXT provides hardware enforcement to help overcome some of the most challenging aspects of cloud security, including detection and prevention of BIOS attacks and evolving forms of stealthy malware, such as rootkits," he says.

TXT-equipped servers running vSphere 5.1 will be better able to meet compliance requirements and can even provide improvements in efficiency by allowing IT departments to swap VMs among "known good" pools of trusted servers, according to Intel.

The company also announced that it has already made sample and reference architectures available via its Intel Cloud Builders program, providing blueprints for companies eager to maintain a high degree of security while automating and improving their cloud-based infrastructure.

There has been no shortage of new partnership announcements at this year's VMworld conference, currently being held in San Francisco. Major systems companies like Dell and HP, network management providers like F5, and a host of other businesses have showcased their cloud readiness at the event.

Even so, Intel's announcement could prove particularly important in the future - security continues to be a key concern for IT departments transitioning to a more cloud-dependent model. The company said that its recent survey of IT professionals found 61% concerned about the issue.

Email Jon Gold at jgold@nww.com and follow him on Twitter at @NWWJonGold.

Read more »

How VMware Plans to Conquer More of the Data Center

COMPANY: VMware

HEADQUARTERS: Palo Alto, Calif.

EMPLOYEES: 11,000

2011 REVENUE: $3.77 billion

CEO: Pat Gelsinger (as of Sept. 1)

WHAT THEY DO: VMware provides virtualization and virtualization-based cloud infrastructure software designed to help organizations streamline the way they build, deliver and use IT. In July, VMware acquired Nicira, whose OpenFlow technology will be folded into VMware's portfolio of virtual networking software.

The Pitch

VMware has helped so many businesses virtualize their servers that now the company wants to help them virtualize entire data centers.

Virtualization helps organizations cut hardware and power costs while gaining greater flexibility, and VMware has captured the lion's share of this server virtualization market. So now the company wants to virtualize other aspects of IT operations, such as storage, networking and support for client devices. VMware's vision is to tie all of these resources together to create "fully virtual data centers," says Steve Herrod, VMware's CTO.

"By having all the major pieces controlled by software, the software-defined data center can be used to provision all enterprises services on demand," Herrod says. Such an architecture, in theory, would require fewer machines and fewer support personnel. It would also allow organizations to respond faster to changing market conditions.

The Catch

The software-driven data center looks promising for VMware. "The whole idea of the enterprise data center is being rethought and moved into the cloud," says Gary Chen, an analyst at IDC (a unit of CIO's parent company).

Beyond server virtualization, though, VMware is in uncharted waters. As CIOs broaden the scope of virtualization, they'll need management tools to automate and watch over their virtual resources, only some of which may be VMware's, says Carl Brooks, an analyst at 451 Research. "That is a very different proposition than providing a hypervisor," Brooks says.

VMware's vCloud management tool may excel at managing VMware cloud deployments, but IT organizations will want a single console to deal with both VMware and non-VMware resources. This is why the company's acquisition of DynamicOps in July was a key development; DynamicOps's software can manage both VMware-based clouds and alternatives such as Amazon's cloud.

Also, the audience for virtual data centers may be limited, given that VMware requires organizations to use x86 hardware. It will take some time for many organizations to move mission-critical applications to x86 hardware, says Charles King, lead analyst at Pund-IT.

Nor are all enterprises gung-ho to virtualize every aspect of their data centers, King adds. "The cost of failure, especially for large enterprises, typically outweighs the benefits of wholly virtualized environments, so it makes sense for organizations to support those processes and applications with dedicated mission-critical systems," King says.

The Score

Despite potent competitors such as Microsoft and Citrix, VMware still leads the way in enterprise virtualization--a springboard for providing cloud services. "The virtualization vendor best-suited to enable that market evolution is VMware," King says.

Although VMware itself doesn't offer a public cloud service, more than 100 third-party hosting providers now use the company's vCloud management package for their own cloud services. According to VMware, those cloud services are used by 350,000 customers in 24 countries.

"We want to offer a lot more choice in regions and types of clouds," Herrod says. "It's about developing a large ecosystem of public clouds."

Read more »

Apple iPhone 5 incompatible with UK 4G networks launching 2013

4G spectrum being auctioned by Ofcom later this year won't work with the iPhone 5 – but EE network, due in October, will be compatible

The version of the iPhone 5 being launched in the UK will work only with 2100MHz, 1800MHz and 850MHz

Ofcom's plans for 4G are at odds with the specification of the iPhone 5, which means it won't work on super-fast networks launching in 2013.

With EE soon to launch the UK's first 4G mobile broadband network, Apple has confirmed that the new iPhone 5 will work on its network. However, the specification of the iPhone 5 means that it won't work with other 4G networks due to launch in 2013.

In July Ofcom announced plans to auction 4G spectrum to mobile phone operators with the process due to begin later this year. At the time the communications regulator said it would be auctioning two bands of spectrum, 800MHz and 2.6GHz.

The version of the iPhone 5 being launched in the UK will work only with 2100MHz, 1800MHz and 850MHz. This means it will work with EE's 4G network, but not with the 4G being auctioned by Ofcom. An Ofcom spokesperson confirmed that the iPhone would not be compatible.

This could mean that EE's rival networks, including O2 and Vodafone, won't be able to offer 4G for the iPhone 5.

Read more »

Google blocked Acer smartphone on Android incompatibility concerns

Acer abruptly canceled a launch of a new smartphone in China on Thursday, without clearly saying why

IDG News Service - Google responded to allegations it stopped the launch of a new Acer smartphone in China, by stating that the handset's Chinese-developed mobile OS was "apparently derived" from Android, but still not fully compatible with the Android ecosystem and its apps.

Taiwanese PC maker Acer was originally scheduled to launch a new smartphone on Thursday that was to use the Aliyun OS, a Linux-based mobile operating system developed by a subsidiary of Chinese e-commerce giant Alibaba Group. But the launch event for the device was abruptly canceled, with no clear word from Acer on why.

Alibaba, however, quickly responded and alleged that Google had threatened to revoke Acer's license to use Android if it went ahead with the launch of the Aliyun OS smartphone.

Google initially declined to comment on the matter. But on Saturday, Andy Rubin, head of the company's Android development team, addressed some of the controversy in a blog post and also on his Google+ page. He alleged the Aliyun OS was based on Android, but incompatible with the Android ecosystem.

The Google led Open Handset Alliance, of which Acer is a member, is meant to promote the development of Android. Members are restricted from building handsets that use incompatible versions of Android.

"While Android remains free for anyone to use as they would like, only Android compatible devices benefit from the full Android ecosystem," Rubin wrote. "By joining the Open Handset Alliance, each member contributes to and builds one Android platform -- not a bunch of incompatible versions."

A Google spokesman also confirmed that the company did indeed alert Acer that it was launching a phone using an allegedly incompatible version of Android. But the spokesman declined to offer specifics and if Google threatened to revoke Acer's license to use Android.

In response to Rubin's statements, Alibaba Group spokesman John Spelich said in an email it was ironic Google talked about openness, but still promoted a closed system with its Android OS.

"Aliyun OS is not part of the Android ecosystem, so of course Aliyun OS is not, and does not have to be, compatible with Android," he said. "This is like saying that because they own the Googleplex in Mountain View, therefore anyone who builds in Mountain View is part of the Googleplex. Will someone please ask Google to define Android?"

The Aliyun OS was launched last year, but currently is only being used on phones from two Chinese handset vendors, Tianyu and Haier. Acer would have provided backing from a better-known vendor.

Acer could not be reached for immediate comment. But in a statement issued on Friday, Acer said it would continue to work with its strategic partners in China to create improved products and services.

Rubin added in his postings, that it would be "easy" for an operating system to become Android compatible, suggesting that Acer could still launch its new smartphone if changes are made to the Aliyun OS.

Read more »

Google to drop support for IE8 on Nov. 15

Significant impact on Windows XP, which cannot run newer IE9 or the upcoming IE10

Google will drop support for Microsoft's Internet Explorer 8 (IE8) for its online apps and services in mid-November, effectively ending support for many users of Windows XP.

"Internet Explorer 10 launches on 10/26/2012, and as a result, we will discontinue support for Internet Explorer 8 shortly afterwards, on 11/15/2012," the company wrote on a Friday blog. "After this date, users accessing Google Apps services using Internet Explorer 8 will see a message recommending that they upgrade their browser."

Because IE8 is the newest Microsoft browser that runs on Windows XP, and because Google had previously abandoned IE7 and IE6 -- the other versions that run on XP -- the move significantly impacts Windows XP users locked into Internet Explorer by corporate or organization policies.

Neither IE9, which Microsoft launched in March 2011, or IE10, which will debut alongside Windows 8 in late October, runs on Windows XP.

After Nov. 15, users running IE8 may have trouble with some features in Google Apps. And if past practice is any clue, other sites and services, including Gmail and Google Calendar, may also be affected. At some point, those apps may stop working entirely in IE8.

This wasn't the first time that Google has warned users to upgrade to a newer browser. In July 2011, the company said it would dump IE7 from its list of supported browsers; in January 2010, it announced it would no longer support IE6, Microsoft's 2001 browser.

Google's policy is to support only the current version of a browser, and its immediate predecessor.

Giving up on IE8, however, is markedly different than dumping IE7.

Last year, when Google said it would stop supporting IE7, that edition accounted for just 7% of all browsers used worldwide, according to Web analytics firm Net Applications.

IE8, on the other hand, was the most widely-used browser edition in the world last month, with a usage share of 25%. Of those who ran one version or another of IE, nearly half, or 47%, ran IE8 in August.

Windows XP faces its own end-of-life cutoff; Microsoft will serve users with that operating system's final security update in April 2014. But like IE8, Windows XP remains a major presence. Last month, Net Applications measured XP's global usage share at 42.5%, just behind the three-year-old Windows 7's 42.8%.

 

Google is the first major online software maker to drop 2009's IE8 from a support list. Microsoft, for instance, has committed to supporting IE8 on Windows 7 until 2020.

IE8 users, particularly those running Windows XP, can switch to another browser, including the most recent versions of Mozilla's Firefox, Google's own Chrome or Opera Software's Opera, to run Google Apps.

The end-of-support plan for Google Apps will not disrupt access to its search site using older browsers.

Read more »