Webtorials

Network-Based Protocol Innovations in Secure Encryption Environments

2012-02-06T17:20:54Z

Using Locator/ID Separation Protocol (LISP) to Optimize Routing in IP Encryption Environments
Cisco Systems

]]>
The main innovation addressed in this paper is the Locator/ID Separation Protocol (LISP) routing architecture framework, which, when deployed in an IVD environment, addresses some of the major deployment and operational challenges common in IVD networks today.

This paper compares the use of LISP with technologies currently used in IVD deployments today. It also highlights the advantages and differentiation that simplify operations and deployment, and offers current and future enhancements that could change the way IVD networks are deployed.

Download Paper
(Webtorials membership required. Click here to register or if you forgot your username/password.)

Planning for Cloud Services from Telecommunications Service Providers

2012-02-03T18:37:28Z

Jim Metzler
Distinguished Research Fellow and Co-Founder, Webtorials Analyst Division
On behalf of VCE

]]> The widespread adoption of cloud computing presents a tremendous opportunity for Telecommunications Service Providers to leverage their networks, data centers, existing customer relationships and other business assets to generate significant new revenue streams derived from delivering public cloud computing services to enterprises of all sizes.

The first step that a service provider should take in planning for a rollout of cloud computing services is to prepare a detailed, multi-year, rolling business plan that outlines both their cloud computing strategy as well as their data center architecture and implementation strategy. The second step is to simultaneously engage in ongoing conversations with potential customers and potential suppliers of key enabling technologies. The third step is to update and adjust their rolling cloud computing business plan in an iterative fashion. Each iteration or phase of the business plan is based in part on the service provider's ongoing conversations with potential customers and suppliers and in part on the desire and the ability of the service provider to leverage wherever possible the technology base and market adoption of the previous phases.

One of the goals of this white paper is to create an outline for a cloud services business plan and to identify and discuss some of the major topics that should be included in the plan. It is expected that service providers will modify this outline for use in their environment. Another goal of this white paper is to identify some of the input that needs to be gathered from both customers and suppliers in order for service providers to be able to update their business plans in such a way that they continually reflect the realities of the burgeoning marketplace for public cloud services.

Download Report
(Webtorials registration required for downloads. Click here if you forgot your username/password.)

What are the Best Approaches to Scale Virtual Machine (VM) Networking Beyond the Data Center

2012-02-03T16:09:31Z

The Data Center LAN Evolution Series
A Webtorials Thought Leadership Discussion
Dr. Jim Metzler, Moderator
Featuring Arista, Avaya, Brocade, Cisco Systems, Extreme Networks and HP

]]> Many of the components of cloud computing have been done before. Infrastructure-as-a-Service looks a lot like time sharing and Software-as-a-Service looks a lot like what we used to call Application Service Providers. However, one of the components of cloud computing that is new is the ability to move virtual machines between physical servers, both within a data center and between data centers.

Our research clearly shows that IT organizations are very interested in moving VMs between data centers but that there are a number of barriers that limit their ability to do so. This month's discussion will identify those barriers and will discuss what IT organizations can do to limit their impact.

In order to make this discussion interactive, kindly feel free to send us questions or comments.

Join the Discussion
(Webtorials membership required. Click here to register or if you forgot your username/password.)

Related discussion: The Ability of the Data Center LAN to Support Virtualization
Related discussion: What's the Best Alternative to Spanning Tree?
Related Discussion: Does Converging the LAN and SAN Make Sense?
Related Discussion: Does OpenFlow Make Sense in Enterprise Networks?

Your SIP Trunking Implementation Checklist

2012-02-02T19:02:55Z

A TechNote on Unified Communications
Gary Audin, Delphi, Inc.

]]> When session initiation protocol (SIP) trunking first emerged as a substitute for traditional T1 and primary rate interface (PRI) connections to the public switched telephone network (PSTN), enterprises experienced a number of deployment problems. This was to be expected, because connecting to a SIP trunk isn't exactly plug-and-play. What is surprising is that, years later, many of these problems continue to plague the enterprise. The basics of SIP and SIP trunking are no longer new to providers, so why are these problems still surfacing? Having knowledge of common SIP trunking issues and a checklist for dealing with them upfront can help enterprises avoid problems with their SIP trunking implementations. Some of these considerations are the same as those for T1 and PRI PSTN deployments, but enterprises must take into account that SIP uses a different transport technology and carries digital voice packets. Common SIP Problems First: what are the problems you might expect? Last year, The SIP School conducted a survey in conjunction with online news source Techistan of 400 industry professionals to find the most common issues encountered during SIP trunk deployment. More than half of the respondents (58%) were from the U.S. The survey, which determined that 59% of respondents had deployed SIP and another 26% were testing or evaluating it, asked, "If you've had problems [with a SIP trunking implementation], where have the issues been?" The respondents' answers are shown in Figure 1. Jan23Art-Figure1.jpgThe issues are associated with three areas: the SIP trunk provider, the edge devices (network address translation, NAT; and session border controller, SBC), and the PBX and its configuration. The largest number of respondents said their problems stemmed from the PBX and its configuration, but the other areas were also generously represented. The SIP School survey also found a number of specific problems with providers, as shown in Figure 2. Jan23Art-Figure2.jpgSidestepping Trouble Now that you can see where the problem areas tend to fall, your first step is to determine which features and functions your enterprise already has in place and what the SIP trunk can provide in required services and operation. The enterprise can obtain reports from its current PBX (whether it is IP-based or not) that describe existing trunk connections and utilization. Such reports provide a foundation for developing the trunk traffic requirements. Here are some important questions to ask when doing so: Will secure encrypted connections be required? Will the G.711 codec or compressed voice using G.729 be used? Will teleworker connections be supported? Does the IP PBX or legacy PBX support SIP? If so, is the support proprietary or for the standard SIPconnect Technical Recommendation ? What is the schedule for SIP trunking implementation? Should multiple Internet telephony service providers (ITSPs) be selected and tested for a SIP trunking pilot? The second step should include an RFP that clearly spells out the enterprise's requirements. SIP trunking is new for most enterprises, and it's not like the commodity PSTN connections of T1 and PRI, which are typically differentiated only by price. The SIP trunking RFP will be different from past procurements in a number of ways: Voice, data and video might go over the same SIP trunk. Local, long-distance and international calling might vary by service package and provider. A major goal is cost reduction, so the provider's proposal must demonstrate savings and include all costs for installation and any needed modifications to the IP PBX or PBX to connect to the SIP trunk. Voice quality requirements might call for the use of Multi-Protocol Label Switching (MPLS) or Virtual Private LAN Services (VPLS) network services, which could increase the cost. The provider might not connect to other ITSPs; if so, many of the calls will be off-network at a higher cost. The enterprise might want the SBC and media gateway to be provided and supported by the ITSP. The provider's pricing plans for HD voice, T.38 fax and hosted solutions might or might not be attractive. The support of Microsoft Lync necessitates TCP for SIP signaling - not a common requirement. SIP trunking should be trialed and tested with two ITSPs. All features in use with the T1/PRI connections should be tested over the SIP trunks. And all issues listed in Figure 2 should be tested for successful implementation.

Integrating Security Testing into Quality Control

2012-02-02T16:27:49Z

AT&T

]]> network security testing into the role of Quality Control (QC)adds another layer of defense--without adding another layer of cost. In this brief white paper, learn how your QC team can increase the level of application security, and lower your organizational risk.

Download Paper
(Webtorials registration required for downloads. Click here if you forgot your username/password.)

Cisco Annual Security Report

2012-02-01T17:14:34Z

Cisco Systems

]]>
It also provides a snapshot of the state of security for that period, with special attention paid to key security trends expected for 2012.

Download Paper
(Webtorials membership required. Click here to register or if you forgot your username/password.)

RIM CEO Shakeup: It's a Start

2012-01-31T16:05:25Z

A TechNote on Wireless and Mobility
Joanie M. Wexler
Technology Analyst/Editor
Editorial Director, TechNotes

]]>
BlackBerry maker Research In Motion (RIM) finally has a new CEO. But while replacing long-time co-chiefs Mike Lazaridis and Jim Balsillie has been hailed as a necessary and bold move, it's not a magic bullet that will redeem the beleaguered company overnight. RIM remains in urgent need of a top marketing executive - not to mention some decent touchscreen technology, more apps and a little pizzazz. The company is already scurrying to find a chief marketing officer "ASAP," said Thorsten Heins, the company's newly appointed CEO, in a conference call last week. "This is an element we need to strengthen." RIM has been minus a CMO since last March, when Keith Pardy left the company. Heins, who has been with RIM since late 2007 in a co-chief operating officer role and who was formerly chief technology officer at Siemens AG, acknowledged that the company needs to "have more of an ear to the consumer market and understand trends." Catching Up with the Times WirelessJan30ART.jpgRIM has long had a strong reputation in the enterprise. However, its more recent growth was coming from the consumer market - that is, until iPhone and Android-based smart phones hit the shelves and consumers started ditching their loyalty to RIM. Change at the top has been sorely needed ever since. Lazaridis and Balsillie have stepped aside to let Heins take the helm, though the two will remain on the company's board. The board also unanimously named current director and former Toronto Stock Exchange CEO Barbara Stymiest independent board chair. The shakeup follows a year of pitfalls, missteps and bad luck for RIM. The company recently took a $485 million write-down because of unsold PlayBook tablet computers, for example. It slashed the price of its entry-level BlackBerry smart phone to $299 and forecast fewer unit sales for next quarter. It also missed important delivery dates for handset and tablet upgrades. "Mike and Jim's departure was long overdue," says Michael Finneran, principal of mobility consulting firm dBrn Associates, and longtime RIM watcher. "RIM is still profitable, has 75 million subscribers and a globally recognized brand," he acknowledges. Yet the company has yet to produce a touchscreen phone to rival the iPhone or Android experience, he says. And the long-awaited BlackBerry 10 (formerly "BBX") devices built on the operating system technology RIM acquired with QNX Software Systems in 2010 aren't due to ship until later this year. Heins confirmed that the once-delayed PlayBook 2.0 software is now still on track to ship in February, will include a native email client and will have the ability to run Android applications. Beware Complacency in the Enterprise And what of the 250,000 enterprise customers RIM says it currently serves? Yesterday, RIM announced the general availability of BlackBerry Business Cloud Services for Microsoft Office 365, which extends Microsoft Exchange Online to BlackBerry smartphones and allows customers to manage their BlackBerry deployments in the cloud. And the company said last month that its BlackBerry Mobile Fusion multi-OS mobile device management (MDM) system, initially due in late 2011, would finally ship in early 2012. As of this writing, however, the BlackBerry Mobile Fusion Web site simply states "Coming in 2012." Multi-OS MDM has become table stakes in today's "bring your own device," or BYOD, business settings. RIM management and security has only worked with its own devices, meaning businesses that use a mix of BlackBerry, Apple iOS, Android and other mobile OSs need separate management systems, which could be a deterrent to RIM solutions going forward. Heins asserted last week: "We're well positioned with enterprises and CIOs." And, indeed, highly security-conscious enterprises have said in the past that they'd remain with RIM until consumer-class suppliers can prove that their platforms are as airtight as the BlackBerry system. But RIM shouldn't get complacent about its business following, either. "We've been looking at moving away from RIM for awhile because its technology is just too antiquated compared to the new stuff coming out," says the telecommunications manager at an Arlington, Va., financial services firm. "Even the new touchscreen version is a pale image of what iPhone and Android platforms have accomplished." Still, RIM has money in the bank, and it's far more challenging for existing businesses to extricate themselves from their RIM investments than it is for consumers to just swap out a phone or a tablet.

How Unified Communications Pays for Itself

2012-01-30T22:16:09Z

ShoreTel

]]>

Download Paper
(Webtorials registration required for downloads. Click here if you forgot your username/password.)

SIP Trunks: Keeping your System Secure

2012-01-30T22:01:25Z

ShoreTel

]]>
SIP trunks use IP-based protocols that open up a calling system to a WAN that businesses should consider insecure. Because of this, they must educate themselves about the security aspects of SIP trunks and how to enforce an appropriate measure of protection. What are the new threats? What are the options for mitigating them? Who should be in control of SIP trunk security: the enterprise firewall administrator or the service provider? This comprehensive paper helps enterprises answer this question by exploring the various alternatives and their respective tradeoffs.

Download Paper
(Webtorials registration required for downloads. Click here if you forgot your username/password.)

TCO Benchmarking Study

2012-01-30T12:48:37Z

Aberdeen Group
On behalf of ShoreTel

]]> Total cost of ownership (TCO) is a key metric for assessing costs, benefits and risks of a unified communications (UC) solution that enables organizations to properly evaluate competing solutions. It aligns their final decision with business needs, while understanding the effects of future requirements and functionalities. UC represents the evolution of telephony, during which companies have augmented the traditional desk phone with other communications technologies. Buyers may have previously bought a landline solution based solely on capital expenditure, but this approach is now outdated.

This white paper examines UC TCO measured in:
·        Capital costs
·        Implementation and training
·        Ongoing support
·        System administration
·        Networking/long distance usage

Rather than simply considering the initial price tag, enterprises interested in a UC system need to evaluate the complete total cost of ownership over the solution's intended lifespan.

Download Paper
(Webtorials registration required for downloads. Click here if you forgot your username/password.)

What's Become of WAN Innovation?

2012-01-26T15:31:08Z

A TechNote on The Next Generation
Jim Metzler
Distinguished Research Fellow and Co-Founder
Webtorials Analyst Division

]]> We talk constantly about innovation in virtually every area of networking. But what about the WAN? With use of older WAN technologies such as Multi-Protocol Label Switching (MPLS) and frame relay past their growth peaks, are new ones emerging to take their place? Not really, and here's the situation: The modern WAN got its start in 1969 with the deployment of ARPANET, the precursor to today's Internet. As the Internet continued to evolve to provide universal connectivity, the 20-year period that began in 1985 saw the deployment of four distinct generations of enterprise WAN technologies. These technologies were designed to provide connectivity primarily within the enterprise and between the enterprise and its key contacts (e.g., partners and suppliers). As a result of all of this innovation in WAN services, many IT organizations' WANs grew to include myriad technologies and services. Traditional WAN Services Wane However, as highlighted in the Webtorials 2011 Cloud Networking Report, that situation is changing rapidly. The report contained the results of a survey in which 108 respondents were asked to indicate the extent to which they currently use each of 11 WAN services, including frame relay and asynchronous transfer mode (ATM). Not too long ago, these services were widely deployed. However, more than half the survey respondents have no frame relay in their networks, and almost two thirds have no ATM. In addition, few IT organizations are increasing - and many are actually decreasing - their use of these technologies. The survey results clearly indicated that the primary WAN services currently used by IT organizations are MPLS, Virtual Private LAN Service (VPLS, a variation of MPLS) and the Internet. Survey respondents were also asked to forecast any changes in their organizations' use of MPLS, VPLS and the Internet over the next year. The table below shows the percentage of the survey respondents who indicated an increase in the use of those services. The data in the table clearly indicate that, while IT organizations will increase their use of both MPLS and the Internet, they will make a significantly greater increase in their reliance on the Internet. No Clear MPLS Successor In contrast to the 20-year period ending in 2005, today there is no fundamentally new generation of WAN technology under development. This means that, given the long time it takes for any new WAN technology to become mainstream, MPLS will have no clear successor in the foreseeable future. This situation should definitely raise concerns for two reasons. First, the amount of traffic traversing the WAN continues to soar. How will we accommodate it? Second, unlike other components of the IT realm, such as processors and memory, the WAN does not follow Moore's Law (i.e., doubling in performance every 18 months); hence the unit cost of the WAN will just keep rising. What innovation is occurring today involves variations on existing WAN technologies and services. One example of that phenomenon is VPLS, where an Ethernet frame is encapsulated in MPLS. Future TechNotes will describe some additional emerging WAN service options based on variations in current services - most notably those that make the Internet perform more like MPLS. Will these new services be enough to meet enterprise WAN needs in the coming years? It's just too early to tell. At the upcoming Interop conference in Las Vegas, I will moderate a session titled "How to Redesign Your WAN" on Wednesday, May 9, 10:15-11:15 a.m. Please attend and learn more about this important topic.

Does the Recent WPS Attack Affect You?

2012-01-26T00:03:06Z

A TechNote on Wireless and Mobility
Lisa Phifer, President
Core Competence, Inc.

]]> Researcher Stefan Viehböck's holiday gift to the world was a personal information number (PIN) guessing attack against Wi-Fi Protected Setup (WPS). WPS is a fuss-free configuration option supported by many residential Wi-Fi routers. Reported to the U.S. Computer Emergency Readiness Team (US-CERT) in late December, this brute-force PIN crack has since been demonstrated by hundreds of volunteers running proof-of-concept attack tools. But look-alike acronyms and diverse implementations have created confusion about real-world impact. How can you tell if this attack impacts you? WPS, WPA, WP-Whatever Start with what WPS is - and isn't. The "S" in "WPS" refers to "setup." Specifically, WPS is a Wi-Fi Alliance innovation, created to encourage secure wireless connections by auto-configuring Wi-Fi Protected Access (WPA/WPA2)- Personal pre-shared keys (PSKs). Before WPS, network owners had to configure routers with long, complex WPA2-Personal passphrases (from which PSKs are derived). End users then painstakingly re-typed those same passphrases into Wi-Fi laptops, smartphones, Tivos, Wiis, etc. Mistakes proved frustratingly common, especially on consumer electronic devices without keyboards. To greatly simplify setup, WPS auto-configures PSKs by conducting an over-the-air exchange between router and client. Depending on router make/model, setup might require typing a four-digit PIN into a client, pushing a button on the router, or holding a client up to a router that supports near-field communications (NFC). Viehböck analyzed this supposedly secure WPS exchange and found vulnerabilities that facilitate WPS PIN cracking. However, Viehböck's attack does NOT crack WPA/WPA2 (a.k.a. 802.11i), the standards actually used to secure wireless network traffic. This means that businesses using only WPA2-Enterprise (802.1X) needn't be concerned about WPS attacks. Neither should organizations using WPA2-Personal on enterprise-grade Wi-Fi access points that don't implement WPS. PIN-pointing the Problem On the other hand, SMB and residential wireless router owners who use WPA2-Personal to secure their networks should be concerned and perhaps take action. The brute-force attack reported by Viehböck reduces the number of PINs that a would-be intruder must try before correctly guessing a WPS-enabled router's PIN. For some routers, worst-case time-to-crack is roughly four hours. For other routers, cracking could take up to 90 days - or even forever. Having cracked a router's WPS PIN, the intruder can freely connect any new client, gaining access to other connected systems and uplinked networks just like legitimate clients. Why the range in attack duration? A brute-force attack works by repeatedly trying all possible combinations until the right PIN is guessed. Some routers ignore WPS failures, letting an attacker keep on plugging without delay. Other routers respond to repeated failures with some sort of "lockdown" period during which WPS attempts are ignored. Maximum time-to-crack depends on how many failures are permitted, how long the lockdown lasts and whether manual action is required to re-enable WPS. Furthermore, some routers engage in WPS for only a few minutes after the owner explicitly enables this auto-configure option. Protect Yourself Unfortunately, the affected Wi-Fi routers are relatively easy to attack; proof-of-concept tools are already freely available. Furthermore, initial (not necessarily representative) surveys indicate that about one-quarter of all Wi-Fi routers now using WPA/WPA2-Personal could be vulnerable. For those unlucky enough to be vulnerable, quick action is warranted. Fortunately, the remedy might be easy. Anyone using a residential or SMB Wi-Fi router with WPA/WPA2-Personal should start by determining whether the router's make/model even supports WPS. A list of Wi-Fi-certified WPS-capable products can be found at www.wi-fi.org. Those with non-Wi-Fi certified products should browse product configuration guides or screens, looking for a function that sounds like WPS but might be called something else. Those using routers that support WPS should dig further to determine actual risk exposure and ways to reduce or eliminate it. A community-sourced list of volunteer-tested routers (by make, model and firmware version) has been shared here at Google Docs. In particular, note the "WPS can be disabled" column, which describes whether, and sometimes how, to turn WPS off in each tested router. Further information about this attack, affected products and recommended workarounds has been published by the US-CERT here. Ultimately, vendors selling especially vulnerable WPS-capable products might release updated firmware to add lockdown mechanisms or take other steps to deter this attack. In the meantime, turn WPS off wherever possible, or enable WPS only when actively attempting to auto-configure a new client. WTNJan23.jpg Shown are WPS options in a common residential Wi-Fi router. Remedies to deter attack vary by product; here, just choose "Manual" in lieu of PIN or push-button auto-configuration.

Application Visibility and Control for IPv6

2012-01-24T17:06:45Z

Cisco Systems

]]>
These devices typically run operating systems that support IPv6 by default and in fact prefer to communicate with IPv6 where possible, using tunneling in certain circumstances.

The Cisco® App Velocity Borderless Network service allows you to identify and classify IPv6 traffic on your network, even if the traffic is encapsulated in a tunnel.

Download Paper
(Webtorials membership required. Click here to register or if you forgot your username/password.)

Single- vs. Multi-Vendor Approaches to UC

2012-01-23T14:23:38Z

A TechNote on Unified Communications
Gary Audin, Delphi, Inc.

]]> Single-vendor or multi-vendor? Since the beginning of IT and networking, it seems, enterprises have faced that conundrum. The decision hasn't gotten any easier with unified communications (UC). There are good reasons for both approaches. Working with a single vendor, especially a known incumbent, can make IT management feel more comfortable and potentially reduce implementation problems. But it probably won't provide the lowest price with the greatest menu of UC features. On the other hand, using multiple vendors will force the enterprise to manage many different relationships. The various vendors' products might not interoperate or deliver a common user interface. And if the enterprise brings in the cloud for some UC services, these multi-vendor issues will likely increase. Sometimes the single-vendor approach is a continuation of an existing vendor relationship. The vendor is familiar with the enterprise's operations, its present environment and its long-term goals. It builds on history, having previously won executive approval for other projects. Assuming the enterprise has been satisfied with the relationship in the past, the single incumbent vendor is sometimes selected because this decision presents a much lower career risk for the CIO than gambling on a selection of multiple new vendors. However, a multi-vendor scenario might sometimes be impossible to avoid. If it is necessary that the UC features be accessible through mobile devices and networks, then multiple vendors will certainly be involved. In many cases it is also likely that management systems provided by third parties will enhance the capabilities of those offered by any single vendor. Consider Help from a VAR If a multi-vendor solution is deemed appropriate, the enterprise might want to contract with a value-added reseller (VAR) that will assume all implementation and operational responsibilities. This approach reduces technical complexity as well as problem-solving and staffing issues the enterprise will face. Furthermore, it offers a single point of contact while delivering the benefits of the multi-vendor approach. Ultimately, the single- or multi-vendor decision will depend on an enterprise's specific requirements. Often the deciding factors are non-technical ones: e.g., previous vendor relationships, perceived vendor stability, personal preferences of IT personnel or executive management, solution cost (though with non-government entities, cost is often not the driving force). Further Reading There are two Webtorials papers in particular that can help you more fully understand the operation and management of multiple-vendor platforms and devices. They are "Unified Communications Solutions and Interoperability" and "Managing Multi-Vendor UC and Collaboration in a Virtual World". Primary Pro/Con Decision Considerations UC-TN-2012-01-23.JPG

The Role of Data Center Bridging in LAN-SAN Convergence

2012-01-20T00:00:26Z

A TechNote on The Next Generation
Jim Metzler
Distinguished Research Fellow and Co-Founder
Webtorials Analyst Division

]]> A great deal of attention is being focused on the potential convergence of LANs and SANs in the data center. And it's more than just vendor hype. As recently reported in TechNotes, a number of companies intend to complete at least a moderate deployment of LAN-SAN convergence over the next two years. But just what will it take to bring that about? Lessons from the VoIP Trenches Certainly this isn't the first time two complementary technologies with significant differences have been converged. Take VoIP, for example. Looking at the hurdles that were overcome to bring data and voice together and make VoIP a marketplace reality can provide tremendous insight into the challenges that a converged data center LAN presents. A major obstacle to early VoIP implementation was that the quality of a voice call is sensitive to delay, jitter and packet loss, and the data networks of that era lacked the mechanisms to minimize these metrics to ensure acceptable performance levels. In the years following VoIP's introduction, numerous techniques - among them sophisticated congestion control mechanisms - were introduced into data networks, enabling successful VoIP implementations by the vast majority of IT organizations. A somewhat similar situation applies in LAN-SAN convergence. In particular, traditional Ethernet provides only a best-effort service that allows buffers to overflow during periods of congestion; it relies on upper-level protocols such as TCP to manage congestion and recover lost packets through retransmissions. In an integrated LAN-SAN, this could result in a level of delay that is unacceptable for storage functions. To emulate the lossless behavior of a Fibre Channel (FC) SAN, Ethernet needs enhanced flow-control mechanisms that eliminate buffer overflows for high-priority traffic such as storage-access flows. Lossless Ethernet is based on a set of standards commonly referred to as IEEE Data Center Bridging (DCB). DCB's Key Components DCB has three key components. One is the IEEE 802.1Qbb Priority-based Flow Control (PFC) standard, which allows the creation of eight distinct virtual link types on a physical link, with each virtual link mapped to an 802.1p traffic class. Every virtual link can be allocated a minimum percentage of the physical link's bandwidth. Flows are controlled on each virtual link via a pause mechanism, which can be applied on a per-priority basis to prevent buffer overflow and eliminate packet loss due to link-level congestion. The second key component of DCB is the IEEE 802.1Qau Congestion Notification (CN) standard. This standard focuses on traffic-management techniques that eliminate congestion by applying rate limiting or back pressure at the network edge to protect the upper network layers from buffer overflow. CN is intended to provide lossless operation in end-to-end networks that consist of multiple tiers of cascaded layer 2 switches - the architecture typically used in larger data centers to support server interconnect, cluster interconnect and extensive SAN fabrics. The third component is the IEEE 802.1Qaz Enhanced Transmission Selection (ETS) standard, which specifies advanced algorithms for the allocation of bandwidth among traffic classes, including the priority classes supported by 802.1Qbb and 802.1Qau. DCB lossless Ethernet will play a key role in supporting Fibre Channel over Ethernet (FCoE) technology, which will allow the installed base of Fibre Channel storage devices and SANs to be accessed by Ethernet-attached servers with converged FCoE network adapters over a unified data center switching fabric. DCB will benefit not only block-level storage, but also all other types of loss- and delay-sensitive traffic. In the storage arena, DCB will improve network-attached storage (NAS) performance and make Internet Small Computer System Interface (iSCSI) SANs based on 10/40/100 gigabit Ethernet a more competitive alternative to 2/4/8Gbps Fibre Channel SANs. It Won't Happen Overnight So, the good news is that techniques now being developed and implemented will likely enable the convergence of the LAN and SAN. The bad news is that, for a variety of technological and cultural reasons, convergence tends to take a long time. If that seems counter-intuitive, just think back to earlier this decade and remember how many years were identified as being "The Year of VoIP."