While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
There’s a debate under way in the world of Ethernet switching, and it’s not for the faint of heart.
In one corner are proponents of keeping things the way they have been for years: switching with three tiers, each with a specific purpose. In the other corner are those who favor the trend toward two-tier switching: eliminating the middle, or aggregation layer. (Read box at end.)
The decision whether to go with two or three tiers will be driven by several factors: Are you revamping the network and upgrading backbone components — making a move to new switches logical? Does the size of your enterprise demand a more traditional tiered structure for your network services? Are you virtualizing and consolidating services, and therefore want to take advantage of quick switching between virtual machines?
Virtualization and 10 Gigabit Ethernet switches really have driven the shift, says Jag Bolaria, a senior analyst with the Linley Group of Mountain View, Calif. The 10G switches make it possible to meet capacity demands on the flatter topology and to tackle the provisioning, on-the-fly nature of virtualized environments.
That’s certainly been the experience at the Peace Corps. The agency is methodically virtualizing its roughly 85 servers at its headquarters in Washington, along with six servers at each of its overseas locations.
The low latency possible with some of the new 10G Ethernet switches through the flattened two-tier topology
The Peace Corps began its agencywide virtualization project with a two-tier infrastructure, but quickly realized that capacity simply wouldn’t be great enough. That meant taking a different route — either three-tier switching or a two-tier infrastructure based on 10G Ethernet.
The choice was clear, says Domenico Palombo, chief of global network operations and telecommunications. Although three-tier switching was attractive on some levels, two-tier switching with 10GE would help his eight-person network operations staff better manage the growing tech needs of the Peace Corps’ 3,500 employees and 7,000 volunteers, he says. Palombo has hands-on knowledge of the needs of its far-flung and often remote users: He served as a Peace Corps volunteer from 1999 to 2002 in St. Vincent and the Grenadines.
“10G Ethernet-based switching will help us better deal with sprawl, our increased cabling and port requirements, and I/O problems,” Palombo says. “And it will decrease port density, which means we will have less physical infrastructure to manage.”
The topology choice often hinges on size, says Kumar Srikantan, vice president of marketing for cloud switching and services technology at Cisco Systems. For some federal agencies, a two-tier network may not be hardy enough. “Three-tier switches are necessary for the type of scaling and aggregation larger enterprises need,” Srikantan says.
Some proponents of the three-tier approach also say the system isn’t broken and doesn’t need fixing. But, says Bolaria, three-tier switches can be overkill for organizations that have slightly smaller infrastructures. And, they can be costly, he points out.
That’s where the two-tier camp comes in. Its supporters suggest that two-tier switches, in addition to being less expensive, reduce latency and increase performance.
“Each time you switch, it introduces latency,” Bolaria says. “Processes that can’t tolerate latency, like finance applications where milliseconds make a difference, are on board with the two-tier approach.”
The move toward virtualization is another reason to consider two-tier switches. Because there are multiple virtual machines within one physical server, there is a great need for switching data between virtual machines. It’s more cost-effective to switch the data either at the top of the rack or on the server itself, Bolaria says — something the two-tier approach makes possible.
He says most switching vendors today recognize the need for two-tier switches and have either introduced products or are planning to do so. Manufacturers already on the two-tier track include Brocade, Fujitsu, HP, IBM, Juniper Networks, Sun Microsystems and 3Com.
Many new three-tier switches can also support two-tier switching, Srikantan says. The three tiers are there if needed, but the switches’ algorithms allow a signal to be switched without traversing all three tiers, and their protocols determine the shortest path between two endpoints.
At the Peace Corps, Palombo’s team plans to deploy Cisco Nexus 7000 switches, three-tier switches with two-tier capability. The design phase is under way now, he says, adding that agency plans call for completing the project by fall.
Before it could get to the design and deployment stage, however, the Peace Corps’ network team had to win over project managers and power users.
“Originally, we got a lot of pushback from people who were afraid of moving to a new technology,” says Palombo. “But now more organizations are doing it, so it’s no longer a fear. And people who originally opposed the idea are supporting it.”
[To read more about the Peace Corps’ network plans and its intention to move to a unified communications platform, see "Close the Loop."]