An amber light for your network traffic

The networking industry is stirring. Plans for web services, for example, are being conceived and some companies are tentatively reviewing their IT infrastructures to embrace the move. As ever, there are choices, but, the Economist Intelligence Unit reckons 61% of corporate IT managers plan to increase their spending on network infrastructure over the coming two years – not least because globally 94% of managers think their networks are unable to handle existing business challenges! If you're an advocate of service-orientated architectures (SOA), that's the initiative you will certainly be buying into. Web services will provide faster, smarter and, in the long run, cheaper applications, provided all the pieces are right. Pull applications away from the hardware beneath and wow, you can utilise the resources more efficiently. Development of custom applications will improve as a direct consequence of reusable software components. IT should then be able to meet the requirements of end-users much more easily than with existing configurable, but essentially standard services that are dependent on particular servers. Now, enter the fundamental integration framework standards UDDI, WSDL, XML and SOAP – and no that's not 'SOA protocol', but 'simple object access protocol', while UDDI is 'universal description, discovery and integration' and WSDL is 'web services description language'. It's down to these that you can do all sorts of things with services across systems, companies, industries and countries, using interfaces: they will be supported by everyone. You can't buy an SOA – it doesn't exist as packaged software. Indeed your own company enterprise system architecture might not need extra technology or software to take advantage anyway. The point is an SOA doesn't describe a product or vendor: it's concerned with enabling IT to become more responsive to an enterprise's changing needs – through services. But back to basics: Chris Knowles, Computacenter's practice leader for network security and management, says: "There are two drivers in manufacturing – ERP applications and the bespoke real-time applications needed to run manufacturing. Both are business critical; both depend on network traffic getting through." For that, getting the network's quality of service (QoS) right is important. But with businesses operating across multiple sites, you could be running your enterprise networks across several service providers, so QoS parameters need to be managed across each area. One way companies try to alleviate network congestion is by buying bandwidth – it seems the simplest solution so that's what they do. But, to pick up an analogy, it's like moving from a dual carriageway to a three-lane motorway – you have the space but you don't (and can't) control the traffic. Robust QoS systems deal with that by prioritising network traffic and managing bandwidth properly. "If ERP is more important, it's given a blue flashing light," says Knowles. "All traffic on the network with such a light takes priority over any other traffic. An e-mail data message will wait while the ERP packets pass by." For network management, key framework providers include HP, IBM/Tivoli, CA Unicentre, BMC Patrol, plus more specialist niche tools such as NetIQ, which looks at QoS parameters. As well as QoS, the company Peribit offers solutions that compress data to increase bandwidth capacity, handle latency issues to speed up applications performance, and optimise paths through a network. Are you getting through? It's all about getting through – and in that sense, network 'performance' is increasingly being rated as more important than its 'availability', while network management is increasingly being considered in that light. "Companies are outsourcing because of this," says Knowles. BT, for example, could own the comms and routers, while the company owns the applications – in effect managed services with SLAs (service level agreements) based on network performance. As for costs, per-usage type charging will become more common. First, fixed price per port per month used will be the way – paying for the number of users connected. Second, there could be a charge per usage – paying for voice, paying for the data used to carry the voice. The approach allows big corporations to allocate network bandwidth and usage efficiently. Look at whisky maker Chivas Brothers, which needed to integrate its business more closely after being acquired by Pernod Ricard in 2001. Being granted a good degree of autonomy, Chivas wanted to optimise communications between 21 locations and 800 employees across the UK – its distilleries in the Highlands of Scotland, manufacturing facilities in the central belt, and international offices in London. Chivas' IT director Stuart Watson says: "We needed to upgrade to a flexible, reliable and cost-effective network based on IP. BT implemented its IP Clear solution in three months, with minimal disruption in our day-to-day working." Implementing the network as a managed service enabled the company's IT staff to focus on the IT strategy and to ensure that its IT was delivering to the business. BT monitors the network's performance and handles any faults. And it saves money. "The initial stage of the project has enabled us to reduce costs by 20% compared to our previous data network," says Watson. "Also, network availability has increased by 1.4% to 99.9%, which provides us with the reliability we need to achieve improved productivity in our daily jobs." Chivas receives monthly network performance data and management statistics so it can see how the network is performing. And a consequence of that is the ability to make better-informed decisions about changes to its network – because it finds out which sites are running near capacity. The plan now is to converge its voice and data across a single IP network early next year. Meanwhile, the Swedish subsidiary of pharmaceutical conglomerate Astra Zeneca, Astra Tech, utilised Peribit technology to boost WAN (wide area network) capacity between its UK, European and US facilities, via system integrator Arceta Communications. Says Astra Tech IT manager Sture Stroger: "Network capacity is a continual headache for IT departments, and buying more bandwidth is often only a short-term, costly solution. We were experiencing application performance issues and needed the ability to analyse and control traffic on a per-application basis. By deploying Peribit, we doubled overall throughput, and provided the application-level QoS capabilities we needed to tune our network for optimum performance." Combining the network performance benefits with QoS management and WAN monitoring and reporting resulted in real cost savings. A WAN upgrade would cost Astra Tech more than $150,000 per year, and the estimated ROI (return on investment) through Peribit is eight months. No contest really. Indeed, according to analyst Gartner, by 2008, investing in WAN optimisation solutions will be the primary WAN upgrade strategy for 75% of enterprises. Apart from Astra Tech, for Peribit customers Bridon Wire, British American Tobacco (BAT) and Butler Manufacturing, to our knowledge that's already a fait accompli. Nevertheless, as always, no two networks are the same and the devil is in the detail. Chivas' Watson, for example, says: "We considered optimisation briefly as we had difficulty in increasing bandwidth on our previous network, but our strategy was the IP convergence route." And there are great cost savings to be made by going that way. Other routes include harnessing managed services and various levels of outsourcing – although David Blundell, chief operating officer at managed services provider Netstore believes no-one has the courage to take the plunge into IT outsourcing. "Few organisations will even consider outsourcing as a viable option with the many failed promises reverberating in the market. 'All-or-nothing' as an approach misses out on some of the fundamental benefits that can readily be achieved through progressive outsourcing and a managed service approach." Chivas Brothers is a good example of the latter. But Compuware's regional technology manager Mike Lucas urges organisations considering the move into managed services to set service levels in terms that make business sense. Why? "They may manage the availability and utilisation of the infrastructure, but in most cases they don't measure how IT is performing for the business," he observes. Lucas likens the problem to a coin – heads for business and tails for IT. Neither side can see the other. Compuware's approach measures the service as end-users understand it – relating that back to the technology in the IT department. "We have a system that starts the move from tactical, reactive chaos to a strategic world of well-defined processes," he explains. Meanwhile, with the BT-managed IP approach, security is taken care of by BT. A recent survey by a security magazine found 90% of a company's confidential data stored in electronic format, and 45% of that in email systems. Martino Corbelli, director of marketing at enterprise web and email filtering company SurfControl, says: "Integrating policy, education and technology steps will provide security for enterprise networks." And so to the PET approach: policy, education and technology. Policy – have policies in place, explaining to staff what the software tools are for, what happens if someone breaches the rules and so on. Education – take the policy further, educate users about security (eg: don't open an email attachment if you don't know the sender). Technology – is the safety net that enforces the policy, and can stop abuse before a problem arises. Free but controlled access Interestingly, about 10% of SurfControl's business is with the manufacturing sector, which it regards as at the forefront of technology adoption, driven as it is by the need to manage costs. One company buying into the PET concept is portable accommodation manufacturer Rollalong, where IT manager Dean Williams says: "SurfControl helped us draw up our acceptable use policy after we decided to open up access to the Internet to all employee terminals, while also wanting to manage bandwidth tightly. Having users with too much recreational Internet access or downloading large files – like MP3 files or movie clips – would impact badly on network performance." SurfControl also offers an anti-spam ROI calculator, developed by analyst IDC, on its website, including a 500-user example. Again though, no two networks are the same. All protection services can be circumvented: there is always someone who can figure a way round a security block. All you can do is mitigate the risks by deploying the necessary layers of protection, while noting that threats change and the situation is not static. When is the safest network environment? "Five to nine in most offices," quips Corbelli, which is another way of saying that to get a secure network, you have to have no people involved. Do you DIY, outsource, or opt for a managed service approach? No-one can dictate a generic way for all to go – only your board, your business and your IT department are in a position to know your priorities. Best advice is that ultimately, IT should become a responsive service provider to the business. And to hark back to the SOA, solutions must support a company's objectives: only then can business goals be met.