Category Archives: Technology

Virtual Infratructures need Virtualized Security

Most companies by now have virtualized a large percentage of its datacenter infrastructure.One mistake that may be made is to rely on existing physical security devices only to protect your virtual infrastructure . A physical servers traffic normally traverses our physical network devices but inter vm traffic may never leave your hypervisor hence an intruder who gains access to one improperly secured  Virtual Machine may be able to compromise additional virtual machines without  being detected by a physical Intrusion prevention  system or firewall,since inter vm traffic flows exists within virtual switches.In order to properly protect virtual machines hypervisor level firewalls are required,these Vfirewalls are virtual comstructs managed like a physical device and providing visibility into virtual network traffic flows.

Leave a comment

Posted by on July 31, 2013 in Technology


Tags: , , , , ,

Building a Vmware Powered Hybrid Cloud using Ecalyptus

The Cloud means many things to many different persons,but personally I view a Cloud as a distinct pool of  computing resources that can be manage centrally, provides the ability to scale resources via pre configured policies and lastly provides the ability to automate manual requests such as Virtual Machine creation and deployment.

Though not recommended by many IT professionals, I am planning on making our IT department an internal service provider. In this vain it is my vision to build out a Private Cloud that can provide self service to authorized internal clients such as our developers and application administrators.Currently we utilize a Vmware Vsphere platform, but in another few months this platform will possess all the attributes of a true cloud.To provide the functions necessary I have decided that we will look at the Open Source Eucalyptus platform.

Eucalyptus is Open Source so it reduces our initial capital expenditure ,it is compatible with Vmware and it has the ability to support Amazon based workloads thus providing a Hybrid platform mangement tool.

At Stage one, we will roll out a Private Cloud  that will allow authorized internal clients to perform various tasks related to a an assigned blocked of computing resources.

At Stage two we will seek to allow the migration of workloads between Amazon and our Vmware based private cloud,this should provide Disaster recovery and scalability benefits to our group.


Leave a comment

Posted by on December 5, 2012 in Technology


Tags: , , , , , , , ,

Large Layer 2 Domains and Vmotion

Vmware V-motion requires physical hosts to be in the same layer two domain. This goes against the grain in networks that were built around the principle of reducing the size and reach of broadcast domains.Layer 2 broadcast domains reduces the bandwidth available to our applications due to effect of frame flooding and also because Spanning tree’s operation disables redundant paths in our layer 2 networks.

Vmotion’s layer 2 requirement may be one of major reason why Flat layer 2 networks are being optimized.These optimization’s mitigate against the effects of broadcasts and unknown Unicast flooding which wastes network bandwidth.TRILL which is not really necessary to support Vmotion, has been developed to replace spanning tree in bandwidth intensive use cases that need all links to be forwarding at once. The existence of applications that require huge Flat networks will ensure the continued evolution of the layer 2 switching space and thus augment the simple plug N play nature of Ethernet networks that most people appreciate.








Leave a comment

Posted by on September 20, 2012 in Technology


Tags: , , , , ,

Looking at Dell Force 10

Dell has hit a home run with their force10 line. Born in the world of high frequency trading, Force10 with its huge output buffer provides Dow Jones, twitter and Facebook with low latency switching infrastructures. At prices lower than the nexus line and providing a command line that is syntactically similar to Cisco’s IOS. Force10 represent bridge to a hybrid network where Cisco IOS and force10 FTOS in concert with open standards such as lldp and gvrp gives the enterprise the ability to ensure that we receive the best features at the lowest pricepoints.

Leave a comment

Posted by on September 14, 2012 in Technology


Tags: , , , , ,

Successor based Flow Failover in Open Flow Networks

The failure of links in software defined networks based on Open Flow will result in the need to converge on a new topology which will be the same at layer 2 or 3 since open flow seems to merge the control and data planes resulting in unified logical topologies. Since Open Flow utilizes flow tables the concept of feasible successors can be applied to flow tables by inserting alternate paths as less preferred flow entries. The use of successor routes will result in no need to contact a controller on link failures.

Leave a comment

Posted by on July 16, 2012 in Technology


Tags: , ,

My Software Defined Networking Wishlist

The primary goal i would be seeking to meet when i decide to implement Open Flow or some other SDN framework is management simplicity.Below i have listed two things that i hope SDN will address when it becomes main stream in enterprises.

Automatic VLAN Grafting

Connectivity issues resulting from the absence of Vlans on trunk links is a common problem that network techs face when provisioning access ports.SDN can be really valuable if it is able to graft vlans to trunk links based on learnt layer two traffic flow.

Advanced Optimized Edge Routing that integrates QOS

Currently OER/PFR is unable to implement QOS policy decisions on flows that are not operating within a certain threshold. An OPEN FLOW controller that implements QOS policies while managing policies below edge devices such as those in the network core would greatly enhance policy based routing design and overall network architecture design.

Leave a comment

Posted by on June 23, 2012 in Technology


Tags: , , , , , ,

HTML5 May Make Mobile Apps Redundant

Mobile Applications are the rage right now and as they like to say they is an APP for everything or almost everything.

With the move to mobile, users are now able to access services from anywhere using any of three popular Mobile Operating Systems,this convenience is cool but comes with a  few disadvantages that i feel will lead to Apps becoming a thing of that past on mobile devices,especially smart phones.

The memory used by some apps make them unsuitable for lower end devices.

The functionality of some mobile apps such as facebook for android is way below that of a Web Browser on a PC

Mobile Apps require frequent updates which have to be downloaded to your device,A HTML5 browser based app can be upgraded from the server side

The development effort required in app development may be a little higher than native wep app development. While most mobile apps are developed in JAVA there will still be some tweaking required on a per OS basis for things to work out. If apps are developed in a device agnostic manner, developers will be able to quickly reach a wide market and a larger ecosystem in one development cycle.

HTML5 has the potential to not only replace FLASH but also to provide app functionality in a web browser. HTML5 supports offline apps, Multimedia APIs and Built-in database support. Drag an drop functionality along with with the ability to utilize existing scripting language means that existing web programmers will still be able to leverage existing skills to create rich application experiences. By executing complex code on the server side,low end phones with a capable browser may be able to provide their owners with the capabilities currently provided by apps.

1 Comment

Posted by on June 6, 2012 in Technology


Tags: , , , , , , ,