Concrete needs, cloudy solutions
Date: Sun, 04/03/2011 - 12:25
There's nothing cloudy about the enterprise's hopes for virtualisation. In terms of getting more for less, it offers unbeatable value. But what must be done today to ensure network infrastructure is being built out and proven to be "cloud-ready" from a metro/core and DC networks perspective?
To ensure a reliable, manageable and secure cloud, the infrastructure needs greater intelligence, agility and automation. Shouldn't we build this into the foundation, or can it really be added with smart devices?
And how should providers promote the cloud for their own competitive advantage? As a way to make traditional IT more efficient using Infrastructure as a Service and private clouds? Or as a way to source Solutions as a Service directly – even bypassing the IT department in the process?
This session commences with Quocirca's overview of Cloud Computing's potential benefits and risks and then we turn to our panel for a broader discussion of usage and governance models for the cloud, and its potential impact on IT management.
Clive Longbottom, Service Director, Business Process Analysis, Quocirca, at NetEvents EMEA Press Summit, Barcelona
Panellists: Justin Fielder, Chief Technology Officer, Easynet Global Services; Natasha Tamaskar, Vice President, Product Marketing, GENBAND Inc.; Steve Garrison, Vice President, Marketing, Infoblox; Jeff Schmitz, Vice President of Networks & Applications, Spirent Communications; David Howorth, Regional Vice President of Cloud and IT services, Verizon Business
Okay, so we discussed a lot of cloud yesterday, so I'm trying to take a slightly different view on it. But let's start off with looking at what's been the promise of
cloud to the people who are going to end up using it.
The promise has been it's going to be flexible. Whatever you want to do, you can do it in the cloud.
It's going to be elastic. You won't have to buy all the resource that you'll ever need.
You buy the base level and it comes along when your workload expands. Hey, you just throw more resource at it and pay for that resource that you're using. And once the workload has calmed down a bit, great, you give the resource and you don't pay for its usage.
You get higher resource utilisation. So if you are going to run a private cloud in your own data centre, your 1,000 servers magically become 200 servers. But, as was said yesterday, that 200 will probably become a 1,000 by a week on Wednesday as the company decides that they want more and more stuff being done anyway. But at least it is 1,000 servers and not 5,000 servers.
So that utilisation helps not only in fewer machines but each of those machines taking up the energy, needing cooling and so on. So that highly variable environment of energy suddenly becomes slightly less of an issue. It's still an issue, but not as bad as it was.
The capability to more rapidly provision things. Because the cloud is pretty much predicated on virtualisation, being able to create virtual images and just chuck them up there and say, great; we've done it; wonderful, everything is running; no problem at all.
A better cost base. What I really mean is cheaper. Surely this is what a lot of the organisations are looking at and saying it's costing us too much at the moment. We know that the cloud is going to be cheaper so therefore the decision has already been made. Now we just have to figure out what is the best way for us to do it, making sure that it is cheap.
And access from anywhere. If we try and force everybody in through a corporate gateway then we need a lot of bandwidth. We need a lot of on-premise equipment.
We need a lot of management tools. So let's get in so these people can get access to what we're provisioning in the cloud from wherever they are through distributed gateways, through different ways of getting there. Great, we don't have to bother too much about it.
But there's lots of different types of cloud out there and I'm not talking from a technical level. Meteorologically speaking, is this the nice little fluffy cumulonimbus clouds that we're talking about, or is it that we're looking at anvil clouds, the start of the storm? Are we moving to cyclonic variations and hurricanes coming through?
And I think we probably are.
And why is it? A lot of businesses are increasing mobility. When I first became an analyst, which was just before IBM was born as a company, mobility within an organisation generally meant getting in the car driving, somewhere and then picking the phone up. The average organisation has about 40% mobility within the organisation. Large organisations may have more depending on the type of organisation. Now if they have a lot of task workers it may be lower.
If you take a 10,000 user organisation and say that 4,000 of those are mobile, they need access not only to the telephone, not only to email while they're on the move, they want to have access to the corporate data, the corporate applications, everything that's going on. This is a big issue.
And yeah fine, LTE may come along. Does it make a great deal of difference to what the end result will actually be or is it just great, you've got a fatter [pipe]?
Mixed traffic. Dean was talking about it. Yes, there's voice, not just telephony. It could include video. Tough Dean, there's a hell of lot of video out there. It's not video conferencing. But BBC brought out the iPlayer for the iPad yesterday. All of a sudden you're getting a load more video going around. It's not all going to be real time, but a lot of it is going to be near time. And even that, which you don't really care about because you can buffer it, is still playing hell with those networks.
We've got latency. Now I don't think John Mathew is here this year, but I really wanted to see him again. The last time we saw him he was going to break the laws of physics because he was going to make it that you could actually have instant access.
It's a case of I'm sorry, the laws of physics, the speed of light doesn't mean that you've got issues. And it does have impact on cloud.
If you are a trading bank the last thing you want to do is to introduce half a second of latency just by having something coming from the cloud, even if it is coming in at the speed of light.
You've got security of data on the move. A lot of people sort of go, great, we've got security of the data at rest; we've got full encryption. But while it's on the move is it being transferred encrypted, or is it being transferred in the clear? And a lot of organisations believe that just because it's encrypted at rest, they think it's encrypted on the move. And that's not always the case.
And something which we could spend the next three years talking about -- I'll mention it now and we probably won't touch on it much more, technical contract negotiation.
As we move more towards cloud capabilities, if we do go towards the promise of cloud, then we are having to look at, okay, I want to get this function for the next ten minutes that does something for me. Where do I get it from? Alright, I've searched on the Internet and I get 10,000 possible functions that will do it for me. How do I know they'll be able to do the right number of transactions per second? How do I know that they can guarantee a certain level of security? How do I know they'll do exactly what I want?
All of that's got to be done on the fly. We can't pick up the phone; we can't send emails to each other. And we're not seeing a great deal of that at the moment.
So here's the problem for the users. They can go and say, okay, we've set up our own private cloud in the customer premises; we've got control of that. We can have a shared private cloud where we're using somebody else's premises, an Equinix or something like that or we can use a shared private cloud by using a platform, maybe an Easynet or somebody like that. And okay, that's great, because they're controlled as well. So provided we understand each other's control environment, we've got something which we can pretty much put a service level around.
But there's this little blue thing, the rest of the Internet, where the mobile user is likely to be coming in from because they can't guarantee that they're going to touch the network which is owned between the service provider and the end user customer.
And as Nir said, yesterday as well, the problem may well be that even the function, if it's in the public Internet, how do we know that that mobile user is actually going to touch anything to do with the organisation or anything to do in a controlled environment because they could be going straight to the public Internet to get that function. How can we control that?
So who owns that blue bit? 10,000 different service providers all providing their own little bits, all handling data between each other. Hurrah for network neutrality. It's one of the worst things that could possibly happen if you're looking at it from a corporate point of view. We need more control and network neutrality does not give us that capability.
So what controls do we have? Minimal. What physical media are we running over?
What is the actual physical transport? Is it copper; is it fibre? Do we really care?
Well, maybe we should do because it impacts on what the performance is going to be; it impacts the levels of security we can apply. So it's a bit of a pain this.
If we look at the overall thing, it's a case of we know that Al Gore invented the Internet. He told us so. What I really need is a picture of Donald Rumsfeld on here, because I think that Al Gore handed it over to Donald. And Donald has got us to the place where it's a case of, there are certain things here that we know that we know.
There are certain things that we know that we don't know. There are certain things that we don't know that we do know and there are certain things that we don't know that we don't know.
And that's a real, real problem because we're in so many variables, we've got so many things that are changing, so many unknowns, is there any one person who can stand there and go, this is how you're going to have to operate cloud.
When we look from the service provider's point of view as they're trying to move into cloud and say okay, we could be a private cloud, we could be a public cloud. We need to do something here. How do we differentiate ourselves out there in the market?
How do we actually say to people, yes to come to us we're the guys who really know this, particularly as things commoditise?
If you look at email, already it's a commoditised service. It's a case of okay, there youvgo have Gmail. Whether it's hosted exchange or hosted [domino], it's your choice.
You may not be able to get any information back when the boys in blue come throughvthe door and say, we think that we need all of this information from you. Sorry, it was all on Gmail, there's no storage, no archive, forget it. You should have been using exchange. We'll see you in court next week.
White pages listings. Okay, we've got this function. We stick it out there and we just hope that people will come to the door and they'll pay $0.59 a time to be able to use that function through the Apple iStore or whatever it might be.
How about Yellow Pages listings, where you actually get a level of knowledge of exactly what it is that's being promised. Who polices that? Who makes sure that's what being put up into a Yellow Pages listing, does what it says it will do.
I believe the SLAs are completely meaningless when you start to get into this environment because as a service provider, you only have control over a certain part of the network. You cannot guarantee it right through to the end. You may be able to say yes, great, here you go, provided you're coming in for your corporate network, you're coming across a line which we've got control over into our data centre which we've got control over, we can give you a service level agreement. Sorry about all of your mobile users because they're coming in from elsewhere. Sorry about all of your customers, sorry about all of your suppliers. We can't do anything about that. If there's a problem it's somebody else's problem; it's not ours.
So matching the offer with what the customer really needs an organisation should have a risk profile. It should understand what it's willing to do. And the customer always comes along and says I want zero latency; I want response time that is absolutely phenomenal; I want complete 100% up time. Yeah, here you go, give us your revenues for the next two years and we'll do it for the next month.
So sitting down with them and being able to say, right we're providing you with service value management, how much risk are you willing to carry. If you can carry a lot of risk, we can give you a service at very low cost. We can help you to understand what those risks mean. You can then understand what risks you cannot carry and therefore we can help you to sort those out. It may be directly or we may have to bring in other partners to make it that these areas which we don't particularly touch on are being controlled in a different way.
So issues. Using a dashboard to show that everything is okay is very dangerous. We find quite often and we were talking about it at lunch time, salesforce. How mission critical is that to a load of businesses? Incredibly so. What happens when it goes down? We've got big problems. So you phone up salesforce and they've got ringing across the board guys, because the connectivity has gone down.
It's not because there's any problems with salesforce. So you need to have proper root cause analysis. You need to be able to monitor and measure and report on and be able to fix problems as rapidly as you possibly can if cloud is going to meet the requirements of the users.
You need to make sure that any measures that you do aren't just based on pure mechanics, pure measurements. Mean opinion scores are becoming more and more important. You can put in place something where the average response time is half a second to a customer and in six months, they're complaining and saying this has got very, very slow. And you measure it and the average response time to the customer is half a second. But their expectations have changed.
So being able to measure a mean opinion score being able to figure out how people actually feel about it means that you can respond better and that you can actually start to give advice.
Data security. As I say making sure that you're measuring it, that you're dealing with it on the move as well. But if you are going to encrypt your data on the move, there's less that you can actually with it. The packet inspection becomes difficult. You cannot [use] that information because you don't understand exactly what there is in there, unless you manage to break into it as the man in the middle, not always the best way forwards when you're dealing with companies who want the utmost security.
Network resilience. The public Internet is massively resilient. It was built that way.
It was built for packets to go all over the place, if any part of it broke. If you want to start drilling through and say we're going to tunnel this, you start to destroy some of the resilience. As that tunnel becomes comprised, breaks something goes wrong with it, you need to be able to fall back into a different tunnel. If you're going to say no, we don't have that then you'd go down. There's no point of it.
So a lot of the end users, a lot of the customers are still saying we'll go for leased lines because we have the utmost security there and you have the utmost weak link because that is a single line. So now you have to have two of them or three of them or four of them. It becomes costly; it becomes a problem.
Mixed traffic. Being able to deal with voice, video, data, all the changes that are going on; making sure that those volumes are something you can deal with by using things like traffic policy management; making sure that you cut out what isn't being needed; being able to deal with devices that become very chatty when they're being turned on.
We've all been here today and as an email comes through on your BlackBerry or your Apple or whatever, you turn the device on and you check it and then you turn it back off again. The amount of network traffic that that has created is rather difficult for the systems to cope with.
And the mixed value chains. We can no longer build a wall around an organisation and say that's it. Everything that's inside there is our data, we will control what goes out. You've got customers to deal with. You may have your customers' customers being your customers as well. You've got suppliers and certainly your suppliers' suppliers are going to be yours as well.
So being able to manage that environment, sharing information in the best possible way, but not having everybody, having to be forced to come through to your own data centre to access things, means that the cloud has to got to be open but controlled.
So what can be done? We can use quality of service, priority of service and MPLS and so on. We can use protocol [assembling] and we can use full tunnelling for streams; we can use leased private lines; we can use intelligent routing. It's all pretty old hat. There's nothing new there.
And is it enough for the cloud? We can use WAN acceleration to make sure we get as much data through these pipes as we possibly can. We can use data caching so we're not moving as much over the network, so we get the speed of response up as high as we possibly can to people. We can use intelligent applications, being fully aware of what it is that the application is going to do and applying rules and monitoring the whole environment around there. And we can use data dedupes so we're dealing with less data in the first place and we can use compression.
But again, to me, it does look like cloud promises one hell of a lot. I think that when you look at the Internet, it is such a broken model, that it's completely unfit for purpose when it comes to being able to run a cloud at all.
And at that point I'd like to throw it over to you lot. So we've got two service providers here, so I think we'll start with Justin and say do you feel that the Internet is fit for purpose when it comes to running a cloud.
I think it depends. It really depends what you want. And this is half the challenge we have in selling cloud services to corporates, in that half the time they haven't done the basics which I think you should do before you even consider where you're going to stick your data, which is to work out how important it is to you. And that question about if it disappears for two hours, three hours, four hours, five hours, eight hours, that is just as relevant if you're in-sourcing it or got it in your own data centre as it is actually when you've stuck it in the cloud.
But what we can do is where it is possible, we can give end-to-end service guarantees over the Internet, because we have to do it today for our e-commerce customers. This is not a new problem. Every e-commerce customer, they do go off online when that thing called the Internet stops working, between their customer and that website. And therefore it's quite simple. And we've been solving those problems about how you make e-commerce sites more and more robust for ten years, probably 15 actually.
So if you take that learning and you apply it to this new model, I think actually yes it is perfectly fit for purpose, assuming that you can put up with the vagaries that come with it. If you can't, like your financial trading example, you've got no choice.
You've got to build it private because you need deterministic end to end rather than non deterministic. So it doesn't make it broken, it just means it's not a panacea.
David, you're unfortunately not on the list, but you may have a slide all to yourself.
Really I would echo exactly what Justin said. I think that a great statement to say the Internet is broken, that it's not fit for purpose. But I think everyone sitting here with iPads and all this other wonderful technology can attest to the fact that the Internet continues to change everybody's lives.
I think to Justin's point, I think you need to start off when talking to clients and assessing their requirements and understanding whether maybe a cloud platform is the right platform for them is really to start with what sort of user experience do you want to actually achieve. And I think if you start at that level, then to your point it's a problem that as service providers, as hosting companies have been solving for many, many years. Obviously from a Verizon's point of view, if we're looking at key enterprise applications, then many of those clients already will have an MPLS and obviously Verizon is able to offer a global backbone so we solve some of those issues.
But I think it's -- I certainly, it behoves me to say that the Internet has continued to deliver and I think I don't see it breaking in the short term anyway.
Okay, Steve, a slightly different way of looking at from you. It's a case of Dean and Manek both said about the 50 billion devices coming along, which is possibly very small number into what is going to happen in reality.
Each of those needs an IP address, the last block of IPv4 was given out. An IPv6 address will only actually work in a heterogeneous environment. It will only work in the overall environment if it's IPv4 compatible. There's no basic compatibility between IPv6 and IPv4 unless the last four blocks have got IPv4 address. So every time we give somebody an IPv6 address we've got to give them an IPv4 address as well. Surely, with 50 billion devices coming along, that is breaking the Internet completely. How are we going to deal with that?
I think IPv6 provides a huge address space, Clive. It's 340 followed by 37 zeros. So I don't think that's really the problem frankly.
Who's going to put those IPv6 capabilities out there? The Internet is not IPv6 yet.
I think the two partners of crime on the panel here are going to spend a lot of money to upgrade their backbones to carry IPV6 for the rest of us in the room. And I really appreciate that they're doing that.
Thank you. At least someone does.
But if I'm sitting there as an organisation I'm still running NT because I didn't like this or haven't got Windows 7, I've only got IPv4 addresses. So I've got to nat my whole environment and make sure that anything that goes through is given an IPv6 address.
I think for the majority of the enterprise, I think that's true. I think the gateway of every enterprise is the challenge for the first wave of what do you upgrade next and what slew of vendors you bring in to help with that transition.
But I think the real challenge isn't the addressing at all. I think it's back to something that you said about a former speaker's breaking physics. And I think at the heart of it what is the SLA? And if a customer doesn't even know what cloud can do, and isn't sure what the public network can do, I think it's good to build a test bed in your customer prem, a little mini private cloud to make sure you understand as a customer what you want to ask the service provider to achieve.
So Natasha when you're looking at dealing with policies and the traffic, how much can this help the issues of we're just throwing so much data at a network which is already struggling, as far as I'm concerned.
Yes, so I think this is going to be a key thing. So first of all, let me just say if you do end up running up those IPv6 networks, we are happy to help you resolve the issues with that. We can analyse IPv6 traffic now.
Having said that, from a policy perspective, it's going to be key because you're looking at an exploding number of devices out there. IPv4, IPv6 whatever it is, that are connecting into multiple different applications. You need to be able to have visibility into the behavioural pattern of how people and consumers are going to be using those applications. If you have the ability to look at that, you can make intelligent decisions based on that.
On top of that, there was something else that was brought up in terms of security.
One of the big things that is different now in this network is that it's actually a hybrid of Internet and mobility. So the problems that were solved -- Internet actually did solve a lot of the problems. If you look from a security perspective, that was solved.
IPsec has been the standard forever, God knows how long. We've been in that market.
What has changed is the mobility component of that. So you need to be able to have that secure access which is mobile, loaded on top of that to be able to get this type of a solution working.
Okay, so sticking with you, when you look at the complete diversity of devices that are coming in now, you look at -- that's not going to stop. At the CES there was 200 tablets announced by various vendors, some of those will never see the light of day.
We are seeing -- we're back to the good old days of the PDA, when it was Clamshell was the thing that's going to win. No, it's not, it's this; no, it's not, it's that. Hey, it's a small PC. We seem to be back to that. The Dell tablet which they've brought out so far, the new Brick is like the old Osborne portable, it weighs about six tons.
[Inaudible] it's great.
How are we going to deal with ensuring that those devices are accessing in a correct way, that they're secure, that only the right sort of data is getting down to them, that people aren't misusing them by copying things across. Can we do things around that by using policy management and traffic management?
Yes, so it's actually a combination of policy and traffic management and access security. So I think there were some comments yesterday around some of these tablets, actually they don't have any security mechanisms on that. If you continue making all these devices lighter and lighter weight and less of it and lesser and push things in the cloud, well at the end of the day you'll have to put security and policy management in the cloud to be able to manage that as well.
Having said that --
Where would you put it in the cloud?
You put it at the edge of that network.
You put it at the edge of the cloud.
You put it at the edge of any of the applications that are actually -- you put it behind the applications. So you have the core cloud which is where you're supporting all the applications. The front end of that are security devices that provide you access security and by access security I mean multiple things. These are firewalling technologies; these are encryption technologies that absolutely have to sit at that point in the network to provide secure access and these are mutual authentication. All of these things are actually built in into the devices.
The few things that are there in these types of devices is that you have chipsets which now actually are included as a part of these devices which do IPsec and things like that. So you can do mutual authentication and validate these devices, whether they have permission to go into these types of enterprises or no.
At the end the cloud is supported by an enterprise. It's an organisation. It's a carrier's network or an enterprise. So those mechanisms are available.
What's different is that now that end device is mobile. It's no longer the laptop sitting on your desk doing all of these services. That device is mobile. So all of these things need to be secure and need to be mobile and need to be mobile while they fail over and have issues as well.
So Jeff, you're sitting there -- or I'm at my desktop and I've got a laptop machine or whatever it might be, and suddenly get up because I suddenly go, oh my God, I've got a plane to catch. Off I go to the airport, open my machine again, right, okay, plane's early. Off I go, I'm now at a hotel in a completely different country, I open it up.
How do I make sure that the experience is adequate, no matter where I am, no matter what device I'm using, because while I was at the airport, I was using an iPad, because it comes up in two seconds compared to a laptop taking 2.5 days. So how can I manage that user experience?
First of all, that's a non-trivial question, but I think it would back to something that was said earlier.
I think the most important thing form the cloud perspective is it's great to talk about saving money and virtualisation and saving energy etc. But the real focus in cloud ultimately is supporting the business. So you have to choose which business applications you want to run over what type of technology and what kind of control you need.
So since you quoted the famous Donald Rumsfeld, I guess I'll quote the famous Ronald Reagan who had his 100th birthday a few days ago which is, "Trust yet verify" might be the right quote to come back with.
You've got to choose what business applications are key, what kind of performance you need and make sure that you can validate those. And unfortunately taking a snapshot at validation isn't good enough because the cloud by its nature is so dynamic.
So I can have applications moving as well as users moving as well as changes to the network, changes to the server environment as well as changes in the Internet and users. So ultimately you have to choose wisely and continue to validate.
So if we try to build this in to the fabric, we've got a hell of a lot of measurement going on which impacts the very network that we're on because it's not transparent.
You can try and make it line speed but this is going to have some impact.
If we choose and say we will only put it in the corporate part of the cloud, then the end user isn't coming through that corporate part of the cloud, they're coming in through the public part of the cloud. How can we try and get around this, not destroying the very thing that we're trying to make work by overburdening the whole thing with lots of pinging messages, lots of agents, lots of you name it going on all over the place?
I actually earlier proposed repealing all the laws of physics then everything is fine.
But as it turns out we can't do that. So we're going to have to dedicate some level of power to validating these things, whether they're agents or whatever. And we've developed an entire strategy of validation of the cloud services etc. and deployed those with some customers. And I think there's more to evolve in terms of ongoing management because it's a non-trivial problem.
Just you know, Jeff was saying about prioritising, making sure that the customer really understands what it is they're trying to do. How many customers are you finding get that?
Not a lot.
Good. I'm glad I was right.
It's a bit more fundamental because most customers don't realise the Internet and that corporate network, they're not different. It goes over the same route; it goes over the same [phone] connection; it hits the same carriers and so on and so forth. So actually to differentiate the Internet from the corporate one and say, they're two different problems and therefore you need to approach them in two different ways is a complete fallacy as a network provider.
As a corporate, I've made that great homogenous decision that everything is going to be Cisco wall to wall. As soon as we get out the wall it hits a Juniper box. It then goes off and hits a Nortel box. It then goes out and hits a Billion box, which we'll have to see what happens gets to there because half of your information is going to get taken straight through to China. Did I say that out loud? Sorry. So how can you say that the whole Internet is the same as your corporate?
Because we have to deal with that today. You know no one can stand up here and say I own the world network. It's just not true. And therefore that corporate network, the moment you step out maybe you can just about get away with it if you're just buying connectivity in one country from an incumbent. Maybe that is all theirs. But actually BT buys fibre from us, so it's not really theirs. So at the end of the day they're there.
And therefore we've solved this as network providers. In fact we take that pain away because we have a series of service level agreements that say what our commitment is and for a lot of them we put our money where our mouth is. But actually it's sort of like, why do you need to worry about it because if you've got people like us, or my good friend next to me, who actually will give you that guarantee, we just try to simplify the way that we present that into the market.
But you know you don't worry about your Intel processor, whether it is really running at 2 gig or 2.2 or anything else. There are some things that you just don't need to worry about them. And network performance if you explain and sit down with a service provider and explain what is really important. And I'd just say I've got this problem today. I have to make that e-commerce side work and unfortunately the Internet routes change oh about every five minutes.
So David, abstracting from the fabric is that simple -- anybody can do it. Why should I come to Verizon? Easynet can do it at half the price.
I think just talking generally in the service provider landscape, I think that if you look at clouds -- so we're talking about cloud obviously -- that years of experience in terms of managing networks and managing the transport combined there and obviously with being able to manage and own the stack I think bring those two things together. That is the reason why I think the service provider and the telcos in particular have an opportunity to actually add an infrastructure level at least to be the major players in this market as it evolves. Certainly in terms of public cloud and hybrid cloud as well, because as I say combining those two experiences.
So and one company or another at the end of the day we all live and die on service.
So for us as I mentioned, before it's about understanding the client's requirements.
And at the end of the day yes, if a client wants to add additional layer of security, wants to have additional guarantees, we can factor those things in up to the point where [inaudible] but it's going to cost money. So again it's about differentiating levels of service and differentiating costs.
So Natasha again, we were talking about devices tending to be just that little bit chatty on the whole. And as we go forward there's going to be a lot more on and off usage of devices, although like an iPhone it will be still on in a low state, still attached to the network, still finding out what's happening, pulling information, you know having information pushed to it. And as soon as you turn it on, it has to do a lot more talking as well. What can we do around that?
So actually that is happening irrespective of cloud. This is not a cloud problem. And it's actually happening quite a bit. Especially over the last year we have seen numerous accounts of this coming from service providers such as AT&T etc. And initially everybody was saying, oh my goodness we have so much data traffic and very soon as you'll start looking deeper into the problem statement, you see that it's really not that much about the data traffic. Of course that's huge but there is a significant amount of signalling traffic as well.
The issue there is that these types of signalling traffic to be able to manage it you need to be able to sit at a part in the network where you can understand that language. So when you're sitting at the core of the network in the cloud you're seeing all IP. You're not in an access network; you can't solve the problem. So you need to have devices that can actually sit in your access network where you can look at those signalling messages and optimize. And actually we are just going to announce a solution around that. End of this week or next.
We've got a few minutes left. I'd just like to open it up to the floor for any questions that anybody's got. Anybody still awake? Looks like no. So okay.
The whole idea of this session was actually to talk about what needs to be built into the fabric and what can be applied either as a layer or as an appliance. A lot of what we talked about we haven't drilled down to that sort of a level. So we'll just start at the left with David and we'll go forward. How much needs to be in the fabric, how much can be put on layered or as appliances? In less than ten words.
David: I think we need to build -- I think in the future, we certainly need to layer a lot of this intelligence security into the fabric. I think in terms of developing applications you need applications that are aware of that fact, are able to utilise those things that are built in and those things that are put elsewhere. So a very generic answer.
I think there's a debate which is -- it comes back to an earlier point. If the application is aware that it needs to be secure, it can do itself, a client server. You can generate your own even if you're open [inaudible] network. So this probably, it will particularly in the corporate space it will be driven by the needs of the customers of the apps. And they will probably start to push whether we as service providers ram this into our infrastructure or the corporate still wants a gateway or actually they -- like we do for a lot of PCI compliance, for credit cards you actually don't care about the network because you've secured the two end points. And therefore security by obscurity never works. And therefore probably that's where there is a debate to be had is -- does the app need to be secure or does the infrastructure need to be secure?
Well I think in general I've said for a while, complexity is the enemy of up time. And so the solution has to be something that's pragmatic and the general user can actually deploy and understand. And I think the fact that Justin pointed out that many of the customers he worked with don't actually know where to start or how to start kind of brings us back to reality. It's a great vision but people need to know how to start simply and figure out what is the right application to drive the business, number one and then how do I think about managing that risk.
And I don't think there's going to be one size fits all, folks. I think some people are going to need appliances; some people are going to look at applications that are selfaware and self-secure and other people are going to have a hybrid model. And no pun intended.
I don't want to add too much more to all the other statements.
I think the ultimate thing from a testing perspective, within a validation perspective is complexity is actually the key to our business. Right? The more complex things get the more people need to validate, wherever that may be the application model or the network.
So I think there was a comment made that it could be the applications that need to be more security aware and that's something I really disagree with. And the reason I'm disagreeing with this and it's the last statement so I had to disagree, is because it's too much burden on the application provider. You're looking at people who are building things like UC Collab tools. It's supposed to be specialized in a certain thing that it does. Any of these applications -- you're talking about salesforce, that's supposed to be excelling at that application. Now saying that you need to have a burden of increased security of all types added on top of that application is really saying that you want that application's performance to degrade. So from that perspective -- and we have seen this several times. That's the reason people, typically service providers are decoupling security from the application.
Well, the application can be as secure as you want. If the access device is a browser.
For want of a better French phrase you are --
I would say one thing to that. I mean is it too much to ask that applications are developed securely.
Okay. So I think to me, cloud is like near enough any vehicle. It's there to get you from point A to point B. And the more that you can abstract away from having to look at whether it's a diesel engine, a petrol engine, whether it's on 17 inch tyres or 20 inch low profiles, it may be the glitzy side which you go for. But it's the end result that we should all be interested in. And it should be where businesses are coming from. It's what does this do for me? And if it doesn't do what I want what are the other options that I've got.
So I think this is going to be where cloud survives, thrives or fails. If it goes out there and tries to be the ultimate answer to everybody, it will fail. If it goes out there and says that there are certain things that we can do better, not necessarily cheaper, but better, and this is how we fit in with scale up, this is how we fit in with scale out within your own data centre, this is how we work in the public environment, within the private environment, within the hybrid environment, then we stand a chance of it working.
The Internet isn't quite broken but it's pretty ill at the moment. And the more that can be done to help it recover, the more the cloud will be successful.
With that point I'd like to thank my wonderful panel for actually disagreeing with a few things, because I think that always helps. And please give them a round of applause.