Cisco Blogs


Cisco Blog > Security

A Circular Problem in Current Information Security Principles

Editor’s Note: In this second installment of the blog series on more responsive security, we take a closer look at the circular problems associated with four common security principles in managing “weak link” risks in Information Technology organizations.

Before discussing what constitutes this responsive approach to security, let us first look at a few of the fundamental principles of information security to understand the unique challenges organizations face today in managing security risks.

Read More »

Tags: , , , ,

MDS 9700 Scale Out and Scale Up

This is the final part on the High Performance Data Center Design. We will look at how high performance, high availability and flexibility allows customers to scale up or scale out over time without any disruption to the existing infrastructure.  MDS 9710 capabilities are field proved with the wide adoption and steep ramp within first year of the introduction. Some of the customer use cases regarding MDS 9710 are detailed here. Furthermore Cisco has not only established itself as a strong player in the SAN space with so many industry’s first innovations like VSAN, IVR, FCoE, Unified Ports that we introduced in last 12 years, but also has the leading market share in SAN.

Before we look at some architecture examples lets start with basic tenants any director class switch should support when it coms to scalability and supporting future customer needs

  • Design should be flexible to Scale Up (increase performance) or Scale Out (add more port)
  • The process should not be disruptive to the current installation for cabling, performance impact or downtime
  • The design principals like oversubscription ratio, latency, throughput predictability (as an example from host edge to core) shouldn’t be compromised at port level and fabric level

Lets take a scale out example, where customer wants to increase 16G ports down the road. For this example I have used a core edge design with 4 Edge MDS 9710 and 2 Core MDS 9710. There are 768 hosts at 8Gbps and 640 hosts running at 16Gbps connected to 4 edge MDS 9710 with total of 16 Tbps connectivity. With 8:1 oversubscription ratio from edge to core design requires 2 Tbps edge to core connectivity. The 2 core systems are connected to edge and targets using 128 target ports running at 16Gbps in each direction. The picture below shows the connectivity.

Edge Core Design Day 1

Down the road data center requires 188 more ports running at 16G. These 188 ports are added to the new edge director (or open slots in the existing directors) which is then connected to the core switches with 24 additional edge to core connections. This is repeated with 24 additional 16G targets ports. The fact that this scale up is not disruptive to existing infrastructure is extremely important. In any of the scale out or scale up cases there is minimal impact, if any, on existing chassis layout, data path, cabling, throughput, latency. As an example if customer doesn’t want to string additional cables between the core and edge directors then they can upgrade to higher speed cards (32G FC or 40G FCoE with BiDi ) and get double the bandwidth on the on the existing cable plant.

Edge Core Design Scale UP

Lets look at another example where customer wants to scale up (i.e. increase the performance of the connections). Lets use a edge core edge design for this example. There are 6144 hosts running at 8Gbps distributed over 10 edge MDS 9710s resulting in a total of 49 Tbps edge bandwidth. Lets assume that this data center is using a oversubscription ratio of 16:1 from edge into the core. To satisfy that requirement administrator designed DC with 2 core switches 192 ports each running at 3Tbps. Lets assume at initial design customer connected 768 Storage Ports running at 8G.

Edge Core Design Day1

 

Few years down the road customer may wants to add additional 6,144 8G ports  and keep the same oversubscription ratios. This has to be implemented in non disruptive manner, without any performance degradation on the existing infrastructure (either in throughput or in latency) and without any constraints regarding protocol, optics and connectivity. In this scenario the host edge connectivity doubles and the edge to core bandwidth increases to 98G. Data Center admin have multiple options for addressing the increase core bandwidth to 6 Tbps.  Data Center admin can choose to add more 16G ports (192 more ports to be precise) or preserve the cabling and use 32G connectivity for host edge to core and core to target edge connectivity on the same chassis. Data Center admin can as easily use the 40G FCoE at that time to meet the bandwidth needs in the core of the network without any forklift. Edge Core Edge Design Scale Out

Or on the other hand customer may wants to upgrade to 16G connectivity on hosts and follow the same oversubscription ratios. . For 16G connectivity the host edge bandwidth increases to 98G and data center administrator has the same flexibility regarding protocol, cabling and speeds.

Edge Core Edge Example 1 ScaleUP

For either option the disruption is minimal. In real life there will be mix of requirements on the same fabric some scale out and some scale up. In those circumstances data center admins have the same flexibility and options. With chassis life of more than a decade it allows customers to upgrade to higher speeds when they need to without disruption and with maximum flexibility. The figure below shows how easily customers can Scale UP or Scale Out.

 

Edge Core Edge Design Scale Out Scale Up

 

As these examples show Cisco MDS solution provides ability for customers to Scale Up or Scale out in flexible, non disruptive way.

“Good design doesn’t date. Bad design does.”
Paul Rand

 

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Digital Design Visual and Otherwise

September 29, 2014 at 8:29 am PST

First impressions really matter. We know this intuitively, and you may also have seen the stats that say it takes web visitors less than two-tenths of a second to form a first impression, and just 2.6 seconds for a user’s eyes to land on that area of a website that most influences their first impression. Visitors make their decisions on whether to stay or leave in 10 seconds or less.

Visual design – the photography, graphics, typography and layout on a page — has a lot to do with initial first impressions that your visitors have. While it’s not the only thing, paying attention to visuals in the right places can have an important impact on how you connect and engage with visitors to your web and mobile experiences.

Last week I was on an interesting panel that included some colleagues in digital design from other companies: A well known express shipper, a major wireless provider, a cutting edge design firm. We talked a lot about what makes visual designs work. Then, we talked even more about other factors beyond visuals that are required to make an experience effective.

Where Strong Visuals Matter

Strong visual designs are immensely important in attracting attention and engaging users, especially where they’re new to your brand and company or organization. At Cisco, we have examples of this in our home page, immersive experiences around specific topics such as Internet of Everything and many other places.

A sampling of some of the visual designs in our Cisco.com and mobile digital space.

A sampling of some of the visual designs in our Cisco.com and mobile digital space.

Good and consistent visual design does great things: It helps to quickly establish trust with your brand. It orients people. It keeps your visitors engaged. A good visual design can lead users to the right places on the page, and help them make decisions.

Simplicity Counts

Visual designs don’t need to be extreme or snazzy to be effective: You can use good simple visual design to lead users to a key call to action. For instance, one of our panel members pointed out that good adherence to visual scanning principles makes sure that button and other key elements are obvious, raising the probably that users will engage.  Another follows a strategy of using visual and interactivity and make sure the online experience is enjoyable, fun and efficient.

One of our panelists pointed out that users tend to scan a page in an “F” pattern, looking across the top, down the left side, and the slightly lower and horizontally on the page again. This remains true even with tablets, and probably works the same way even in the horizontal themes that are emerging, such as Wired.co.uk’s new home page design.

OK, but something all of us panelists emphasized is that visuals are just a piece of the digital experience. We all also have many important “boring” pages where visuals are more muted but where principles of good design are essential.

For instance, the visual treatment of this simple search results box below, while perhaps aesthetically “boring,” results in a very effective design that collects the most important information around a product all in one place, lays it out in a very scannable format, and makes it obvious how to connect with someone at Cisco to find out more information.

The search results box on Cisco.com.

The search results box on Cisco.com.

While simple, this is an effective design for our customers and partners who are often working on problems on deadline and need information quickly, unencumbered with fancy visuals or other distractions.

Some Tips From Our Panel

That simple search results design above gets to the heart of the matter: “Design” is much more than bold visuals, and in any design project you should tune your visual design to the user’s goals and the task at hand. Here are some points for the panel:

Design end to end – When you’re design a new experience, think about the entire experience from someone searching on Google or Bing to landing on a mobile page to the offline interactions they may have in between. This experience should “designed” end to end and not just a screen at a time.

Design for actual people – Use personas or other techniques to design for real types or users who are completing real tasks.

Do Some Wireframing and IA up front – Use basic wireframes (simple diagrams of your pages/screens) or concept drawings to articulate the basics of an experience before you dive into an extensive visual design. (but see the next item)

But, visual comps can help – A corollary to the notion of wireframing is to have some strong visual comps on hand that you can show to your sponsors or decision makers. Sadly, black and white wireframes won’t convey the fireworks they’re expecting.

Don’t throw away common sense visual design rules: With today’s poster-oriented page layouts, often assembled with mix-and-match panels, it’s tempting to allow a random quilt to emerge on pages rather than a holistic design. But, with a good visual system, you can balance fidelity of the visuals: Create a design system with a good strong blend of iconography, infographics, photos and the information itself. Avoid blending incompatible styles and leverage modules and patterns to make things easier on your designers and agencies.

 

Embrace change, prototype quickly, be agile – With almost every project now, we create quick prototypes to understand how the designs will work. These are also good tools for testing with users, and demonstrating ideas to our stakeholders.

 

Test and learn – As you have protoypes ready or finished live implementations online, test and tune your designs. And then test some more to optimize. There are a number of tools at your disposal for this, including well-crafted A/B tests (including control groups), usability testing through online self-service or facilitate sessions, five second tests, and other techniques.

Finally: Don’t create a monster you can’t feed – This is perhaps the most important rule of all, and one that it’s hard to convince teams about until they’ve lived through a few projects: You may have the most splendorous design in the world, but if it is hard to update or expensive to maintain, it will quickly go stale and obsolete. To use a real estate analogy, don’t build a 30-room mansion if you can only afford to maintain a small bungalow.  Think through the ongoing costs of production, localization, management and other factors when you create a new design. It’s important not only that a design look good and work well, but that it’s maintainable.

Above all, beware of projects that start out with the main requirement to “do something cool.” If you focus on the true business and user outcomes you want – and follow the advice above – you will like end up with something not only cool but useful.

What have been your experiences?

Some references:

Digital Information World: Infographic on attention spans online

Missouri Science & Technology: First impressions form quickly on the web

Wired UK: How Wired built the new Wired.co.uk homepage

Tags: , ,

Next Generation Data Center Design With MDS 9700 – Part III

This week is exciting, had opportunity to sit on round table with Cisco’s largest customers on an open ended architecture discussion and their take on past, present and future. More on that some other time let’s pick up last critical aspect of High Performance Data Center design namely flexibility. Customers need flexibility to adapt to changing requirements over time as well as to support diverse requirements of their users. Flexibility is not just about protocol, although protocol is very important aspect, but it is also about making sure customers have choice to design, grow and adapt their DC according to their needs. As an example if customers want to utilize the time to market advantage and ubiquity of Ethernet they can by adopt FCoE.

Flexibility

Moreover flexibility has to be complemented by seamless integration where customers can not only mix and match the architectures/protocols/speeds but also evolve from one to other over time with minimal disruption and without forklift upgrades. Investment protection of more than a decade on Cisco director switches allows customer to move to higher speeds, or adopt new protocols using the existing chassis and fabric cards. Finally any solution should allow scalability over time with minimal disruptions and common management model. As an example on MDS 9710 or MDS 9706 customers can choose to use 2/4/8 G FC, 4/8/16G FC, 10G FC or 10G FCoE at each hop.

Multiprotocol Innovation

Let’s review each aspect of flexibility at a time.

 

Architecture:

Cisco SAN product family is designed to support Architecture flexibility. From smallest to  the largest customers and everything in-between.  Customers can grow from 12 16G ports to 48 ports on a single 9148S. They can grow from 48 16G Line Rate Ports to 192 16G Line Rate with MDS 9710 and upto 384 ports on MDS 9710. Finally having seamless FC and FCoE capability allows customers to use these directors as edge or core switches . With the industry leading scalability numbers, customers can scale up or scale out as per their needs. Two examples show how customers can use Director class switches (9513, 9506, 9710 or 9706) based Architecture for End of Row designs. Similarly customers can orchestrate Top of Rack designs using Nexus fixed family or MDS 9148S.

Examples of Edge Core Designs with MDS ToR and EoR

If they want to continue with FC for foreseeable future or have sizable FC infrastructure that they want to leverage (and have option to go to FCOE) then MDS serves their needs. Similarly they can support edge core designs, and edge core edge designs or even collapsed  cores if so desired.

 

FC Edge Core and Edge Core Edge

 

If customers need converged switch then Nexus 2K, 5K and 6K provides the flexibility, ability to collapse two networks, simplify management as shown in the picture below.

FEX and Nexus Edge Design Options

Speeds

Customers can mix and match the FC speeds 2G/4G/8G, 4G/8G/16G on the latest MDS 9148S, and MDS 9700 product family. With all the major optics supported, customers can pick and choose optics for the smallest distance to long distance CWDM and DWDM solutions in addition to SW, LW and ER optics choices. In addition MDS 9700 supports 10GE optics running 10G FC traffic for ease of implementing 10G DWDM solutions based on ubiquitous 10GE circuits.

Protocol

FC is a dominant protocol with DC but at the same time a lot of customers are adopting FCoE to improve ROI, simplify the network or simply to have higher speeds and agility. Irrespective of the needs and timeline MDS solution allows customer to adopt FCoE today or down the road without forklift upgrades on the existing MDS 9700 platforms while leveraging the existing FC install base.

FCoE Flexibility

The diagram above shows how customers can collapse LAN and SAN networks on the edge into one network. The advantage of FEX include reduced TCO, simplified operations (Parent switch provides a single point of management and policy enforcement and Plug-and-play management includes auto-configuration).

Another example to allow non transition less disruptive for customers Cisco has supported the BiDi optics on the Nexus product family. This allows customers to use the the same same OM2, OM3 and OM4 fabrics for 40G FCoE connectivity and still don;t have to rip and replace cabling plant.

BiDi Option

For customer who are not ready to converge networks but want to achieve faster time to market, higher performance, Ethernet scale economies can use separate LAN and SAN network and use FCoE for that dedicated SAN .

Evolution path from FC to FCoE

Coupled with broad Cisco product portfolio means that customers have the maximum flexibility to tune the architecture precisely to their needs. Cisco product portfolio is tightly integrated, all the SAN switches use same NxOS and DCNM provides seamless manageability across LAN, SAN, Converged infrastructure to Fabric Interconnects on UCS.

Broad Product Portfolio

From the last 3 blogs lets quickly capture what are the unique characteristics of MDS 9700 that allows for High Performance Scalable Data Center Design.

24 Tbps Switching capacity, line rate 16g FC ports, No Oversubscription, local switching or bandwidth allocation.

Redundancy for every critical component in the chassis including Fabric Card. Data Resiliency with CRC check and Forward Error Correction. Multiple level of CRC checks, smaller failure domains.

In next few days lets put this all together to see how customers can deploy scalable networks that allow them to Scale Up or Scale Out in a non disruptive way.

To learn more about the MDS 9148S please join us for a webinar.

“In business, words are words; explanations are explanations, promises are promises, but only performance is reality.”

Harold S. Geneen

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Cloudburst: iOS 8 Generates 50% Increase in Network Traffic

Many network engineers recall the iOS7 update on September 18, 2013 as one of the most historic download days of their network’s history. All the more reason for us in the wireless world who anxiously anticipated the September 17 release of iOS8.

We asked a few of our customers to monitor the effect of the software release on their networks and the results for the first two days are in. Those in the education and healthcare space in particular are filled with early adopters of WiFi technology and devices, and eager to get their hands on the latest updates.

Joe Rogers, Associate Network Director at the University of South Florida shared this picture with us from 1pm September 17th, showing 1 Gbps more traffic than he would normally see at this time of day:

usf

Another customer, Greg Sawyer, Manager of Infrastructure Services, shared this picture of the iOS8 effect on his network at the UNSW Australia.

unsw

He noted that his experience handling the release this year felt smoother than last year, despite the new peak internet download of 4.65 Gbps and 21Tb downloaded for the day! Not too surprising when considering that there were 27,000 concurrent connections on the wireless network and approximately 60% of those being Apple devices.

How should organizations be considering and handling these network spikes? I sat down with Cisco technical leaders Matt MacPherson and Chris Spain (@Spain_Chris) to get some insight on the effect of big updates like iOS8 on the wireless network. Here are some of the highlights of what we discussed:

The World We Live In

The truth is, more and more services are being moved to the cloud—a cloud that will push updates to millions & in the future billions of users and devices on our networks. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,