Fine Tuning for the Future
New Technology, Budget Constraints Drive Network Management
By Mike Wiebner
Practitioners of network management have been feeling the ground shifting a lot lately. Technology showdowns have been kicking up enough dust to blur, if not temporarily blind, the most prescient of industry soothsayers.
A large-scale shift from fat to thin clients - or highly capable desktop computers to those with more network reliance - may or may not be under way. But a new wave of feature-rich software and increasingly intelligent devices will ensure greater reliability, speed and robustness to whichever victor is left standing to reap the spoils.
And creating a maelstrom are the Microsoft and Sun/Netscape camps over the future direction of the Java programming language.
A sign of the new network management times can be seen in the array of niche products that serve both the narrowest of network operations and the broadest of administrative assignments - from monitoring system traffic to maintaining system security.
The government is increasingly moving mission-critical applications from expensive, proprietary mainframe platforms onto networks that offer cost savings and greater flexibility, say industry officials.
The merging of data, voice and video communications already is complicating networks and their management. The pressure on communications links only increases when you add the growing mainstream acceptance of video-conferencing, client/server platforms and Internet access.
But for federal customers, as usual, budgetary concerns are key. Systems integrators are positioning themselves to reap the benefits of the growing trend toward outsourcing of the network management function.
Back to Basics
As a discipline, network management can be broken into four basic categories: inventory management; change management; problem management; and, last but not least, performance management. A seemingly endless collection of niche vendors offers products designed to help end users and integrators meet this fourfold challenge.
Inventory is the meat and potatoes of network management. No one gets too excited about it, but forget it and your system will suffer. Network administrators often have a difficult time determining the identity, quantity and location of their network devices.
"Large organizations put their equipment all over the world," says James Massa, director of federal operations for Cisco Systems Inc., based in San Jose, Calif. "Just determining where the devices are is a challenge. It's a discovery process."
| ||"Large organizations put their equipment all over the world. Just determining where the devices are is a challenge. It's a discovery process."|
- James Massa, Cisco Systems Inc.,
Managing change is made doubly difficult without this inventory control. But with employees and connections constantly shifting from building to building, state to state and beyond, keeping track of the goods, so to speak, is an essential task.
Managing network performance and preventing problems usually come to mind when people think about network management. That's hardly surprising when you consider the ill effects of a crashed network, or one suffering from choke points and slow speed.
Mission-critical applications are increasingly being integrated into network environments, says Dennis Casey, a senior analyst at Strategic Research Corp., Santa Barbara, Calif.
In a return to the centralized mainframe days of yore, the distributed servers now are being brought to the same physical location, as opposed to different servers in different locations serving different workgroups.
When servers are scattered across an organization, network administrators must routinely travel to handle some maintenance and administrative tasks, raising costs and increasing network downtime. However, the need to travel is eliminated when different servers are handled with a single console.
"This recentralization is oftentimes done when a site has a lot of distributed resources and lot of management and network downtime," says Casey.
A centralized operation should be able to handle cross platform support as well, as opposed to networks where separate policies and rotations were often set up for the Unix and PC local-area network environments, Casey points out.
While a centralized network offers better control and lower management costs, availability is the greatest benefit of such a system, according to Casey.
The next step in recentralization is often to consolidate the servers. For instance, 10 distributed servers might be consolidated to only three, which are placed in a single room, along with the storage and backup.
"Centralized networks have been very common on the corporate level," says Casey. "But the government tends to be behind the curve in development - and more cost-conscious."
"What's really driving this is the need for high availability," he continues. "The difference is that high availability can be achieved for a lot less money than in the past."
Clustered servers act as a form of data protection. If one server fails, the information is automatically replicated to another server within seconds.
"Another level is scaling or performance clustering. With multiple servers, all the processes are running together across multiple systems," says Casey. "It's a much more complex implementation."
Security has become an increasingly important part of network management. Many firms are now back in the labs working to make security layers, such as firewalls, an integral part of their operating environment. Currently, security is usually an add-on, something bolted on after the system is in place, says Massa. "The firewalls are just one element of an overall security strategy. What you want are [security] layers."
Hidden in this separation between the network and the security element is cost of ownership.
"If you need a separate person who knows security to check the boxes, then the cost of ownership will, of course, go up," says Massa. "When people hear that, they usually have an 'I could have had a V8' reaction."
Cisco is plowing full steam ahead to fully Web-enabled technology. Most networks are now stand-alone, PC or Unix-based systems, usually sporting a graphical user interface.
"Cisco has been taking some of [its] functionality and putting it in a Web browser format," says Massa. "Anyone familiar with a Web browser can use the system - all from a very familiar browser interface.
"You can take someone who isn't a network management guru, or security guru, and they can stumble their way through 80 percent of what they need to do," he says.
| ||"A lot of the future transactions between the government and citizens will be done over the Web, like with the [Internal Revenue Service] and citizens submitting their tax forms electronically."|
-Jack Winters, IBM Global Services
The federal government's increasing use of intranets and the Internet bodes well for IBM's electronic commerce ventures.
"A lot of the future transactions between the government and citizens will be done over the Web, like with the [Internal Revenue Service] and citizens submitting their tax forms electronically," says Jack Winters, vice president of IBM Global Services, Government Industry.
Up the organization chart, most executives are primarily concerned with their networks' overall performances. With the browser paradigm, they can navigate their browsers to the network diagram, double-click and get a quick status check on a particular process or event. This means a faster learning curve - a bonus in any situation.
"This gives the manager the ability to drill down into an area without having to know a whole lot about it," says Massa. "They won't change things, but they can view the information. This enables a lot of people to see, for example, if a network segment is slowing down."
Cisco gained its networking stripes the old-fashioned way. Developing, using and improving its own systems has led to better products and customer service, says Massa. "Cisco is a believer in eating our own dog food," he says.
Users can get remote access to the network without needing any special devices or connections. They can simply log onto the Internet, work through the proper security procedures and even make changes, for instance, on files in the network, assuming they have authorization.
Integrating these devices within the network framework or across the enterprise is another value add that integrators can provide, say officials at Sun Microsystems Inc., Palo Alto, Calif. Java technology provides the ability to make anything a computer. Devices may not look like computers, but they will function like computers.
"An Internet device is no longer necessarily something with a keyboard attached," says Matt Vignieri, manager of worldwide sales for SunSoft, an arm of Sun Microsystems. "It could be a vehicle in the battlefield or a communications device."
Changes in federal procurement have added a technical challenge for systems integrators. It's easier to buy devices or software one item at a time, which heightens the possibility of incompatibility.
"The nature of the enterprise is that it can't be piecemeal," says Mike Singer, managing director of the government software group for SunSoft. "The bigger that systems get, the more complex - and expensive - they become."
Those having a tough time hiring qualified technical personnel should also benefit from the Web browser's growing importance to networking. "You will be able to take someone not expert in that area and still make them very effective," Massa says.
Information will be made more accessible to users across the enterprise. The guesswork will be eliminated in determining the network's efficiency - anytime, anywhere. Identifying and correcting problems has also been made much more efficient by a variety of vendors in this space.
"One enterprise, one security policy" has become a mantra around Cisco's offices, according to Massa. "No matter how large the organization, even if you're putting out different types of devices, you should be able to go to one place and see [the security is] as tight as need be."
The states have actually kept ahead of the federal government when it comes to IT outsourcing, says Winters, who points to an early IBM contract with the Michigan Information Administration Network.
Managing the desktop and controlling costs are two factors that will lead more federal IT personnel to turn to outsourcing. This includes managing an agency's distributed client/server environment, where the needs can run from distribution of new versions of software to help-desk services.
The General Services Administration's Seat Management competition is one area drawing hot pursuit from a number of leading IT vendors in the network management space. NASA is also expected to come out with a request for proposals with a networking component in the coming months.
"The ubiquitous nature of the Internet will drive demand for additional networking and create opportunities for technologies like network computing," says Winters. "We see a lot of transition to [asynchronous transfer mode] technology. Most customers are in the process of deploying ATM. Of course, fiber optics are everywhere, too."
While federal government customers have long taken the lead in ultra high-end systems integration projects - the air traffic control system, putting a man on the moon, various defense projects - they have lagged behind their commercial counterparts when it comes to outsourcing.
"The first place the federal government will do large amounts of [IT] outsourcing is managing the desktop," Winters says. "We're just beginning to see an acceptance of [outsourcing] in the government."
The desire to focus on core business drove many commercial firms into outsourcing arrangements to gain competitive efficiencies.
"State governments started to notice this and say, 'We have old, poorly maintained information systems. How can we move to better technology, better service without incurring horrible increases in cost?' " Winters says.
"By entering into long-term outsourcing, they get the benefits of new, state-of-the-art technology, processes and services," he continues. "The primary reason is not driven by saving money."
Of course, outsourcing is not as simple as signing on the dotted line. Retaining existing employees and, equally important, keeping them happy and productive are other prime requisites.
"We put a lot of emphasis on taking care of people affected by outsourcing activity," says Winters. "That means bringing them into the company - making sure they have jobs and get the training. These people represent a lot of the knowledge and skill we need to make it successful."
According to Sun Microsystems, "The network is the computer." The company is determined to leverage its networking and Java leadership to build support for the thin-client, network computing model.
"What we have today is a lot of fat clients sitting on desktops which are expensive memory hogs," says Singer. "This requires a great deal of maintenance, and it doesn't allow software or files to be distributed across the enterprise."
Information is brought to the desktop only when its needed by clients, say Sun officials. The network computing environment is much more cost-effective, scalable and easier to maintain.
Mike Singer, SunSoft
"The government is clearly moving to enterprise computing, which is much more complex than stand-alone computers," says Singer. "Pulling together the networking, the software and the hardware is a high-level task. The integrators can be the glue that ties all of these together."
GTE Corp. of Stamford, Conn., is taking the integration lead on a network computing contract with the Army.
Meanwhile, at the Federal Aviation Administration, Sun hardware and software will be used in the new air traffic control system. The contract, awarded in 1997, is a 5 year, potentially $1 billion contract.
Network computing pilot projects are in place at the Navy, the Army and also at NASA.
"In some way or another, the government is taking the lead over the commercial marketplace," says Singer. "It is comprised of major organizations that have the need to connect all the various components worldwide and have them talk to each other."
As for the competition between Unix and Microsoft's Windows NT operating system, Sun officials are fairly blunt.
"Unix offers the reliability, stability and proven environment for running computing systems," says Singer. "NT is offering the promise of one day delivering what Unix delivers today. However, it lacks the maturity and reliability that Unix has proven for many years."
Microsoft Corp. of Redmond, Wash., with its NT servers, is holding out the promise of reduced maintenance overhead with ZAW (zero administration for networks).
The numbers show that Microsoft's NT system is gaining in popularity. In 1997, 1.3 million NT workstations were purchased, while 660,000 Unix workstations were bought, according to International Data Corp., Framingham, Mass. For the year, NT workstation shipments jumped 80 percent, while Unix workstation sales declined7 percent. "The numbers are another indication of the increasing penetration of Windows NT into areas that were once the sole domain of Unix," an IDC research report noted.
Meanwhile, major hardware vendors such as Compaq, Digital, Hewlett-Packard, Tandem, Dell and IBM have undertaken large-scale NT technology campaigns.
"While Windows NT is clearly gaining popularity in the marketplace, in mission-critical environments Unix is still the operating system of choice for building enterprises," says Singer.
The thin-client model will save on maintenance, installations and IT personnel, Sun officials say.
Network computing will evolve into both fat clients and thin clients, but instead of requiring large memory sizes and disk space plus the associated costs of managing them, the government will be able to get software distributed by means of the network.
Sun officials predict the federal government will someday enter a networked age in which interconnectivity among agencies is the norm. Hence Sun's trademark line: The Computer is the Network. Sun's Solaris operating environment (a Unix environment) provides accessibility across the enterprise, as well as scalability and reliability.
"Solaris already has some inherent security features embedded within the operating system," says Singer. "Those features will be enhanced with the release of SecureNet in June and will be embedded directly into the operating system over the next 18 months."
According to Sun officials, it takes less government IT personnel to manage Solaris because the network has fewer servers that provide the same or greater capacity to end users than competitors.
However, a recent initiative between Cisco and Microsoft should greatly enhance network security. Users will be accorded certain degrees of performance (e.g., bandwidth) based on their clearance level.
Cisco is handling development on the Unix side, while Microsoft, not surprisingly, is doing the heavy lifting for Windows NT.
The new and improved, security-rich operating system will roll out sometime by the end of 1998.
Two Cisco products, NetSonar and Net-Ranger, are helping provide extra network security measures. The former continuously scans the network, while the latter actively engages the network management to resist intruders.
This security capability is proving especially necessary since so many network security systems have serious holes in their Web defenses.
"We'll do an audit of a network, and it will turn out to have 17 dial-up locations, 16 of which are unguarded," says Massa. "They didn't even know people had added dial-up capability at remote locations. The worst thing is to find out the next morning that you were hacked into."
The fast-changing network management environment offers no certainties.
However, the trend toward outsourcing should provide increasing opportunities for integrators with network management capabilities.
As for the various technology shootouts between Microsoft and the group led by Sun/Netscape - stay tuned.