Benefits of thin clients remain to be seenby John CoxFRAMINGHAM - When the dust settled after all the jeers, jabs and sneers, one thing was clear: whatever the promises of thin clients as an alternative to traditional Wintel PCs, the true benefits will only become clear as users deploy them.
At this month's NetWorld+Interop 98 in
Las Vegas, half a dozen vendors of network computers (NCs) and Windows-based terminals pitted their technologies against a panel of experts, each other and the audience.
Thin clients were originally touted as PC alternatives because they eliminate Microsoft's Windows operating system on the desktop. Windows, according to thin-client advocates, forces users into a costly cycle of upgrading, maintaining and supporting ever-larger Windows applications and their attendant hardware.
By contrast, thin-client technologies based on the Java programming language offer the appealing idea of compact applications that can be downloaded over a network to a computer running a simple, lightweight operating system.
Among the participants, IBM and Sun Microsystems offer these Java-based devices.
A third vendor, Network Computer Inc (NCI), is an Oracle subsidiary charged with creating software that computer builders can use to create NC products.
Microsoft and other participants back a Microsoft-sponsored thin client: a terminal that connects to Windows applications running on a new multi-user version of NT.
Microsoft spokesperson John Frederiksen justified Microsoft's stance on thin clients. The company went from dismissing them as "plain dumb" to embracing the concept with the introduction of Windows NT Server 4.0, Terminal Server Edition (TSE).
Frederiksen said: "Initially, people pitched NCs as a replacement for PCs. Our position is NCs won't replace PCs, but they're fine as terminals accessing host applications."
Meanwhile, other NC vendors were criticised by attendees for lacking aggressiveness. They noted that Microsoft is working with US hotel chains to get Windows terminals installed in rooms used by business travellers. "Why isn't IBM making those kinds of aggressive deals?" one attendee asked.
"We've been doing that in Europe," said IBM's Howie Hunger, director of channels and marketing for the company's network computer division. "What about in the US?" the spokesperson asked. "We haven't started here yet," Hunger said.
Hunger pressed Frederiksen on TSE pricing, which has not been officially announced. Because of the unknown pricing, it's hard to compare TSE costs with today's Windows environments or with NCs.
"Will it cost the same or less for Windows terminals to access Microsoft Office on the server as it does for PCs to run Office?" Hunger asked. "It will cost the same," Frederiksen said.
Later, Frederiksen said falling PC prices and new cost-analysis studies are calling into question the validity of the NC model. "What's needed to breathe new life into NCs?" Frederiksen asked. "All it would take is for you to publish your pricing strategy," shot back Jeff Menz, director of product marketing at NCI.
Sun's Vicki Morris, Java product line manager, tried to zero in on the absence of Java in the terminal vendor's plans. "What's your Java support strategy?" she asked Jeff McNaught, senior director and general manager at Wyse. "We're saying run Java on a multi-user NT system where it makes sense because you have lots of CPU power and RAM, instead of on the client," McNaught said.
Morris asked Frederiksen how Microsoft would scale and secure TSE, especially in extranet applications. Frederiksen's reply promised features such as the ability to cluster the PC servers on which TSE runs.
"PC server farms are astronomically hard and costly to manage," Morris countered. "And without using Java, how can you secure your language or handle scaling?"
Without answering the question, Frederiksen said: "We take security very seriously."
In the end, the infighting among thin-client vendors is opening up the market, said panellist Eileen O'Brien, director of the Enterprise NC program at IDC. "Users should not be forced into making premature decisions," she said.
"With Windows terminals and NCs, you now have a choice," she said. "All we're waiting for is Microsoft's pricing."
Users hold high hopes for NT/Unix integrationby Sharon GaudinLAS VEGAS - Corporate users are hoping that Microsoft's latest promises of easier connectivity between Windows NT and Unix will come to life.
Jim Allchin, senior vice president of the personal and business systems group at Microsoft, told a group of users at NetWorld+Interop 98 that Microsoft is working on a Windows NT Services for Unix add-on pack.
The software, which is slated to go into beta later this year for Intel and Alpha platforms, was designed to make it easier to integrate Windows NT 4.0 Workstation and Windows NT Server in a Unix environment.
"I've had problems learning Unix because it's hard to remember all the different, specific commands," said Brian McGuire, director of interactive technologies at Econometrics. "Going through NT would be easier. Maintenance would be easier."
A Microsoft spokesman said the add-on will include resource sharing, remote administration, password synchronisation and common scripting across Unix and NT platforms.
Microsoft has made a good start, said Dan Kusnetzky, an IDC analyst.
"NT is a junior system in corporate environments," he said. "The better NT works with the senior system - typically Unix, OS/400, OS/390 and OpenVMS - the more likely it is to be brought in and used more."
Kusnetzky also said other large vendors have software that links their Unix systems to NT. But their products don't extend beyond their individual Unix systems. Microsoft's add-on pack won't be confined to specific Unix systems.
Bob Daniels, a senior power systems engineer at Pacific Gas & Electric, said the utility is using software from a third-party vendor to hook its Unix system to NT. "Connecting them is pretty tough," he said. "But it's critical. Maybe this will make it easier. We'll have to wait and see."
Cooperative competition saves the day for VPNsby Tim GreeneLAS VEGAS - Virtual private network (VPN) gear caught the eye of attendees at NetWorld+Interop 98, most of whom seemed interested in the wealth of features being added to heighten VPN security and simplify management.
Firewall vendors at the show were teaming with encryption specialists and hardware makers to give users all-in-one VPN products that let employees and business partners enter the corporate network via the Internet while keeping everyone else out.
In many cases, these vendor relationships are still solidifying, meaning many players are ready to detail product roadmaps but are incapable of delivering the systems users need.
"There are lots of things I like, but I don't see them all in any one product," said a security expert for the US Department of Defense, who was combing the show for VPN gear that meets military security standards.
VPN vendors recognise the problem and are joining forces to piece together what is required. For example, Shiva announced a partnership with Entrust Technologies to support Entrust's public-key security in Shiva's LanRover VPN offerings, adding digital certificate authorisation to the products.
And Cisco is working closely with Red Creek Communications to incorporate Red Creek's encryption gear. Cisco has invested $US6 million in Red Creek.
"I like the idea of all these products in one solution, but I worry that they will become a single point of failure," said Tracy Page, a systems engineer with Reliacom LLC, a US-based systems integrator. "If one part of the solution goes down, does the whole box go down? Then you have an enterprise network with no way in and no way out."
"VPNs are where intranets were two years ago," said show-goer Jody Cohn, a LAN/WAN administrator. "Everybody's got to have one. I definitely would give it a while, more like a year or a year and a half. I want to see what the testing experts say."
Meanwhile, vendors are incrementally beefing up existing products.
Toshiba was showing Network CryptoGate software for establishing VPNs among Windows 95 or NT clients and Windows NT or Sun Microsystems Solaris servers.
Software-based VPNs are a concern to Kevin Duffey, senior technical adviser for Reliacom, because they may introduce latency. He is working on creating a VPN that will carry voice over the Internet, and voice quality is tenuous enough already without adding another component that could slow things down and further degrade quality.
Security on the horizon
by Scott Bradner
LAS VEGAS - As predicted, virtual private networks (VPNs) were all the rage at NetWorld+Interop 98 this month. VPNs were not the only hot topic by far, but they did seem to be everywhere you looked.
The show seemed a bit subdued compared with last year's, although any show in Las Vegas is on an entirely different plane than shows elsewhere. The magicians trying to entice you to listen to a spiel about Ethernet switches were here once again, but there seemed to be fewer of them and, wonder of wonders, there were even some technically competent people in some of the booths.
In addition to VPNs, the Gigabit Ethernet vendors were out in force with 20 or more booths in addition to the big Gigabit Alliance booth.
But VPNs seemed to me to be the show focus this year, just like Gigabit Ethernet was last year, IP Switching the year before and ATM before that. I just hope Gigabit Ethernet and VPNs do not take the same path to success that the other hot topics did.
One problem with all of the attention on VPNs is there is no one consistent thing that the VPN proponents are talking about.
Some vendors are talking about the connections between corporate firewalls when they speak of VPNs. Others are referring to the connections inside a WAN that an ISP might set up to do traffic engineering or to help facilitate the delivery of consistent quality of service (QoS). Others mean the IP tunnels that can be created between an on-the-road employee dialing into a local ISP and the home office. And a few vendors seem to think any encrypted point-to-point link qualifies as a VPN.
All of the above are valid definitions of what a VPN might be. But with all of the differing assumptions about VPNs, it is a good idea for users considering the purchase of VPN services or equipment to be sure that their own assumptions, as well as the vendors' assumptions about the technology, are in line.
One thing that most definitions of the technology have in common is that a VPN includes encrypted point-to-point tunnels. Encouragingly, most of the vendors I saw said they supported IP Security. IPSec is the IETF technology that supports encrypted tunnels along with management of the cryptographic keys. IPSec is in the final stages of being approved as a proposed standard.
In spite of the fact that IPSec is not yet approved, eight IPSec software vendors have already demonstrated interoperability between their products, and many more companies have announced products.
It's a good sign that most of the VPN vendors say they already support IPSec or will in the future. This means there is a reasonable chance that many of the VPN products will interoperate. This, of course, is the purpose of standards.
Disclaimer: Even though Harvard sets its own standards, its products interoperate. The above are my own observations.
Networking vendors focus on speed, flexibilityby Cheri PaquetLAS VEGAS - Vendors unveiled a wide range of networking products at this month's Networld+Interop 98 show in Las Vegas, including switches and chip sets aimed at increasing bandwidth, scalability and performance.
Among the announcements made at the show were the following:
Gateway announced two rack-mountable PC server models: the entry-level ALR-7200R and mid-range ALR-8200R, which include either 350MHz or 400MHz Pentium processors and are designed for multi-server environments and Web servers.
Each server will run different operating systems, including MS Windows, NT Server, Novell NetWare, SCO UnixWare, IBM OS/2 and Sun Solaris.
Available from June, the ALR-7200R comes with a 4GB Ultra2 SCSI hard drive, 64MB SDRAM and a 350MHz Pentium; while the ALR-8200R comes with 4GB Ultra2, 128MB SDRAM and a 350MHz Pentium. www.gateway.comHewlett-Packard announced its latest additions to its Ethernet switching line with a series of scalable Gigabit Ethernet switches. Designed for backbone networks, the ProCurve Switch 8000M provides 80 switched 10/100Mbps connections and 10Gb port network connections with 3Gbps total bandwidth.
The ProCurve Switch 1600M, a 16-port fixed-configuration with 10/100Mbps autosensing switch, has a slot for optional gigabit connectivity, totalling 3.5Gbps of bandwidth capacity. Both feature HP's switch-meshing technology that ensures load balancing and availability, HP Proactive Networking which finds, corrects and reports network problems, and Cisco Fast EthernetChannel which enables multiple parallel connections between switch and servers. The switches are IEEE 802.3z and IEEE 802ab standards-compliant.
Meanwhile, HP also introduced Auto-Port Aggregation software and HP 1000BaseSX Gigabit Ethernet LAN Adapter which extend bandwidth and availability of HP Enterprise Systems. The software is based on Fast EtherChannel technology and quadruples data transfer rates within a network and configures trunks automatically with HP's or Cisco's switches.
The adapter card provides HP 900 servers with a standards-based network link used to migrate from 10Mbps to 1MB data transfer rates. www.hp.comFore Systems announced its 24-port 10/100Mbps Ethernet switch, the ES-2810. The scalable switch allows up to 196 fully managed ports in a single stack. It offers fault tolerance and can connect to Fore's Intelligent Infrastructure, a multi-service network backbone of ATM switches.
The ES-2810 includes 24 ports of 10/100Mbps auto sensing Ethernet and expansion slots for additional 10/100Base-TX or 100base-FX port modules. www.fore.comLucent Technologies is expanding its ADSL (asynchronous digital subscriber line) offerings and has announced the WildWire IP ADSL Access System, designed for Internet protocol networks and which allows service providers to simultaneously deliver a second voice line and up to four data lines to their users.
The company also unveiled a new line of ADSL magnetic components that simultaneously send voice and data traffic over a phone line without the aid of a voice/data splitter at the user end. The components consist of ADSL transformers and inductors, and low-pass filters. They are also incorporated as part of the WildWire IP ADSL Access System.
Pricing and availability have not been disclosed.
Lucent also announced its WildWire chip set, available now, that gives PC users Internet access, regardless if they have traditional analog or ADSL service. The three-chip set is designed for PC and stand-alone modem use. It includes Lucent's DSL (Digital Subscriber Line) Lite Technology, which downloads data at up to 1.5Mbps.
It consists of a 1690 digital signal processor, an ADSL codec and an analog modem codec. It has an auto detect feature that determines whether or not the central office has a DSl connection and allows the user to transmit data at the highest rate available. Pricing is not yet available. www.lucent.comMotorola announced its desktop power-managed modem that supports ACPI wake-on-ring technology, which allows PCs that are in a suspended-state mode to automatically receive incoming fax and phone calls.
The MS143455ASK PCI Controller-less Modem chip set and software is slated to ship this quarter in volume quantities. www.mot.comAlcatel has introduced the Alcatel Mini-RAM (remote access multiplexer) which can be used by service providers to deliver high-speed services to users who are serviced by digital loop carriers. The Mini-RAM fits inside all DLC cabinets, is temperature-hardened and occupies two rack spaces. It supports up to eight subscriber lines and can be set up as either splitterless USDL (universal) or full-speed ADSL.www.alcatel.comRouting switch market grows up at Interopby Stephen LawsonLAS VEGAS - Users at NetWorld+Interop 98 saw the routing switch market grow more mature, with several vendors demonstrating alternatives to the first wave of products.
Bay Networks laid out a strategy of extending routing and application-priority intelligence to the workgroup level, providing appropriate qualities of service from one edge of the LAN to the other.
Bay introduced its first product designed to play this role, the Accelar 1050.
The stand-alone routing switch includes 12 autosensing 10/100Mbps Ethernet ports and one Gigabit Ethernet uplink.
Bay company officials said it can provide deep packet filtering to monitor and prioritise mission-critical applications. The company's aim is to provide intelligent multilayer devices at the cost of standard Layer 2 workgroup switches. According to Bay officials, the combination of BayStack 350 switches and the Accelar 1050 can provide intelligent switching at less than $US200 per port.
Moving sophisticated router functions
to the workgroup may be a boon to network performance, according to
"When you start doing intelligent functions at the edge, the core routers can be more efficient," said David Dines, an analyst at the Aberdeen Group.
Bay also intends to offer routing capabilities in its Centillion ATM switches through Multiprotocol Over ATM software.
Dines said the port density and FDDI card features are impressive.
"Over half of the people using FDDI want to migrate, and this would be a good migration tool that would give them the ability to extend the life of their FDDI installations," Dines said.
Bay's Accelar 1050 is set to ship in July. The Accelar 1051, also due in July, will include a redundant Gigabit Ethernet interface.