Cisco Switch Module Taps Virtual Partitions

Cisco will launch a new multifunction ACE module for its Catalyst 6500 switch.

It can take Michael Tardif days to get his infrastructure ready to deploy a new application.

Tardif, vice president and general manager of global hosting services for Savvis, a leading global IT utility services provider, often has to coordinate multiple teams within his staff to prepare the infrastructure for the introduction of the application.

"There are several components to your infrastructure," said Tardif in New York. "It is possible to have four separate vendors that play in those spaces. To set up an environment, you have to link all four of [the vendors products] just to get an [application] through your infrastructure."

Tardif is evaluating a new offering from Cisco Systems designed to speed up that process.

Cisco, of San Jose, Calif., on April 10 will launch a new multifunction ACE (application control engine) module for its Catalyst 6500 switch.

The switch uses as many as 250 virtual partitions to help streamline the workflow involved in setting up security policies, ensuring server and network capacity, and providing the application with appropriate routing information.

Currently, a companys application team has to talk to the systems administration team to provision server capacity for peak demand, to the firewall team to open appropriate ports and set up security policies, and to the networking team to rack and stack modules and give the application the appropriate routing and Layer 2 and Layer 3 information.

Such coordination takes up to four days just for initial deployment of the application, said George Kurian, vice president and general manager of Ciscos application delivery business unit.

"The virtual partitions [in the ACE module] allow each group to manage its domain and coordinate all that through a single device, rather than multiple teams sending e-mails [back and forth]," Kurian said.

"Now the network operations team opens a partition on the ACE module thats under control of the applications team. Regardless of what they do, it is isolated and protected from other applications, so it has no impact on all the other applications in the server farm."

/zimages/2/28571.gifClick here to read more about HP integrating a Gigabit Ethernet switch from Cisco into its blade server architecture.

The module integrates load balancing, SSL (Secure Sockets Layer) encryption, a firewall, NAT (Network Address Translation) and protocol optimization, allowing users to collapse those functions previously provided in separate devices.

Savvis is evaluating the ACE module along with F5 Networks BigIP and Citrixs NetScaler appliance. Tardif said the module could not only give Savvis greater control and automation over the process but reduce costs as well.

"The more partitions it supports, the more clients and applications can be sent through a single frame," he said.

In testing done by its own IT team, Cisco found that the time it takes to prepare an infrastructure for new application deployments can be reduced by up to 65 percent using the ACE module, Kurian said.

Oracle, which has also evaluated the new ACE module, will take integration a step further by making prebuilt configuration templates available for use with the module that will automate "common ways in which people use our applications and middleware with the Catalyst switches," said Vijay Tella, vice president of development for Oracle Fusion middleware, in Redwood Shores, Calif.

"We see how Cisco needs to configure our applications for security, load balancing and so on. We expect our customers to see similar benefits [in reducing] the complexity by almost two-thirds," Tella said.

Cisco is trailing market leader F5 in combining multiple functions in a single product, but it has leapfrogged F5 in performance and is neck and neck with technology leaders with the partitions in the ACE module, said Joel Conover, an analyst at Current Analysis, in Sterling, Va.

"Foundry [Networks] and F5 launched 10 Gigabit platforms as next-generation architectures for application traffic management," Conover said.

/zimages/2/28571.gifTo read more about F5s launch of WAN optimization appliances, click here.

"This ones coming in at 8 or 16[G bps]. The ability to delegate specific management tasks for security, application performance, the network and so on has only recently been introduced in some competing products." The ACE module provides performance options for 4G-bps, 8G-bps and 16G-bps data rates.

According to numbers released April 3 by market researcher Gartner, F5, with a 30.5 percent market share, last year took a slim lead over Cisco in the application delivery controller segment of the growing application acceleration market. Cisco has a 29.3 percent share, according to Gartner. The overall application acceleration market grew by 36 percent in 2005 to reach $1.2 billion.

Despite F5s leadership, Ciscos ACE module is the leading candidate for Savvis in its move to a next-generation application delivery controller.

"Most of the enterprise folks and service providers realize F5 is the leader," Tardif said. "I think its the right move for Cisco to get into that space. Cisco has an interest in utility computing in the data center using their infrastructure. Its another level of virtualization [beyond the] storage and server level. You want to virtualize at the inception between the application and virtualized infrastructure."

/zimages/2/28571.gifCheck out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.