Cisco, Juniper turn eyes toward application management and visibility

Network giants Cisco and Juniper are now monitoring applications' impact on the network.

Cisco and Juniper Networks this week both hit the streets with new products designed to give networking professionals better insight into which applications are traversing the network and the impact those applications are having on other traffic and security.

In Cisco's case, the networking giant announced the release of its Catalyst 6500 Series Supervisor Engine 32 with Programmable Intelligent Services Accelerator (PISA) technology. The engine, designed to sharpen the network edge, is geared to networking professionals who are struggling to adapt to an anytime-anywhere environment that utilizes such applications as IP video, VoIP and TelePresence, while also ensuring that other business-critical applications retain a level of priority.

The modular switch integrates the ability to analyze stateful and stateless application traffic flows for proactive security protection, compliance within corporate policies, and managing network resource utilization. IT managers using the engine will be able to optimize business-critical applications while controlling non-business applications to meet governance, risk and compliance regulations. It is centrally managed through Cisco's QoS Policy Manager.

PISA uses deep packet inspection to identify applications on the network and then allocates the necessary network resources to support each application based on business priorities in order to ensure that there is no degradation when end users access business-critical applications. In addition, Supervisor Engine 32 with PISA offers distributed protection against notable worms, viruses and other attacks in the campus edge, using Flexible Packet Matching technology.

Marie Hattar, Cisco's senior director of network systems, said the level of application awareness falls into Cisco's Campus Communication Fabric. As campuses become more distributed and more services and applications need to be pushed out across them, the network needs to take on a "spandex-like" quality.

"The campus network is being stretched now in so many different directions," Hattar said. "It needs to stretch."

In most cases, she said, it's not enough just to be aware of what is going on on the network. Instead, networking pros need to be able to see what's going on, understand it and react.

PISA sees the applications on the network, identifies them and determines their usage to classify them, according to John Yen, Cisco's senior manager of network systems.

Luis Chanu, global network and security architect for PDL BioPharma, a California-based firm that develops therapies for serious and life-threatening illnesses, said the company is evaluating the Supervisor Engine 32 with PISA for a campus-wide deployment. The new site will offer 10 Gigabit Ethernet interconnects with gigabit-to-the-desktop performance for end users.

"[The technology will] help manage application prioritization and increase overall security, manageability and availability," Chanu said. "[PISA technology] would allow us to pervasively deploy security and application quality of service at the edge of our network, provide protection against notable worm and virus threats, and isolate non-critical applications like routine lab data replication so that the necessary bandwidth for more critical applications like voice and development applications is available."

In a similar vein, Juniper Networks this week also announced software updates to give enterprises an edge with advanced granular visibility and control of business applications and users. Juniper released its Juniper Networks ScreenOS version 6.0 operating system for the Integrated Security Gateway (ISG) and Secure Services Gateway (SSG) firewall/VPNs and new Intrusion Detection and Prevention (IDP) version 4.1 software for the IDP products.

Juniper's releases address application visibility from the policy side, allowing networking pros to set and enforce security policies across the network to enhance application delivery and performance within Juniper's security and routing platforms.

The new ScreenOS and IDP capabilities provide a comprehensive view of the network and enable enterprises to create a responsive and trusted environment for accelerating the deployment of applications and services.

Oliver Tavakoli, Juniper's vice president of architecture and technology, service layer technologies, said the pair of new software releases help identify and control application traffic, which in turn helps secure the network.

According to Jeff Wilson, Infonetics Research principal analyst, this approach is the next big step in enterprise network security.

"Until now, networking and security administrators have only had a partial view of the traffic and users traversing in and out of their networks," Wilson said. "With application and user visibility, administrators can do a much better job of identifying and stopping today's threats and controlling application and network usage overall."

Read more on Data centre networking