Image of Cortney & Jeremy

HP Networking Tech Day – Part 3

by Jeremy L. Gaddis on August 29, 2010 · 2 comments

in Events

Note: This is Part 3 of a three-part series. Also see Part 1 and Part 2.

S-series Overview

Day 2 of HP Networking Tech Day started out with Gary Kinghorn and Aman Garg presenting the S-series. The S-series includes the TippingPoint Intrusion Prevention System and Core Controller. TippingPoint “secures 30+% of the Fortune 1000″.

HP defined three priorities with the IPS product:

  • In-line Network Uptime (redundant power supplies, “fail open”, active/active, active/passive, etc.),
  • In-line Performance (high inspected throughput w/ low latency), and
  • In-line Filter Accuracy (“Vulnerability Filter”)

They claim that the S5100N can handle up to 5 Gbps of inspected throughput with < 80μs latency. With the Core Controller platform, that increases to up to 16 Gbps of inspected throughput with < 110μs latency.

TippingPoint’s vulnerability filter acts like a virtual software patch, eliminating false positives

They also have the S1200N IPS module for the A7500 platform. Each of these modules can handle up to 1.3 Gbps of inspected throughput and you can throw up to 10 of them into a single chassis (scalability, high-availability, etc.).

Next up, DVLabs was introduced:

TippingPoint DVLabs is a premier research organization for vulnerability analysis and discovery, ensuring TippingPoint customers have the best preemptive protection for vulnerabilities and zero day issues. Our team consists of industry recognized security researchers that apply their cutting-edge engineering, reverse engineering and analysis talents in our daily operations. The by-product of these efforts fuels the creation of vulnerability filters that are automatically delivered to our customers’ intrusion prevention systems through the Digital Vaccine® service.

For 2009 Microsoft vulnerabilites, TippingPoint claims that “146/163 covered” with an average response time of -26 days. Yes, minus 26 days. I didn’t ask, but presumably that means they had coverage 26 days before the vulnerabilities were public announced/fixed.

This is likely due to the Zero Day Initiative, “a program for rewarding security researchers for responsibly disclosing vulnerabilities”. Basically, there’s over 1,000 independent security researchers that they have bought 0-day vulnerabilities from. They then integrate these into the TippingPoint IPS products to protect their customers. In 2009, TippingPoint claims 116 “vulnerability discoveries” including those from their 30+ dedicated researchers and the independent researchers that they buy 0-days from.

It was mentioned that Cisco only has one person working full-time researching security vulnerabilities.

Unified Communication & Collaboration

Next up was Manfred Arndt to talk about UC&C.

Manfred talked about the evolution and transformation that has taken place in telephony over the last few decades up to the present. Personally, I’m not too interested in Unified Communications (UC) or Voice-over-IP (VoIP). I rarely use my office phone, as the only calls and voicemails I receive on it are from sales people (who I typically despise, if you’ll remember). I have no less than five phone numbers at present, yet the only phone I ever use is my BlackBerry. I really abhor voicemail, as well, so I had it turned off probably a year or so ago.

Greg Ferro (@etherealmind) thinks that IP Telephony is dead.

Anyway, I’m much more interested/concerned with the network side of things. VoIP introduced some new challenges for us network folks, things like ensuring available bandwidth, Quality-of-Service (QoS), Power-over-Ethernet (PoE). As Manfred pointed out, “the network is the foundation.”

He discussed “some UC reality checks”:

  • UC is not a point product — it is a vision and strategy
  • You can’t just drop a few servers onto your existing TDM network
  • No single vendor can provide a complete end-to-end UC solution

That last one seems debateable to me, but I’m not a VoIP/UC guy so I can’t be sure. I’d love to get some input from others on that.

HP doesn’t really provide a VoIP/UC solution of their own, but rather work with other vendors to integrate their technology, with HP providing the networking, server, and storage infrastructure (typically with Microsoft UC&C solutions). HP really touts their interoperability (as I mentioned in a previous article), claiming there are “many successful HP Networking edge deployments with Cisco at the core and running Cisco VoIP”. If I didn’t mention it before, they’ve also created interoperability guides dealing with integrating Cisco & HP networking gear.

In particular, Cambridge University was mentioned, who deployed 17,000 Cisco IP phones over an HP network with Cisco at the core.

“Microsoft is HP’s primary UC&C partner”, while “Avaya-Nortel, Alcatel-Lucent, and Polycom are HP strategic UC&C partners”.

Various vendors have either already released or are either working on various ONE Services modules (for the E-series line-up, see yesterday’s post) that puts UC&C functionality directly into the switch chassis.

HP network gear supports all major VoIP related standards, including PoE/PoE+, LLDP-MED, 802.1X, IGMP, and QoS (802.1p/DSCP).

Solutions Test Center Tour

After a short break, we ventured over to the Solutions Test Center where Ken Taggard gave us a tour.

During the tour, we were asked not to take any photos, which is understandable but unfortunate. I’m not sure I can adequately convey the amount of network gear that was present — row after row after row of racks. Most of the gear was from the E-series line, but there was also A-series gear, Ixia/Agilent traffic generators and test gear, some Cisco 6500 and Nexus switches, and I even spotted one lonely old Cisco 7500 still in the rack.

The Solutions Test Center is where HP can build large-scale deployments to test and emulate damn near any scenario you can imagine, apparently. I was impressed; total nerdgasm.

I did, at one point, ask to take a picture. It was just a poster and they weren’t sure what my intentions were, so I was allowed:

Nothing major, of course. I just giggled when I saw that in their scenario they were using a /24 for a point-to-point link. Most of us would never even consider wasting IP address space like that in production. I’m sure they wouldn’t either, but they do have a “Class A” (15/8) allocated to them, so it’s entirely possible. =)

HPN Go-to-Market

After the tour, Jay Mellman gave us some insights into HP’s market strategies. Once again, everyone was open and honest and there was little “fluff”. Jay openly acknowledged that HP “will never be as big as Cisco”. Most of us already know this, but it’s nice to hear it from them.

Jay mentioned that in FY11 HP will be launching a new Partner Program, with implementation beginning November 1st. As part of the revamping, they’ll have a “Converged Infrastructure Elite” track, consisting of approximately 100 partners.

HP is on “the path towards $10 billion”, as Jay described it. They openly admit that it’s possible unattainable but I can’t bash them for setting their sights high. They’ll be quite happy even if they don’t reach that mark. They do have a number of strategies for getting there, however.

One of their key priorities is to focus initially on the most likely customers. This would be your average enterprise customer who is “disillusioned with vendor X” — in other words, Cisco. I think we all know of companies who were shocked to learn that Cisco has 65%+ profit margins (and reportedly higher than that in certain areas). HP wants to reach out to those customers. Makes sense.

Another priority is to begin attacking key Cisco strongholds in certain vertical markets. I can’t recall now if Jay mentioned specifics, but I would imagine education, health care, etc.

Final Thoughts

So, what were my overall thoughts?

I’ve been exposed to HP’s networking products for several years now and went into this with my own preconceived opinions (which aren’t always favorable). I did my best to keep an open mind, however. HP didn’t really sway my opinion one way or the other. My opinions of a product are developed after using that product (it would’ve been nice to get some hands-on with the A-series!). With regard to the E-series line (the products that I am most familiar with), my opinion hasn’t changed. I’ve long said that I think HP’s networking products are great at layer 2. Would I recommend ripping out the Cisco core and immediately replacing it with A-series products? Without using the products and gaining first-hand experience, there’s no way I could do that.

My honest opinion is that HP has great plans and strategies and, perhaps more importantly, the ability to execute them. They don’t seem to have much interest in the carrier/service provider market, but instead intend to focus on the SMB and Enterprise markets. That’s a good idea to me. In this economy, there’s a lot of organizations trying to be fiscally conservative and if they can get an equivalent product with a much lower capital expenditure, then there is money to be made for HP. The H3C and TippingPoint acquisitions have really filled a gaping hole in HP’s product lines as well, I think.

Finally, I want to thank HP for holding this event and inviting me to attend. I did find it very informative and beneficial, and my hope is that those at HP did too. Thanks again to those HP/H3C/TippingPoint employees who took the time out of their schedules to spend with us. It was a pleasure meeting all of you.

Even the sales and marketing drones. =)

Leave a Comment

{ 2 trackbacks }

Previous post:

Next post: