Plug and play
Network appliances help ease major changes to the system
- By John McCormick
- Aug 03, 2006
CALIFORNIAN: The Infoblox 1050 DNS management tool runs on a Nios operating system and can handle 12,000 DNS queries per second.
Canadian: BlueCat Networks' Meridius 1000 e-mail gateway offers enterprise protection against spam and viruses for $9,995.
Networks are the lifeblood of all information technology these days and, by definition, form a critical part of the infrastructure of all agencies'not just the 'IT' infrastructure.
Without a working network, most agency activity would quickly grind to a complete halt.
Designing a network from scratch is difficult, and building one on the go'expanding capacity and adding features while continuing to support users, as most agencies are forced to do'is even more difficult.
Unfortunately, even when you get everything working just right, you aren't finished. You can't just build a network and walk away from it. A network is a growing'almost living'thing that, in addition to the usual maintenance upgrades, must also expand and adapt to handle new tasks that may not have even existed when the network was initially planned.
But networks are highly complex, and a good one probably will include dozens, if not hundreds, of compromises, resulting in a balance of storage capacity, security, ease of management and performance.
This isn't just a question of budgetary considerations'you simply can't have everything optimized. Some compromises are essential just to get a network operating and, when you factor in the inevitable budget concerns, it turns out that acceptable performance on many networks depends on a delicate balancing act.
This is because any additional processing load added to the network can have serious performance consequences for the network as a whole.
Any significant alterations to the basic architecture of the network can easily require major changes in the way it is managed and supported. They also can have a ripple effect on the network, triggering a need for upgrades all along the line to keep the system performing smoothly.
Therefore, any administrator with a good, solid network already in place would prefer to incorporate additional features or capacity in a way that requires as little extra support as possible.
The best way to add new features or expand capacity is by adding self-contained black boxes to the existing network.
Out of the boxThat is exactly what a network appliance is: a device with its own software, preconfigured by the vendor as much as possible.
You will probably have to run a small installation routine, and almost certainly there will be some last-minute updates that must be downloaded (especially for security tools), but essentially a network appliance should be nearly ready to run right out of the box.
It's almost like the network equivalent of a PC Plug and Play.
Realistically, adding new network hardware is seldom as simple as just plugging it in and turning it on.
There always will be some need to make adjustments in the rest of the network as well as the new device, especially if the appliance is replacing some existing tools such as a software firewall, anti-spam, or antivirus program.
But still, it is much easier to get a network appliance than adding similar software features to existing network hardware or assembling equivalent hardware and software from scratch.
[IMGCAP(2)]
The most obvious use for a network appliance is in the security or e-mail area'for example, a network moving from a very low e-mail volume to a potentially very large volume.
Traffic volume may be increasing because your agency now is publicizing e-mail contact information or experiencing a surge of messages from citizens who have found your URL through the FirstGov.gov portal.
Or you may just be experiencing the normal growth of e-mail volume and the concomitant increase in spam and malware. It is even possible that your agency, or some individual working there, may have the misfortune of being specifically targeted by spammers or hackers.
Whatever the scenario, a network that was handling file sharing, database access, printing and other office tasks has to add powerful security tools to protect the data from Internet predators or even wireless attacks.
As a result, something has to be done to manage an ever-increasing number of
e-mail messages. And the thought of adding new security tools and e-mail management software to a smoothly running network is enough to make any network administrator consider early retirement.
Fortunately, there is another answer'add an e-mail or security appliance that comes complete with preconfigured applications, carries all its own management tools, and is ready to update virus signatures, spam lists and other essential security-related databases directly from the vendor.
Such an integrated appliance may be ready to run within minutes of being powered up and will almost certainly come with tightly integrated and presumably nonconflicting tools.
Among other advantages, a network appliance has its own memory, storage and processor power, which means it should put little or no additional load on what are probably already stressed network servers.
In fact, if the appliance is replacing filtering or other tools that already exist on the network, then adding the appliance will actually reduce the load on existing components, improving performance and probably extending the life of some marginal components.
Another plus is that this configuration offers the option of simply disconnecting the appliance to revert your network to a previous state if you encounter problems.
John McCormick is a freelance writer and computer consultant. E-mail him at [email protected].