Feature

New directions for switches

Ezine

This article can also be found in the Premium Editorial Download "Storage magazine: Expanding SANs: How to scale today's storage networks."

Download it now to read this article plus other related content.

Pros and cons of
some major switch vendors
Brocade Communications Systems brings extensive experience in midrange and departmental switching and offers one the most secure and tested firmware/OS of major Fibre Channel (FC) vendors for functions such as security and routing. What to watch for in the long term, is its ability to complete the integration of Rhapsody Networks as well as other storage services into its portfolio of

Requires Free Membership to View

products and overcome its perceived failings in the high end of the market with its SilkWorm 12000. For the short term, one should look to Brocade to provide a more secure fabric and a higher level of compatibility than its competitors and remain the preferred solution in the midrange and departmental spaces.
Cisco brings a depth of networking experience and talent to the table. However, some of the dynamics of FC and IP networks differ both in terms of expectation and design. Look for Cisco to start to gain market share, get the kinks out of its product and put to rest the swirling rumors about the reported failings of its MDS 9000 directors. For the short term, treat Cisco's products as the new kids on the block and require the company to prove itself in this space.
CNT has years of networking experience, and with its acquisition of Inrange now has a highly available, high port count director to complement its WAN offerings. Watch to see if they gain market share and improve its perception in the marketplace. In the short term, continue to look to them to provide storage network connectivity over large distances with its UltraNet line of products and as a viable FC director alternative with its FC/9000 line of products.
McData brings some of the most extensive and timetested data center experience to the FC director market and is now moving into the midrange and departmental space with its Sphereon line of products. McData's challenge over the next 12 to 18 months will be to integrate its recent purchases of Nishan Systems and Sanera Systems while improving the manageability and intelligence of its microcode. For the time being, look to its Intrepid 6000 series of directors as the preferred solution for enterprise-class high port count FC solutions.
QLogic is the only one of the major FC switch vendors that offers FC host bus adapters (HBAs) as well. With the introduction of its SANbox2-64, they now also offer a 64 port FC switch solution that competes in the enterprise market. QLogic's longer-term strategy requires them to capitalize on the market acceptance of its HBAs as a way to introduce its FC switches into existing environments. In the short term, expect QLogic to remain a niche FC switch player.

Faster speeds
Yet for all the value a logical 8Gb channel comprised of four physical 2Gb ISLs may offer users, the approved 4Gb and forthcoming 10Gb FC standard may make this trunking functionality obsolete, or at least minimize its current value. With the future incorporation of these standards into the switches, one single 10Gb ISL between any two vendor's switches supporting the 10Gb standard would offer more bandwidth than four aggregated 2Gb links between two Brocade switches and use less ports.

QLogic Corp., Aliso Viejo, CA, is the primary switch vendor advocating the use of 4Gb FC and was recently successful in campaigning the FC standards board to approve this standard. While the 4Gb doubles the current 2Gb FC standard, its primary value to users comes in the ability to deploy this technology without requiring a major infrastructure technology upgrade. Because the new 4Gb standard will be backward compatible with existing 1Gb and 2Gb HBAs used in organizations today, users can expect its existing FC infrastructure to serve them for the foreseeable future without an upgrade.

While the proposed standard will require a technology upgrade, the 10Gb standard holds particular appeal for users needing simple and fast switch interconnects and high-speed connectivity to storage arrays and tape drives. Sanera Systems became the first vendor to offer and support 10Gb functionality on its DS10000 256 port director. Of the 256 ports, the director supports up to 64 ports for 10Gb functionality. Sanera Systems' CEO Patrick Harr says they are able to offer this functionality already because even though the 10Gb standard isn't ratified, the physical layer is already defined. However, unless connecting two of Sanera's DS10000s, this feature will be of limited or no benefit because no other vendor currently offers 10Gb connectivity.

10Gb FC also opens up new ways to think about disaster recovery (DR) as it extends the distance between two sites for DR. Sanera System's Harr points out that the maximum distance for 1Gb FC is about 27 km. 10Gb extends an organizations ability to maintain synchronous copies of data to 270 km because the latency issues around synchronous writes are extended due to the faster 10Gb FC speed.

Users looking for 10Gb anytime soon, however, will have to wait. Mike Witkowski, CTO of Maxxan Systems Inc., says that while he expects 4Gb and 10Gb in the second quarter of 2004, and availability largely depends on how soon interoperability testing with the major OEMs can be completed. He also points out that with the recent ratification of 4Gb, QLogic is accelerating 4Gb testing over 10Gb, which may further delay the general release of the 10Gb standard.

Yet today's users are beginning to look for more than just ways to use what they have at faster speeds. They're once again beginning to turn their attention to new features and options that lower the overall cost of business while simplifying their lives. Recent switch enhancements and acquisitions show that vendors are listening to this change in attitude.

Virtual or partitioned SANs
As a way for users to tie their existing SAN fabrics into a central core switch and protect the integrity of their fabrics, Cisco reintroduced the VSAN concept back into the FC market as part of the introduction of its MDS 9000 in early 2003. Originally proposed by Vixel Corp., Bothell, WA, in the early arbitrated loop days of SANs, VSANs enable different fabrics to exist on one switch or director that are oblivious to the existence of other fabrics on the same switch. However, this concept has gotten little traction to date because Cisco is still in the process of breaking into the FC market and users are still primarily at the early stages of figuring out how to best implement this option.

The concept of a VSAN being solely offered by Cisco's MDS 9000 will now face a stiff challenge from McData as a result of McData's recent Sanera Systems acquisition for a couple of reasons. First, Sanera Systems' DS10000's underlying code introduces hard partitioning into the FC environment. This differs from VSANs in one important way. Like Cisco's MDS 9000, it allows existing FC fabrics from different vendors to connect into one central switch. Unlike the MDS 9000, each partition on the DS10000 can maintain a separate microcode level and be upgraded separately, thereby ensuring compliance and interoperability with the fabric which it serves regardless of the vendor. Second, with McData already so well entrenched in many data centers, and because the DS10000 appears to offer a solid if not better alternative to Cisco's solution for some environments, it will likely further slow Cisco's plans to establish a presence in the high end FC space. This, of course, assumes McData can motivate its partners to certify the DS10000 in existing SAN fabric configurations in a timely manner because many of these same partners also have similar partnership agreements with Cisco.

Despite the promised benefits, Tom Clark, Nishan Systems director of technical marketing, sees VSANs as a step backward for the FC switch and completely counterproductive to the concept of utility storage. He says that VSANs can't share storage resources with each other. For instance, if a tape drive is assigned to one VSAN, the tape drive in a specific VSAN is no longer available as a resource to other VSANs on that same switch.

Emphasis on security
Switch vendors are starting to offer more security features and connection options for remote or disparate SANs. The recent acquisition by McData of Nishan Systems and their IPS Storage Switches adds to McData's portfolio of products the ability to connect disparate SANs using IP or FC while maintaining the integrity of each fabric.

Computer Network Technology Corp. (CNT), based in Minneapolis, MN, and Inrange Technologies Corp., Lumberton, NJ, also recently became one company when CNT acquired Inrange in May of 2003. By acquiring Inrange, CNT obtained Inrange's line of FC/9000 directors that scale from 24 to 256 ports to compliment CNT's Ultranet product line that offer SAN, MAN and WAN connectivity. Cisco's acquisition of Andiamo paralleled CNT's acquisition of Inrange in terms of bringing a high FC port count director into their product mix. Brocade offers ports on its SilkWorm 12000 switch that can be used to extend and connect its products to different SANs.

Even the decades-old SCSI protocol may be getting a new lease on life thanks to Crossroads Systems Inc., in Austin, TX Its ServerAttach SA40 grants legacy midrange SCSI-attached servers, tape drives and storage arrays the ability to connect to FC SANs. The SA40 functions as a SCSI to FC protocol converter and can support up to four 2Gb FC ports and eight SCSI ports.

This technology preserves and extends the life of existing SCSI implementations while also offering a FC connectivity option to those operating systems which don't natively support FC, such as AS-400s and older versions of more popular operating systems such as Windows NT 4.0. Now these servers can gain some of the benefits found in FC SANs such as shared DASD and tape resources without requiring the deployment and added expense of FC HBAs in these servers.

A fully configured SA40 costs about $20,000 or $2,000 per port which may be a bit high to gain this functionality for SCSI connectivity. Users will need to weigh this cost to connect their SCSI devices to FC SANs vs. migrating them to FC, which in some cases isn't even an option due to the age of some of these technologies.

Sandial Systems, a startup based in Portsmouth, NH, is on course to deliver yet another enterprise class director. In addition to supporting technologies such as 256 ports, virtualization, and V-SANs, Sandial purports to offer the industry's first storage network backbone. Their switch features a time division multiplexing engine that helps users overcome the current oversubscription limitations of ISLs used in today's SAN fabrics and enable them to build more scalable FC storage networks.

Connecting these disparate SANs with different protocols also raises the increased possibility for breaches in security. While multiple mechanisms are in place to protect IP networks, FC networks often lack the same sort of attention. Right now, the biggest levels of security around FC networks are the general ignorance about FC protocols and the fact that the attached servers are often situated in physically secure locations accessed by a limited number of personnel.

Yet as SANs become more interconnected with more protocols in more accessible locations, the likelihood increases that network security will be compromised. For instance, in environments that use the world-wide names (WWNs) assigned to the server host bus adapter (HBA) to do zoning as opposed to port zoning, if someone changes the WWN to match that of another server on the network, that server may then have access to the other server's storage on the storage network.

Most vendors have some precautions in place to prevent this. McData offers the ability to map a specific WWN to a specific port, so if a different WWN logs into that port, it locks the new WWN out. However, this approach is akin to issuing one key to one person for a room and no one but that person with that key can enter the room. To allow another person to enter the room, you need to take away the key from the person who has access, reissue a new key and re-key the door. While highly effective, it's probably overkill as it becomes too labor-intensive for any environment but the most static or security conscious and, as a result, discourages most users from implementing it.

Brocade offers users the ability to place a token on each server so that each time a server logs onto a FC fabric, its Fabric OS authenticates the server's token. However, the license keys and authentication are currently only issued by Brocade, so if any security breach does occur, who is liable for the breach becomes a real issue because Brocade hedges on assuming this liability.

Yet an informal sampling of users at this year's Storage Decisions 2003 still minimize the security threats FC technology introduces into their environment. With many FC deployments supported by trained personnel in closed environments, the risk for now appears mostly limited to ignorance or human error and is outweighed by the cost to implement additional security measures.

This was first published in November 2003

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: