Ezine

This article can also be found in the Premium Editorial Download "Storage magazine: Adding low-cost tiers to conserve storage costs."

Download it now to read this article plus other related content.

The performance question
While users are increasingly receptive to the idea of more intelligent switches, they must assess the performance impact that network-based intelligence may have on their applications. Features that authenticate the server, encrypt the transmission, route the traffic or perform the volume management in the data path will each introduce latency into the I/O path. The degree to which applications are affected will vary by how many functions are deployed, the latency each one introduces and in what combination they are used.

As a rule of thumb, users of performance-intensive applications such as e-mail and Oracle databases notice an impact when individual I/Os exceed 15 milliseconds. So, the deployment of any technology will ideally keep each I/O at about three milliseconds under normal loads, and under 10 milliseconds per I/O under heavy loads.

Regarding performance, it's also important to consider how a technology such as volume management is deployed. For example, FalconStor and IBM offer virtualization technologies that run as either standalone appliances or as blades in a switch. The underlying features are the same in both instances, but deploying this technology on an appliance can introduce more latency because it requires two more network hops, from the switch to the appliance and then from the appliance back to the switch again.

The good news is that this latency

Requires Free Membership to View

routinely gets measured in microseconds, essentially amounting to little more than noise in the network. Some vendors like DataCore find that its SANsymphony product keeps latency in the nanosecond range for each I/O in optimal conditions. Factor in that these technologies also incorporate additional storage caching algorithms and can take advantage of newer, faster technologies. As a result, users may actually experience a performance boost.

Network bandwidth
While network performance rarely surfaces as an issue, that doesn't mean users never experience network congestion nor does it negate the need to manage network bandwidth. Servers, tape and disk all connect to the SAN at the same 1Gb or 2Gb FC speeds, and the amount of bandwidth each application needs--and when it needs it--varies. With tape and disk ports shared in many users' environments and some servers hosting multiple applications, switches increasingly need to recognize and prioritize how applications utilize the bandwidth on these ports. For the switch to do this, it needs to be able to inspect the contents of the FC packet and adjust bandwidth for specific applications based on predetermined policies.

Brocade, Cisco, CNT and Sandial each enable users to set policies in their switch operating systems that can recognize and respond to fluctuations in SAN activity. For instance, Sandial's ConnectIQ manages the bandwidth of different servers accessing the same storage array port and guarantees bandwidth minimums as well as enforcing maximum bandwidth restrictions based on policies set by the user. Cisco's MDS9000 offers four QoS priority levels that allow users to configure data traffic such that the traffic of latency-sensitive applications receives higher priority than throughput-intensive applications. The ability of different vendor products to analyze the contents of the FC packet and dynamically adjust bandwidths can vary significantly.

Products such as Maxxan's MXV500 and McData's Intrepid 6140 have limited abilities to report on bandwidth utilization and identify potential problem areas. Users should favor FC switches that enable them to capture and monitor performance information. However, you should only pay a premium for those switches that automate this functionality and when your environment has a demonstrated need for it.

Security
With the introduction of IP and different types of servers being connected to the SAN, storage administrators are starting to pay more attention to security. A number of switch vendors already offer tools to enforce various levels of security in their environments, with most designed to prevent accidental intrusions. For example, Cisco's MDS9000 SAN-OS resembles most vendors' products because it follows the Authentication, Authorization and Accounting (AAA) method for centralized administration. Their SAN-OS authenticates the user, and then authorizes the user for the activities on the switch.

McData offers its SANtegrity suite of security products as an option for its switches. It allows users to zone by either WWN or by fabric port as well as the ability to lock down the fabric by preventing the spoofing of WWNs on N_Ports and E_Ports. Brocade's Fabric OS offers similar functions, as well as the ability to implement trusted switches and a Public Key Infrastructure-based infrastructure for authentication and security using digital certificates.

Intelligent switches are a foregone conclusion in the storage network. They offer the ability to prioritize FC and Ethernet packets, divvy up bandwidth between applications, centralize storage management and secure access to the data housed on it. Users should make accommodations for more of these features to appear in their fabric. But the path that intelligence will follow in the network is still unclear. No one switch has assumed a dominant position. As a result, storage administrators should move slowly down this path, only deploying intelligent switches where there's a need for network-based storage, performance or security services.

This was first published in August 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: