The ultimate function of the IT department is to provide delivery of the business critical applications in a speedy and reliable manner to the users who need them. Virtualization doesn't change that. It merely changes everything else.

The funny thing about a virtual server is that it is the living embodiment of the idea that the silos in IT have to break down and once different technical fields now have to work together.

Virtual servers are part of virtual networks - that is, there are multiple virtual servers on one actual piece of hardware, and they connect to each other - on the same hardware - using the same networking protocols that they would use if it was communicating with a server halfway around the world. But it's all on the same server, so here's the question: Who fixes it when it breaks? Who owns it?

After all, there's no actual fiber/copper/tin-can-and-string wiring going on, it's all entirely on the server. So is it the server team that is responsible for "intra-box" networking connections? Or is the network team responsible? Gumming this all up - virtual servers are software. Does that mean the application team should be the one responsible?

With virtualization, you really can't have a segregated IT department and continue to operate efficiently. Traditional models of which part of the IT department "owns" which part of the "application path" from server to user are now irrelevant.

We've been talking about the idea that server, application development, and networking teams have to merge into an application delivery team for quite a while now - we invited Jim Metzler to speak at NetQoS Symposium 2007 to talk about it, and he'll be back for NetQoS Symposium 2008, (which starts a month from today, actually).

I think virtualization has thrown everyone who works in the enterprise space - from network engineers to CIOs to vendors like us here at NetQoS. Everyone knew it was going to be big; I don't think anyone realized how quickly it would catch on. March's issue of CIO Magazine reports that 85 percent of CIOs are happy with the return on investment of virtualization - even though it can be hard to quantify exactly what the return on investment is with current tools.

We're releasing NetQoS VoIP Monitor v1.1. Biggest changes: SIP (Session Initiation Protocol) support, automatic and on-demand problem investigation, and capacity planning reports.

I want to start with SIP support, because there's an interesting related story that caught my attention when it came out on Slashdot.

One of the odd things about SIP is that it is, to some extent, a peer-to peer based protocol. The advantage of this is that it only requires a simple core network, with all the fiddly bits distributed to the network edge. This makes SIP more scalable than other protocols. You can see why our customers think SIP support is important and why NetQoS worked to put it into this release.

But as a side effect of the way the technology was designed, SIP's peer to peer network means that it can be difficult to route emergency calls because of the mobility of IP endpoints and the fact that SIP has no network location capability - you'll remember that Vonage got into a little bit of trouble a while back because it couldn't consistently promise E911 support. (That has since been fixed.)

SIP also establishes a VoIP connection directly between the two calls out at the edge. Once the call is set up, the data does not pass through any sort of central server owned or controlled by the VoIP provider. That makes it harder for the government to legally (or whatever) intercept calls.

I mention this because the actual documents governing the rules behind U.S. government interception of VoIP was leaked to Wikileaks on the 15th of March. Now, this is nothing new - CALEA requires VoIP providers to maintain wiretapping capability - just like the plain-old-telephone-service providers are. It's interesting, however, to see the documents. Or at least it might be to somebody else who is interested in network security and encryption.

But from a performance angle, the CALEA requirements for wiretapping are directly in opposition to the efficiency of a SIP VoIP network - that is, if a service provider must be in the middle of every call, it eliminates the benefits of the P2P structure. That adds a lot of network overhead.

The other new features in VoIP Monitor v1.1 are generally less conversation sparking - but no less important. Most of our other products, such as SuperAgent, have both automatic and on-demand problem investigation and capacity planning reports. These capabilities have been added to VoIP monitor in the new version.

Automatic investigations occur when a VoIP performance threshold - such as delay to dial tone - is exceeded. Then VoIP Monitor traces the call signaling path and compares it to the automatically generated baselines.

As far as capacity planning reports helps go, VoIP Monitor v1.1 providers enhanced reports on call volume, call quality, call failures, grade of service and gateway utilization. It provides a view of the effect of different call volumes. With this information, IT professionals can view capacity for specific locations or gateways or for the enterprise as a whole - the utilization reports are especially useful when negotiating contracts with service providers.

We have a demo of VoIP Monitor v1.1 up and running at VoiceCon in Orlando, at booth #1305, if you're attending.

It's always hard to write these posts - that is, a holiday post should be a "gimmie" - you mention how much you like the holiday, and you find some lame way to tie it into network engineering or network monitoring, and you have a post and can spend the rest of your day doing whatever else needs to be done.

But I realized that the only thing I could really tie into St. Pat's Day was a lame comparison that St. Patrick drove all the snakes out of Ireland, and NetQoS Anomaly Detector helps you drive worms from your network. In my notes, I got as far as pointing out that St. Patrick also drove out the entire fossil record which would have shown that there were once snakes in Ireland, but, by way of contrast, NetQoS Anomaly Detector keeps detailed logs.

My mother is Irish, by the way, and going further down this line of comparing Ireland's patron saint to a piece of enterprise network monitoring software - well, it's just not a road I want to go further down if I ever want to be invited back to Thanksgiving dinner.

So, St. Patrick's Day then. Well, not anything really interesting except that today is not St. Patrick's day. Technically, we missed it, on March 15th. The Catholic Church moved it back two days this year because it fell on Holy Week.

That probably won't stop people from heading out to their local bars and drinking green beer tonight, and I urge everyone who does to get designated drivers. (Or, if you're lame like me, and don't like the taste of beer, green or otherwise, nor the company of inebriated peers, don't hog the last copies of "Waking Ned Devine" or "The Quiet Man" at the video store if you've already seen it.)

Just be careful, stay safe, and remember that ideas formed while drunk may, indeed, be brilliant, but they can be acted upon once sobriety takes hold again.

Verizon and NBC are working on serving up TV shows to home computers. The problem is, high definition video, (and I've done some HD video work for the Web - shameless plug), takes a whole mess of bandwidth.

Now, the obvious solution for NBC would be to move to some sort of peer-to-peer distribution system, right? I mean, it works for Linux distros.

The problem is that a normal peer-to-peer connection doesn't distinguish between the cheap local links - that is, links on the same ISP, in roughly the same geographic area - from the expensive remote links. So while P2P provides a more cost effective solution, it doesn't provide the most cost-effective solution for the ISP.

A third party, Pando, has developed a P2P system for pre-authorized, pre-approved content, and has come up with a way to force peer to peer connections to look for local nodes first. This increase the efficiency of the system, lowers the cost, and generally increases the performance of the streaming/downloading video.

This is exactly the type of thing we talk about when we say that how the application is coded can have a huge impact on the application performance over the WAN. Sometimes instead of needing more bandwidth, you need to find a way to make the apps work more efficiently.

In this case, decentralized P2P systems developed after the destruction of Napster. Though they were much less likely to get shut down by the RIAA, they were also much less efficient. This dominated development of P2P applications for years. But for offering only pre-authorized content, a centralized system - especially one that takes advantage of the structure of the physical network, makes a certain bit of sense.

NBC will be offering Verizon customers their shows via Pando's P2P service - which they're calling P4P, later this year. The name is a logical outgrowth, P2P, or "peer to peer," versus P4P, or "peer for peer." P3P was disregarded because it sounded too much like PCP. And if a kid with a lisp goes around school saying: "I downloaded the latesth Methallica album on P3P" and a teacher hears: "I downloaded the latest Metallica album on PCP," well, that's just not going to be a story that ends well, now, is it?

There's only one problem with Pando's plan: Each ISP will have to give up information about its subscribers in order to participate - that is, the Pando platform requires knowing which nodes are "local" and which nodes are "remote" in order to optimize for the local connections:

For other ISPs to reap the benefits Verizon did in the test, they too would have to share information about their networks with file-sharing companies, and that they normally keep that information close to their chests.

''That's one of the objectives we have to solve -- how are we going to consolidate this data and distribute it?'' Pasko said, adding that the result of the test gives ISPs plenty of incentive to collaborate.

(Okay, maybe there's two problems: No offense to NBC, but when your biggest hit is a veritable case study in game theory… you need some new shows.)

Twtr has scale probs. At SXSW, twtr netperf :( Cook said SXSW wifi :(, but 30 twtr srvrs not enuf. http://tiny.cc/UEbhb

Okay, that's borderline incomprehensible. We won't be doing that again.

As the Macworld article linked above shows, there was a problem at SXSW with people sending and receiving twitter messages. Twitter founder Blaine Cook claimed that the WiFi of SXSW was being overloaded (which is one network performance issue) but added that Twitter - with 30 servers and adding more - is having trouble scaling to handle the network demand.

There's more to the SXSW coverage, which includes the OpenMoko and an encouragement to pay attention to what happens in government if you plan to work with mobile platforms in any respect, which is good advice - we said as much a while back. What seems to be interesting is that the mobile phone providers - including Apple - want to lock down everything that they don't directly control on their platforms, when in reality, it would be simpler, and more useful, simply to use prioritization and QoS to make sure the network runs smoothly.

I think mobile computing is here on the consumer end - we see Japan using cellphones more than computers for all types of communication - but the United States remains technologically inert with advances coming slowly, in fits and spurts. This is mostly because of the desire of cellphone companies to create very limited services - so that they can charge app developers for the right to use their phone network, and can charge consumers more for the right to use those services.

June 16, 2007, Network World:

"We're telling IT executives to not support it because Apple has no intentions of supporting (iPhone use in) the enterprise," Gartner analyst Ken Dulaney says. "This is basically a cellular iPod with some other capabilities and it's important that it be recognized as such."

March 6, 2008, Network World:

During a media conference at its San Francisco headquarters today, Apple unwrapped a host of new features that are designed to make the iPhone more attractive to corporate users.

Six months is a long time in the tech world…

We've warned that eventually the iPhone would be appearing on corporate networks and that the new (at that time) devices would introduce vulnerabilities into the corporate network and take additional resources. What we weren't counting on was Apple making overtures to enterprise networking - we had assumed that, much like the original iPhone was hacked to run on multiple carriers, that those who wanted to use the iPhone for enterprise applications would have to provide their own, messy, stop-gap solutions.

Back in January of 2007, when the iPhone was first announced, we wrote:

"That's another question - will this device have VPN support so that traveling employees can get the information they need while on the road? And if they do - how do you secure the data? The iPhone, like all small devices, is easy to lose, and easy to steal. That makes it vulnerable to illicit access. Does the iPhone have cryptographic abilities to make sure data stays safe?"

Well, apparently, Apple didn't take that as a rhetorical question because the fruit-based tech company is going to support Cisco IPsec VPN in the next iPhone update - the same one that will bring secure Exchange support as well as the possibility of an "iTunes Store for iPhone apps" - current Apple plans are to allow third party development but that Apple would have the final say on whether or not the applications could run on the iPhone. (Of course, clever hackers have already found a way around that.)

At any rate, the iPhone now seems to be competing directly with the Blackberry, which is good in the sense that competition in technical markets lead to innovation, and companies will have to expect new types of devices using different types of traffic, which - well, isn't bad, but which can be frustrating, absent a network device monitor.

Personally, I'm a bit confused by Apple's insistence to cripple the iPhone into only running "acceptable" applications on the iPhone, as A) it's clear that people are going to use it the way they like anyway, and B) if Apple took the same attitudes with their Macintosh/OSX general purpose computers, some of the best Mac apps (Quicksilver, Colloquy, Transmission, Burn,) simply wouldn't exist. Perhaps this increases the security of the device but at the obvious cost of utility.

It's just rhetorical, and I'd love to get some comments on this, but is the tradeoff between security and utility a false one? I'm not sure - havening not worked much in the security side of technology - but it seems to me that if the iPhone can be hacked to make it more useful, it can also be hacked to make it malicious, and so the choice is not between security and utility, but rather between a lack of security with utility, or a lack of security without utility. Hmm… maybe I should ponder this more.

The Wall Street Journal has a column by Amit Basu and Chip Jarnagin about how most companies are failing to recognize the potential of IT, and they list a number of reasons why.

First, Basu and Jarnagin say, the business often sees IT as a basic utility, like plumbing or phone service. This is compounded by the current trend towards SaaS; in which prominent authors like Nick Carr are actually sincerely arguing that IT is indeed a basic utility, and that "IT doesn't matter." We disagreed with that argument on the basis that those companies that use unique IT resources and talent effectively will outperform those companies who do not, but agreed with the general trends that Carr pointed out. The problem that many overlook is that IT as a utility and IT as an innovator are not mutually exclusive propositions. (Remember when your cable company just provided TV?)

Additionally, Basu and Jarnagin argue that there is an effective glass wall isolating IT within the company, and there are five reasons for this wall separating IT and the rest of the business.

"Mind-set differences between management staff and IT staff, language differences, social influences, flaws in IT governance (defined as the specification and control of IT decision rights), and the difficulty of managing rapidly changing technology."

The first case, of mindset differences between IT teams and business leaders is one of abstract vs. logical thinking. IT teams often deal in binary logic; something works or it does not, something is better or it is not. There is a right way, a wrong way, and sometimes a best way, to do things. Business leadership often deals in the grey areas, what ifs, and sometimes illogical intuition.

To oversimplify, IT thinks in the terms of the math class - there is a right and wrong answer. Management is liberal arts - arguments should be well formed but there's no one right way to get to the answer. For all the jokes between management and IT working on totally different wavelengths, there is an absolute truth to this.

Also, as Basu and Jarnagin point out, both business and IT use incomprehensible languages filled with acronyms and specialized terms. I know most of you are familiar with "VoIP," "packet priority," and "ITIL" but to a business manager, they're as alien as "EBITDA," "commodity value," and "ISPL" are to a network engineer.

(A digression: When I first started working at this position, I came from an academic background. It confused me to no end that when the marketing people were talking about "the pipe" and the networking people were talking about "the pipe" they meant two entirely different things.)

There are other, social, factors mentioned in the article as well, but the end result is that business doesn't want to deal with IT, doesn't care about IT, and doesn't understand how IT helps their business. And yet, IT is still crucial to meeting business goals.

We've talked many times about the need for better IT communication, and better understanding of business needs in IT. Mostly, we agree with Basu and Jarnagin's assessments of the situation, and really do recommend that you read the article - and perhaps forward it to your manager.

This is where ITIL can help out considerably. One of the major improvements in ITIL v3 from v2 is the shift from business alignment to business integration, which requires IT to adopt business terms and to create, measure and communicate IT value in financial terms whenever possible.

There is a site out there - I won't tell you what it is but you can probably find it - that offers every just about every live sports game there is, whether or not the respective television networks have allowed it, whether or not the respective sports league have given express consent for rebroadcast, whether or not the sports game is only televised on Indonesian TV. I'd tell you what the site is, but I think it might be illegal, and besides, it's not like it's hard to find through Google.

But what's intriguing is the way in which these rebroadcasts are being done.

Similar to the Slingbox, end-users are using TV capture cards and simply streaming, through P2P technologies, the TV shows live from their home computers (with a slight delay) as they're broadcast. Unlike the slingbox, which is a device that controls your home TV and lets you change channels as you watch TV over the net, the service I'm referring to records only one channel. Interested in seeing another channel? Find a different user with a different TV and a different stream.

There's a certain similarity between this and other projects like Babelgum, Joost, and my personal favorite, the academic-only ACTLab.tv. And we've covered them before in this blog.

What makes this particularly interesting is that this is standard TV being encoded in real time into little bits and bytes, and illegally bypassing distribution restrictions.

For example, there are national distribution lines. I can't get BBC Three legally, no matter how much I like Torchwood, because I live in Texas. (Even the BBC's legal streaming service filters based on IP/location, so as not to tick off British taxpayers.)

There are also other distribution lines that we rarely think about. I can't get cable TV at work - not only is there no cable running to my office, but it would also be rather conspicuous to bring into the office, to set up, and to watch. ("Wait, how is Days of Our Lives relevant to network latency ping times?") But, with something like this illegal solution, (or the much more legal Slingbox) I could get live TV on my computer here. Or at least I could for about a day and a half before NetQoS IT had a strong talk with me about acceptable internet use policies.

Recreational network usage - especially video - has been a problem for IT departments. That's not news. What is news is that the idea of an always-on, streaming service for all live events, not just the ones lucky enough to be locally broadcasted. I mean, look at what happened when it became popular for other media - music and movies - to be copied illegally and shared via the Internet. There would be no iTunes without Napster, no Netflix OnDemand without the Pirate Bay. And just like an old cyberpunk novel from the eighties, illegal solutions where no legal solutions exist are a harbinger of a vast untapped demand. It may take a few years, but eventually someone comes along with a legal supply to answer that demand.

Live TV streaming isn't likely to go away. The good news, however, is that live TV streaming is distinctive as a traffic pattern - an anomaly detector with good baselines can, for example, pinpoint exactly when and where abnormal traffic usage is occurring. Unlike most viruses, streaming live video sticks to a schedule. No need for live TV when the Dodgers aren't playing.

Today marks the official start of the South by Southwest (SxSW) Festival in Austin - for readers outside of Austin, SxSW is a combination film, music, and technology festival. Despite its increasing commercialism, the week-long traffic slogs, and the temporary 50 percent increase in man-purse slinging hipsters, SXSW is the premier forum for new music showcases, and the film and digital conferences have attracted some notable and useful panelists. SxSW is one of the reasons Austin is at the top of so many "best cities" lists.

Additionally, tomorrow marks the start of the Austin BarCamp "un-Conference," which is what you get when you try to "get the anarchists to organize" a tech conference. BarCamps are open, participatory workshop events which focus on open-source technologies, and early-stage Web applications.

Of particular interest to network engineers and those interested in Web application performance are these particular events:

BarcampAustin: Usability: Will Users Wait?
Saturday, March 8, Time To Be Determined, GSD&M, 828 W 6th Street., Austin, TX.

Elizabeth Gibson and Lin Howe, AT&T User Experience Design, want to talk about how long of a delay will users tolerate before becoming frustrated or dissatisfied and abandoning the website? Is there anything that can be done to help mitigate a bad user experience?

SxSW: Catching up with Accessibility: The Basics Quickly
Saturday, March 8, 10:00am, Room C, Austin Convention Center

Shawn Henry of the W3C Web Accessibility Initiative will demo how accessibility design can be incorporated into Web sites to allow people with disabilities or people using ways of accessing the site other than the traditional Web browser.

We'll demo how accessibility makes your website available and more usable to people with disabilities; to people using mobile phones, PDAs, and other such devices; to people with low bandwidth connections (which is more of a problem than many are aware of in the U.S. and throughout the world); to seniors, an increasingly important demographic; and others.… This session runs through the easy things and the most important things you can do now to get your project up to speed on accessibility.

SxSW: Crunching and Streaming: Online Video Distribution Challenge and Opportunity
Tuesday, March 11th, 10:00am, Room 19AB, Austin Convention Center

Brendon Mills, CEO of RipCode, Todd Bryant, CEO of Netcast HD Inc., Jeff Kramer of Policyot Labs and others talk about digital video distribution.

Video compression is critical technology for media convergence, and the growing demand for online delivery of high-quality, preferably high definition, video is driving significant innovation in the areas of compression and distribution. This discussion focuses on the significant challenges and opportunities associated with the evolution of online video delivery.

SxSW: Take Municipal WiFi Back
Tuesday, March 11th, 3:30pm, Room 8, Austin Convention Center

Rich MacKinnon of the Austin Wireless City Project, Silona Bonewald of the League of Technical Voters, and others talk about the problems with top-down municipal wireless projects in San Francisco, Chicago, and Philadelphia, and takes a look at the viability of Muni WiFi.

Grassroots approaches to WiFi have focused on leaving the bureaucracy behind, but face challenges in terms of expanding their reach and gaining momentum. Top-down municipal networks promise ubiquitous coverage but have run up against formidable barriers concerning cost of construction, cost of maintenance, and implementation. Both have a goal of eliminating unlawful WiFi "piggybacking" that opens up millions of Internet surfers to dangerous invasions of their personal privacy. Stop by this panel to find out the latest about attempts to bring safe, secure and ubiquitous WiFi coverage to our cities.

by Brian "Scrabble" Boyko
Editor, Network Performance Daily

When a company like Cisco goes into "new media marketing," it doesn't mess around. To promote the Cisco ASR 1000 WAN-edge router, it started a Facebook Group, a Second Life Site, and a slew of holiday mascot viral videos. But that's not the big one.

It won't win any praise from Ben "Yahtzee" Crowshaw, but Cisco created an entire video game around the router. The game, implemented in Shockwave, pits you as the lead agent, piloting an ASR1000 router - yes, piloting - across cyberspace, picking up packets according to quality of service priority, and delivering them across the network. There are also bonuses related to the router's capabilities, such as a 'throughput upgrade' that increases the speed of your… uh… "hover-router," and a "parallel processing" upgrade that allows you to pick up two different color balls - I'm sorry, I mean two different types of network traffic packets - instead of having to clear the packets from the board one color at a time. You might expect that there might be lasers or something coming out of the 'routercraft' but it's a router, so it doesn't have any lasers.

It shows that Cisco can have a little bit of fun with itself, and doesn't mind others poking fun at it either, otherwise they never would have put this out there for people like myself to poke fun at. But, as a game, it's amusing for five minutes, and certainly a great way to justify playing a video game at work, but if I'm going to be playing a video game at work, I'd rather play a game where I didn't actually learn anything about routers. There's a reason that despite the obvious pun, the Valve game developers didn't have GLaDOS go on about the relative merits of different firewall solutions as she tried to incinerate you.

The game itself may miss a few marketing targets, for example, the "space router" was frustrating to steer, even after the power-ups it was kind of sluggish, and it would frequently get rammed into the walls. Sure, I'm remembering the parallel processing thing as it's a great way to illustrate that particular feature, but I also remember a frustrating box that ran slowly and crashed repeatedly. I don't say this to knock at the router it is supposed to represent, but merely to knock the representation. Then again, the real ASR1000 can't fly around the room like a robot Peter Pan, so it's kind of a wash.

At any rate, the game is simple, amusing, and illustrates the main points, which is about as well as you can expect from a marketing mini-game, and hey, I'm talking about it and you're listening, so it can't have failed that badly.