May 2011
World War III is Now in Cyber Space
30/05/11 08:23 Filed in: Cyber Warfare
“We don't know who struck first, us or them. But we do know it was us that scorched the sky.” Morpheus explaining to Neo how the final World War between the humans & the machines started.
Unlike the first two World Wars, or the final fictitious one is in the Matrix. WW III is being fought today exclusively in cyber space. It is a silent war, rarely reported in mainstream media, primarily because there’s almost never a human casualty*, and most readers wouldn’t understand it. Often the combatants have no idea who they're fighting. If we look at one of the early major battles, Stuxnet, no one has officially claimed to have launched the attack, but the target was laser focused on Iran's nuclear weapons program. The campaign was successful, and it delayed Iran's weapons program by several years.
Now I'm sure your wondering, "Why is this being covered in a blog about 10GbE?" Simple, all battles require supple lines. Today the supply lines for cyber warfare are moving from GbE to 10GbE. Sure a lone hacker can use a Low Orbit Ion Cannon (LOIC) to take down an unsophisticated opponent using little more than a laptop, and a decent Internet connection. Frankly this is synonymous in the real world to someone with a machine gun trying to shut down a store.
On the other hand governments, and corporations have substantially more resources. As we saw with Stuxnet. For those not familiar with Stuxnet, this was a very carefully engineered offensive cyber weapon delivered in virus form. It had several different parallel attack vectors to ensure that it reached all the intended targets, which reports suggest that it did. It contained a precise triggering system, and a lethal warhead. This battle would not have been possible with only a handful of intelligent people. It took a collaborative effort by several governments, at least one corporation, and several unique pieces of equipment for testing to ensure the weapon’s success. This went way beyond your garden variety LOIC class assault, and defined a whole new category of offensive cyber weaponry. While the LOIC is a machine gun obtainable by nearly anyone, Stuxnet by comparison is a state of the art cruise missile.
Now back to 10GbE. Markets like HFT and HPC are breaking new ground in low latency, high packet rate & wire-rate bandwidth. They are utilizing advanced 10GbE network adapters and switches, along with sophisticated algorithmic routines. Today HFT’s are exploring lossless wire-rate 10GbE capture to do real time analysis and simulation. They capture real trading data in buffers or spin up synthetic ones to emulate the market. They then inject these buffers into an HFT trading engine to see how it responds. Is this really any different then simulating 100s or 1,000’s of web surfers? This technology is crossing over into cyber warfare.
All of the above was written over the holiday weekend. This morning the Wall Street Journal reported that the US Government has announced that The Pentagon has adopted a new strategy that will classify major cyber attacks as acts of war, paving the way for possible real world military retaliation. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," said a military official as quoted in the WSJ. So if you don’t believe the ongoing war in cyber space is real, then just consider it a prelude to it.
* John P. Wheeler III may very well be the first person slain in this cyber war. He is a former Pentagon official, and was a consultant for Mitre prior to his murder. John was an outspoken proponent of Cyber defense. In January 2011 he was found dead in a Maryland landfill, the investigation into is death is currently stalled.
Unlike the first two World Wars, or the final fictitious one is in the Matrix. WW III is being fought today exclusively in cyber space. It is a silent war, rarely reported in mainstream media, primarily because there’s almost never a human casualty*, and most readers wouldn’t understand it. Often the combatants have no idea who they're fighting. If we look at one of the early major battles, Stuxnet, no one has officially claimed to have launched the attack, but the target was laser focused on Iran's nuclear weapons program. The campaign was successful, and it delayed Iran's weapons program by several years.
Now I'm sure your wondering, "Why is this being covered in a blog about 10GbE?" Simple, all battles require supple lines. Today the supply lines for cyber warfare are moving from GbE to 10GbE. Sure a lone hacker can use a Low Orbit Ion Cannon (LOIC) to take down an unsophisticated opponent using little more than a laptop, and a decent Internet connection. Frankly this is synonymous in the real world to someone with a machine gun trying to shut down a store.
On the other hand governments, and corporations have substantially more resources. As we saw with Stuxnet. For those not familiar with Stuxnet, this was a very carefully engineered offensive cyber weapon delivered in virus form. It had several different parallel attack vectors to ensure that it reached all the intended targets, which reports suggest that it did. It contained a precise triggering system, and a lethal warhead. This battle would not have been possible with only a handful of intelligent people. It took a collaborative effort by several governments, at least one corporation, and several unique pieces of equipment for testing to ensure the weapon’s success. This went way beyond your garden variety LOIC class assault, and defined a whole new category of offensive cyber weaponry. While the LOIC is a machine gun obtainable by nearly anyone, Stuxnet by comparison is a state of the art cruise missile.
Now back to 10GbE. Markets like HFT and HPC are breaking new ground in low latency, high packet rate & wire-rate bandwidth. They are utilizing advanced 10GbE network adapters and switches, along with sophisticated algorithmic routines. Today HFT’s are exploring lossless wire-rate 10GbE capture to do real time analysis and simulation. They capture real trading data in buffers or spin up synthetic ones to emulate the market. They then inject these buffers into an HFT trading engine to see how it responds. Is this really any different then simulating 100s or 1,000’s of web surfers? This technology is crossing over into cyber warfare.
All of the above was written over the holiday weekend. This morning the Wall Street Journal reported that the US Government has announced that The Pentagon has adopted a new strategy that will classify major cyber attacks as acts of war, paving the way for possible real world military retaliation. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," said a military official as quoted in the WSJ. So if you don’t believe the ongoing war in cyber space is real, then just consider it a prelude to it.
* John P. Wheeler III may very well be the first person slain in this cyber war. He is a former Pentagon official, and was a consultant for Mitre prior to his murder. John was an outspoken proponent of Cyber defense. In January 2011 he was found dead in a Maryland landfill, the investigation into is death is currently stalled.
Optical Lock Down
18/05/11 08:10 Filed in: PHYs
Today for the umpteenth time I had to explain to someone that if you go optical to connect your server to your switch with 10GbE it could easily cost you twice as much. There is a secret at the end of this entry that MIGHT allow you to save some big time cash, if you have enough muscle, but you have to read to the end of this entry.
For cable runs of seven meters or less you should always use Direct Attach (DA otherwise known as Twinax) cable if possible as it could easily save enough to basically connect a second server for free! Here are some actual numbers from earlier today.
First some basic end user costs assuming a five meter run, note these are rounded a little bit to keep the math simple:
10GbE Network adapters, roughly $400/port
10GbE Switches, roughly $500/port
10GbE SR SFP+ Optics from switch vendor $800/port
10GbE SR SFP+ Optics from NIC vendor $200/port
10GbE SR Optical 5M cable $80/ea
10GbE Direct Attach 5M cable roughly $140/ea
Now lets build a solution between the server and the switch using optics:
10GbE Network adapter $400
10GbE SR Optic from NIC vendor $200
10GbE SR Optical 5M cable $80
10GbE SR Optic from Switch vendor $800
10GbE Switch port $500
Total $1,980 to connect a single server
Direct Attach (Twinax) Option:
10GbE Network adapter $400
10GbE Direct Attach 5M cable roughly $140/ea
10GbE Switch port $500
Total $1,040 to connect a single server
Let’s look more closely at the market dynamics going on here. First only a handful of companies make 80% of the 10GbE Short Range (SR) optics that everyone uses today. These companies are typically: JDSU, Finisar, Agilent, etc... None of the switch companies or NIC companies make their own optics, we all source them from several of the above companies, and a few others, all of whom rebrand them for us and burn our company name and part number into what is essentially flash memory within the optic.
Here’s where it gets interesting. Myricom, the company I work for, sells it’s SR SFP+ optics online via CDW’s website for $185. Here are some of the more expensive SR SFP+ optics listed on CDW’s site:
HP Procurve: $1,498
Avaya: $1,350
Enterasys: $1,210
Cisco: $1,100
Juniper: $1,082
Brocade: $1,022
QLogic: $930
IBM: $920
Now remember under the covers we’re all sourcing these optics from the same competitive pool, so why the price spread?
First remember that we each buy our optics with our manufacturer name and part numbers already burned into them by the optics makers mentioned above. Now here’s where it gets interesting the switch makers during switch initialization query the optic and if it does not return a valid company name and part number then it locks the optic out and reports the port as offline.
A Cisco switch requires a Cisco optic. If you were to use a Myricom optic it would see that the optic was made by “Myricom” with a part number “10G-SFP-SR” and it would lock that port out because it has an incompatible optic. Never mind that a valid Cisco optic and the “failed” Myricom optics may very well have been made by JDSU on the same assembly line, perhaps even on the same day.
Network adapter vendors, like Myricom, are optic agnostic. You can shove in an Arista, Cisco, HP, or Gnodal, we won’t care. We provide optics to offer a complete solution for our customers. Finally, we are not “in the optic business” so we pick them up, mark them up fairly, then offer them for sale. I can assure you we’re not buying them at the same discount that a Cisco or Juniper might be getting, yet our price is clearly so much more reasonable.
Now here’s the secret I promised. Most switch vendors have a patch for the switch operating system so that it will ignore the optic check and allow you to use anybody’s optics. If you have the buying power and the cojones, then insist that they provide the patch as a condition of buying their switch. It will save you big time. You can then take that savings, and buy a few more Myricom 10GbE adapters.
For cable runs of seven meters or less you should always use Direct Attach (DA otherwise known as Twinax) cable if possible as it could easily save enough to basically connect a second server for free! Here are some actual numbers from earlier today.
First some basic end user costs assuming a five meter run, note these are rounded a little bit to keep the math simple:
10GbE Network adapters, roughly $400/port
10GbE Switches, roughly $500/port
10GbE SR SFP+ Optics from switch vendor $800/port
10GbE SR SFP+ Optics from NIC vendor $200/port
10GbE SR Optical 5M cable $80/ea
10GbE Direct Attach 5M cable roughly $140/ea
Now lets build a solution between the server and the switch using optics:
10GbE Network adapter $400
10GbE SR Optic from NIC vendor $200
10GbE SR Optical 5M cable $80
10GbE SR Optic from Switch vendor $800
10GbE Switch port $500
Total $1,980 to connect a single server
Direct Attach (Twinax) Option:
10GbE Network adapter $400
10GbE Direct Attach 5M cable roughly $140/ea
10GbE Switch port $500
Total $1,040 to connect a single server
Let’s look more closely at the market dynamics going on here. First only a handful of companies make 80% of the 10GbE Short Range (SR) optics that everyone uses today. These companies are typically: JDSU, Finisar, Agilent, etc... None of the switch companies or NIC companies make their own optics, we all source them from several of the above companies, and a few others, all of whom rebrand them for us and burn our company name and part number into what is essentially flash memory within the optic.
Here’s where it gets interesting. Myricom, the company I work for, sells it’s SR SFP+ optics online via CDW’s website for $185. Here are some of the more expensive SR SFP+ optics listed on CDW’s site:
HP Procurve: $1,498
Avaya: $1,350
Enterasys: $1,210
Cisco: $1,100
Juniper: $1,082
Brocade: $1,022
QLogic: $930
IBM: $920
Now remember under the covers we’re all sourcing these optics from the same competitive pool, so why the price spread?
First remember that we each buy our optics with our manufacturer name and part numbers already burned into them by the optics makers mentioned above. Now here’s where it gets interesting the switch makers during switch initialization query the optic and if it does not return a valid company name and part number then it locks the optic out and reports the port as offline.
A Cisco switch requires a Cisco optic. If you were to use a Myricom optic it would see that the optic was made by “Myricom” with a part number “10G-SFP-SR” and it would lock that port out because it has an incompatible optic. Never mind that a valid Cisco optic and the “failed” Myricom optics may very well have been made by JDSU on the same assembly line, perhaps even on the same day.
Network adapter vendors, like Myricom, are optic agnostic. You can shove in an Arista, Cisco, HP, or Gnodal, we won’t care. We provide optics to offer a complete solution for our customers. Finally, we are not “in the optic business” so we pick them up, mark them up fairly, then offer them for sale. I can assure you we’re not buying them at the same discount that a Cisco or Juniper might be getting, yet our price is clearly so much more reasonable.
Now here’s the secret I promised. Most switch vendors have a patch for the switch operating system so that it will ignore the optic check and allow you to use anybody’s optics. If you have the buying power and the cojones, then insist that they provide the patch as a condition of buying their switch. It will save you big time. You can then take that savings, and buy a few more Myricom 10GbE adapters.
So Where did 10GbE Go?
15/05/11 08:05 Filed in: 10GbE
First some background. During 2009 this site saw over 20,000 page views, and at one point The Register even used 10GbE.net as an expert reference by mentioning & linking to us to validate a storyline. This resulted in 10GbE.net rocketing into the top four sites when searching for the string “10GbE”. 10GbE.net, and it’s sister 40gbe.net, were started in December 2007 as a one man stealth marketing effort to help get 10GbE off the ground more quickly. Let’s face it my job is to sell 10GbE network adapters, so I created the site to drive traffic, and improve sales. Both of which it did.
Initially 10GbE.net hosted several pages listing all the currently available network adapters by type, interface, performance & price. A sort of bleeding edge Consumer Reports for both adapters, and later switches. As the traffic, and attention grew it became more uncomfortable to operate in stealth. Also it had become a huge sink for my spare time. After speaking to one of my mentors it was decided to pull the plug on both sites.
Today the market is different, and more perspective is needed. I’ve recast this site, and cross linked my 10GbE.net domain to 40GbE.net to form this new Extreme Performance Networking blog. From this vantage point I can share more information, and my unique perspective while remaining in full view.
Initially 10GbE.net hosted several pages listing all the currently available network adapters by type, interface, performance & price. A sort of bleeding edge Consumer Reports for both adapters, and later switches. As the traffic, and attention grew it became more uncomfortable to operate in stealth. Also it had become a huge sink for my spare time. After speaking to one of my mentors it was decided to pull the plug on both sites.
Today the market is different, and more perspective is needed. I’ve recast this site, and cross linked my 10GbE.net domain to 40GbE.net to form this new Extreme Performance Networking blog. From this vantage point I can share more information, and my unique perspective while remaining in full view.