Centralize with blade servers

Dell’s announcement last week about its future enterprise strategy was a preview of what’s ahead for the entire server industry. At the tony Pierre Hotel on Manhattan’s Upper East Side, Dell unveiled, among other things, the company’s new blade server.

According to IDC, blade servers won’t take off until at least next year. But make no mistake–blade servers are the servers of the future. Each blade is a single, 5 ¼-inch-high (3U) self-contained computer–motherboard, processor, memory, disk, and connectivity–that screws into a slot on a standard 19-inch rack. All the blades share a single (or more commonly, dual redundant) power supply, fans, and backbone.

Dell will offer its blade server, dubbed the PowerEdge 1655MC, this year. In a high-density configuration, Dell will pack as many as 504 processors (two per blade) in a single rack.

Dell expects a second configuration, designed for higher performance, to be more popular. Each blade in the high-performance configuration is three times as wide as the high-density blades, so you can pack “only” 84 blades into one rack. That’s still six servers in the space where only three could fit previously.

The high-performance system uses a switched Gigabit Ethernet backplane, compared to a 10/100 backplane for the high-density system, and two SCSI drives of any type instead of two ultra-low-profile 40GB IDE drives. Blades in both configurations offer dual redundant connections to the Ethernet backplane. All the hardware is standard, non-proprietary equipment, per Dell’s practice, including 1.26GHz Pentium III processors, up to 2GB of SDRAM, and an Ultra320 SCSI controller.

Blade servers have some key advantages over traditional box servers and even over rack-mounted servers. They’re compact–you can put more of them in the same space. They use less power than an equivalent number of standalone servers.

Now one announcement of a product that isn’t even shipping yet doesn’t smack of a trend, nor do HP and Compaq’s blade server announcements make this a trend–though Sun and IBM should be next. But if you look at where the industry has been, it becomes clear where it’s going.

Blade servers continue an increasing trend toward consolidating computing resources back into the data center. In the pre-PC days, all computing was done in huge air-conditioned computer rooms with impressive picture windows where operators could be seen scurrying from console to console. The PC proliferation shattered the glass houses, and in many organizations, workgroup and departmental servers gained places near the desktops they served.

Recently, however, the need for better system management and curbed costs have pushed computer resources back into a central area. Low-profile rack servers, which stack machines vertically, have become more popular than standalone boxes, because they take up less space and are easy to service. Blades further “stack” servers horizontally, to get the highest server density possible. (At least today–maybe in a few years they’ll be stacking them in a third dimension, back to front.)

You probably won’t buy your first blade server this year. But if IDC’s predictions are on track, you’ll want to consider blade servers next year when you add new machines or replace existing ones.

Wi-Fi trumps cell phones

The future of mobile network data services is being hotly debated. On one side the mobile phone companies are adding data services to what used to be voice-only devices and services. On the other side are the network and telecommunications companies whose hardware supports high-speed data communications. Each side thinks its products are the best choice for accessing mobile data.

The phone companies say everyone needs to carry a phone around, and that we’ll make do with low-speed data services delivered to tiny phone screens rather than carry around another device. Boy, are they wrong.

Road warriors want a mobile service that’s comparable to what they get at the office. The most promising high-speed service technology is 802.11b wireless networking, a.k.a. Wi-Fi.

Public wireless access points first gained popularity, as many technologies do, on college campuses. In recent months, wireless access points have become popular where people travel: in airports, hotels, and even RV parks, deployed by companies like Wayport, MobileStar, and All Tech Systems.

While some businesses may provide 802.11b access for free, to get you to patronize their core business (the local coffee shop, for example), many others will want you to pay for the bandwidth you use. Critics argue that the complexity of billing issues doom these ventures from the start, but that need not be the case.

Imagine a single national billing infrastructure, where you can buy the equivalent of a telephone calling card and use it anywhere wireless access is available. No such service currently exists, but entrepreneurs please take note. Boingo Wireless is taking a similar approach to the problem by rolling out billing services for a nationwide Wi-Fi network, where local businesses maintain the hardware.

Personally, I’d rather have a data-capable device that provides a voice add-on (i.e. a PDA or a notebook PC with a microphone and earpiece capable of voice over IP or GPRS service) than vice versa (a cell phone with a postage-stamp LCD screen). Just last month Nokia announced a PC Card adapter that can access both 802.11b data networks and GPRS cell phone networks, which it plans to ship by the fall. The availability of such combo cards, in tandem with the proliferation of public access wireless LAN access points, are the two most important trends in wireless networking for the next year.

Just as it made sense to put both a modem and 10Base-T Ethernet on a single PC Card, so is it logical to put 802.11b and GSM/GPRS functionality on a single adapter. Depending on the local service, you use what’s available. If you have Ethernet access, you can make a voice call using a service like Dialpad or Net2Phone. If you have GSM service, you can make a native GSM voice call, and use the slow GPRS link to display data on your PC.

As my experience demonstrates, there is no perfect mobile platform yet, but ubiquitous Wi-Fi access points will help move us closer to mobile paradise.

If you plan to take advantage of public 802.11b access points, make sure you also provide strong authentication (through RADIUS or proprietary software) and encryption (through VPN software) for your network clients. There’s no sense trading away security for the sake of convenience.

Your biggest threat

Bottom line–no product you can buy from any of the vendors we write about will protect you completely from the most serious threat to your network and your business.

Not what you want to hear after laying out six figures to arm yourself with firewalls, antivirus software, and intrusion-detection applications, is it? Nevertheless, forewarned is forearmed, and there is something you can do about this threat.

The threat is called social engineering, which is simply a fancy way of saying “getting people who should know better to do what you want.” A recent CERT report notes that social engineering attempts to hornswoggle instant messaging and Internet Relay Chat (IRC) users are on the rise. These users are directed to sites that ostensibly will help them, but really plant Trojan horse programs on their computers. The same folks who use those applications at home come into your office during the day, where their mistake could cost you your business. Aside from disallowing IM applications in your enterprise, your best bet is to train employees against such cons.

More common than the relatively impersonal social engineering text message is the telephone call from someone who seems to know what he’s talking about. An unsuspecting staffer could disclose vital information like user IDs and passwords to someone with a good line of patter.

The only technology that can potentially deter this kind of caper is two-factor authentication. If a smooth-talking fraud gets one of your employees to give up a user’s ID and password, only strong authentication such as biometrics or smart cards can stop that would-be intruder from accessing your network. But even if your company does employ such technology, a “social engineer” can get an employee to e-mail him a file just as easily as if your company relied solely on passwords.

The only option for preventing social engineering intrusions is awareness. Learn the perpetrators’ secrets. Train everyone in the organization to recognize warning signs, like people who ask for sensitive information but refuse to give contact information. Simply asking for a phone number and verifying it is often enough to stop such theft. Beware of someone trying to use intimidation, or, contrarily, flattery, to extract information; make sure your employees are confident and wary enough that such tricks fail.

When one of your colleagues stops a social engineering exploit, let others in the company know, in case the infiltrator tries again. Hold an annual training session to heighten security awareness, and test once in a while to be sure people remember the lessons.