Introduction
We have to admit that while our expectations were low for Interop this year, that the show exceeded our expectations. The show was busier than expected – not can’t-get-through-the-aisles busy – but with enough breathing room for vendors to spend quality time with the people they wanted to see.
Apparently, MediaLive – the show’s producer – has decided that the future of Interop looks bright enough to try an end-of-year version. The creation of Interop New York 2005 ” to address the growing needs of the IT industry” was announced during the show. While the December 11-16 timing is later than Comdex’ week-before-Thanksgiving timeslot, this sure looks like the genesis of a Comdex replacement. We wish MediaLive luck in their efforts!
Lining up on Tuesday morn
Although this Interop kept its enterprise focus, we still found plenty to interest SMB buyers with more modest networking needs and budgets.
SMB Biz is Bright
We got to spend some quality time with Cisco, 3Com and NETGEAR to catch up on how things were going in their respective SMB efforts. Since we already covered their new product announcements in our Pre-Show report, we’ll just share a few factoids we picked up during our conversations.
Cisco VP of Marketing for its Commercial group Peter Alexander painted a rosy picture of his group’s business. This product group focuses on serving businesses that have from 20 – 1000 users and that have managed networks. While the lower end of this market is also served by Cisco’s Linksys division, Alexander said that managed networks would remain in Cisco’s turf.
Cisco 800 Series Integrated Services Router
Alexander also said that his group was the fastest growing part of Cisco’s business and represented about 25% of revenue. The group’s expansion of its 800 Series of “Integrated Services” routers down to lower price points and the introduction of its $3500 ASA 5500 Adaptive Security Appliance converged firewall, IPS, network anti-virus and VPN device are expected to help continue Cisco’s Commercial segment growth.
3Com’s Neal Kaufman, VP of Product Management for its OfficeConnect line was also bullish on SMB product sales. He said 3Com’s approach in its OfficeConnect line was to leverage the technology from its enterprise-grade products and to offer warranties with features like the next-business-day replacement guarantee for switches.
Kaufman is also looking to VoIP as a growth area with small businesses. The main weapon in his VoIP arsenal is the NBX V3000 Platform, which is part of the managed services initiative announced at the show. The V3000 can supply VoIP PBX services for between 2 to 200 users, has four built-in FXO interfaces and is priced starting around $2700.
NETGEAR‘s small-biz focus was enhanced by its introduction of two new VPN routers and a 48 port “smart” switch, plus the rollout of free firmware updates to add SNMP 1.0 support to its entire “Smart Switch” line starting in June. We were reminded that NETGEAR VARs can also offer VoIP solutions through a marketing agreement with Shoretel, but learned that the company is also working on its own VoIP gateway with FXO and FXS ports.
ADTRAN focused on spreading its “#2 in Router marketshare, #1 in Value” gospel at Interop. This claim is based on the Dell’Oro Group “Routers Report Q4 04” that shows the Huntsville, Alabama based networking vendor rose from number four to number two maker in the less than 1 Gbps router category a year ago.
A few ADTRAN NetVanta routers
The company continues to broaden its product line past its CSU / DSU roots and position itself as a lower-priced alternative to Cisco in many networking product categories. ADTRAN also added two PoE 24 port switched routers – the NetVanta 1224R PoE and NetVanta 1224STR PoE – to its line via Interop announcements.
NAS
We also got a little closer look at the upcoming SC101 Storage Central that will mark NETGEAR’s re-entry into the networked storage market. It will ship “naked” with two empty 3 1/2 inch IDE hard-drive slots and the drives can be set for RAID-0 striping or RAID-1 mirroring.
One detail we hadn’t realized is that the SC101 is not a true NAS, instead requiring an application to be loaded on each client. This makes it more similar to Ximeta’s NetDisk NDAS – which also requires clients to run an application to access networked shares – than to a true NAS, which typically requires only that clients support usually SMB / CIFS over TCP/IP.
But while the NetDisk has clients for Windows 98SE/ME/2000/XP/2003 and Mac OS X 10.0 – 10.3 (as well as “Beta” clients for Windows Pocket CE, and Linux), the SC101 will ship with a client that runs only on Windows XP and 2000.
NETGEAR’s SC101 Storage Central
Another discovery is that the SC101’s Ethernet connection will be 10/100 instead of 10/100/1000. This is especially interesting given base-technology provider Zetera‘s emphasis on high performance. But in fairness to NETGEAR, if the SC101 delivers on Zetera’s promise of “line-speed” performance even at 100Mbps, that will be a 2-4X improvement over most current low-end NAS products.
Bell Micro’s upcoming NAS device
At the Intel Booth, Bell Micro showed off a protoype of their Hammer series NAS device. This compact box has four SATA slots and automatically does RAID5 if you populate all the slots and RAID0 if you pop in only two drives. The box is powered with an Intel 624Mhz XScale processor and has a Gigabit Ethernet port is on the back, with a two port version coming out later.
Steve Soto, software developer, said that the unit has been tested to show 60 simulataneous video streams with no dropped frames. In addition, Soto says, “This box will automatically grab an IP, create a public share, create a guest user account, and because it’s UPnP aware, will be instantly available to the network users.”
Lantronix
Lantronix brought a mixture of new and previously-announced products to their stand at the ShowStoppers press event. The new included the Ubox that will be available this summer for around $180. The Ubox four port USB “server” is similar to products from Keyspan and Silex and allows users to access almost any USB device (Lantronix demo’d a USB flash drive and digital camera) from a connected Ethernet LAN.
Lantronix’ UBox Four Port USB Server
Perhaps even more interesting were the existing products that Lantronix brought. The WiBox and SecureBox device servers both support two RS-232, RS-422 or RS-485 serial devices. Network connection for the WiBox is via WEP-encrypted 802.11b wireless connection, while the SecureBox uses a 128 to 256 bit AES-encrypted 10/100 Ethernet connection.
Software is included that will map the ports to Virtual COM ports on your Windows machine so that remote-connected devices appear to be connected directly to your computer. There’s also a modem emulation mode that accepts modem AT commands on the serial port, then establishes a network connection to the end device.
Servers Gettin’ Real Small
If you like your device serving to be small and embedded, Lantronix may also have the solution you seek. The tiny XPort and WiPort can respectively enable OEM / ODM’s to add a 10/100 Ethernet or 802.11b wireless network connection to any device with a serial connection. Both contain full TCP/IP stacks, encrypted communication and embedded webservers for control and monitoring of connected devices.
Other Items of Note
Server rooms not only require KVM (Keyboard Video Monitor) solutions, but administrators often must administer servers remotely. KVM over IP devices allow remote networked KVM connection to multiple computers (usually servers) over IP-based connections. Avocent, Raritan, Rose Electronics, Cyclades, and Lantronix all have products in this category and were strutting their stuff at the show.
Startech Economy and Enterprise KVM switches
Startech is a relatively new and smaller player in KVM over IP and makes KVM switches in eight and sixteen port capacities, with a four port version coming out soon. The switch supports USB, PS/2 and serial ports and is OS neutral. The remote consoles can support up to four simultaneous users and security is provided with user authentication, built-in firewall, SSH tunneling, SSL encryption, VPN and RADIUS support.
Startech also has an optional serial “dongle” that allows the KVM to talk to serial ports. This is great for admins who want to configure routers, cycle Uninterruptible Power Supplies, or just reboot servers without having to access screen data.
Maxus, based in Korea, sells many RF products, but the most interesting one is the MJR-0918 cell phone blocker. Unfortunately, you cannot buy this in the United States, since the FCC has outlawed their use. The blocker will zap cell phone signals (900 and 1800 Mhz) within a 90 foot radius with affected phones will displaying a “service unavailable message”. More powerful versions are available that will block up to a 360 foot radius.
Maxus MJR-0918 Cell Phone Blocker
Imagine tracking objects in real-time with your existing 802.11 infrastructure. PanGo Networks‘ system of LANtags and software appear to do just that via matchbox-sized tags attached to objects such as laptops, wheelchairs and hospital gurneys. The LANtags contain active RFID tags and transmit via the 802.11 spectrum.
PanGo LANtag
With the PanGo Networks asset tracking software, the tags’ locations are updated on a computerized map in real-time. PanGo was demonstrating the product in the Cisco Partner area of its booth since PanGo announced the integration of its PanGo Locator 2.0 product with Cisco’s 2700 Series Wireless Location Appliance.
We also got an up-close-and-personal look at Xirrus’ new WLAN arrays, which look like beige flying saucers, complete with blinking lights. The WLAN arrays, with multiple wifi radios and embedded switching technology, look to be an interesting play in the crowded enterprise wireless market. Xirrus says the WLAN array can provide over 800 Mbps of bandwidth for areas with heavy Wi-Fi use. Its other key differentiation is that it can cover a given area with fewer devices, simplifying cabling and installation logistics.
Xirrus 8 radio WLAN Array
The arrays come with four, eight or sixteen Wi-Fi radios built into a single chassis. The antennas are sectorized, and with slightly overlapping coverage, so users will always have a connection, even if one radio fails. One of the radios can be configured as a passive sensor whose capabilities will soon be enhanced via integration of AirMagnet’s intrusion detection and wireless performance monitoring software into Xirrus’ products.
WEP Cracking in a flash at Interop
Every year the iLabs engineering team educates attendees by inviting them to attend interesting seminars and presentations about various networking issues. The team is made up of volunteers from government, educational and corporate organizations. This year, security issues were discussed, often emphasized by live demonstrations of hacking. After reading our The Feds Can Own Your WLAN Too , iLabs wanted to show off the latest WEP cracking techniques, but didn’t know where to begin.
Brett Thorson, an engineer for iLabs, had heard about WEP cracking, but no one had actually showed him how to do it. We teamed up with Brett, and after several hours of configuring APs and finding suitable wireless cards, Brett was able to crack WEP keys with ease.
The demonstration used a Cisco Aironet 1200 access point as the target access point with a randomly-entered 128 bit WEP key. We found that Beta firmware installed on this AP that may have been intended to harden it against attacks. But the AP still eventually yielded to the new generation of WEP-cracking techniques we employed – it just took a little longer than the three minutes it took the FBI.
The iLabs demo also used a “victim laptop” that browsed the web and ran long file FTPs to generate traffic that we sniffed from another laptop running tools from the Auditor CD to gather enough IVs (Initialization Vectors). When enough IVs were gathered, an open source program called aircrack was used to break the encryption and reveal the WEP key. We found that we could crack a WEP key in about 2 minutes with about 500,000 IVs gathered over the course of about an hour. We also learned that with about more 700,000 IVs collected, some of the cracks were done almost instantly.
Some attendees said that they have always heard of WEP being cracked, but it was never demonstrated in front of them. Brett Thorson said, “This is definitely not a script kidde type of attack… there are many things you have to get right.” But after we worked with Thorson, he was able to crack WEP more than two dozen times.
Don’t Use This Card for Cracking WEP!
We learned a few things from this exercise, too. We found out the hard way that all Prism 2 cards are not alike. The Farallon SkyLINE card pictured above is seen by the Auditor Security Collection as a “Prism 2” chipset card, but it failed miserably for cracking WEP. Something in the card’s implementation caused it to work fine for data transfer, but make it unable to provide the IVs needed for aircrack to run.
We also learned that it can take a long time to configure even the simplest functions of a Cisco WAP – even via its web interface. There are a large number of menus and options to navigate and it takes longer than it should to find things.