What Aruba has announced today is the start of something big, but it can’t be explained in a convenient sound bite. To fully appreciate it we need to cover some ground, so bear with us, with iTWire providing comprehensive coverage below.
Innovation, milestones and transformations
The history of technology is a continual progression of innovation, such as a dotted line making its way along a piece of paper. Yet, every now and then comes a ground-breaking thing that leads to a revolutionary transformation in how we operate. In enterprise architecture we speak of a utopian future state as the direction we must head, and the road is paved with major incremental milestones on the way.
While every day we progress on the dotted line, it's these incremental milestones that move us from the way we do things now to the way we will do things tomorrow.
A classic example is the advent of the hypertext transfer protocol (HTTP) which turned the text-based Internet from the realm of government, enterprise, education, and military, to the primary means of information, entertainment, even commerce, in the world today.
Take the advent of the cloud, for example. While sometimes derided as "just someone else’s computer,” the power and contribution of the cloud can not be understated. Having elastic, consumption-priced mass computing power on-demand has opened doors for anyone with a good idea and the skills to execute them; it’s changed how we think about a conventional IT department and the need to own and run hardware; it’s accelerated artificial intelligence and machine learning.
Another significant milestone is the ever-increasing capability of computing power to replace expensive, complex hardware with software. We see this with a software-defined network (SDN) eliminating reliance on vendor-locked and expensive MPLS networks, and we see it with hyper-converged infrastructure.
Aruba is now taking the lead on the next step of software-defined somethings, with its new Aruba CX 10000 Series Switch With Pensando, announced today. Of course, a switch in itself is not big news; it’s what the switch is powered by that makes the difference - the Pensando factor.
Pensando, the name meaning 'thinking' in Spanish, is a company backed by the former Chairman and CEO of Cisco, John Chambers, along with a team of engineers who have the track record of building Cisco’s Catalyst switches, of putting Cisco into telephony and building the first unified communications (UC) Cisco products, who moved Cisco into storage, who built Cisco Unified Computing Systems (UCS), and who were behind Cisco SDN.
Pensando is the team of these great engineers with a brilliant tech record, predicting shifts in markets that allow network companies to position themselves for the next transformation in technology. It has big standout investors including HPE and John Chambers himself.
Pensando identified the modern data centre expends most of its network traffic on what’s titled east-west traffic, which refers to traffic contained within the data centre itself. Conversely, north-south traffic means network traffic flowing from or to a system outside the data network.
Think about microservice-based applications: traffic may not even need to leave a physical host to go from one service to another. What this means is some application traffic may not once be inspected by a hardware firewall, intrusion protection system or other security devices. It can leave enterprises vulnerable to attack from within the enterprise itself.
Pensando determined it was inefficient, insecure, and costly to deal with this east-west traffic as if it were outside the data centre. So, they built distributed services cards - network cards on steroids - which slot into a server. In reality, these are disaggregated switches and a lot of cards can combine to form a switch fabric, which together delivers software-based services to deal with the functions previously performed by a lot of devices.
For example, data centres will typically have a pair or more of firewalls at the top of each rack, firewalling, performing encryption, load-balancing, recording telemetry, and more. These are data centre-grade pieces of hardware, and it’s not unusual to have costs of over $160K per rack for these items.
Pensando instead says you can buy the dumbest rack and use the switch fabric to perform all these services instead, at a fraction of the cost, and with the ability to incrementally add more capacity by adding more cards as needed.
Of course, this is great news if you're building a brand new data centre today. You can design your racks this way from the start.
If you're an established business it's not so simple. You might have thousands of servers across hundreds and hundreds of racks. You can’t take out the previous-generation rack-grade switches until each server has a Pensando distributed services card, and it’s no easy project to fit them out in such an environment.
Aruba CX 10000 Series Switch With Pensando
Here's where Aruba comes in. The new CX 10000 Series Switch, announced today, will be generally available in January 2022 with pricing starting at $US 45,000. It includes an accelerated stateful firewall, zero trust segmentation, ERSPAN, telemetry, DDoS protection, and an ever-increasing array of functions by implementing Pensando hardware on each port. It thus provides the equivalent of a distributed services card on each port, giving it to your servers this way.
Practically, this means each rack can be migrated from an expensive previous-generation rack switch to a new Pensando model by taking up Aruba’s lower-cost switch, creating a switch fabric, and covering every server and device in your rack.
Aruba is the only hardware provider putting this technology inside a switch and expects data centres to see significant cost reductions in east-west traffic management within the data centre.
Additionally, placing the fabric outside the server means no software agent is required on the server. The appliance provides a stateful micro-segmented firewall offering finely-grained control without compromising server uptime.
This is only the start of the journey; Aruba sees the future as beginning with intra-data centre traffic and progressing, in time, to inter-data centre traffic.
Aruba calls this fabric as a platform and it is poised to transform data centre costs, and to such an extent it may be the tipping point for businesses to migrate away from hyper-scalers to their own hosting.
Pictured: Aruba Fabric Composer - network visualisation leaf-spine, VSX view
The Aruba CX 10000 Series Switch represents a new category of data centre switches that combines best-of-breed Aruba data centre L2/3 switching with the industry's only, fully programmable DPU (Pensando Elba) to deliver stateful software-defined services inline, at scale, with wire-rate performance and orders of magnitude scale and performance improvements over traditional data centre L2/3 switches at a fraction of their total cost of ownership (TCO).
It provides an entirely new class of switching solutions to overcome the limitations of legacy architectures. The Aruba CX 10000 will allow operators to extend industry-standard leaf-spine networking with distributed stateful segmentation, east-west firewalling, NAT, encryption, and telemetry services – all delivered inline, all the time, on every access port, closer to where critical enterprise applications run.
“Markets in transition create new opportunities for disruption. As the Cloud moves to the Edge, distributed services are disrupting everything from AI/ML, to 5G and virtualisation,” said John Chambers, chairman of Pensando, CEO of JC2 Ventures, and former CEO of Cisco Systems. “This new category – the Distributed Services Switch, enabled by Pensando software-in-silicon, makes the process of deploying distributed services, previously only available to hyper-scalers like AWS, in the enterprise both simple and more cost-effective. By eliminating legacy appliances and host software, enterprises can deliver 100x the scale and 10x the performance at 1/3 the TCO of traditional approaches.”
“Today’s announcement further extends the partnership between HPE and Pensando – by incorporating Distributed Services from Pensando into the industry-leading Aruba switching platform, the elimination of legacy technologies needed to build a zero-trust private cloud has never been easier or more cost-effective,” said Prem Jain, CEO at Pensando Systems. “I look forward to continuing our relationship and to bringing additional solutions to market.”