Fortinet Leads With Security at Forti-Field Day

You are the reason
I’ve been FortiWaiting for so long
Some FortiThing holds the key
And I’m FortiWasted
And I can’t FortiFind my way home

(Apologies to Steve Winwood there.) Having watched Fortinet do their thing at Mobility Field Day 6 as a delegate at the event, I was struck by a handful of realizations:

1. Fortinet faithfully gets their message of security-at-every-level out with each presentation. On this point they are remarkably consistent and articulate.
2. They have a product line that is expansive beyond what I tend to think I know of the company- from hardware, software, monitoring, and performance measurement, they are generally on par with anyone else in the game.
3. The company continues to buck the trend of licensing the living shit out of EVERYTHING, like their competitors tend to do. In this regard, Fortinet has not flushed their customer empathy chip down the toilet as others have, and their execs aren’t out writing BS-blogs explaining to customers how being gouged with endless micro-subscriptions is somehow innovative.
4. They overplay the Forti-prefix to the point of FortiDistracting from the FortiMessage. I personally FortiStruggle to FortiFocus during the FortiPresentations. That may just be me, but I’m guessing it’s not, for whatever that is FortiWorth… (hmmm… reminds me of a George Straight song- Does FortiWorth Ever Cross Your Mind?)

Where Fortinet can be FortiFrigginExhausting in their FortiSpeak, I cannot say the same about their security messaging- the company does a solid job of weaving their security priorities through the product narrative without overplaying it. You’ll see the focus on security in all their MFD6 presentations. Given the daily spate of network breeches in the media these days, you’d be a FortiChump not to listen.

For their bits and pieces, I like this slide that summarizes their various network building FortiBlocks:

FortiStuff

Without even watching any of their presentations, this graphic gives the un-FortiFamiliar a sense of the robustness of their offerings. But there’s a heck of a lot more to the FortiStory, so I do recommend watching the presentations.

Having seen a couple of other vendors present before Fortinet, I realized when the FortiAiOps session unfolded that the notion of “AI Ops” is one of those “all the cool kids are doing it” things that every vendor has to have to compete. That’s not to throw dirt in any way, it’s more of a statement on where the industry is right now- AI has become a fact of life as an important underpinning of various solutions, but is still new enough to be held up to the light as if Zeus himself gave birth to it. I’m glad Fortinet has a hand in the AI card game, too.

We all have our own frames of reference, and to me Fortinet is still somewhat exotic in that I don’t see a lot of their wireless gear in my own corner of the world. I do know colleagues in other areas that use Fortinet, and also truly appreciate several Fortinet employees as just awesome people. With the likes of Wi-Fi 6/6E, AI in the house, and many customers considering how to evolve their WLANs (and frequently being tired of the incumbent vendor) all potentially catalyzing market shifts, perhaps we’ll see more Fortinet in more places in the days to come. They certainly are equipped to compete and do have interesting differentiators, from what I can see.

Wyebot Brings Wi-Fi 6, More to Its WLAN Monitoring Platform

I’ve been using and evaluating Wyebot in different wireless environments for the last 18 months or so. One of the things that I most like about the company behind the sensor product and their Wireless Intelligence Platform (WIP) is their willingness to listen to what tech-savvy customers want, versus just adopting the mindset of “we’ll tell YOU what you need in a dashboard” that comes with competing products. My own requests have helped to shape the product, and I’ve listened in on calls where other wireless processionals have described what they feel is important. Wyebot listens, and iterates where it makes sense while not necessarily duplicating what everyone else is doing, or diluting their core strengths by trying to be all things to all people. This strikes me as a small, smart, agile company with a good product (and some good competition). My past coverage:

• In IT Toolbox, April 2019
• Right here at Wirednot (2.2 software release)

Now, we have a new 802.11ax sensor and version 3.1 code to improve Wyebot’s already impressive capabilities of WLAN/LAN characterization, troubleshooting, and alerting.

Continuous Improvement

Here’s the latest incarnation of the main page in the Wyebot dashboard, to get the juices flowing:

Whether you install Wyebot sensors for long-term monitoring, or use them more in a tactical role for point-in-time troubleshooting, there is a lot to appreciate. I love that with three radios, you get the flexibility of using wireless backhaul from the sensor when no network wiring is available. But what about the new magic in 3.1?

Unfortunately, you have to be logged in to see the details of each feature, but most of these are probably fairly intuitive to those in the business of Wi-Fi. Let’s talk about a couple.

Access Point Classification Feature

The Wyebot sensor does a fantastic job of characterizing a given WLAN environment. You may see a list of SSIDs on your phone or PC, but Wyebot will distill it all down to how many APs are in each SSID (within it’s receive range, of course) along with all of the 802.11-related particulars you’d ever need to know. From there, you can add your own classification- is it a friendly? A threat? an unknown? Sounds simple, perhaps, but this on-the-fly graphical note-taking with security overtones helps keep busy environments straight as you pick them apart.

Available Test Profiles

At the bottom of the list of test profiles, we see a new option- Link Doctor. With this, you exercise core network services and device-to-destination connectivity to get a sense of network health. Run it on demand, or at regular intervals for trending.

Hopefully you get a taste for Wyebot’s look, feel, and general aspirations as a test and monitoring platform. For a more analytical look at the entire platform, check out this presentation from Bryan Daugherty.

What Do I Like Best?

From the first time I experienced Wyebot, I fell in love with a few aspects of the sensor and it’s cloud framework, That affinity continues, and here’s what keeps me smitten:

• As a permanently-mounted sensor, Wyebot would be welcome in any WLAN environment. But to me it has as much value as a pop-it-in short-term analysis tool, almost like a NetAlly hand-held product. Even if you don’t buy into sensor overlays, a Wyebot sensor two on hand could bring unique troubleshooting value.
• You just don’t get as many false alarms with Wyebot as you do with certain competitors.
• It’s awesome to take wireless packet captures gathered elsewhere and to load them into Wyebot, and have them displayed as if Wyebot did the capture. Pretty slick.

The “Not to Be a Jerk, But…” Mist #MDF5 Blog

I write this piece fresh on the heels of Day 1 of 2020’s Mobility Field Day 5. Mist (Now a Juniper company) talked for about six years yesterday, and it was fairly riveting, end to end. It was one of those marathon sessions that needs a little time to settle in your brain before you can resolve it, figuring out what you actually liked to hear and what maybe raised some red flags. Let’s talk about those red (well, maybe a pale red, sorta orangey-pink) flags that sprouted in my mind as I slumbered on the whole thing.

Mist Systems has had a fantastic run as a late-comer to a competitive industry filled with incumbents. That’s not easy, and their AI-inspired story has served them well. Now, we see the company moving i’s own cheese, and I can’t help but think about maybe  a few areas of concern.

• Mist is no longer its own little WLAN product line bubble. Mist started off as a wireless-only product line. That let it focus on one discreet area with all of its development and quest for excellence. Sure, AI has been a key ingredient. But AI is not a magic wand. Just because you use it, doesn’t mean you have the Golden Ticket forever. NOW, Mist is spreading its methodology into the Juniper LAN side of its new house… the bigger you go, the more places there are for things to go wrong. The more opportunities there are for code bugs…
• Mist has finally introduced a respectable AP product line. Again, Mist has had the luxury of not offering many APs to date. Life has got to be easier on the development side when your product set is smaller, I’m guessing. We see it frequently from other vendors- certain model APs are prone to issues and bugs. Will Mist bump into the same sort of customer-facing shame now that they have some diversity of AP lineup? Or will their promised self-debugging whizz-banginess eliminate that as a potential? Time will tell.
• The um… well… uncomfortable thing to mention. I have the utmost respect for Mist’s senior leadership. Their results to date with injecting the AI/higher reliability story into an industry often fraught with overpriced buggy code suck speak for themselves. However- some of Mist’s senior folks come from that world of buggy code suck. They helped to author the very realm they now take potshots at. I mention this only to make the point that nobody is  perfect with a perfect past, and that history sometimes repeats itself. In the buggy code suck world, complexity only exasperates the buggy stuff, and Mist, as an overall operational paradigm, is very much becoming more complex as it matures. Ergo… more opportunities to stumble? Hopefully, they can keep it on the rails and not fall victim to the past woes that some of their own Bigs have at least partial ownership of elsewhere in the industry.

That little burst of sunshine aside, it really was a thought-provoking session. See it for yourself here, and feel free to leave me a comment below.

 

Extreme Networks Has Good Footing to Lead Network Fabric Evolution from Hype to Reality

If you manage a  network today, you are likely getting peppered by the drumbeat of  ideas for new ways of doing networking. Concepts like SDN, automation, AI, machine learning and fabric are becoming the next-generation lexicon of connectivity. Sure, us long-timers have heard it all before in different incarnations- but this is a pot that is really beginning to simmer while the industry tries to collectively move the way enterprise networks are done forward.

Meanwhile, those of us in the trenches have production environments to run. It’s not particularly comfortable to contemplate moving our own cheese in response to abstract promises of better ways and sunnier days, but Extreme Networks,Inc. may just be the company to break down the wall of hype and deliver the industry to the actual realization of the promise of network fabric architectures.

Before I get into why I think Extreme is the most likely company to show that the new network magic can actually be delivered in a way that leads to wide-scale adoption, let me share one of the best whitepapers I’ve read yet on what vendors are actually trying to do with the latest fabric initiatives. All the expected promises of simplification and reduced OpEx are in the Extreme Automated Campus document, but so is an excellent summation on some of the not-so-obvious advantages and evolutions that come with a properly implemented automated network. Among them:

• The use of 802.1aq Shortest Path Bridging (SPB) as essentially a single-protocol replacement for traditional building blocks like MPLS, BGP, multicast PIM, OSPF, VLANs, and others. That’s huge, and reduces complexity by several orders of magnitude in large environments.
• The notion that hop-by-hop network provisioning is a thing of the past. The network core is essentially unseen to most network admins, and all changes are done on the edge (live and without outages/maintenance windows).
• User and device policies are the basis for automated network changes, and constant analytics provide feedback used to tune performance and anticipate issues.
• By employing hyper-segmentation, a security breach in one part of the network is contained like never before, as the rest of the network is invisible to the bad guys because the old protocols leveraged for nefarious purposes are no longer present.
• The use of APIs mean that third-party network components can interoperate with Extreme’s Automated Campus.

There’s a lot more to the whitepaper, and I encourage anyone who’s been underwhelmed by other explanations of what network fabrics/automation are supposed to deliver read it as an excellent primer.

As I digested insights from Extreme’s whitepaper, I also found myself reminded that obsolescence can be insidious with the legacy methods we do networking with now. Dated designs can underperform today and fail tomorrow while we miss subtle signs of trouble because of disparate logs and dashboards. This isn’t news to anyone running large business networks, and is why automated analytics has a fairly strong appeal. This brings me back to Extreme and what puts them at the head of the pack within the networking space.

Extreme pioneered and set the bar high for network analytics with its ExtremeAnalytics platform. The value proposition has been proven in many cases, via a range of customer relationships. Where other networking companies are relying on third -parties or are just getting around to developing analytics solutions, Extreme has been optimizing networks based on machine-learning analytics for years.

Then there is Extreme’s purchase of Avaya earlier this year. By my estimation, Avaya was the absolute creator of SDN-enabled network fabric environments. I visited the company’s Silicon Valley facilities in 2014 during Tech Field Day, and got a first-hand look at the impressive technology that  has become part of Extreme’s fabric offerings. Extreme now has real-world fabric customers and a mature offering among newcomers to the game.

The fabric/SDN thing is here to stay as evidenced by the market leaders all talking it up as “what comes next” in unified networking. But how to get there – and whether you want to stay with your incumbent networking vendor for the leap – is a more complicated discussion. Some of the new initiatives feel cobbled-together, i.e. placing  frameworks of APIs into legacy hardware that may not have the best track-records for reliability. I’m of the opinion that some vendors are trying to figure out how to proceed with network-wide fabric methods,  while painting beta-grade efforts up with glitz and catchy slogans (though lacking depth and a track-record). This just isn’t the case for Extreme.

Extreme has done a great job in integrating their acquired Avaya fabric assets with their established portfolio and consolidating it all (along with their excellent technical support) into the Extreme Automated Campus. It’s new, on paper, but made up of mature industry-leading building-blocks. This is why I see Extreme as the one to beat in this space.

Learn more about the Automated Campus solution here.

Register for Extreme’s upcoming Automated Campus webinar here.

 

FTC-required disclosure: I was compensated to comment on the Extreme Networks Automated Campus referenced in this blog, by PR company Racepoint Global. I have no direct business relationship with Extreme Networks, and in no way claim to be an Extreme Networks customer or representative of Extreme Networks. The opinions expressed here are my own, and absolutely true at the time of publication.

Mist Systems Polishes Their Message at Mobility Field Day 2

It’s always refreshing when a truly original story comes along in the WLAN world. Mist Systems isn’t quite brand new (I wrote about them for Network Computing back in 2016) but their approach is fresh enough to cause some good energy in the room when you do get the chance to hear a briefing from the company’s top dogs, and I recently got that chance again at Mobility Field Day 2.

Here’s the thing about Mist, now- today: if you’re not careful, their story can sound like another one of the many from network vendors where terms like AI and Machine Learning are bandied about like the Buzzword Flavors of the Month. But Mist was talking this language well ahead of the current curve. Where established vendors are largely painting their long-running gear up in a coating of hype and APIs, Mist is actually new magic built by data scientists and proven network visionaries. It’s heady, exciting stuff.

But can Mist make a legitimate go of it as new player in the Big Customer Kickball Game where most current potential customers have already chosen a side? Here, only time will tell as Mist’s marketing paradigm is put to the test. I can share my own opinions and gut reactions from the Mobility Field Day for you to consider, and welcome any dissenting opinions or comments:

In Mist’s Favor

• When Bob Friday and team tell the tech story behind Mist, it’s impressive and believable
• Mist is the real deal when it comes to Machine Learning, etc- where the message feels forced with other vendors
• Mist seems to have mastered the UI challenge (put lots of important stuff in front of the WLAN admin without making it feel like overload) with their cloud dashboard
• Mist uses no controllers (bug hotels) or user-upkept bloated NMS system
• They tell a great story on bug management and code quality
• The virtual BLE beacon thing is huge. As in freakin huge. And it can stand alone even if you don’t need Mist’s WiFi solution
• Nyansa-like analytics are compelling
• Long-time users of established systems are getting burned out in spots on license overkill, huge costs- creating potential openings for a WLAN vendor change

Of Concern

• Mist is late to the overall WLAN party, so is up against established players
• The lack of switches and security appliances can be problematic in some RFPs, and when looked at through bullshit lenses lenses like Gartners Magic Quadrant
• We’re still not hearing enough about “unnamed Fortune Blah Blah Blah customers” to really do our own independent verification of how Mist is working out in the real world
• Mist is just getting ready to ship outside APs later in 2017, and how that impacts their analytics (especially when outside/inside WLAN are managed in same pain of glass) remains to be seen

I really enjoyed what I saw and heard from Mist, and it’s obvious that the company’s leaders truly believe in their baby’s potential. And- you don’t just have to hear my opinion… form your own after watching the Mist MFD session here.