Boxed in

Are multifunction devices the answer to infrastructure complexity?

In recent months, a growing number of hardware vendors have announced multifunction devices that combine load balancing, encryption accelerators, firewalling and other features into a single product. The theoretical market appeal of such products is that they help network managers cope with the growing complexity of their infrastructures. They do this by (1) reducing the total number of separate devices that have to be installed and managed, and (2) potentially reducing the number of vendors that managers have to deal with—assuming that the components in question were previously procured from different vendors.

There is some validity to this market positioning. Many networks wind up with too many “moving parts” for limited network management staffs to handle effectively. Often, this proliferation of hardware creates skill-set issues that lead to poorly managed networks. That is, network staff does not have the time or inclination to get fully trained on every vendor technology brought into the enterprise.

As a result, someone who is good at keeping his Cisco routers and switches behaving nicely may lack the personal bandwidth to fully understand the ins and outs of his caching solution. This neglect can keep him from getting the full bang for the buck that solution offers. In fact, if they are not properly and attentively administered, new technologies can actually cause performance problems just as easily as they can solve them.

By combining these miscellaneous functions onto a single device, on the other hand, technicians only have to read one manual and become familiar with one set of management software tools. Problem solved.

Or is it? Yes, there is now only one manual to read, but what if that manual is just as big as three or four individual manuals combined? Has the technician’s load really been lightened at all? What if the documentation is just plain lousy? Is there any advantage to wrestling with one huge, impossible-to-understand document, rather than several small, well-constructed ones?

Anyway, many of the problems associated with device management have less to do with the specifics of the vendor’s software than they do with an understanding of the underlying technology. That is, many problems arise because technicians do not have an adequate grasp of load-balancing algorithms or how to effectively define traffic-filtering policies—not because they don’t know how to implement those algorithms or policies on the particular piece of hardware they have installed. Multifunction devices do nothing to address these critical skill gaps.

Finally, multifunction devices can also hamper the division of labor that is so essential to optimizing the use of human resources. If you put all those functions on a single box, chances are that you are forcing one person to become your resident expert on the operation of that box. So, you lose the ability to have one person become your resident Web optimization expert, while another owns all network security functions.

Yes, it may be possible to have more than one pair of hands manage a multifunction box. But now, you have simply traded one form of complexity for another. At any rate, in the real world, life is extremely territorial. Someone is going to decide that the box is his baby, and there isn’t much anyone can do about it.

The next issue to consider is that of vendor reduction. There are certainly benefits to reducing the total number of vendors you have to deal with. Fewer vendors means fewer contracts to negotiate and fewer maintenance agreements to track. By concentrating more dollars on fewer vendors, companies can usually also gain more clout with their supplier of choice. Of course, it is also a good deal for the vendor that ices out the competition by bundling more functionality into a more expensive box.

The resulting question is whether that single vendor can be trusted over the long term to improve its load balancing, acceleration and caching technologies at the same pace as the rest of the industry. In other words, does the apparent reduction in complexity outweigh the risk of being stuck with obsolete and/or nonstandard technology in a year or two?

The point of all these questions is not to disparage the value proposition of these integrated devices. It is simply to highlight some important countervailing issues that should be considered before swallowing the integration pitch hook, line and sinker.

Companies with limited network staffs, tight budgets and a strong immediate need for all the technologies included in a given integration bundle may well find multifunction devices appealing. Those with larger staffs and some degree of existing coverage in some of the bundled technologies may want to weigh their potential risks and benefits before they bite. It may look like a lot of value for the money, but it also requires putting an awful lot of eggs in one basket.

Comments for publication should be sent to to liebmann@comnews.com.