Nortel, like so many networking companies, has certainly had more than its fair share of difficulties over the past four challenging years. But in a meeting with Nortel in March, I felt for the first time, in a long time, that Nortel had turned the corner and regained its footing in the enterprise market. Its enterprise revenues are nearly $600M/quarter or $2.4B/yr making it a solid provider of broad-based enterprise network equipment. Nortel has focused on converged networking, security and wireless networks. It has rationalized its product lines, streamlined its operations and sharpened its enterprise message.

With all that work behind them, Nortel is now about to announce a new line of high end routers and Ethernet switches. One of the most important changes and priorities within Nortel is a focus on network security that permeates the entire organization and its products. This new organizational initiative is from the top down. Bill Owens, Nortel CEO, says that he wants to be #1 in the network security space including applications, content and MM security. Bill does know a little about security, having been Vice Chairman of the Joint Chiefs of Staff, and the second-ranking military officer in the United States under President Clinton. With a range of new products with deep network security features, Nortel seems poised to reassert itself in the enterprise market as a major trusted networks player.

Nortel gets network security and trusted networks. It has layered security framework centered around providing a holistic Enterprise wide Threat Protection System (TPS) built on features in ASICs, modules and in the software that runs on its switching and routing products. Three key aspects of this TPS architecture are 1) network access control for wired and wireless access; 2) heuristics of flows to detect anomalistic network behavior; and 3) policy to provide conformance rules and distribute enforcement. With all three aspects of TPS working together, Nortel can deliver intelligent traffic management which controls access, and guides and monitors flows while shutting down irregular or abnormal IP flows.

The key word here is flows and not ports. If a flow is earmarked as abnormal, TPS will shut down the flow, not the port, allowing other devices plugged into that port such as IP phones to continue operating. In network access control Nortel has chosen a clientless approach, meaning that no special client software need be resident on IP end-points. This allows for the widest range of IP end-points to operate securely in a trusted network architecture. Those end-points could be IP phones, PDAs, desktop, laptop computers, etc., providing seamless secure access. Clientless network access control eliminates the IT operational burden of distributing client software to every end-point along with its patches. Also, there is no user training required. These are two huge advantages.

Nortel is working with Symantec and a list of others to provide an enhanced level of network access conformance testing beyond operating system version, patch checking, applications running, user ID and password, anti-virus version, etc. For example, a user may have different entitlement rights depending on his/her location and device being used.

Heuristics of flows is Nortel´s ability to build network based anomaly detection into its switching and routing products. The process of heuristics normalizes traffic flows so that irregular flows are detected and dramatic pattern changes are identified. The heuristics process also participates in the AAA handshake between a client and network servers such as DHCP and DNS which protects those systems from being corrupted. Another important attribute of heuristics is the capturing of network wide event logs, as operating systems do, to aid in forensics. Policy is central to this threat protection architecture and is in fact centralized. Guiding network access so that users are allowed access to only authorized IT resources is the new role of policy managers. Distributing ACLs to switches and routers will be an increasingly important role for policy managers to guide as they become the brains of network enforcement. Scale is going to be key and the next generation policy manager will look like enterprise policy managers on steroids.

Nortel currently has an Enterprise Policy Manager (EPM). Moreover, Nortel also supports TrueControl by Rendition Networks for centralized configuration management. An example of how and when the above architecture will find its way into products is Nortel´s new high end routers slated to be out this fall. Nortel´s new high end routers will perform IP flow-based inspection and pattern-based recognition to detect anomalies and enforce corrective measures in the router to defend the enterprise against threats. The key here is to provide this level of inspection at full wire speed without performance degradation. Think of it, every enterprise pipe that supports incoming and outgoing traffic to a service provider will contain identity, location, voice and data information, all of which will be scrubbed and cleansed for virus, worms, etc.

Its new line of IP phones are nothing short of awesome. They are sleek, SIP-based, feature rich and secure. The new IP phones support 802.1x and participate in network access control. Beyond routing and IP phones, Nortel´s security architecture spans end-points, the perimeter with its Switched Firewalls, Threat Protection system and Intelligent Traffic Management, Remote Access with secure application gateways, VPN routers, and its Alteon application switch. In the core of the network, Nortel can leverage its Alteon application switch and a combination of the above technologies which can be delivered in a tightly integrated architecture or as services inside the Ethernet Routing Switch 8600. Its VPN Gateway and routers and wireless security switch provides communications protection and security within the enterprise. All of the above is aimed at allowing Nortel customers to move beyond detection toward first attack or zero day protection. Nortel´s security solutions scale both up and down to support deployment regardless of size and demands.

It´s clear what the above means for an enterprise: secure convergence. Nortel is working to protect corporate productivity by eliminating external and internal attacks. Its strategy is to also secure corporate proprietary and intellectual property. As more and more companies use the internet to link suppliers, customers, and partners, its new routers endeavor to maintain those links securely.

The balance that Nortel is striving for is to provide deep network security within the network fabric without inhibiting users from doing their job. They allow access from anywhere, be it remote users, wireless access or in the office without compromising security. Their security architecture transcends IP voice and data and will increasingly include applications such as peer-to-peer and multimedia applications that strive to increase productivity.

Nortel Security is built around three pillars: transparent to users, simple to manage and no sacrifice of performance.
Beyond security there is one other huge factor that is favorable to Nortel, in a word (or three) its wireless networks. Over time as public wireless networks increasingly take share from fixed phones and fixed transport services, Nortel is in the position to bridge the gap between enterprise and wireless service providers. Think of it this way — Nortel could be able to offer enterprise customers key value such as transparent quality of service between enterprise and wireless service providers. In addition, since it´s one of the largest wireless equipment suppliers, it could provide
features in its service provider products that are accessible to enterprise wireless devices, such as dual mode WiFi/GSM devices, improved roaming, presence, identity, etc. In short, what Cisco is to MPLS based carrier services Nortel could be for wireless and mobile service providers.

If you haven´t looked at Nortel in awhile, it´s time you did. Its IP telephony product line is rationalized now with its Communications Server (CS) 1000, the CS 5100 multimedia servers and Business Communications Manager or BCM for branch office solutions which give it a wide range of form factors and price points. Couple these IP telephony infrastructure products with a wide range of IP end-points that support both digital and analog phones and you have an architecture that allows network executives to regulate the pace of change toward a converged network. Its 8600 Terabit core Ethernet routing switch, 8300 chassis edge products, 5500 series stackable edge, PoE 10/100/1000 switches, wireless security switch and Trapeze Networks relationship provide Nortel with breadth and depth of LAN infrastructure products affording a multitude of options for the network designer to build out a secure converged network. Features such as SMLT, HA Mode, QoS, and PoE enable highly reliable and available secure converged network designs capable of self healing and routing around failures in milliseconds without
reliance on Spanning Tree. In fact, this very point allows Nortel to build highly resilient networks with all links active and forwarding at all times regardless of network topology.

Nortel is a broad-based equipment supplier for the secure converged enterprise network market. Its focus on trusted networks is impressive. But wait until this fall ?¬¢‚Äö?ᬮ‚Äö?Ñ?? you´ll see what I saw when Nortel unleashes new routers, switches, IP end-points and deeply embeds security into them, and I think you´ll be impressed.

Posted 3 April 2005 at 7:20 am under Lippis Report, Enterprise Mobility. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.