Tuesday, April 13, 2021

Integrated Routers: Too Much in One Place?

Would a router by any other name still be effective?

That’s the question the IT industry is pondering as some vendors,

including Cisco Systems, Inc., are clamoring to load the next generation

of routers with functionality that now exists in stand-alone appliances.

For instance, Cisco’s latest Integrated Services Routers (ISR) boast

support for firewalls, virtual private networking, wireless networking,

and Voice Over IP call management. Experts predict routers will soon

include wide area file system tools, SSL acceleration, content caching

and compression, and route optimization.

Tom Gonzales, senior network administrator at the Colorado State

Employees Credit Union in Denver, calls this overkill.

”Let a router be a router,” says Gonzales. ”It’s not a firewall. It’s

not a switch and it’s not a VPN concentrator. If you make it those

things, it won’t be a good router anymore.”

Gonzales says putting too many features into the router will not only

slow performance and create a bottleneck, but suddenly networks will have

a single point of failure. ”All your eggs are in one basket,” he adds.

”If you have to reboot it to upgrade the operating system on one of your

components, then your whole network is down. You are really vulnerable to

that one component going down and losing all the associated services on

there.”

Instead, he recommends keeping routers separate from best-of-breed

appliances and components. ”With a little redundancy, you have a more

survivable network,” he says.

But Christopher Kouzios, director of network services at SXC Health

Solutions, Inc. in Lombard, Ill., disagrees. He says the ISRs he deployed

at five locations across the U.S. and Canada six months ago are expected

to show a return on investment within 12 months.

The built-in Voice Over IP features alone allow his 300-user company,

which provides transaction processing services and IT solutions to the

pharmaceutical industry, to save on long-distance calling, PBX

maintenance, outsourced services and international data lines.

Before the IRS devices, he was using a mix of routers, firewalls, VPN

concentrators and standard PBXs. ”The integrated routers have allowed us

to not only replace our existing routers, but our switches and

firewalls,” Kouzios says.

One of the biggest benefits he’s seen is in the cost savings on skilled

personnel.

”We don’t have to figure out how to keep a bunch of disparate

technologies working together, and we were able to cut our support to

just a single platform,” Kouzios explains. ”All of the engineers are

now able to manage all of the equipment at all of the sites whereas

before each engineer had a specialty.”

That kind of consolidation is a plus, according to Andreas Antonopoulos,

senior vice president at Nemertes Research in New York City.

”There is a strong demand and trend toward consolidated devices at the

branch office where there is little to no IT staff,” he says.

Antonopoulos says branch offices and small offices can see significant

total cost of ownership gains in managing a fleet of consolidated devices

from a single location. But he warns that integrated routers are not yet

a fit for large enterprises.

”The operational and cost savings are not enough to justify the loss of

flexibility and loss of best-of-breed features,” he says ”For instance,

appliances that address Voice Over IP security have more depth and

sophistication than something attached to a broader suite.”

Like Gonzales, Antonopoulos says placing all your security in a single

box breaks the layered defense model for larger enterprises.

”Integrated routers have to share feature interfaces so that makes them

vulnerable to attacks. If you have six different appliances in layers,

then the attack doesn’t get the whole way through your network,”

Antonopoulos says.

Another consideration is cost. While Kouzios says the price works for his

company, he could see it spiraling out of control for a larger firm. ”I

don’t think they are going to be cost effective enough to use for a large

number of very small remote sites, although they fill the SMB market

we’re in nicely,” he says.

Some vendors say the integrated routers are just one option for

consolidation and that others soon will emerge.

”Functionality may integrate into the router or maybe some other device

in the network,” says Pat Patterson, director of security solutions at

Nortel Networks, Inc. in Raleigh, N.C. ”If an organization is worried

about security, they may buy a unified threat box that’s honed for

security. Or maybe you’ll get all your application optimization in

another device.”

Patterson contends that one problem with burdening the router is that

advanced features are application-aware and require deep packet

inspection.

”This is not something a router would typically be doing,” says

Patterson. ”To expect a router to do something that it doesn’t normally

do might be asking too much and be too onerous… When a device does

everything, it does a little bit of something for everybody, but not a

lot for anybody.”

Similar articles

Latest Articles

The Conversational AI Revolution:...

One of the things I’m looking forward to seeing at next week’s NVIDIA GTC event is an update on their Conversational AI efforts. I’m fascinated...

Edge Computing

Edge computing is a broad term that refers to a highly distributed computing framework that moves compute and storage resources closer to the exact...

Data-Driven Decision Making: Top...

The phrase data-driven decision making – certainly popular in the field of data analytics – may seem redundant. After all, nearly everything is driven...

Top Performing Artificial Intelligence...

As artificial intelligence has become a growing force in business, today’s top AI companies are leaders in this emerging technology. Often leveraging cloud computing and...