Many people believe general-purpose systems dominate the computing world. Network managers know better. Every piece of halfway-sophisticated network equipment is, inside the case, a special-purpose computer.
Security and antispam applications have largely migrated to appliances, too. Computing appliances have penetrated the application stack as well, in areas such as low-end data integration and high-end data warehousing.
The success of appliances can be traced mainly to two advantages over their more flexible cousins: price/performance benefits from specialised hardware architectures and very simple deployment. Often, the latter benefit is all that matters. Some appliances are nothing more than Dell boxes with new nameplates glued on. There’s a growing list of software-only “virtual appliances,” which are easy to deploy but offer no hardware benefit.
The biggest player in virtual appliances is firewall giant Check Point Software, which gets almost half its sales from software/operating system bundles installed on standard computing boxes.
However, virtualisation software vendor VMware is generating most of the buzz. Truth be told, VMware’s list of several hundred virtual appliance partners is generously padded with large companies offering convenient demo software and individual programmers offering trivial production systems. But in at least one case — messaging security vendor Proofpoint — there has been significant deployment of production appliances running over VMware software.
While the parts and general design of appliances aren’t too earthshaking, there are often subtle differences from standard systems. Each vendor optimises the mix of processors, RAM and disks to best suit its software.
Data warehouse appliance vendor DATAllegro has six disks for every processor, while one of Barracuda Networks’ products is diskless. And it’s common to use redundant power supplies or even fans for high availability.
This general hardware strategy — standard parts, high-end networking and optimised architecture — is followed in a variety of application categories. Vendors that adhere to it include DATAllegro and Teradata (data warehousing), Cast Iron Systems (data integration), Barracuda (security and antispam), Blue Coat Systems (networking) and Juniper (security and networking).
Not coincidentally, their systems involve higher-speed data movement than is commonly required of conventional computers. On the other hand, appliances with noncustomised hardware seem to be concentrated in categories that involve considerable amounts of logic processing, such as spam blockers, application-proxy firewalls and (straddling the custom/standard divide) database management.
For a glimpse of where all this might be going, let’s look at high-end security specialist Crossbeam Systems. Crossbeam offers platform technology consisting of blades, chassis and virtualisation software, all geared to high-end networking and security appliances.
It uses these platforms to run selected threat management software, such as Check Point firewalls and Internet Security Systems intrusion-prevention systems.
The resulting meta-appliance has proved appealing to high-end networking users, carriers and enterprises. Over the next few years, it seems likely that general server vendors will introduce similar technology to broader markets — unless they’re asleep, as it were, at the switch.