qstockmedia - Fotolia

What's going on with Broadcom Tomahawk?

In this week's roundup, a blogger expresses frustration with Broadcom, and analysts assess the next generation of endpoint security market and monitoring.

IpSpace.net blogger and network engineer Ivan Pepelnjak wonders what's going on with Broadcom Tomahawk chipsets. Citing an email he received from a reader detailing alleged performance challenges with Broadcom Tomahawk silicon, Pepelnjak said that identifying the root of the problem has thus far proved fruitless.

"So what's the problem with Broadcom chipsets?" he wrote. "We don't know what the limitations are because they're hiding the information and everyone who does know can't talk about it."

According to Pepelnjak, some vendors such as Cisco and Arista have been open about documenting the limitations of their chips. Similarly, Brocade has documented its ASIC limitations. However, Broadcom has not been forthcoming with information about its chip performance.

Pepelnjak said that every chipset vendor faces issues with its technology -- and that all too often competing suppliers will try to jump on perceived shortfalls to their own advantage.

But in this case, he said, something isn't right. "The real problem is that Broadcom doesn't have to care," Pepelnjak said, adding that almost every major data center switching system relies on some type of Broadcom chipset.

Read more of Pepelnjak's thoughts on the Broadcom Tomahawk situation.

Looking into the next-gen endpoint security

Jon Oltsik, an analyst with Enterprise Strategy Group, in Milford, Mass., tackled next-generation endpoint security, an evolving market that he wrote suffers from a disconnect between supply and demand. For its purposes, ESG defined the security model as software controls "designed to prevent, detect, and respond to previously unseen exploits and malware." Today, this market is in its infancy, but ESG survey results indicate that 75% to 80% of enterprises were purchasing new tools for advanced threat prevention, while the other 20% to 25% chose endpoint security tools, along with advanced detection and response.

Looking ahead, Oltsik believes that the next-generation endpoint security market will begin to see more all-in-one suites targeting midmarket and small enterprises. Enterprises will likely continue to choose comprehensive options that meet explicit objectives, and an emphasis on security analytics. Oltsik adds that if traditional antivirus vendors, which are now opting for more software capabilities, can survive the "onslaught" from endpoint security startups, they may grow to claim a larger role in the market.

Explore more of Oltsik's thoughts on endpoint security.

CPU monitoring for firewalls

Irek Romaniuk, a blogger with Packet Pushers, delved deep into the how-to aspects of monitoring CPU on firewalls. He says that there is a growing "push model" to send network monitoring metrics to a collector. Data is typically outputted in JSON format, but there is little agreement beyond that. Some systems use Google Go plug-ins while others use Intel's snap telemetry framework.

When it comes to monitoring firewalls, Romaniuk -- who worked on a Palo Alto firewall -- advised writing a node.js application and running it in a Docker container. The program Romaniuk designed collected CPU load data every 60 seconds from the firewall, through a remote API. For others trying to monitor CPU on firewalls, Romaniuk suggests migrating to snap and using existing plug-ins or developing plug-ins in Go.

Dive into Romaniuk's advice on CPU monitoring for firewalls.

Next Steps

Managing a next-gen data center

Understanding endpoint security

Emerging types of firewalls

Dig Deeper on