WHITE

That was Then and This is Now...

How ber-based routing and extension solutions are paving the way in infrastructure development

A Thinklogical White Paper

By David Cheever Thinklogical President and CEO This white paper will describe both past and present KVM routing and extension systems. It was developed for both engineering and non-engineering professionals who play a role in making critical infrastructure decisions. Most engineering personnel will likely be familiar with the basic technical content which describes past and present systems: However, this white paper can be of value to anyone as an update on new developments in ber-based routing and extension solutions and their applications in vertical markets from the broadcast world to government and military installations. This white paper will also outline the signi cant ine ciencies that still exist in present routing and extension systems and how Thinklogicals ber optic technology and solutions have revolutionized infrastructure systems.

www.thinklogical.com

White Paper - That was then and this is now

Introduction
It is not unusual for companies and organizations to consider moving computing resources away from the end user, in some cases to other oors, buildings, or even across campuses. This helps tighten security, improve maintenance or provisioning requirements and frees up o ce space. In addition, most growing enterprises have an increasing need for faster, more e ective information transmission. This shift has led to the proliferation of large, multiplatform, heterogeneous infrastructures with geographically distributed applications and human resources. Therefore, it is increasingly important that companies and organizations have secure routing and extension systems that provide real-time access to resources while not compromising the computing experience, hampering administration or adding unnecessary infrastructure costs. Currently there are numerous systems and solutions in the marketplace that harness copper as an extension conduit and IP to relay KVM signals. While these are somewhat viable and traditional technologies, there are some concerns and issues with implementing a system using copper (Cat5) and KVM over IP. For example, unsecure data transmission, dropped video frames or a decrease in video quality, lack of bandwidth, and limited peripheral capability or responsiveness have plagued these product solutions. In addition, systems and solutions that claim to route and extend uncompressed DVI over long distances have severely fallen short of providing such features due to critical gaps in their technology.

Initiatives Driving Infrastructure Solutions Security, Quality, Cost Savings and Future Proo ng
Security
When mission-critical applications are in play, system integrators and administrators understand that it is essential to provide users with a secure system that leaves little room for downtime. Consider users in a military command-and-control center, where they must react swiftly to urgent event information and a system slow down or fault could have potentially disastrous consequences. In addition, accessing sensitive data is of paramount importance in these types of environments. In many instances, end users need to switch between two or more computers, possibly at di erent classi cation levels, thus introducing data vulnerability. In these types of environments, strict security rules for the protection of classi ed information apply, speci cally in what is known as red and black networks. For example, where networks with di erent security classi cations are connected, it must be absolutely certain that classi ed information processed solely in trustworthy red networks is never transferred to black networks, where unauthorized personnel would have access to it. Therefore, a routing and extension system that is deployed in the most stringent of secure environments must not only have fail proof security features, but also meet a variety of security regulations. 2

www.thinklogical.com

Application Diagram

BROADCAST & POST-PRODUCTION BRIEF White Paper - That was then and this is now

Why KVM Over IP is Not an Option in Secure Computing Environments KVM over IP solutions provide remote keyboard, video, and mouse control of servers over an IP network. These distributed networks can be very appealing targets for hackers because they allow instantaneous access to computer assets. With the advent of KVM over IP, KVM systems become yet another target on the network. Common attacks on the network, such as probing and penetration attacks (e.g., viruses, worms, bu er over ow bugs and Trojan Horse programs) are used to break down security mechanisms and eventually seize a system. In addition, sensitive enterprise information can be compromised through a network security breach. It is evident that a KVM over IP solution opens up a simple gateway for hackers to gain control over a KVM system, and in turn, all the resources they control. While leveraging network protocol to provide a true desktop experience may be an option if you simply cannot run a Cat5 or ber cable, one needs to weigh it against reliability. Many KVM over IP solutions use a single Ethernet connection, and if that port connection fails, all connections to critical computer resources are now lost. Not to mention that many of these solutions allow access to a limited number of managed computing resources at a time, and this in turn could lead to potential blocked access to critical data and content. Lastly, a KVM over IP solution vastly increases the size of the security perimeter (from the entire organization and beyond) and it requires that the solution adopts the same network security measures and protocols. In many environments that require a high level of security, particularly in the government and military, this is not an option. Therefore, when considering deploying a KVM over IP solution, it is wise to weigh security requirements against what this solution has to o er. Fiber Versus Copper in Secure Environments When comparing the security features of optical ber to copper, ber wins hands down. Since ber optics is non-metallic, it is not susceptible to interference such as electromagnetic interference (EMI), radio frequency (RF) or lightning. In addition, ber does not conduct electricity. This means that ber can be installed in many types of environments that are prone to such interferences. Fiber is also typically smaller and lighter in weight than copper and is practically impervious to outdoor atmospheric conditions. Therefore, ber cannot corrode and can be buried in all kinds of soil. Since ber does not emit electrical radiation it cannot be eavesdropped upon or intercepted and is much harder to tap than copper. There are also no issues with grounding, shorting or crosstalk of cables as there is with copper. For these reasons, many secure infrastructures are composed primarily of ber and require routing and extension systems that harness this technology.

www.thinklogical.com

White Paper - That was then and this is now

Thinklogical Solutions in Secure Environments

For over two decades Thinklogicals ber-based products have been engineered and designed for secure computing environments. Our products and solutions do not use KVM over IP or copper. Instead they leverage advanced, patent-pending ber optic technology to assist in safeguarding infrastructure and information assets. Thinklogical has also developed cutting edge security rmware for administration and control over our routing and extension solutions. Thinklogicals Velocity extension solutions leverage this technology to support all video and desktop peripheral signals and securely transmit them (via ber) up to 40 kilometers away from the controlling computer. Signal routing is performed with Thinklogicals VX ber router. This solution is a signal (or protocol) agnostic high bandwidth router which meets and exceeds many security requirements. Thinklogical is able to address current and potential infrastructure security issues with a disciplined approach to architecture and an innovative approach to engineering. Therefore, our solutions are able to provide unique security features, unlike any other products in the marketplace today. Thinklogicals advanced security features include:

Device Targeting Any communication pathway that supports legitimate transmission of data can also be used to transfer malicious code and smuggle sensitive information out of an organization. One of the more notorious culprits of this is removable media. Whether CD, DVD, smart card, ash drive, or USB hard drive, all of them present a real and current risk. Not only can sensitive information be copied and stored on removable media, but many forms of malicious code can spread as well, one machine at a time, eventually infecting the entire enterprise network. Therefore, Thinklogicals products are capable of ensuring that only USB human interface devices (HIDs) function on target computers by allowing only HID devices to be attached to ports. Therefore, non-HID devices such as ash drives, hard disk drives, cameras and printers will not be capable of introducing security vulnerabilities. No Data Bu ering For performance reasons many routing and extension solutions need to bu er data. This poses a very high security risk when transmitting sensitive data. Thinklogicals family of ber optic extension, switching and routing products do not store or bu er any data transmission in its circuitry or components. Therefore, unauthorized personnel have no chance of retrieving data that has been transmitted, switched and routed on our products.

www.thinklogical.com

White Paper - That was then and this is now

Unidirectional Signal Separation In many secure applications it is necessary to separate the video from the keyboard and mouse signal. For example, take three destinations; one destination may be a controller, while the other two may be simply monitors. Therefore, the keyboard, video and mouse signals may go to the workstation at destination one, while at destination two and three just the video signal is sent. This can be done unidirectionally, with no back channel. Thinklogicals routing solutions are capable of separating the signals with ease, and distributing them as necessary.

Firmware and Partitioning Thinklogical has established a well-de ned and comprehensive architectural security approach, having designed security-relevant technologies in both hardware and software system components. Users can de ne and apply security policies using our state-of-the-art graphical user interfaces (GUIs) or even a third party control solution. In addition, Thinklogicals systems can implement partitioning at the rmware (control card) level, which will forbid users from accessing devices outside of their partition. To be certain that the back channel is only connected to the intended source computer (at the exclusion of all others), the upstream data ber and back channel data ber can be tied together at the rmware level. The back channel cannot be multi-casted to more than one computer so this limits the access to one user at a time.

EAL-4 Accreditation Common Criteria is an internationally recognized set of guidelines which de ne a common framework for evaluating security features and capabilities of Information Technology products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Once completed, Common Criteria certi cations are accepted by NATO through the Common Criteria Recognition Agreement (CCRA). Thinklogical is also the only supplier that has established an Information Assurance (IA) methodology across its high-end KVM routing equipment to meet EAL-4 certi cation requirements. The VX Routing solution supports any video format at any resolution, with no frame or pixel loss, as well as any computer or video related peripheral data. When deployed with Thinklogical Velocity Extenders, the resulting system is the only Common Criteria, EAL-4 accrediting solution providing multi-classi cation secure computing and video routing within the same chassis.

www.thinklogical.com

White Paper - That was then and this is now

Quality
In many applications the quality of the video and peripheral signals being transmitted from the source to the destination is just as important as the signal security. As discussed in the previous section, copper solutions using Cat5 are subject to electrical noise, which can result in degradation of the extended picture and grounding di erences between the transmitter and receiver. This causes a ickering video image, moving bars on the screen or problematic keyboard and mouse function. Another common problem associated with the extension of video using Cat5 cable is that of skew, or color drift. The e ect of skew can be seen as a colored shadow around objects on a video screen. It occurs when the pairs of wire within the cable are twisted at slightly di erent rates to reduce crosstalk between pairs. Because of these di erences between wire pairs, video signals for di erent colors travel di erent distances before they reach the remote receiver. When one color signal arrives behind the others because the wire is longer, the result is a shadow around the objects on your video screen. You are more likely to experience skew on longer cable runs (greater than 50 meters). Other issues that arise are that of video resolution and bandwidth, both of which are problematic for copper. The bandwidth required for full-resolution 1920 1080 progressive scan video is well beyond what Cat5 can handle. Anyone familiar with video transmission via Cat5 has likely seen encoding artifacts from the video compression techniques. Fiber optics has at least 100,000 times the bandwidth of copper, and is becoming the media of choice for the distribution of video signals, particularly in the broadcast and post-production arena where video quality is essential. There is also a trend in Commercial AV in which the information and data that is created requires large amounts of display resolution, and as resolution increases, it requires greater and greater bandwidth in order to distribute that information. This plays directly into ber's major advantage, which is the incredible amount of bandwidth that ber systems support, compared to the capabilities of copper.

www.thinklogical.com

White Paper - That was then and this is now

Thinklogical Provides the Highest Quality and Features Rich Video and KVM Routing and Extension Solutions While there are a number of ber-based extension and routing systems in the marketplace today, Thinklogical is the only provider that deploys some of the most technologically advanced ber-based solutions for routing and extension. Our patent-pending MRTS technology supplies our systems with immense bandwidth and is embedded throughout our product lines for both our single mode and multi-mode ber solutions. This technology harnesses optical ber to transport every frame of a DVI video stream seamlessly, with no compression or dropped frames. Therefore, skew is a thing of the past and users retain high-quality DVI video for a brilliant picture. In addition, it enables all high speed peripherals to function with no latency making it ideally suited for a wide range of applications, particularly in the broadcast and post-production eld, as well as command and control centers, air tra c control, large scale digital signage, and many other commercial visual computing applications. Bandwidth, CWDM, Signal Agnostic, Bidirectional Communication The broadcast and post-production eld makes intense demands on their computing infrastructures for creating and delivering content and Thinklogical is there to provide the ideal solution. In many of these applications ber optic systems are used to carry audio and video data between locations. For example, individuals need to share computer systems to produce, edit and view content, so work ows between editing suite and studio locations become critical. In these instances ber is preferred over copper because bandwidth requirements are high and copper has greater distance limitations. Thinklogicals solutions not only feature high-bandwidth capacity (up to 6.22 Gbps) over distances up to 40 kilometers, but they are also capable of using coarse and dense wavelength division multiplexing (CWDM or DWDM). By doing so one single-mode optical ber can handle a total of up to 80 DVI video signals and can carry them over several kilometers. In addition, our VX routing solutions are signal or protocol agnostic. This means that multiple signals of any type audio, video or data can be routed and multiplexed onto a single ber optic cable. With copper-based solutions, analog and digital video signals as well as auxiliary data streams require the use of many di erent cables. Thinklogicals systems hit all key performance speci cations for attributes such as system jitter and error free-pathological patter operation. Our solutions do so while handling bidirectional communication, which is very useful in post-production and broadcast (ENG/SNG) applications. Our ber system can transmit signals in both directions with virtually no bandwidth constraints, whereas copper systems can transmit in only one direction at a time over any given signal pair. 7

www.thinklogical.com

White Paper - That was then and this is now

Key Thinklogical system bene ts:

No frame dropping Highest bandwidth available (6.22 Gbps) SFP+ design available from multiple sources Available in multi-mode or single-mode optics Optics can be replaced in eld if necessary SFP+ provides MTBF of 5.2 million hours Can use CWDM to send multiple videos over a single ber No skew problems design compensates for cable skew Resolution not limited by ber distance Video and high speed peripherals (USB 2.0) on one ber Support for embedded audio on video stream Centralized Management System Customized GUI for centralized connection and administration management

Where competitive systems fail - Issues with present ber-based routing and extension systems:
Must change color space of high resolution computer graphics (1280 x 1024 @ 60Hz and above) from 4:4:4 to 4:2:2 to achieve 60Hz frame rates Video sampling rate of RGB video is reduced from 24 bits per pixel to 16/20 bits per pixel Requires costly pathological SFP's Not enough bandwidth to support 1920 x 1200 @ 60Hz; produces pixel shifts and fuzzy text from pixels dropped Does not support audio embedded on the video stream May drop frames and/or remove video blanking period from video signal to t within the 3 Gbps link USB 2.0 cannot be placed on same ber as video Fibers must be identical in length or sell only xed length ber extenders Requires additional bers, which translates to additional cost Video only no keyboard and mouse Only available in multi-mode; Limits distance Video resolution limits ber distances - higher resolution equals shorter distance Cannot be used with a CWDM No single-mode ber; cannot place multiple videos over a single ber Optics cannot be replaced in the eld Video can skew over long lengths of ber 1 MBPS data channel; cannot support audio, USB 1.1, 2.0 or other high-speed peripherals

www.thinklogical.com

White Paper - That was then and this is now

Cost Savings
The Economic Factor - Copper versus Fiber It is clear that we're seeing a reversal in the trend between copper and ber. With this trend comes the argument of cost between copper and ber. Fiber is steadily approaching cost parity with copper, even when comparing equipment costs. Overall the initial equipment cost for a ber system may be slightly higher than a copper-based system. However, ber is a future-proof technology and if the emphasis is on investment, ber-based systems will ultimately be more cost e ective. Moreover, ber systems ultimately cost about the same as Cat5 when taking into account bandwidth and the amount of signals that can be transported. A single strand of ber can transport more signals across longer distances than Cat5, so there is an advantage there when looking at the total system cost. In terms of the overall cost of a ber installation, it is becoming increasingly competitive to that of copper and the price of ber cabling is lower than it's ever been. In addition, many facilities already have ber in the ground, so leveraging its potential and nancial pay o really hinges on the right system solutions. Lastly, ber systems eliminate a number of performance variables (system downtime, data and information delivery, security) which ultimately impact system cost. KVM over IP Many KVM over IP solutions provide very limited con guration exibility and expandability. Traditional KVM over IP switches are available only in certain multi-port con gurations, such as 8, 16, or 32. This limits the size of the switch, limits the number of inputs and outputs, and makes larger con gurations costly or virtually impossible to build. These solutions also require additional hardware and software, such as dongles, power supplies or other devices to support rich media as well as client-based administration or control software.

www.thinklogical.com

White Paper - That was then and this is now

Conclusion
Future-Proo ng The Thinklogical Advantage
Most engineers, integrators, and IT professionals would agree that optical ber ultimately will replace copper throughout most infrastructures. This migration can be attributed to the amount of bandwidth that applications now require (3 4 Gbps and beyond) as well as todays geographically distributed computing environments. Therefore, ber-based products and solutions are the only options that are capable of supporting these requirements. Thinklogicals router and extension solutions present one of the few systems in the marketplace today that allow companies and organizations to fully leverage the bene ts of ber. Our forward thinking engineering has enabled us to design high bandwidth, protocol agnostic solutions that deliver a exible and secure routing and extension system. Our system delivers an uncompromised computing experience, while maximizing computing resources and ensuring seamless system integration. The net result of these bene ts is a long-term infrastructure value whether deploying Thinklogical systems in a new build or incrementally upgrading existing equipment the ROI will be quickly realized and maintained throughout the years. This makes Thinklogicals solutions the ideal choice not only for today but also for the future.

About Thinklogical Thinklogical is the leading manufacturer and provider of ber optic KVM/video extension solutions, and ber matrix routers and switches. Organizations worldwide rely on Thinklogical's products and solutions for optimal performance in secure visual computing environments. Through pioneering next generation ber optic extension, switching, and server management technologies Thinklogical helps customers reduce cost and simplify the management of complex computing infrastructures.

2011 Thinklogical. All rights reserved. Thinklogical claims or other product information contained in this document are subject to change

Extend

Distribute

Innovate

October 2011

without notice. This document may not be reproduced, in whole or in part, without the express written consent of Thinklogical.