P2P: Life Beyond Hype and Annoyance

by Jacqueline Emigh

P2P may have started public life as a bandwidth-hogging annoyance for network admins everywhere, but it's growing clear the second generation of P2P frameworks will satisfy your need for security, manageability, and scalability.

By exploiting resources on nodes throughout the network, peer to peer (P2P) technology seems to carry real potential in the enterprise space for somewhere down the road. Before P2P takes hold, though, providers will need to meet network administrators' concerns over security, manageability, and scalability.

P2P allows for better utilization of both servers and client PCs, according to its advocates. "Most PCs are using maybe 1 percent of their data storage capabilities. They have enormous untapped processing power, too. The next generation of P2P will add more security, as well as application-level sharing," maintains John Hebeler, strategic director of multimedia services at Arbitron.

"P2P represents the next generation of computing. You can make use of the intelligence in the end computers. The notion is quite natural, given all the computing horsepower out there," says Mike Martineau, director of business development for systems integrator Xwave.

So far, some of best-known P2P implementations have been Internet-based offerings such as Napster and GNUtella. Some implementations in this category -- such as Napster and Seti@Home -- have revolved around centralized client-server architectures. Others - including GNUtella, Freenet, and FastTrack (KaZaA) - have used a variety of distributed topologies.

Unfortunately for P2P's overall reputation, many names on the list of early pioneers have become anathema to network managers. "Many of (the Internet implementations) had back doors written for them. There was almost nobody in IT (information technology) who didn't know this," says Michael Hudson, CTO for Centerspan.

One widely circulated back door was a bastardization of the GNUtella client. End users would load the program, not realizing they had a "bad" variant. "The 'bad' client could round up all the user's .doc files, for example, and then e-mail them off. There's no company that would allow a client like that," according to Hudson.

P2P adherents express confidence, though, that security issues can be resolved, through remedies ranging from authentication and encryption to creative use of Web services.

Systems integrators like Xwave are currently talking with enterprise customers about possible future P2P deployments. "A lot of our customers are conservative, and there's a healthy skepticism about P2P. They're looking at their core infrastructures right now, though, to find better efficiencies. They're seeing that they already have multiple servers, for instance," Martineau says.

Meanwhile, content management specialists such as Centerspan and Kontiki are already implementing systems that -- although not strictly characterizable as P2P -- do use distributed peers for content storage.

Kontiki has been working with customers that include Amazon.com; Loudcloud; VeriSign; McAffee.com; JamCracker; MP3.com; Mondo Media; and AOL Time Warner.

For its part, Centerspan recently announced that VUNnet USA will use its CStarOne content delivery network for an entertainment service expected to launch later this year.

"Right now, we're also talking with a government agency," he adds.

C-StarOne is a "closed" network, according to Hudson. "Clients can't store their files on our servers." It is also a "mediated service," with centralized knowledge of data traffic. Data resides in "little XML packets lying everywhere," he says. "Even if somebody knew where all the pieces were, they'd never be able to put them together again." Also for security, Centerspan uses standard authentication, plus a variant of Blowfish encryption, and a non-agile port mode. In enterprise environments, Centerspan lets network managers "observe and control the mediation."

When it comes to P2P, application-level sharing will be a big benefit, according to its fans. "People could use wireless P2P to form ad hoc networks for accomplishing specific tasks. If you had a meeting with three people, you could trade resources on your handhelds. Each of you would be able to use selected portions of each other's computers. You could show a presentation running on your handheld, or work together on a joint spreadsheet," Martineau says.

"P2P resource sharing started with MP3," Hebeler notes. "Let's say you needed 20GB in space to store some MP3 files. If you went to Yahoo and asked for 20GB, they'd say, 'No way.' But with P2P, your friend could store them for you on his PC. Now, let's say I have a program on my PC that people I'm working with want to use. If I'm away, they can use P2P to tap right into it. When more formality gets added to the security, I'll be able to do that, while at the same time protecting sensitive information I need for a project I'm doing, for instance."

Ironically, perhaps, privacy could ultimately become another advantage of P2P. "One area is in the electronic health record space. Nobody wants to put all that information in one place, and doctors are unlikely to want to give up their patient records, anyway. With P2P, you can leave portions of the records in various doctors' offices, and then assemble it all together," Martineau says.

Advocates admit that, beyond improved security, greater manageability and scalability will also be required for enterprise P2P. Scalability is needed to prevent fragmentation, for example.

"P2P is going to scare the hell out of some network managers, because more intelligence will move out to the client devices. The classic network management products are not yet supporting P2P, and this may hinder development over the short term. In time, though, you'll definitely see the major vendors taking a look at both management and security for P2P," Martineau predicts.

» See All Articles by Columnist Jacqueline Emigh

This article was originally published on Friday Jun 21st 2002