Last month, I read about Juniper entering the switch market for the first time and Cisco introducing a new set of data center switches. I'm wondering how these new switches support the idea of building more security into switches.

Both those introductions were well covered by the industry, including in two articles by Network World (Cisco, Juniper lead switching splash and Juniper’s EX: Switch vendors sound off).

The Juniper announcement was widely anticipated, since rumors of it had been swirling for more than a month. And Cisco's news was also expected, with many in the industry looking for the company's data center switches to debut.

Since ConSentry ended up making a switch announcement in a similar timeframe, we had the chance to talk to many industry analysts and some channel partners about all the switching news that hit at once. Many of these folks had anticipated increased security, control, and other advanced functionality to be in these switches - particularly the Juniper switches - so some industry watchers expressed disappointment at the lack of advanced functionality.

What many of these analysts noted was the fact that these switches, particularly the Juniper switches, were built on the same basic hardware infrastructure that switches have been built on for several years. This limitation meant the switches were unable to offer differentiated functionality. For instance, analyst Zeus Kerravala compared both the Cisco and Juniper announcements on his blog, noting that without a compelling feature set, Juniper will face a challenge in attracting new customers based just on the company's switches.

Your question is very appropriate, since a new switch does present the opportunity to deliver new functionality. But to do so, that switch must be built on new hardware that has greater capabilities native to the switch. As seems to be the case with Juniper last month, a company can clearly introduce a new switch that's still built on an old architecture and that therefore offers no meaningful differentiation.

The bigger challenge is to deliver switches built on a new architecture - one that fundamentally changes the feature set of the switch. What are some key differences to look for in a new architecture that could enable a switch to offer more built-in security and control? Look for an architecture based on programmable rather than fixed hardware. That big change enables the switch to keep pace with security, control, and other features that are changing on the LAN all the time.