P2P: Napster for your network

Peer-to-peer (P2P) computing was around long before Napster, but vendors are jumping on the peer bandwagon with new file-sharing technology for businesses. Find out if P2P will work for your business.

Peer-to-peer networking gets a boost from Napster--but what's real and what's hype?

By Hailey Lynne McKeefry
CNET Enterprise
7 March 2001

It doesn't take much these days to elevate a technology to hot-button status, complete with its own lingo and a catchy buzzword. After a few swiped songs, nifty names such as Napster and MP3 pop up. And suddenly, the phrase peer-to-peer (P2P) is part of our lexicon.

Vendors jumped on the bandwagon, and a raft of P2P and derivative products has followed. Though not all P2P-labeled products employ a pure peer-to-peer approach, most at least embrace the ideas behind the technology. In order to cut through the hype, it's important to know what's part of the P2P fluff and which technologies are effectively taking advantage of P2P's capabilities.

The basic definition of P2P networking describes a network environment in which each client effectively acts as a file server for other connected clients. The client systems can create one-to-one (or sometimes one-to-many) relationships in order to share files or collaborate. This flexible structure differs fundamentally from a traditional client/server architecture, where some computers are dedicated to controlling access to files and communications among network members.

But vendors have been expanding on the P2P definition, giving way to new products that may or may not be genuinely peer-oriented.

Hailey Lynne McKeefry is a freelance technical writer based in Belmont, California, who contributes to CNET Enterprise. P2P twists

The term P2P has been around in the networking world for years, but the latest twist on this technology adds two new factors to the definition: applications designed to specifically exploit peer relationships, and using the Internet as an extension of the local network. Napster, for example, enhances the P2P process with a user interface that runs outside the browser window to let users share and download files over the Internet. Napster gains efficiencies by aggregating the distributed storage capacity of all the client systems.

Other P2P applications use a similar strategy to gather unused resources (either processing power, memory, or storage space) from computers connected to the Internet and then apply them to a specific task. SETI@home, for example, is a scientific experiment that uses Internet-connected computers in the search for extraterrestrial intelligence. Users willing to install the client program allow SETI to co-opt computing cycles from their computers when they're not using them. Then, SETI steps in and analyzes radio telescope data in its search for life on other planets.

Other popular pure P2P systems include Popular Power, Freenet, Gnutella, and Aimster. Each leverages unused resources of various computers connected to the Internet. For example, SETI uses processing power, and Napster uses storage because songs are stored on a central network.

Despite proliferating P2P-related technologies, many are wondering what P2P's big hook is.

The big benefits

Nobody is claiming that P2P applications will replace the communications, file-sharing, and collaborative capabilities of e-mail, in the same way that e-mail and instant messaging haven't replaced the telephone and fax machine as modes of conversation and data exchange. In some instances, though, connecting directly to another user can be efficient, particularly when network bandwidth is at a premium.

Often, corporate users already have a Web-based messaging system (e-mail) or an internal collaboration system such as Lotus Notes that offers much the same functionality as P2P applications. P2P supporters argue, however, that P2P computing may be more affordable, efficient, and flexible.

They cite a few key P2P advantages:

  • P2P gives a user personal control to communicate directly with another person without upfront setup.
  • In P2P, there is no need for IT administrators to manage access, security, storage, or the myriad of issues associated with other types of communications. Each user in peer-to-peer is in charge of his or her own local computing resources.
  • Sharing files using e-mail attachments can clutter up the network with multiple copies of the same document and can tax network bandwidth. Using P2P file transfer minimizes these difficulties.

Of course, P2P isn't a panacea for every problem, and the approach does have its disadvantages. At times, e-mail or a floppy disk still provides a more efficient way to share files. For example, P2P can overload the network or fill an already congested pipeline to the Web. In addition, depending on the application, P2P can present security risks. Napster, for example, uses a network protocol that assumes direct point-to-point access between clients. This means that the IP addresses of registered computers are generally available for others to see. Though some Internet services use dynamic addressing, the newer high-bandwidth services such as DSL and cable modems generally require a fixed IP address, which can put Napster users at risk to hackers.

Latest P2P technology

Today, a number of software vendors label their products as P2P in hopes of riding the Napster wave. These applications often take a peer-to-peer approach, letting one user connect to or exchange information with another, but the applications don't truly use a peer-to-peer architecture. Other applications use some elements of peer-to-peer but not all.

Most common are the products that have hit the market recently that don't match the traditional Napster definition of P2P. Instead, they're riding on P2P's coattails, sufficiently adopting the linking client approach. However, some applications still lean on a server to do some moderation functions--a derivative P2P approach that offers significant advantages over a purer approach.

Some products offer shared computer cache resources across a LAN, rather than across the Web. For example, Mangosoft's Cachelink Pro 3.0 is a LAN-based product that stores Web page information on the LAN to speed download time and reduce traffic over an Internet connection. Information may be stored on any workstation within the network, and the application leverages the computing power and storage space of the combined clients. This program links one workstation to another but doesn't leverage an Internet connection. This allows quicker access to information that has already been cached somewhere on the LAN.

Many vendors are using P2P approaches to create better ways to allow workers to collaborate on projects. Another product from Mangosoft, MangoMind, is an Internet file-sharing service that uses a hybrid architecture, containing elements of both peer-to-peer and of client/server technology. The service, which was launched in October, allows multiple users to simultaneously access and share files. MangoMind provides versioning and security features that you wouldn't get if you simply used e-mail for document sharing and collaboration.

Groove Networks provides a number of collaboration tools (chat, bulletin-board style discussion forums, file sharing, calendaring, and sketching) in a P2P environment. The key difference that Groove offers over traditional groupware tools is that all participants need not be online simultaneously. Whereas most groupware tools focus on providing online meeting capability for simultaneous collaboration, Groove's approach is more ad hoc. This program links one workstation to another but doesn't leverage an Internet connection, allowing quicker access to information that has already been cached somewhere on the LAN.

P2P trends

In addition to collaboration and resource sharing, some vendors are leaping into entirely new areas. MyCIO, a division of Network Associates, is using P2P as a way to disseminate its virus updates and is addressing the inherent weaknesses of peer-to-peer (such as P2P overloading the network or Internet connection as many users try to hook up simultaneously).

Intel is aiming to facilitate more P2P products in the security industry with its recently announced Peer-to-Peer Trusted Library security code, which other companies can use when developing P2P applications. The release includes full application programming interface (API) documentation and provides support for peer authentication, secure storage, encryption, and digital signatures. Intel has made the API freely available to developers online.

In an enterprise environment, rather than forcing each client to go to a Web site for the most recent update, MyCIO's Rumor technology allows the first client to pass the update to the next client that logs on to the network, thus reducing demand for Internet and LAN bandwidth. Each system authenticates the next that logs on, and the system uses a time-based protocol so that users aren't deluged with offers of an update from multiple clients. In this scenario, rather than allowing any computer to hook to any other computer (as in traditional P2P), users are directed to the most direct and efficient source of the update; the remaining potential peers offering information are turned down.

The bottom line
CTOs will probably never utter the phrase, "I've gotta have P2P!" In fact, some industry veterans predict that the technology will simply evolve into a feature that exists within many different products, rather than be an application or a platform in itself. P2P provides key advantages when users want to move large files to many people, or when they want to engage in ad hoc rather than planned collaboration over the Internet. Although most companies won't be encouraging their workers to visit Napster for the latest download, P2P and derivative technologies are beginning to offer capabilities that will appeal to the enterprise.