Cisco is to release a new version of its core IOS operating system in the coming months according to company executives.

They claimed that the advance would let users add features to routers and switches without taking them offline, and help companies speed the deployment of services such as VoIP, quality of service and security while minimising the risk of glitches.

Some users and analysts say the Internetwork Operating System (IOS) improvements have been a long time coming, while others contend that such an architectural change could engender a new set of network problems for router administrators.

Mike Volpi, senior vice president of Cisco's Routing Technology Group, outlined the IOS plans during an interview with Network World editors.

"Modularity means you have the ability to partition," Volpi said. "So you have a real-time kernel that runs underneath it, rather than the classic embedded kernel of IOS." This partitioning will make the operating system more reliable by reducing downtime because of bug fixes, feature additions, upgrades or unplanned events, he said.

Versions of IOS run on almost all Cisco equipment, from small-office to carrier-class routers and the company's Catalyst enterprise switches, security appliances and Wi-Fi gear.

The software's current architecture is tightly bundled, even monolithic, experts say. IOS includes a base software image with embedded features that are compiled for specific builds to perform certain tasks - from IP and legacy protocol support to firewalling and VoIP.

"To put a feature on a router, you can't just add the little pieces you want," says James Boney, author of the book Cisco IOS in a nutshell. "You have to upload a whole new IOS version and then reboot," he says. "If you get it wrong, you have to do it over."

Even though IOS is still monolithic, Volpi said the software has become more partitioned over the last few years. Chunks of feature code are now separated, so they don't interfere with each other or with core routing functions.

While an entire IOS image still must be loaded during feature upgrades, the partitioning has set the stage for the new modular IOS architecture.

"Most of the newer [IOS feature] modules have been reasonably well partitioned off already," Volpi says. "They may not have the Posix-like API, [similar] to a Unix operating system, but those are relatively easy to add because we designed it with that modularity in mind." He adds that Cisco also will continue to support IOS as it exists today.

A modular IOS is something Cisco has been cooking for years, says Frank Dzubeck, president of consulting firm Communications Network Architects.

"It's going to be an improvement, in that it will be extremely more stable in the long run," Dzubeck says. It also could help users deploy IOS-based gear faster in large networks. Before new IOS builds are put on live networks today "a lot of regression testing has to be done, which can take months because you might turn on one option that affects others," he says.

With Cisco gear carrying about 80 percent of the world's Internet traffic, a modularised IOS could help carriers run the 'Net more efficiently, analysts say.

Modular operating systems "are increasingly important as carriers consolidate [point of presence] architectures," says Mark Bieberich, an analyst at The Yankee Group. With the new functionality "a carrier could partition a router to perform core functions - such as aggregation, peering and treatment of [Multi-protocol Label Switching] VPNs - in one physical system."

Bieberich says this treatment usually requires separate and distinct physical devices. As such, modular operating systems could lead to "tremendous reductions in operating costs" by cutting the number of devices, and trunks and links between devices.

While the proposed IOS overhaul will be useful, drawbacks might surface, analysts say.

"Any new software, even minor upgrades, always have issues," says David Newman, president of Network Test, a network equipment evaluation firm, and a Network World Lab Alliance member. "Getting people to adopt it might also be an issue. For many enterprises, it might be akin to upgrading a jet engine in mid-flight."

Dzubeck adds that if IOS is made more Unix-like, "there could be situations where a module could be added that would open up a hole. You didn't have that before in IOS because it was totally closed."

Ironically, some IOS security issues have cropped up recently. Reports have surfaced that hacker tools, built to exploit known weaknesses in certain wired and wireless Cisco gear, now are circulating the Internet.

Volpi says this doesn't expose any fundamental flaw in Cisco technology nor does it represent a great threat to users.

"So far, we've shown to be pretty robust, and there are no major issues that at least we know of," he said. "Being an embedded operating system that sits in a router, [we] don't quite get the attention that a Windows does with a community of hackers."