www.networkingplus.co.uk JUNE 2017
FIXED & WIRELESS NETWORKS FOR ENTERPRISE USERS
Rise of the nodes Take IT to the bank A new view of the network Security devices Ocado simplifies Uptime is money for Does SD-WAN Handy appliances to smart factory companies in the really represent the help stop cyber attacks architectures with financial sector future of enterprise from causing havoc to mesh network Real World Networks, networking? your business News, p2 p8 Feature, pp11-13 Off-the-shelf, p14 Cisco “re-invents” networking to make it fit for the future By Rahiel Nasir
What’s described as the “network of manageable” and allowing IT to focus on the future” has been unveiled by Cisco. strategic business needs. The company claims its intuitive system The company believes it is in a unique constantly learns, adapts and automates position because the vast majority of the to optimise operations, and stops security world’s internet traffc runs on its networks. threats in their tracks As a result, it has been able to capture According to Cisco, organisations and analyse valuable data to provide IT are currently managing their networks teams with insights to spot anomalies and through traditional IT processes that are anticipate issues in real-time. not sustainable. The frm says its new The technologies behind Cisco’s intuitive system is the result of years of R&D network include hardware, software and a aimed at re-inventing networking for an suite of services designed to work together age where engineers managing hundreds as a single system. of devices today will be expected to For instance, the new Network Data handle a million by 2020. Platform and Assurance analytics platform By automating the edge of the network categorises and correlates the vast amount It’s claimed the “intuitive network” creates an intelligent platform that will help businesses and embedding machine learning and of data running on the network. It then unlock new opportunities and solve previously unsolvable challenges. analytics at a foundational level, Cisco uses machine learning to turn that into boasts that it is making the “unmanageable predictive analytics, business intelligence and actionable insights. It interprets data in to analyse metadata traffc patterns. This context which, according to Cisco, is what is designed to identify the fngerprints of enables the network to provide new insights, known threats, even in encrypted traffc, resulting in better security, more customised without impacting data privacy. experiences and faster operations. (continued on page 2) The network also utilises Cisco’s Talos Is SD-WAN the future of enterprise cyber intelligence and machine learning networking? Feature pp11-13. ICO fines council for data breach during outsourcing process The Information Commissioner’s Offce Heartbleed vulnerability in its systems (ICO) has fned Gloucester City Council by using a SonicWall appliance which (GCC) £100,000 after a cyber attacker contained an affected version of OpenSSL. accessed council employees’ sensitive By that time, the notice points out that a personal information. patch had been released to fx the faw. But The attacker, who claimed to be part while the council intended to update its of the Anonymous hacking group, took software using the patch, this ended up being advantage of a weakness in GCC’s overlooked during the outsourcing process. website in July 2014. This led to more The ICO investigation concluded that the than 30,000 emails being downloaded council did not have suffcient processes in from council mailboxes. The messages place to ensure its systems had been updated contained fnancial and sensitive while changes to suppliers were made, and information relating to around 35 former fned the organisation for contravening sec- or current staff. The breach also resulted tion 55A of the Data Protection Act 1998. in Twitter accounts belonging to senior “Businesses and organisations must council offcers being compromised. understand they need to do everything The attack exploited the Heartbleed bug they can to keep people’s personal in OpenSSL and occurred when GCC was information safe, and that includes being outsourcing its IT systems. In its penalty extra vigilant during periods of change or notice to the council, the ICO stated that uncertainty,” said ICO group enforcement Gloucester’s IT staff had identifed the manager Sally Anne Poole. n
Net+ 1706 p1 (Cover) RN v1.indd 1 04/07/2017 15:45 news register online @ www.networkingplus.co.uk and find out more
Cisco is introducing its Catalyst 9000 switches, Ocado open source software to built from the ground up to target the demands of mobility, cloud, IoT and security. streamline data centre architectures Reinventing Ocado Technology � a division of the designed to process the vast amounts online supermarket � has come up with of real�time data generated in smart a free and open source package designed factories such as automated warehouses. networking to simplify data centre architectures for Chris Dabrowski, G� of infrastructure, (continued from page 1) smart factories. operations and site reliability engineering at �eanwhile, day�to�day tasks such The Kubermesh package uses container� Ocado Technology, believes all this has the as confguration, provisioning and based technology and the open source potential to revolutionise the way companies troubleshooting are automated using SD- Kubernetes system to implement an on� approach on�site data centre architectures. Access. Cisco explains that this enables premise private cloud architecture. Ocado �e adds� �Kubermesh is an elegant and IT teams to move away from �tedious says this then enables desktop computers cost�effcient solution to running our highly� traditional processes� to �automating to be easily confgured to become nodes automated customer fulflment centres based intent�, making it possible to manage that support the compute or storage Ocado is running Kubermesh at its highly- on a distributed network of computing nodes millions of devices in minutes. The functionality typically delivered by a high� automated customer fulfilment centre which spread around the warehouse rather than company claims SD-Access �slashes� performance server in a data centre. includes thousands of robots roaming on top high�performance servers concentrated in the time it takes to adapt the network, By distributing data centre functionality of a grid. one large data centre.� improves issue resolution from weeks in a mesh network of nodes, it’s claimed Ocado is planning to use the same and months to hours, and dramatically Kubermesh removes the need for a dedicated capex and opex associated with maintaining container technology and Kubernetes system reduces security breach impact. data centre and complex networking on�premise high�performance servers. to build an upcoming massive multiplayer �ASA, �oyal Caribbean Cruises and infrastructure. Ocado says this leads to The company adds that the nodes are online game that teaches secondary school �ipro are among �5 global enterprises and signifcant energy savings and reduces the fault�tolerant, secure, fexible, and are students the principles of AI. n organisations that are conducting early feld trials with the new solutions. Cisco says initial analysis with these customers as well as its own testing have shown SD-Access Cambridge school installs passive optical LAN can reduce network provisioning time by �� per cent, improve issue resolution by 80 per �okia has deployed its frst passive optical based �thernet LA� upgrade because of the same infrastructure. �okia adds that it cent, cut security breach impact by 48 per LA� in the ��. The installation was carried its future�proof capabilities. �okia adds can provide 200 times longer coverage from cent, and lead to opex savings of �1 per cent. out for an unnamed school in Cambridge that its infrastructure provides a secure, a single central location than a copper�based ��ith this new approach, Cisco is by local systems integrator, ��D�IP. fexible and scalable network that allows LA�, eliminating the need for e�uipment changing the fundamental blueprint for Based on fbre optic infrastructure and the school to signifcantly improve the closets on each foor or at every 100 meters. networking with re�imagined hardware GPO� (gigabit passive optical network) high�speed internet and educational The solution is capable of supporting all and the most advanced software,� states technology, �okia claims its passive optical services it provides. video, voice and data re�uirements over a the frm. �This shift from hardware�centric LA� outperforms more traditional solutions �ith optical fbre cabling having single fbre optic cable, and has also proven to to software�driven networking will enable in key areas of speed, cost and ease of use. virtually unlimited capacity, the frm be effective in delivering a more eco�friendly customers to experience a �uantum leap in According to the company, the school claims its solution can be easily and cost� solution that removes the need for additional agility, productivity and performance.� n chose its system over a traditional copper� effciently upgraded to 10G or 40G using network cabinets and IT switches. n
networking june 2017 2
Net+ 1706 p2 (news) RN v2.indd 2 04/07/2017 16:07 register online @ www.networkingplus.co.uk and find out more news
THE WORLD ACCORDING TO... Universal promotes new Richard Jonker, VP of SMB product line, Netgear
Using 10G to alleviate the network films via virtual network pressures of IoT connected devices �niversal Pictures International has teamed up with Devicescape to build Businesses must embrace new with additional traffic that will be required location�targeted promotional campaigns technologies to remain agile in a in both small and large organisations. for flm releases across the ��. competitive environment, and make the Ten gigabit copper, which allows 10G The company will also harness what move to 10G connectivity to support their bandwidth over existing infrastructure, Devicescape describes as the �rich� increasingly burdened networks. is becoming more affordable and datasets generated by its Engage platform The Internet of Things is making encouraging widespread adoption. SMBs to develop a uni�ue, actionable, and in� its mark throughout the enterprise can now embrace these new innovations depth understanding of the �� cinema� landscape. Although IoT may be more and deploy 10G to deliver reliable, goer experience. Its says this will familiar to larger organisations, it affordable and easy-to-use connectivity, then enable the development of more will eventually touch and permeate and avoid potential network bottlenecks. effectively targeted marketing campaigns throughout the supply chain, of which Many SMBs have already deployed 10G that have a broader reach. SMBs are a main contributor. copper solutions as they are starting to �niversal has already been working This is an historic transition in which embrace IoT to help support growth in with Devicescape on a number of its �� a rising network of physical objects traffic generated by the virtualised servers, releases, such as Sing, Fast and Furious communicating via the internet, talking to storage devices and data centres that 8, and Despicable Me 3 which is due to each other as well as with their external power their infrastructures. Our research open on �0 June. Click through rates for environments, will become commonplace. shows that 61 per cent of SMBs expect to commercial campaigns so far delivered McKinsey has predicted that there will use 10G to support their business network this year are said to have ranged between be 26 billion connected devices in use by the end of 2017. IoT will simply nine and 1� per cent. Universal has used Devicescape’s Curated across the globe by 2020. contribute to aggregate traffic profiles and �ngage uses Devicescape’s Curated Virtual Network to deliver location-based In the past, enterprises have been first in spread wider adoption even further. Virtual Network (CVN) of shared public �i� promos for a number of its UK film releases the race to adopt IoT as they could afford SMBs must act now to prevent their �i to establish consumer presences at venues such as Fast and Furious 8. to build fast, robust networks to support networks from collapsing under the new with extremely high footfall. The CVN is the explosion of new information. Recent weight imposed by IoT. Having the right said to comprise more than �00 million The frm adds that the network is research from SMB Group highlighted infrastructure in place can make the access points worldwide which combine to �crowd�sourced’ as every AP is discovered that IoT was near or at the bottom of SMB difference between uptime and downtime, form a single, software�based network. by one of millions of Devicescape� investment lists for the next year. But lost opportunities and even the worst- Last year, Devicescape announced enabled smartphones. It says the crowd awareness is growing and will drive the case scenario – business failure. 10G can that its �� CVN had reached more than continuously reports on the availability need for a higher network capacity to cope help to eliminate this risk. 500,000 locations since being launched and �uality of the �i��i in the CVN, in 2014. These include all of Starbucks’ which means that it always knows what coffee shops, the �oyal �estival �all on to use and when to trigger the delivery London’s South Bank, �aterloo train of location�aware, targeted engagement Remote village gets its first station, amongst others. messages to consumer phones. n mobile internet connection O2 has installed the frst permanent 4G mobile mast in one of the ��’s most remote villages. The deployment has brought mobile connectivity to a rural community that was completely cut off from all communications �ust over 18 months ago. In the summer of 2015, Staylittle in Powys experienced a communications blackout that it cut off from the outside world for nearly two weeks. �ith the nearest town located around eight miles away, residents in the �elsh village relied on one working landline in the local post After working “tirelessly” with local offce and had to resort to expensive, patchy authorities, O2 says Staylittle now has satellite�based home internet to get online. its first permanent 4G mobile mast. In response, O2 installed a temporary 2G mobile which enabled voice calls and texts worked tirelessly to get its residents to in Staylittle for the frst time. Since then, this point � where they can make calls the company has worked in collaboration and access the internet and social media with local authorities to install a permanent on the move �ust like most of the country.� 4G mobile mast. This now provides full �G Beyond Staylittle, O2 plans to bring and 4G coverage to the entire village. high speed 4G mobile internet to a further ��e pride ourselves on listening �95 �elsh villages by the end of the year. to customers, but we also listen to The mobile operator adds that it invests communities who have yet to feel part more than £2m every day to develop its of a digitally connected Britain,� claims network across the ��, and that its 4G O2 CTO Brendan O’�eilly. ��ver since footprint now covers 9�.8 per cent of the we heard Staylittle’s story in 2015, we’ve population outdoors. n
EDITORIAL: Publishing director: The contents of the magazine may not be reproduced in part or whole, Editorial director: Rahiel Nasir Kathy Moynihan or stored in electronic form, without [email protected] [email protected] the prior written consent of the Designer: Alan McClenaghan publishers. The views expressed in this [email protected] is published monthly by� magazine are not necessarily those Contributors: Richard Jonker �adium Ltd, �nit 2, 1 Annett �oad, shared by the editor or the publishers. �alton�on�Thames, Surrey, �T12 2J� Tel: �44 (0) 19�2 88� 5�� ADVERTISING & PRODUCTION: www.networkingplus.co.uk Sales executive: Andy London Annual subscription� £80 (��)� £95 [email protected] (�urope), £100 (�SA and the �o�) airmail. Cost per single copy is £8.25. Printed in �ngland by Production: Suzanne Thomas The �aga�ine Printing Company [email protected] © 2017. All rights reserved.
3 june 2017 networking
Net+ 1706 p3 (news) RN.indd 3 30/06/2017 16:03 news register online @ www.networkingplus.co.uk and find out more
Telstra acquires Company85 Powerhouse deploys IIoT to monitor,
Telstra has acquired Company85 for an undisclosed amount. The Australian manage and control electricity telecoms company claims the acquisition will “significantly enhance” its service �orthern Ireland�based electricity Powerhouse’s network operations centre offering for UK- and European-based aggregator Powerhouse Generation will (�OC). ��� says its platform facilitates business and government customers. use industrial IoT technology to remotely data driven decision�making, and staff can Christopher Smith, Telstra’s executive manage and control its clients’ power assets. remotely control client participation on the director of business technology services, Powerhouse aims to help large energy grid as re�uired. says: “Company85’s offering is strongly consumers in Ireland earn revenue by �urthermore, with two �OC nodes aligned to the existing suite of technology temporarily reducing or delaying their connecting to �irGrid in Ireland and consulting services we offer our Australian electricity demand on the grid. It is said SO�I in �orthern Ireland, it’s claimed customers.” Established in 2010, London- to be the frst demand�side electricity Powerhouse MD Sam Thompson (shown left) Powerhouse can manage all its business headquartered Company85 provides data aggregator to work across both sides of says the new SCADA system will make the in the region �easily and cost effectively�. centre, workspace, cloud, security and the Irish border. energy management process “completely The new system includes some uni�ue network services to customers such as �nder a two�year deal worth £200,000, transparent”. Also pictured: EMR MD features that helps Powerhouse differentiate AstraZeneca, BBC, NHS, J.P. Morgan, SCADA network and telemetry supplier Mark Quinn (centre) and Sam Alexander, itself from the competition. The frm’s �D Roche, amongst others. It currently has EMR Integrated Solutions is providing Powerhouse’s technical director. PHOTO: PHIL SMYTH Sam Thompson says� �It not only gives us around 75 employees. n the frm with a custom�built, energy secure, granular visibility into our clients’ management system to run its core generators and electricity control panels, energy usage, but uses the power of IIoT to business processes. It is based on ���’s and essentially act as energy monitoring centrally control load shedding or generator Brocade sells vADC Ignition platform and includes the frm’s devices. The units collect and dispatch activation from our �OC, making the LiveLog remote terminal units. These real�time data via �G�4G networks back energy management process completely assets to Pulse Secure are connected to client�side power to the centralised SCADA system at transparent to our customers.� n
Pulse Secure has agreed to buy assets associated with Brocade’s Virtual Application Delivery Controller (vADC) Firms risk losing workers due to mobile black spots product family. Financial terms of the One in four workers in the UK would move Arqiva says that rather accountable for mobile coverage issues, agreement have been withheld. The deal jobs as a result of poor mobile signals in than the mobile network 90 per cent cited their mobile network. includes a leased R&D facility in Cambridge the offce, according to Ar�iva. or user’s handset, it is the �owever, responsibility was also as well as associated customer support In a survey of 1,000 workers, the building itself that lies distributed amongst a number of other and maintenance contracts. Pulse Secure communications infrastructure specialist at the root cause of poor parties, including the device itself (�0 per intends to hire certain Brocade employees found that 49 per cent have experienced indoor coverage. cent), the IT manager (42 per cent) and the associated with the vADC business to poor mobile coverage such as dropped building designer (41 per cent). ensure continued support for customers. calls or a lack of signal within their offce Lillistone points out that it is in actual fact The transaction is expected to close by mid- building. Of those, �2 per cent said this usually the building itself that lies at the root July 2017, subject to customary conditions happens every week, while 25 per cent indoor coverage is clearly not an issue that cause of poor indoor mobile coverage� ��ou’d and prior to the finalisation of Broadcom’s said it was something they faced daily. companies can afford to ignore.� be surprised by the extent to which modern acquisition of Brocade announced last year John Lillistone, Ar�iva’s head of products �e adds that younger, �mobile frst’ building materials, such as insulation and (see News, Nov 2016). n for telecoms, says� ��ith 4� per cent of workers appear particularly intolerant double gla�ing, can hamper signal.� those we asked saying that poor mobile of the growing problem – amongst �e says that as the �� battles to become coverage does or would signifcantly generations � and �, the survey revealed a 5G leader, networks, architects, builders Streamwire and impact their ability to do their �ob, and a that the willingness to leave their job over and employers all have to work together to �uarter claiming it already causes them poor coverage rose to �5 per cent. understand their role in fnding a solution EACS merge extreme levels of stress and frustration, �hen asked who they think is for current indoor coverage �woes.� n
Streamwire has acquired EACS to form a new, enlarged managed services provider. The combined firm will have ITS aims to boost cyber security awareness revenues of just under £20m and trade �anaged service provider IT Specialists security breaches is essential for ensuring their part and knowledge is the frst step in as EACS as a wholly owned subsidiary of (ITS) has developed a kit to help businesses that all of a business’ technology is visible protecting any organisation from breaches.� Streamwire Group. It will have a focus on ensure that their cyber security awareness and actively protected. It also offers Barber reckons the kit provides professional and managed services in core and planning is effective. advice on the top three ways to prepare for businesses with everything that they IT services such as cloud-based solutions, According to the frm, 40 per cent of any security breach, information on why should know, and also warns how cyber security and high quality support. organisations that experienced a data education is key, and highlights the real businesses and individuals could still be Streamwire co-founder Kevin Timms will breach in 201� failed a compliance audit, cost of personnel data theft. vulnerable, despite thinking that their become EACS’ new CEO. Fellow co-founder and only 1� per cent felt that their data and ��ost cyber security breaches are caused cyber security strategy is top notch. Anne Stokes will remain on the board and network were safe from insider threats. by human error, so protecting your business It also includes an IT security checklist lead the transition, but will also continue ITS’ cyber security awareness kit isn’t up to the IT team alone,� explains and glossary of terms to help raise the development of wider business includes a white paper which explains Paul Barber, integration manager at ITS. awareness of educating employees on interests already under way. n why a unifed approach to preventing IT ��veryone in your business needs to do cyber security best practices. n
networking june 2017 4
Net+ 1706 p4 (news) RN.indd 4 30/06/2017 16:03 Net+ 1706 p5 (3CX).indd 1 30/06/2017 15:50 news register online @ www.networkingplus.co.uk and find out more
First fall in use of cloud VIEW FROM THE TOP Rahiel Nasir, editorial director, Networking+ The Microsoft Cloud: lured, locked- services per enterprise in and loaded up with a price rise The average amount of cloud services the period. The retail, restaurants and used per enterprise fell from 1,071 in the hospitality sector fell to second place with Despite extolling the virtues of cloud for the Brexit vote. In a blog dated 21 October, frst �uarter of 201� to 1,05� in the second, 1,1�1. This was followed by� fnancial many years now, it wasn’t until 2016 that the company said this was necessary to according to Netskope’s latest report. services, banking and insurance at 1,039; we decided to migrate after our 10-year-old “harmonise” prices within the EU/EFTA The cloud security specialist says this healthcare and life sciences at 1,014; and in-house server finally gave up the ghost. region. It stated that sterling prices for is the frst decline since it began tracking technology and IT services at 821. Fast forward 12 months and our publisher most enterprise cloud prices will increase cloud services per enterprise, and says it Netskope’s report also investigated for has just been hit with a renewal notice for by 22 per cent to realign close to euro may be attributable to the saturation of the frst time collaboration services as Microsoft 365 services with prices jacked levels. The blog ended with: “If you have service usage across organisations. a separate category for cloud data loss up by 21 per cent. No explanation. any questions, please speak to your The report reveals that for the frst time prevention (DLP) policy violations. It A call to the software giant’s customer Microsoft account manager or Licensing the manufacturing industry leads with found that violations in services such services centre proved even more Solution Provider.” Good luck with that. 1,222 services in use during �2 201�. as Slack and HipChat are on the rise, infuriating. The sales department could So where does that leave us? Microsoft That’s the highest average number for accounting for nearly 10 per cent of total not account for the rise and suggested we certainly did not appear keen to retain our violations during the quarter. speak to someone in retention. Far from business and, unlike many other suppliers offering any incentives to retain Microsoft’s we have come across, did not offer anything # Per Enterprise- The frm warns these services have Category services, the retention agent was also to sweeten the bitter pill of a price rise. Enterprise ready soared in popularity as methods of sharing and downloading data, emphasising the unable to offer any explanation for the Of course, we could just switch to an HR 98 96% need for enterprises to put policies in place price hike. He passed us back to a sales alternative cloud services provider. But Marketing 87 97% to ensure such data remain safe and secure. agent who asked if we wanted to speak that is perhaps another headache for Webmail remained the leader in DLP to someone about cancelling the account. another time. And while we are a small Collaboration 71 87% violations during the quarter with 43.3 per In short, none of Microsoft’s customer outfit with less than 10 seats, I pity larger Finance/Accounting 63 96% cent of infringements. Cloud storage came facing team were able to give us an official organisations with hundreds or thousands CRM 43 94% second with 30.6 per cent, and ‘other’ explanation for the increased bill, and there of staff that have been, or are about to be, Software cloud service categories combined to was no one we could speak to about it. hit with massive bills. 40 96% development make up 16.3 per cent. Last year, Microsoft did warn it would be For now, it looks like Microsoft has got Productivity 38 95% Uploads make up the majority of raising its prices at the start of 2017 after us all well and truly trapped in its cloud. violations by activity at 65 per cent, the pound fell against the dollar following Let’s see what happens next year. Social 29 91% followed by send at 17.5 per cent, download Cloud storage 26 73% at 1�.2 per cent, and other at 1.� per cent. IT service/ Netskope bases its quarterly Cloud application 25 98% Reports on aggregated, anonymised data “Entropy-as-as-Service” launch management collected from millions of worldwide users Within cloud service categories, HR services took on its Active Platform. The company says Whitewood has introduced Entropy-as-as- The frm claims its engine is designed to the lead with an average of 98. this has been designed to provide visibility, Service for creating cryptographic keys strengthen cryptographic security systems SOURCE: NETSKOPE CLOUD REPORT, JUNE 2017 control and DLP for any cloud service. n which it claims are impossible to guess. in traditional data centres, virtual cloud Based in Massachusetts, Whitewood is a environments and embedded systems, such as developer of crypto-security solutions based the IoT, where random numbers in the form of on advanced �uantum technology. The frm keys underpin the level of trust and security. says its new cloud-based netRandom Free netRandom Free has been developed service delivers “pure quantum entropy” – the to deliver on-demand, quantum entropy foundation of randomness – to generate truly from a cloud-based server over standard IP random numbers for creating cryptographic networks. Whitewood says it continuously keys that cannot be cracked. re-seeds existing random number The service is now available for Windows generators within Windows and Linux- running on servers, desktops and laptops. At based instances and devices. its heart is the Whitewood Entropy Engine Richard Moulds, the company’s general which is the result of a decade-long research manager, says: “Software-based systems programme by the quantum security team at are fundamentally predictable and rely on Los Alamos National Laboratory. capturing signals or events from the physical Whitewood says the use of crypto tools world, ranging from mouse movements to such as encryption have become ubiquitous hard drive activity and network traffc to in modern IT environments and play a critical increase the level of randomness.” role in GDPR as well as rapidly emerging As a result, he believes quantum entropy technologies such as Blockchain and Bitcoin. is the only true source of randomness. n Cardiff to host world’s first cloud- based call recording service
TeleWare has selected Next Generation Data’s (NGD) Tier 3 facility in Cardiff to host what’s claimed to be the world’s frst cloud-based call recording service. According to TeleWare, its Cloud Call Recording service enables businesses to record both inbound and outbound TeleWare says NGD’s hybrid cloud infrastructure conversations wherever workers are. Users is already enabling it to store more than 35,000 simply dial an entry number and follow minutes of voice call recordings per day. voice prompts to activate recording to enable calls to be stored. dedicated Cloud Gateway connections into Tele�are has migrated all its fxed� Microsoft ExpressRoute. line call recording solutions onto the new The company has installed a number of platform which is based on Microsoft Azure. racks at NGD in support of its service. It It considered a number of London-based says NGD’s high-speed, low-latency hybrid data centre options but says it chose NGD infrastructure is already enabling the new based on its high level of security, low-cost platform to securely store more than 35,000 resilient infrastructure, and multiple high minutes of voice call recordings per day in speed connectivity options, including its the public cloud. n
networking june 2017 6
Net+ 1706 p6 (news) RN.indd 6 30/06/2017 16:05 Netbit.indd 1 9/12/13 11:12:38 real world networks register online @ www.networkingplus.co.uk and find out more Banking on IT While all networks should be highly secure and resilient, it’s even more crucial to have robust infrastructure in the financial sector where it is often said that time is money.
Building society constructs fve miles away. But then APT started asking available space is constrained. In addition, it Fiscal gains in The Bunker questions about the full scope of the move, can avoid the need and cost for a dedicated modular data centre the IT load and how the society proposed server room with a raised foor. �stablished in 2002, fntech company �iscal to deliver a new server room. Technologies creates software that prevents Since being formed in 1850, Cumberland �orking in con�unction with Schneider money from mistakenly or fraudulently Building Society (CBS) has grown to �lectric, APT designed a scalable, leaving an organisation. �ith offces in the become one of Britain’s top ten building modular, pay-as-you-grow data centre �� and the �S, the frm says its forensic societies, with 34 branches throughout for CBS’ new facility. This approach solutions analyse fnancial transactions Cumbria, Dumfriesshire, North provided the beneft of enabling across the entire purchase-to-pay process, Lancashire and Northumberland. infrastructure to be right-sized according fnding anomalies, errors, duplicates and In late 2012, CBS planned to move to a to the IT load� according to Schneider, identifying potential duplicity. new head offce. This provided an oppor- a major cause of energy waste in data Some of Fiscal’s customers require tunity for it to upgrade IT infrastructure centres is due to over-sized infrastructure, contractual certainty that their data do not and procure a data centre solution that often to accommodate a future growth come into contact with any organisation could also improve levels of reliability requirement which is never realised. Accountancy firm earns fat that has any kind of relationship with the and availability in a cost�effcient manner. The new facility incorporates the �S or American organisations due to data The society had already worked with APT InfraStruxure modular system from dividends from thin clients sovereignty re�uirements. The company (Advanced Power Technology) on an earlier Schneider subsidiary APC. This supports had kept �S and �� customers’ data project to upgrade and maintain its power CBS’ full IT infrastructure, including �allidays is a frm of accountants and stored in the same facility in the UK, but protection system. It therefore contacted the customer banking services, internal business advisors that supports numerous subsequently needed to split this because specialist, initially to ask for help to relocate networking and an IP phone system. clients in the Stockport and Greater of the segregation requirement. its �PS and generator to the new �� site InfraStruxure brings together pre- Manchester area. Founded in 1843, it Whilst Fiscal partnered with a US tested and pre-designed components, provides a broad range of services covering company for its American customers, with integrated power protection and not only accountancy and tax advice, it found that the previous UK provider distribution, racks, cooling, physical but business growth, ��, recruitment, (which had been in place for three years) security and management software. payroll, wealth management and corporate did not have adequate measures in place CBS’ new facility also incorporates APC’s fnance. �urthermore, rather than �ust act to guarantee adherence to its clients’ data hot aisle containment solution (�ACS) as an internal IT department and break� sovereignty needs. The frm therefore together with InRow precision cooling units. fx problem solver, �allidays’ IT team needed a hosting and infrastructure It’s claimed a key advantage of �ACS is that provides an IT support and consultancy provider that not only met all the latest it enables high density loads to be accommo- service for clients. security accreditations, but also had dated, helping to maximise utilisation where It’s claimed that the revenue generated by security embedded in everything it did. the eight-strong team has grown 250 per cent In particular, adherence to the ISO 27001 since 2014. This has been achieved as the security standard – a comprehensive, frm has shifted its entire IT infrastructure technology�neutral specifcation that and implemented server and desktop deploys a risk�based approach going across virtualisation along with IG�L’s UD2 and all sections of an organisation � was key. multimedia UD3 thin client terminals After a wide�ranging procurement to signifcantly enhance organisational process, �iscal found that The Bunker had effciency and boost team productivity. a signifcant amount of experience working At the end of 2012, �allidays standardised in the fntech sector, and that its security on VMware vSphere for its server backend provision was more comprehensive than solution and Citrix’s VDI-in-a-Box for the any other it had encountered before, desktop. As a result, the business cut its covering all the necessary accreditations physical estate from 11 to three servers. including ISO 27001. At the same time, a private cloud was The solutions that The Bunker offers created allowing �allidays’ 80 staff to Fiscal at its ultra-secure military grade data access fles and key applications such as centre include IaaS, multi-homed internet Microsoft Offce 365, Digita accounting bandwidth, together with Microsoft and software, and an in-house developed Linux services and support. practice management suite, Practice DNA. It has implemented a virtual The UD2 and UD3 terminals were environment for the frm with S�L Server installed in a phased roll out, with the fnal databases, load balanced frewalls, and batch purchased earlier this year to complete active directory domain controllers. the pro�ect company�wide. To date, �allidays �iscal’s CTO �oward Durdle says� �In has invested more than £175,000 in the case of any kind of system failures, virtualisation, cloud infrastructure, servers, we can migrate virtually across to other storage, networking and IG�L terminals. parts of the infrastructure, massively IG�L says it was selected over reducing any potential for downtime.� competitive companies because its �e continues by saying that for many Universal Management Suite (UMS) customers, having the level of security facilitates easy deployment. Matthew Jones, provided by The Bunker was a prere�uisite �allidays’ IT manager, says� ��ou plug a to making deals. ��or example, for a large device in, it appears in the UMS, policies defence contractor who placed huge value are then applied and once rebooted, that’s it. on security and on their data not touching It takes fve minutes from no confguration the �S, The Bunker was a vital element to at all to full confguration and, compared to passing a lengthy procurement process and a traditional PC, we’re saving about one day securing a deal.� a week on desktop administration.� In addition, IG�L says its terminals are cost effective, consuming a ffth of the power and costing approximately half the amount of a traditional PC. Jones says� ��e’ve set policies on the thin clients so they power on when someone connects into their virtual desktop and power down when they log off – that’s quite a big electricity saving over the course of a year.�
networking june 2017 8
Net+ 1706 p8 (RWN) RN.indd 8 04/07/2017 16:10 Net+ 1706 p9 (Ideal).indd 1 04/07/2017 16:54 Net+ 1705 p7 (D-Link).indd 1 31/05/2017 15:00 register online @ www.networkingplus.co.uk and find out more SD-WAN
Among some of the features to look for in an SD-WAN solution is embedded analysis and reporting that delivers single-pane-of-glass visibility into the network’s entire health. A new view of the network
There is now much talk about SD-WAN, but does it really represent the future of enterprise networking as some industry experts are suggesting? RAHIEL NASIR finds out.
he software defned wide area enterprise focused. �e explains that they to applications. �ick Applegarth, the of the traffc paths in the network from network has emerged as one of the wanted to try and bring the fexibility of company’s �P, says� ��hile reliable central controllers, whereas the underlying T�hottest� topics in the �A� industry, SD� within a data centre to the network, when applications were hosted in the network �ust has to forward the traffc.� according to analysts at International and to also make it transport�independent. data centre, legacy architectures are As a result, �ellman says SD��A� can Data Corporation (IDC). They believe �Basically, if you’re a service provider costly and complex to manage. They be transport agnostic and can be run as the technology will play a key role in you’re very interested in how the network impair application performance due to an overlay across, for example, public and network evolution as organisations try to operates. But if you’re an enterprise, the the ineffciencies of consuming �A� private IP, LT�, etc. cope with the accelerating re�uirements network could be wet string with two cans bandwidth to backhaul all cloud destined �oster points out that although it may resulting from digital transformation. on the end of it. �nterprises don’t care how traffc through the data centre.� seem like there’s little difference between In a report published in June, IDC says their applications are delivered as long as Atchison �ra�er, worldwide head of SD� and SD��A�, the latter needs to the SD��A� market represents a high they perform the way they want them to. marketing at Talari �etworks, agrees when tackle a different set of challenges. These growth opportunity for the many startups, �That’s where SD��A� comes in. It is he says public cloud computing rendered include connecting an enterprise’s data established vendors and service providers application�centric and enterprises care traditional �A� architectures �obsolete�, centres, branches and remote workers that are now ��umping on the bandwagon�. about applications, they don’t care about while digital business transformation has on a global basis with SaaS and hybrid It forecasts revenues for such frms to grow the network. So the service providers are increased the sense of urgency. ��nterprise cloud applications using a combination at an average rate of 92 per cent per year now having to play catch up because a lot �A�s are mired in a complexity and cost of �PLS and internet services. �e says� to reach �2.1bn (around £1.�bn) across the of business customers are asking them vortex. SD��A�s drive cost�effciencies �SD��A� architecture automates the ���A region by 2021. �what SD��A� solutions have you got�’� and agile methods in contrast to brittle, process of �oining the networks plus Citing estimates from Gartner, SD��A� comprises many existing slow, fragile and static networks. They selecting which service to use depending Teneo says there are 4,000 SD��A� technologies such as real�time analytics, also improve performance for all apps, on business re�uirements so that both deployments worldwide and that one third policy�based routing, �ero�touch including ones that are cloud�resident and private �A� and public internet can be of global businesses will be using the provisioning, centralised orchestration, cloud�centric, and offer a better managed utilised effciently.� technology by 2020. As part of its own amongst others. �A� optimisation and �A� run model with opex over capex.� �e goes on to state that SD��A� research published in June, the company acceleration also play a part, which is �ltimately perhaps, SD��A� is about offers cost advantages over traditional polled 200 �� organisations and found why it is not surprising to fnd companies creating optimised enterprise networks networking. These include a reduced that 51 per cent plan to use SD��A� to that have specialised in these areas � that offer increased agility and simplicity. hardware footprint when implementing gain visibility of local network traffc and such as �atPipe, �iverbed Technology, �oster says it provides improved and secure network functions on consolidated application performance issues. Silver Peak, Talari �etworks, et al � now internet connectivity that puts the control appliance platforms, plus holistic and �There’s been so much focus on occupying the SD��A� vanguard. back with the network administrator, and centrally controlled management of low strategic digital transformations in recent �ith business now facing different provides the ability to identify and address cost internet services, resulting in reduced years that we’re in danger of forgetting the demands in a rapidly changing service issues. Applegarth adds that or fro�en investment in expensive �PLS. importance of customer responsiveness to marketplace, SD��A� offers a better another big beneft of building an SD��A� �ra�er points out that SD��A� companies’ regional and branch�level lines approach to networking across the global is that enterprises can transition at their represents the best way to transform the of business,� says Teneo CTO �arc Sollars. enterprise, according to Steve �oster, own pace in alignment with the changing edge enterprise network into the cloud� �SD��A�’s ability to show what’s going senior solutions engineering manager, re�uirements of their businesses. ready age in which more data and apps on at grassroots gives �� CIOs a realistic �iverbed Technology. �e says that as run in a hybrid�cloud fashion. Gilmour way to �think global and act local’ with more businesses adopt cloud computing Making the transition expands on this by saying that the their network infrastructures, especially as and services, there is a need for an end� intelligence is really on the edge with all their IT resources are likely to be tightly to�end software�defned connectivity The idea of software defned networks the network confgurations sent out from constrained for the foreseeable future.� infrastructure for the entire enterprise has been around for a while now, so why a central point. �e says this approach So does SD��A� represent the future with virtualised functionality that can not simply �ust talk about SD� rather then enables netadmins to put in a new of enterprise networking� Chris Gilmour, be orchestrated across cloud networks, SD��A�s� Anders �ellman, principal site very simply and �uickly. They have pre�sales manager at Axians �etworks remote LA�s and hybrid �A�s. member of technical staff, SD� and the ability to control how individual sites ��, says networks have not evolved as �The router�heavy, hard�coded, IP products, at �eri�on ���A, says react and how individual applications are rapidly as what’s running over them. complex networks of the past simply the most important differentiator is the handled across that network. ��ou tend to fnd that we are using �PLS cannot easily support digital services, separation of the control plane from the �SD��A� gives you site�by�site visibility technologies that have been around for 10 the mobility of the masses, or the rapid forwarding plane. of what applications are going over your plus years, and they’re mainly network rise of data in today’s hyper�complex IT �The control plane can steer the traffc network, how much of your available centric technologies. SD��A� is about environments,� says �oster. based on policies, defning what applications, bandwidth they take, and also tells you about isolating and separating traffc out rather Silver Peak supports this view. It says or application groups should use which the condition of the individual parts. All than handling traffc in a different way.� that as businesses migrate applications preferred path through the network. of those things are then pulled together to According to Gilmour, the idea of the and infrastructure to the cloud, legacy �This enables what is one of the ma�or allow you to direct individual applications SD��A� was mainly driven by open �A� architectures are proving �ineffcient drivers for SD��A� � more consistent down specifc parts of the network to networking groups who are heavily and ineffective� in connecting users and faster central control for steering optimise the performance.�
11 june 2017 networking
Net+ 1706 p11-13 (Feature) RN.indd 11 30/06/2017 16:25 SD-WAN register online @ www.networkingplus.co.uk and find out more
So how should netadmins go about may have to upgrade the data links and and some that are acquired only to have Foster continues by saying many SD- making the switch to an SD-WAN? Or wants to try and keep the traffc separate their products eliminated. The enterprise WAN solutions offer basic monitoring while perhaps the question should be, when to allow for the fact that it is already therefore needs to be confdent that the modern hybrid networks require far more should they move especially, as the old experiencing congestion. solution provider is not simply a startup depth. As a result, he says users have to make adage goes, if it ain’t broke why fx it� “But by adding SD-WAN, the customer and has the longevity and proven real- sure that they’re equipped with advanced Aside from SD-WAN’s new could pool those links together. The world experience to support them.� application and transaction insight in heavily- functionalities, Axians’ Gilmour says downtime it has for the voice links will Riverbed’s advice for enterprises encrypted environments, comprehensive there are some basic features that will allow extra fex for the data connectivity. implementing an SD-WAN solution is to end�user experience monitoring, and be of beneft to many enterprises today. So it would end up with a lot of available look for a cloud grade service. �Today, deep network intelligence to provide total And he adds that a lot of that is about pooled bandwidth today without changing the landscape for housing and delivering visibility into application performance harnessing the bandwidth they have anything in the infrastructure at all.� business applications is incredibly and fast resolution of problems. available for their sites. FatPipe Networks – which claims to diverse, spanning traditional data centres, Optimisation is another area to “We’re working with a customer have invented the concept of SD-WAN cloud environments, remote branches and watch for: “Point-product approaches who has a number of DSL links into and hybrid WANs – warns enterprises mobile users,� says �oster. �Conse�uently, to combining WAN optimisation and each of their locations. They have a to make sure that any SD-WAN solution your SD��A� solution must expand SD-WAN network services compromise link dedicated to data, and another one they choose should be around for the to handle automated connectivity and control over application performance just for voice which is used a lot and is lifecycle of the product. �att Gwyther, orchestration across hybrid WANs, cloud as packets move between WANOP and sized based on the number of SIP links the company’s technical marketing networks and remote branch LANs/ SD��A� functions,� says �oster. �Look needed. �hile all the phones aren’t in use manager, says: “With the large number �LA�s. This expansion is critical to for a single solution that unites these at the same time, the data link is being of SD-WAN companies right now, there achieving signifcant gains in agility and technologies across hybrid WANs, cloud absolutely hammered. So the customer are going to be some that do not make it operational effciency.� (SaaS, IaaS, PaaS) networks and branch LANs/WLANs, plus one that provides automated and dynamic path selection.� �or Silver Peak, the frst thing you need to decide when migrating to an SD-WAN is whether to employ physical appliances or virtual ones running in all branch locations that will be part of the network. In either event, Applegarth says the solution should offer encrypted tunnels and provide high levels of performance, security and segmentation from edge�to�edge. �oreover, he says netadmins should carefully evaluate how robust each solution’s path conditioning capabilities are to monitor and manage packet loss, out-of-order packets, latency, jitter and throughput to ensure that applications perform in alignment with SLA thresholds. �This is important, especially when using internet connections and even �PLS, because path conditioning reconstructs lost packets or out-of-order packets in transit without incurring the overhead or latency of retransmitting them.� �asergy launched a managed SD��A� service last September. Paul A. �uelas, the company’s director of product management, says that if enterprises want the highest performance SD-WAN environments, they should seek out solutions that offer forward error correction and application-based routing. �atPipe’s Gwyther adds a caveat here by saying that many providers simply duplicate traffc across multiple links which creates bandwidth issues at the data centre. “Enterprises should be mindful of what packet duplication/forward error correction techniques the SD-WAN product is offering to see if it fts in their network re�uirements.� Network visibility is one of SD-WAN’s defning characteristics and certainly crucial for �eri�on. �arlier this year, it announced a partnership with digital infrastructure management software specialist SevOne to deliver added visibility into SD� services. �ith the new capabilities, �eri�on claims its enterprise clients beneft from a singular view that spans multi- vendor technology without the burden of managing disparate monitoring systems. By using an integrated web interface, it says clients gain an end-to-end view of services spanning the physical and virtual network. As providers of managed SD-WAN platforms, both �asergy and �eri�on believe outsourcing is the solution network managers should go for if they want to mitigate the risks and expenses associated with deploying any new technology on their own. �uelas says� ��se the expertise of a proven service provider whose offering doesn’t lock you into a single hardware or technology approach which can prohibit interoperability with your business’ broader �A� platform. The right service provider will do the heavy lifting for you to ensure rapid deployment, simplifed change management, and real� time analytics and service control. �ou’ll
networking june 2017 1212
Net+ 1706 p11-13 (Feature) RN.indd 12 30/06/2017 16:12 register online @ www.networkingplus.co.uk and find out more SD-WAN
also be able to eliminate many of the high that’s where solutions like Riverbed’s Talari’s Frazer also warns against vendor Gwyther adds to this by suggesting capex costs associated with proprietary SteelConnect comes in, as it replaces the lock-in: “For example, some vendors require that there is a narrative that multiple network appliances.” pains of WAN management complexity specifc carriers when they move you from broadband connections are just as good Verizon adds to this by saying that with cloud-era IT agility and single- MPLS, and some only offer traditional as MPLS. “While in some situations this along with the many benefts of hybrid click creation of multi-service SD-WAN WAN-optimisation, but no real software- is true, in many it is not. Enterprises need WAN comes additional complexity to capabilities in the cloud. defned, controller�based, platforms. to be mindful in selecting their access, policies and templates that administer “Furthermore, unless your vendor especially when VoIP or other real-time security. Hellman says: “While Planning for the unplannable measures performance and routes applications like video-conferencing are organisations want to adopt hybrid dynamically at the packet-by-packet level the main network applications.” platforms, many may not have staff with Given the fact that SD-WANs are multi- in real time (milliseconds) as opposed to Ultimately though, all this is just the the expertise needed to manage the risks service environments, Masergy reiterates the session-steering of bulk packets with type of fne detail you would expect that come with that added complexity. that companies should ensure they do round-trip measurement only, attempting when deploying any type of complex Using a managed service can support not choose a provider that locks them to run SD-WANs for real-time latency- enterprise network, and the arguments in a business’ switch to SD-WAN and into working with a particular vendor, sensitive apps such as VoIP or video- favour of migrating towards an SD-WAN help them move forward confdently, as thereby ruling out mixing and matching conferencing will be severely challenged.” environment remain compelling. Axians’ many of the more complex requirements solutions. “Seamless interoperability with Ruelas says it’s also important to realise Gilmour sums it up neatly when he says: are taken care of by the organisation other vendors’ circuits and WANs, and that in most cases, SD-WAN isn’t a complete �SD��A� offers benefts for today as providing the service.” the ability to connect any location over MPLS replacement in favour of “best- well as for the future, where organisations any transport method, are fundamental effort” broadband. He warns that upload are able to plan for the unplannable and A ‘fit and forget’ network? functions of a truly fexible and risk�free speeds may be constrained when using SD- look at designing the network for things SD-WAN,” says Ruelas. WAN purely over broadband internet. they don’t even know they need as yet.” n Hellman was not the only one to express concerns about skills shortages. For instance, Riverbed’s Foster says developing new skills to ensure that groups such as applications, servers, security, storage and networking are collaborating and no longer working in ‘silos’ is crucial. “A great contributor to removing the barriers of collaboration is having a common management and monitoring platform that can be used by all teams, providing a single source of truth regardless of their individual skill set.” As a precursor to this, Foster says ensuring that IT staff are completely on board with every aspect of moving to a virtualised and centrally orchestrated environment is critical to success. “They must have a full understanding of how the existing application delivery works, and it is important to draw on that experience after the transition to ensure continued consistent user experience. Members of staff running this part of the operation are as important as the management in this exercise.” Teneo’s research supports this approach. It found that UK CIOs still face serious resourcing and skills gaps as they try to reconcile their global and local network infrastructure needs. Twenty nine per cent of its survey respondents stated that a lack of team resources and skills to monitor local networks was one of their top three networking challenges. “Networks are so complicated now that CIOs need a practical way to deal with branch-level application issues alongside global needs,” says Sollars. “The trouble is, they don’t have the resources for locally-based troubleshooting or running regional networking teams to ensure high-performing applications 24/7.” The other challenges identifed by CIOs in Teneo’s study included high management costs for divisional and branch IT networks (40 per cent) and high network upgrade costs in general (35 per cent). Clearly, SD��A� is not a �ft�and�forget’ networking solution, and despite all its potential, hurdles remain. Foster points out another key challenge for IT teams is managing the multiple WAN providers that results in deploying a hybrid SD-WAN. “SD-WAN will still require traditional WAN services, be it MPLS, internet, DSL, etc. So network administrators will need to be managing those contracts and services whilst creating and managing their own SD-WAN to bring them all together. At the same time, they will have to interpret the different business needs and correlate this with the connections needed from the networks.” In the past, Foster says a network manager had to work with services such as frewalls, �P�s, �A� optimisation and the wealth of complex confgurations that came with them. He reckons
13 june 2017 networking
Net+ 1706 p11-13 (Feature) RN.indd 13 30/06/2017 16:12 off-the-shelf register online @ www.networkingplus.co.uk and find out more
network, as any network can be infltrated. interruption is sensed. off-the-shelf: security appliances The new ComNet Port Guardian will Port Guardian is being added to the disconnect an IP addressable device on newest generation of the company’s the edge of the network when access self-managed switches, including the from an unknown source is attempted. CNGE2+2SMS and CNGE4+2SMS. An S��P notifcation is then sent to The feature Keep your guard up the head end and the affected port is will also be physically locked out, preventing entry. available Cyber attacks could come from any part of the network, ComNet says the network administrator on the new can reopen the port when the threat ComNet which is why you need more than just a basic solution. is eliminated. It adds that the feature USA-made also thwarts access through spoofng managed Allot Communications reckons its mitigation engine to provide rapid by disconnecting the port as soon as an switch line. Secure Service Gateway (SSG) is the anomaly detection and swift attack frst appliance of its kind to combine mitigation before they are able to disrupt application-based visibility and control network services and availability. The GigaVUE-HC3 is the frst high� processing per node that scales to more with web security and DDoS protection. The company adds that the SSG has performance appliance to enable pervasive than 100Tbps per cluster. According to the frm, its platform goes fexible policy tools to enable network visibility and security intelligence at scale Among its uses cases, Gigamon says further than traditional WAN optimisation managers to align IT resources with business in 10Gb, 40Gb and 100Gb networks, the appliance can optimise security by controllers and secure web gateway priorities, reduce the enterprise cyber according to Gigamon. active remediation and identifcation of solutions, utilising real-time application- attack surface, and increase productivity. The vendor says the appliance extends malware activity for both on-premise and based traffc monitoring and analytics to It goes on to claim that the gateway its Visibility Platform and GigaSMART cloud monitoring. deliver granular application level visibility enables mid- to large-sized enterprises technologies with higher compute and It also claims that the new platform and ensure higher QoE for users. to enhance productivity and protect their throughput performance to effectively enables users to minimise traffc overload, It’s claimed the gateway features networks with high port density – the manage, secure and analyse large extract metadata from traffc, and provide “powerful” web security which detects Intel-based platform scales from 1,000 to volumes of data in transit. more effective options to deploy both malware, phishing and other web threats. 100,000 users in a single appliance. The GigaVUE-HC3 is said to feature inline and out-of-band security tools. Allot says “robust” protection combines Other features include fexible “market-leading” visibility node capacity application�based traffc management redundancy confgurations plus passive which provides a total of 800Gbps of alongside a behavioural-based DDoS bypass with automatic port failover to GigaSMART traffc intelligence per maximise uptime and availability. node, scaling to 25Tbps in clustered Two models are available to confgurations. It offers up to �.2Tbps of meet enterprise requirements of up to �0Gbps of capacity� the SSG600 and high-end Savvius says its new Spotlight application evaluating each one for TCP �uality, �oIP SSG800 (pictured). provides visibility into the specifc quality, application latency, network latency, information needed to signifcantly and more. It allows IT teams to intuitively reduce MTTR of network issues. map and navigate the network, enabling ComNet Europe’s latest generation of organisation’s security network, with its Available as an option on the frm’s them to �oom in on specifc segments or self-managed switches now have the accessible outside connection, presents an Omnipliance T300, M200 and C100 poor-performing servers or nodes with capability to physically disconnect a port “easy way” to bring down the network. devices, Spotlight is also available as what actionable details for faster MTTR. if unauthorised access is detected. It says cyber security is therefore not Savvius describes as a “high-performance” Savvius says Spotlight also has appli- According to US-based ComNet, an something confned to �ust a security IP standalone 1U appliance (pictured below). cations for network security. It can sift According to the frm, up until now through millions of fows in real�time to network monitoring and management identify any that violate IT policies or have products were “limited” to presenting characteristics deemed suspicious or worth summary information based either on investigating. Users can gain instant visibil- aggregated packet-level metrics or on one- ity of traffc to or from any IP address, and sided fow data that were missing critical focus on fows of greatest interest by defn- measurements such as quality and latency. ing flters. They can then instantly home It says Spotlight takes advantage of in on trouble spots, and use a single-click “dramatic” increases in compute capability ‘Investigate’ button (on the Omnipliance) now available in the Omnipliances range for packet-level forensic investigations. to apply packet-based expert analysis to every single fow in the monitored traffc, even when hundreds of thousands of fows are being created each second. The new application has been designed to specifcally identify the poorest-performing aspects of a network by assembling two�way fows and
Stormshield has introduced two new automatically, Stormshield says the devices to secure Wi-Fi connections for creation of these accounts can be small businesses to open their wireless completely delegated. networks to their customers, employees or There’s also Sponsorship Mode. Here, partners while maintaining full control. the request to connect to the internet Launched as part of its Network is sent to an internal administrator Security Wi-Fi product range, the for approval. Stormshield says that company says its new appliances provide creating an account is therefore no a single platform to connect as well as longer necessary as the entire process protect all IoT and mobile devices. is automated with a simple click on the There are two models available: the administrator’s mobile phone. SN160W secures Wi-Fi connections for 10 referred users; while the SN210W (pictured) supports 20 referred users. Stormshield says each is easily deployed and guarantees implementation of a secure environment in “just a few clicks”. The company further claims that a comprehensive set of features, once reserved only for dedicated solutions, make it easy to manage resource access accounts for individuals outside the organisation. These include Temporary Account Mode, a simplifed interface which creates temporary user accounts. Since the password is generated
networking june 2017 14
Net+ 1706 p14-15 (Off-the-Shelf Network Knowledge) RN NEW v2.indd 14 04/07/2017 16:30 register online @ www.networkingplus.co.uk and find out more network knowledge
expands the roles of enterprise and technical IN BRIEF… (8-24 weeks) training opportunities for UK’s cyber security architecture, and redefnes the skills 18�24 year�olds living in London. Capital profle for audit, compliance and testing. n Arrow �CS has added the new Check funding is also available to support delivery In addition, the IISP says the Point R80.10 courses to its programme. costs. The Digital Talent Programme has security skills new framework puts more focus on They include Cyber Security Administrator been developed by the GLA to increase the management, leadership and infuence, and Cyber Security Engineering, as well as number of women and young people from crisis ‘eases’ business skills and communication, and a fve�day fast track version that combines black, Asian, minority, ethnic (BA��) knowledge sharing. The four defned both courses. Arrow is now also offering and disadvantaged backgrounds in jobs A surge in interest from candidates has competency levels have also been expanded Juniper’s recently launched Introduction that require digital skills. helped shrink Britain’s cyber security skills to six – two based on knowledge and four to the Junos Operating System v15.a. gap, according to global job site Indeed. on measuring practical experience. This three-day virtual course combines n Microsoft Azure is fast becoming a staple At the start of this year, the frm found The �ational Audit Offce has recently the previous IJOS and JRE courses and of modern IT, according to New Horizons. that the country’s cyber security skills gap warned that a lack of skilled workers is adds further content. The training specialist has identifed three was the second worst in the world after hampering the fght against cyber crime. skills that are particularly useful for IT pros Israel. But its latest study published in June The ISSP believes its new framework n The Greater London Authority (GLA) to focus on: Azure SQL database; Azure revealed that the shortage of professionals will help on multiple levels, from raising is now inviting applications to strand 2 Active Directory; and Azure Bot Services. with the most in-demand skills has “eased” the standards of professionalism and of the �ayor of London’s Digital Talent With the latter, New Horizons says bots by 36 per cent in the last two years. allowing companies to identify gaps in their programme. There is a total of £500,000 can be published to apps such as Skype for By tracking the number of cyber security experience and competency, to encouraging available for a revenue grant funding Business, Bing and Cortana, where they roles advertised on Indeed and the number new talent into the industry and helping contribution toward the costs to setup and can provide seamless integrations with of clicks from candidates, researchers to educate students and train individuals. deliver new, non-accredited ‘bootcamp’ third-party services. were able to gauge the difference between demand and supply. Between the frst quarter of 2015 and the same period this year, the company says that while the share of cyber security job postings rose by 2.8 per cent, the share of candidate clicks increased by 40.3 per cent. According to Indeed, the rapidly rising level of interest helped narrow the skills gap “dramatically” at the end of 2016 and start of 2017, even if an overall 42.7 per cent mismatch showed that demand is still more than double supply. Within cyber security, the researchers found the greatest skills gap was in cloud security. Here, the share of jobs posted exceeded candidate interest by nearly ten to one (see table below). In malware security and disaster recovery – both areas that saw high�profle cases in �ay � demand exceeded supply by four to one. �ariano �amertino, ���A economist at Indeed, said: “While the skills gap has narrowed, demand from recruiters is still double the supply of candidates, forcing many at risk companies to offer increasingly attractive packages to woo the talent they need to protect one of their most precious assets – data.”
Rank IT sector Mismatch 1 Cloud 13.4% Identity & access 2 17.3% management 3 Network security 20.5% 4 Application security 25.7% 5 Risk 28.4% 6 Malware 39.5% 7 Compliance 41.1% 8 Disaster recovery 41.5% 9 Forensics 64.4% Cyber security skills gap by IT sector. Searches for jobs versus numbers of jobs posted, Q1 2017; the lower the number, the bigger the skills gap. SOURCE: INDEED.CO.UK. IISP unveils new infosec skills framework
The Institute of Information Security Professionals (IISP) has launched a new version of its Skills Framework, which it claims is widely accepted as the de facto standard for measuring the knowledge, experience and competency of information security and assurance professionals. The not�for�proft organisation says the 201� version refects the evolving threat landscape, new technologies and signifcant changes in cyber skill profles and challenges. The latest framework includes new skills groups for: threat intelligence and assessment; threat modelling; cyber resilience; penetration testing; intrusion detection and analysis; incident management; and investigation and response. It also
15 june 2017 networking
Net+ 1706 p14-15 (Off-the-Shelf Network Knowledge) RN.indd 15 30/06/2017 16:20 Net+ 1706 p16 (Vertiv).indd 1 04/07/2017 17:31