January 24, 2014 5:37 PM
Posted by: Chuck Moozakis
If it makes you feel any better, organizations spent more than $12 billion on firewall, intrusion prevention, endpoint protection and secure Web gateway products last year. That’s just a drop in the tens of billions of dollars enterprises spent overall in the past 12 months to protect their digital assets.
Alas, it’s not nearly enough–as recent data breaches at Target and Neiman Marcus have illustrated.
And the best (that is, worst) is yet to come.
“I really think we are looking at some new aspects” in malware and enterprise vulnerabilities, said Gartner Research Director Eric Ahlm at a McAfee data protection webinar held in mid-January. “There is a change in the threat landscape.”
Among the changes: User-based attacks are becoming easier and targeted attacks have become much more intelligent.
“Being able to prevent is much more of a challenge,” Ahlm said.
At the same time, hackers have a well-oiled ecosystem, whether they are organized state agents or solitary data thieves who can easily tap into a willing market in which to sell their stolen information.
But wait. There’s more: The continued growth of mobile devices is bringing with it some especially sobering security trends, according to Gartner, including the following:
–By 2018, 25% of corporate data (compared with 4% today) will bypass perimeter security and flow directly from mobile devices to the cloud.
–Through 2017, 75% of mobile security breaches will be a result of mobile application misconfigurations.
“If we’ve lost our control plane and lost our visibility plane, it’s going to make [asset protection] much more challenging,” Ahlm said.
That said, not all is gloom and doom. Adaptive, rather than preventive, security will become an important weapon in enterprise security arsenals.
“We need to be able to find compromised systems and know what methods we have to find these systems,” Ahlm said, adding that a security strategy anchored by situational and contextual awareness platforms will be critical.
“Security teams need to hunt and they need to look. Knowing what’s involved and what’s in play will be vital in building programs that succeed.”
–Use network analysis in conjunction with global threat intelligence feeds to determine if a system is under a hacker’s control.
–Correlate internal information such as network logs, network behaviors, host behaviors and user importance. That situational awareness can help organizations prioritize and triage in the wake of a data breach, Ahlm said.
August 9, 2013 11:15 AM
Posted by: Chuck Moozakis
, change management
, IT trends
, network design
, networking careers
Say bye to information technology. Say hello to enterprise technology.
So says Nemertes Research President Johna Till Johnson. In a discussion highlighting Nemertes’ 2013-2014 Enterprise Technology Benchmark study earlier this summer, Johnson said the shift from IT to ET will be no less dramatic than the transition from MIS to IT 30 years ago. It’s a swing, she said, that will have a big impact on IT professionals.
“In a nutshell, what we are seeing is that IT is now being asked to be a trusted adviser to drive the business,” she said. “IT practitioners are now being asked to move into an enterprise technology role,” supporting and guiding the entire business.
Fueling the shift: the rise of the remote worker, untethered from the office and free from the physical network. Employees, Johnson said, “are not at their desks; they are out serving customers, taking orders.” The result: Instead of networking knowledge workers, administrators today must network the broader enterprise.
Fortunately for IT executives, COOs and CEOs appear to be actively soliciting their advice on how ET can be made a reality. Nemertes’ research found that 73% of CIOs responding to their survey have been asked to participate in an ET transformation project. Only 13% of CIOs gave the same answer in Nemertes’ 2012 survey. That’s approximately the same result Cisco found in its 2013 Global IT Impact Survey, which noted that a nine out of 10 IT execs collaborate with corporate brass at least on a monthly basis to coordinate strategic initiatives.
That’s the good news. The challenge: Becoming ET-savvy won’t come without a hitch. Where IT is all about getting information transmitted from point “A” to point “B,” ET is understanding how that conveyance helps the organization innovate its operations. Or, as Johnson described it, “IT is about getting the trains to run on time; innovation is about disrupting the existing process, so we are seeing the concrete impact of the innovator’s dilemma”—where companies risk their own survival by failing to adopt technologies or strategies that will meet their customers’ future needs. Orchestrating that shift successfully “will have a huge impact for us who work in the tech field,” she said.
So get ready for ET. It will be here sooner than you might think.
June 24, 2013 11:21 PM
Posted by: Shamus McGillicuddy
100 Gigabit Ethernet
, 40 Gigabit Ethernet
On Monday Cisco’s carefully curated press program at Cisco Live Orlando focused on the refresh of the company’s campus switching portfolio, most notably with the new Catalyst 6800 series of chassis switches whose supervisor modules and line cards are backward and forward-compilable with the Catalyst 6500.
Meanwhile, Cisco Live attendees got a special treat during a keynote presentation by David Yen, vice president and general manager of Cisco’s data center technology group. Yen shared the stage with the a very tall member of the new Nexus 7700 series of data center core switches. This new family of switches have up to 83 Tbps of total switch capacity, with 1.3 Tbps of throughput on each slot. A fully populated top-of-the-line Nexus 7700 can support 384×40 Gigabit Ethernet (GbE) or 192×100 GbE ports. The switch had attendees swooning.
When details of this monster switch leaked out over Twitter, I asked the Cisco PR team about it. They were tight-lipped. The official announcement of this switch is scheduled to take place during a Wednesday press conference, and Cisco isn’t prepared to offer details to the general public yet. Some content about the switch appeared on Cisco’s web site recently, but it was scrubbed when some network engineers stumbled upon it.
Given that Insieme Networks executives are scheduled to participate in the Wednesday press conference, I expect the news will be much bigger than just the Nexus 7700. My sources have told me that Insieme has been developing a massive fabric controller that can orchestrate the entire data center, not just the network. Rumors have persisted that the stealth Cisco spin-in is deeply involved in software-defined networking, too. But I’ve never been able to confirm that rumor.
I’ve heard Cisco executives boasting that this year’s Cisco Live will feature one of the biggest collections of major new product announcements in years. The Catalyst 6800 was a good start and the Nexus 7700 was impressive, but I think there’s more to come.
April 24, 2013 11:13 AM
Posted by: Chuck Moozakis
, IT trends
, network change and configuration management
, Network management
, Network security
John Curran, ARIN CEO & President
John Curran, the voluble president and CEO of the American Registry for Internet Numbers, didn’t waste any time exhorting attendees at last week’s North American IPv6 Summit in Denver to break the logjam delaying the widespread implementation of the next-generation protocol.
“Why are we doing this?” he asked. “What is the one event” that will spark the momentum needed to fuel IPv6′s adoption?
Curran said the energy sparked by the realization that IPv4 addresses would soon disappear had sputtered over the past year as enterprises and ISPs found other ways to manage device identification and addressing.
“ISPs say customers aren’t asking for [IPv6], and you can’t expect ISPs to deploy when customers aren’t asking for it,” he said. And why aren’t customers demanding their providers switch to IPv6?
“Because they believe they are already connected to the Internet. We must disabuse them of that notion.”
To Curran, IPv4 is not the Internet, users’ claims notwithstanding.
“You are connected to a subset of the Internet,” he said of those users that believe they’re fully Web-enabled.
“We have to begin to tell customers they are not on the Internet; they are paying to be on, but they need to be told they are not on the Internet unless they are on IPv6,” Curran said.
To be sure, Curran and ARIN have a vested interest in encouraging enterprises and ISPs to adopt IPv6. North American IPv4 addresses will be exhausted by 2015, and with millions of user devices and other Internet-aware gadgets slated to come on-stream in the next few years, IPv6 is the only alternative. But IPv6 adoption, at least in the United States, has been glacial. While a little more than a third of U.S. government websites are IPv6 enabled, only 3.7% of industry websites and 5.7% of educational websites are similarly supported, according to stats shared at the Summit.
And that doesn’t say anything about how few enterprises’ internal networks natively support the IPv6 protocol.
For better or worse, many ISP and enterprise executives remain reluctant to invest the time, money and resources necessary to migrate to IPv6. The protocol’s proponents, and there are many, understand this. But they also understand how critical it is for companies and carriers to embrace IPv6.
Not because it can handle as many addresses as there are grains of sand, as the saying goes. But because it will also usher in new services and new capabilities that U.S. businesses and ISPs will need to remain competitive in the years and decades to come.
April 17, 2013 10:05 AM
Posted by: Tessa Parmenter
Photo credit: RMv6TF
Over 500 attendees join the 2013 North American IPv6 Summit today — the highest in the conference’s history. The Rocky Mountain IPv6 Task Force (RMv6TF) in conjunction with the Regional North America IPv6 Task Forces are throwing a three-day long conference, April 17-19, dedicated to the next generation of the Internet: IPv6. First-day attendees get a day-long tutorial and hands-on experience for a chance to tinker with a real live IPv6 environment. The following days feature educational talks from IPv6 super-stars, like Google’s Latif Ladid and ARIN president John Curran. These experts and many others are experienced in the ways of the new Web. Attendees are joining for lots of reasons, but mainly, not to get left behind in the ever-evolving IT industry. With the depleted pool of IPv4 addresses and IP-enabled devices entering the market, the time to know about IPv6 has never been more crucial.
March 29, 2013 9:22 AM
Posted by: Gina Narcisi
Cisco began “limited restructuring” this week by laying off approximately 500 employees globally, including two of the four -person team manning the Cisco/EMC alliance, a source tells us.
Ties between Cisco and EMC had been visibly strained since VMware — a company owned by EMC — acquired network virtualization provider, Nicira Networks Inc. last summer. While Cisco had historically been an ally with VMware and EMC, EMC/VMware’s acquisition of Nicira’s network virtualization left a bad taste in Cisco’s mouth.
Another indication of the souring relationship between Cisco and EMC this week is a rumor that EMC will start selling its own white labeled servers, putting it into another field of competition with Cisco — a rumor unconfirmed by Cisco.
While Cisco’s actions this week may point to a souring Cisco/EMC relationship, it could also indicate Cisco’s ongoing shift toward focusing on software and cloud initiatives. As demand increases for software-defined networking (SDN) and network virtualization solutions, Cisco could feel pressure on its traditionally robust hardware profit margins — an industry trend that is apparently on the minds of Cisco execs as the company works to realign operations.
“We routinely review our business to determine where we need to align investments based on growth opportunities…These actions are subject to local legal requirements, including consultation, where required,” said Cisco spokesperson Robyn Jenkins Blum, Cisco Corporate Public Relations in an email response.
December 17, 2012 2:54 PM
Posted by: Shamus McGillicuddy
Alcatel-Lucent recently put up its patent portfolio as collateral for a credit line from Goldman-Sachs and Credit Suisse, and this arrangement has the French government nervous. The government may urge the company to sell off business units instead, including its enterprise division.
According to a report in the French business publication Les Echos, the government is discouraging Alcatel-Lucent (ALU) from using the 1.6 billion euro credit line. The government fears that ALU could default on its loans and let its patents fall into the hands of foreign banks. The credit line would stabilize ALU while it tries to reduce costs following consecutive quarters of heavy losses. The French government prefers that ALU find alternatives to putting its patents up as collateral. My French is rusty, but my reading of Les Echos reveals that the government is pushing ALU to sell off a valuable business unit to raise cash, including the enterprise business or its submarine communications business. The government is also exploring a patent consortium, which would allow ALU to share its patent portfolio with other companies and derive revenue from them.
ALU has put its enterprise business up for sale a couple times in recent years, so this news is not great shock. But some customers must be frustrated by the continued instability of the company. ALU has a lot of debt, negative cash flow and dwindling cash reserves. Seeking Alpha says the credit line is unlikely to turn around the company’s fortunes.
December 7, 2012 4:52 PM
Posted by: Gina Narcisi
Everyone has heard of bringing your own device to the workplace, or the BYOD trend. While many networking products have been ramped up over the past several year to accommodate more devices entering the enterprise network, the next-generation trend has entered the arena and attention must be paid.
Bring-your-own-application, or the “BYOA” trend is demanding a wireless LAN prepared to handle not just new devices, but the slew of new applications being brought into the workplace. Aruba Networks has recently announced a new wireless LAN platform with Aruba’s AppRF technology — a series of three mobility controllers, the 7210, 7220 and 7240 — aimed at addressing the onslaught of mobile applications and devices coming onto the enterprise network.
“Our customers were coming to us and saying, ‘we have a problem not being able to control the applications running on our employee’s mobile devices on our network — We don’t want to block them, we just want to know what the biggest bandwidth consumers of Wi-Fi are,’” said Ozer Dondurmacioglu, Aruba’s director of product and solutions during a briefing.
And while IT has been able to manage WAN bandwidth consumption, Wi-Fi bandwidth has been a different story.
“For Wi-Fi, everything changes as devices move around, and we wanted to help with capabilities to show [IT] what is going on in the air,” he said.
Enterprises will be able to eliminate desktop phones, IP PBX support, expensive video and audio equipment and dedicated videoconferencing systems thanks to the new platform, which can guarantee high quality and performance for popular voice, video and Unified Communications (UC) applications, like Microsoft Lync, Dondurmacioglu said.
“The new normal is users love their mobile devices — they wouldn’t want to use anything else, even if IT begs them,” Dondurmacioglu said. “This year is going to be a battle between how to manage mobile apps over the air, and how to manage what is most important to an organization is protected given the limited Wi-Fi bandwidth.”
November 21, 2012 10:07 AM
Posted by: Shamus McGillicuddy
, Brocade VDX
, campus networks
, data center fabric
, data center networks
, Local Area Network
, software-defined networking
In Brocade’s latest quarterly earnings call with Wall Street analysts, executives revealed that its VCS data center fabric and VDX switches are winning new customers and expanding their footprint in existing accounts. Also, VCS fabric customers are telling Brocade that the technology will help them migrate to software defined networking and network virtualization in data centers.
According to a SeekingAlpha.com transcript of the earnings call, CTO David Stevens said sales of the VDX switching line are accelerating and expanding. In the first year the technology was on the market, Brocade saw mostly pilot projects, but “now we’re seeing a fair number of those accounts scale out into broad production use of the technology. In fact, some of the customers [are] hitting the limits of” the original VDX architecture.
Brocade announced the VDX 8770 chassis switch this year to increase the scale of the VCS fabric. The company now has 800 VDX customers.
“Over time, we’re going to see more scale-out production use of the technology, both… within [the] installed base where we sold the product to date but also as we gain new name accounts going forward,” Stevens said.
In its final quarter for fiscal 2012, Brocade reported $578 million in revenue, a 5% bump year-over-year. It was a record quarter for the company, driven mostly by a robust sales in storage area network (SAN) sales. Its IP networking business declined by 3%, pushed down by routing. Switching actually grew by 5%.
During the earnings call one financial analyst, Mark Sue of RBC Capital Markets, pushed Brocade’s executives on the idea that it should focus its Ethernet business in the data center, saying “the business might benefit from some focus… Is there some thought of driving that deeper into the data center and perhaps less in the campus and less in the enterprise just because the market doesn’t seem to be growing that margin? It is very crowded.”
Jason Nolet, VP of Data Center Networking Group, said Brocade has invested substantially in its VCS fabric and its VDX switches. Investments in campus networking aren’t taking away from that data center focus, he added. Stevens, the outgoing CTO, added that investments in campus networking are relatively small compared to the investments the company has made in developing VCS and service provider networking.
Brocade started refreshing its campus networking products a year ago with the ICX 6610 series. Next year it will release HyperEdge, a campus LAN management technology that establishes a single management IP address where admins can make changes to an entire network through a single CLI session.
Stevens added that customers are starting to engage with Brocade about the need for software defined networking technology, especially for implementing network virtualization.
“I think it’s starting to gain a lot of interest,” he said. “When you think about adding another layer to the network with network virtualization, you’re going to add logical networks through tunnel technology. You’re actually adding to the overall administrative burden of that environment, because the physical infrastructure doesn’t go away. It still needs to be scaled, maintained and managed to upgrade, et cetera.”
Customers are telling Brocade that the VCS fabric’s ability to “simplify and reduce the operational overhead of that underlying transport as a result of the very high level of automation and efficiency that we’ve built into the fabric” allows them to focus more on how they’re going to deploy and run network virtualization, Stevens said.
“It also prevents them from just doubling up their operational overhead as a result of having adding that additional virtualization layer to the network environment,” he added.