The Network Hub

October 3, 2018  1:48 PM

Palo Alto Networks adds cloud analytics with RedLock acquisition

Zeus Kerravala Profile: Zeus Kerravala
Cloud analytics, Cloud Security, Networks, Palo Alto Networks, Public Cloud

It’s fair to say the cloud has become a core component of most organizations’ IT strategies. The growth of public cloud services — such as Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) — has been remarkable as application developers and IT professionals look to simplify the way they work and speed up deployment times.

As is the case with most things, however, for every yin there’s a yang. The cloud does have a dark side. In this case, it’s security. When I think of the effect the cloud has had on network and security teams, I’m reminded of the scene in Shakespeare’s Julius Caesar when Mark Antony shouts, “Cry ‘havoc!’, and let slip the dogs of war.”

Cry havoc indeed. The tight control IT used to have on the environment is now gone as public cloud services are largely dependent on the internet for transport, making workloads easier to breach than if they were in a tightly controlled data center. Some of the more common challenges when using public clouds include not having visibility across multiple clouds, lack of centralization, keeping up with compliance mandates, detecting threats and responding fast enough.

These problems have given rise to many security startups aimed at solving a piece of the cloud security puzzle. This, of course, introduces new challenges as securing the cloud requires some manual correlation of data, which can be slow, time-consuming and inaccurate and leads to gaps in coverage. Cloud security is much like a puzzle that hasn’t been put together. All the pieces are there, but it takes a lot of effort to get the full picture.

Palo Alto RedLock acquisition automates cloud security

Palo Alto Networks is trying to simplify the process of securing the cloud. Coming into 2018, the company had solid network and endpoint security products. In March, it added cloud security vendor Evident in a $300 million acquisition. Evident brought a rich set of cloud compliance capabilities to the Palo Alto platform.

This week, Palo Alto announced its intention to buy cloud threat defense vendor RedLock for $173 million. RedLock’s strength is its analytic and automation capabilities that help network and security teams replace manual inspection of network traffic with automated, real-time remediation.

RedLock’s products capture detailed events in all major public cloud platforms to quickly see and fix threats. The cloud vendor correlates resource configurations with network traffic and third-party feeds to expose vulnerabilities and identify compromised accounts and find insider threats via analysis of user behavior. The product then automates remediation by integrating into existing incident response workflows.

For example, if a developer accidentally leaked cloud access keys on a site such as GitHub, a hacker could steal them and break into the cloud environment using those keys. RedLock’s analytic engine would recognize the key was being used in a strange location to do unusual things and immediately alert the security team with a full history of activities associated with that key.

Analytics and security go hand in hand

I can’t overstate the importance of analytics in an organization’s security strategy. Simply too much data comes in from too many sources to be analyzed manually. Highly skilled network and security professionals might have been able to do things manually in the past, but today it’s just not possible. Analytics and automation should be viewed as an engineer’s best friend as it can greatly augment skill sets.

The addition of RedLock brings Palo Alto customers some benefit today. But, over time, the company plans to integrate the two platforms, creating a “1+1 = 3” scenario. The combination of Evident and RedLock brings the following capabilities to Palo Alto customers in a single platform:

  • Continuous discovery and inventory of public clouds via a centralized dashboard that shows assets across AWS, GCP and Azure across multiple accounts and regions;
  • Real-time compliance reporting for industry standards such as NIST, PCI, HIPAA, GDPR and CIS. Customers can access customized reports with a single click;
  • Ability to prioritize vulnerabilities, detect cloud threats and investigate incidents in minutes, as well as provide automated remediation of security, risks and policy violations across all major clouds.

Additionally, Palo Alto’s other products can be used to protect other parts of the cloud ecosystem. For example, its VM-Series products protect and segment cloud workloads, and Traps secures operating systems and applications within workloads.

Cloud security doesn’t have an “easy button” because it requires multiple products to protect the different areas of the cloud. The addition of RedLock brings rich analytic capabilities, enhancing Palo Alto’s already-robust cloud security portfolio that now offers protection and compliance across the entire public cloud journey.

May 1, 2017  5:01 PM

Cisco to acquire Viptela

Chuck Moozakis Chuck Moozakis Profile: Chuck Moozakis
Cisco, SD-WAN

Cisco said it would acquire SD-WAN vendor Viptela Inc. in a deal valued at $610 million. The transaction, expected to close later this year, will fortify Cisco’s existing SD-WAN portfolio with additional cloud-based services, the company said in a blog post.

“Viptela’s technology is cloud-first, with a focus on simplicity and ease of deployment while simultaneously providing a rich set of capabilities and scale,” said Scott Harrell, Cisco’s senior vice president of product management, Enterprise Networking Group, in a statement. “With Viptela and Cisco, we will be able to deliver a comprehensive portfolio of comprehensive on-premises, hybrid and cloud-based SD-WAN solutions.”

Viptela, based in San Jose, Calif., emerged from stealth three years ago with an SD-WAN framework it called the Secure Extensible Network (SEN). The platform includes physical vEdge routers that form a secure data plane; a central controller runs on an x86 server–either on-site or in the cloud–and orchestrates connectivity among the routers. Viptela sells its framework to enterprises and its technology is also used to underpin managed SD-WAN services offered by a number of providers, including Verizon and Singtel.

SD-WAN continues to be a hot market, with revenues expected to eclipse $6 billion by 2020, according to IDC.

Cisco said the acquisition will dovetail with its Digital Network Architecture strategy to support software-driven networks that are more programmable, responsive and dynamic. Viptela will join Cisco’s enterprise routing unit within the vendor’s Networking and Security Group, led by Senior Vice President and General Manager David Geockeler.

January 16, 2017  12:38 PM

Are MPLS network deployments in decline?

Robert Sturt Robert Sturt Profile: Robert Sturt

There has been a fair amount of credence given to some media statements that are suggesting MPLS network services are decreasing in popularity. 

I believe WAN technology is becoming less about products but more about capability due to the rise of cloud services and the use of the Internet.

A few years ago, the default IT Management decision was split between companies with a direct interest in private services (MPLS) and companies with an interest in public services (the IPSec VPN). I appreciate this is kind of view is over simplifying things but you get the idea.

Today, IT capability is becoming complicated. The hard part is figuring out how to service the unbelievable technology we hold in our hands together with the resources on offer from cloud vendors.

When I say, unbelievable, I really do mean it in the true sense of the word.

The latest phones have processing power comparable to desktop PCs of only a few years ago. When these devices are coupled with access to applications which reside on both the corporate infrastructure and the Internet, they become one of the most valuable devices within the Enterprise.

If you read various telecoms publications, experts believe the future is mobile, I think they might be right. (Note, clearly laptops remain very relevant in combination with tablets and phones.)

The way we work is directly taking us down a path of network design and architecture which is more flexible.


Perhaps the biggest challenger for proponents of MPLS networks is SD-WAN. SDN promises to free the Enterprise from restrictive, private MPLS by offering granular traffic prioritisation, security and privacy within a single box or application.

The fact remains, careful consideration must be given to the underlying connectivity used with SD-WAN. There is no doubt the Internet is a scaled platform vs even a few years ago but IT teams must still consider the laws of physics. In other words, the distance between locations on a global network coupled with the use of multiple ISP backbones could degrade performance.

Fig 1 is an example of an SD-WAN network deployed over multiple ISP backbones.

MPLS Network

With this said, regardless of the actual product, analysis of your specific requirements vs the provider’s capability remains as important as ever. If your organisation begins by asking the right questions, the answers will determine if any WAN product is fit for purpose, this applies to both MPLS, VPLS and SDN.

First, the top 3 reasons why MPLS remains relevant.

1. MPLS VPN services are delivered across private infrastructures, IPSec and other encryption services are not required.

2. MPLS QoS (Quality of Service) provides the Enterprise with an ability to prioritise applications including real time traffic – Voice, Video – and other mission critical apps such as Citrix.

3. Service level agreements which include latency, jitter, uptime and other performance factors are generally more focussed across private based infrastructures.

And now the top 3 reasons why SD-WAN services are of interest.

  1. SD-WAN typically leverages the Internet to deliver secure, highly flexible, encrypted services to  any form of device and connectivity.
  2. The promise of SD-WAN services offers complete control and flexibility via easy to use software driven portals.
  3. The innovation of SDN means the Enterprise should see new features and enhancements released on a much more regular time frame vs MPLS network products.

Is a hybrid WAN the future?

The typical network today is not generally based on a single product or service. In fact, the majority of deployments consist of core MPLS network connectivity between key offices with SD-WAN (or DMVPN) connectivity over the Internet for smaller offices and remote users. Data Centre and hosting facilities are connected via layer 2 VPLS or point to point / multipoint connectivity.

(Architecture and WAN design is out of scope here).

As I have previously mentioned, the requirements for Enterprise business is not simply based on one platform. The result is generally a hybrid. There are exceptions here, a national or well scaled global architecture could be delivered over a single SD-WAN deployment but as we mentioned earlier, careful thought must be given to application performance in terms if packet latency.

I have personally worked with one organisation in the US where their platform is based on hybrid connectivity. The circuit is delivered as a point to point Ethernet into the provider’s network but an intelligent device allows the business to decides what the circuit should become, i.e. layer 2, layer 3 or even Internet. (If you would benefit from knowing the provider name, drop me a message.)


Everybody has an opinion on whether MPLS is in decline. I tend to take the view that actually ‘private’ based connectivity will always be a requirement for Enterprise business, even just from the perspective of privacy. So, no, MPLS is not doomed and should remain an essential part of the tool-kit.

I do believe that SD-WAN will seriously erode the popularity of MPLS VPN as the default WAN type, especially for organisations where they are able to predict performance of their Internet connectivity.

If you are either deploying SD-WAN over a single IP backbone or multiple ‘known’ backbones, there is every possibility SD-WAN could be the only technology required depending on your view point.

December 7, 2016  2:03 PM

Ethernet switch market up 2%: IDC

Chuck Moozakis Chuck Moozakis Profile: Chuck Moozakis

The worldwide Ethernet switch market grew 2%, racking up revenues of $6.29 billion in the third quarter, according to IDC’s Worldwide Quarterly Ethernet Switch Tracker and Worldwide Quarterly Router Tracker reports.

Router revenues, meantime, rose 2.6%, to $3.56 billion as enterprises and service providers beefed up their infrastructures.

Cisco continued to see erosion in its Ethernet switch market share, IDC said, with the vendor now capturing 57% of the market, down 6.5% from Q3 2015 totals. Hewlett Packard Enterprise’s switch sales also fell, but Juniper Networks and Arista Networks both saw increases in Ethernet switch sales, with Arista notching a 31.5% hike in revenues year over year. Huawei’s Ethernet switch sales almost doubled in the period; the Chinese vendor now has 7.2% of the switching market.

“Recent macro-economic developments and maturing IT architectures have led to a spectrum of reactions by IT decision-makers across the regions with regard to Ethernet switching investments in 3Q 16,” said  Rohit Mehra, IDC’s vice president of network infrastructure, in a statement. “Strong growth in the 40 GbE and 100 GbE segments specific to data center deployments brought a degree of stabilization to a market in transition where the enterprise campus market for switching declined.”

40 GbE switch sales grow

IDC said 10 GbE switch sales dropped 1.3%  year over year, to $2.22 billion, while 40 GbE switch revenue jumped 20%, to $756.4 million. The two Ethernet switch market standards are now being joined by an emerging 100 GbE switch market, which saw a tripling in revenues on an annualized basis in the third quarter of the year. One-GbE switch revenue dropped 4.3% year over year, IDC said.

The increase in router sales was sparked by an 8.2% increase in enterprise routing, IDC said, cautioning that the market bears close review as more companies evaluate the use of new SD-WAN technologies.

“Software-defined network architectures and network transformation for the digital economy are among the factors shaking up the core network infrastructure segments,” said Petr Jirovsky, IDC’s research manager, Worldwide Networking Trackers, in a statement.

November 2, 2016  3:11 PM

Broadcom buys Brocade in $5.9B deal

Chuck Moozakis Chuck Moozakis Profile: Chuck Moozakis

Broadcom Ltd. Nov. 2 said it would acquire storage and networking supplier Brocade Communications Systems Inc. in a deal valued at $5.9 billion.

Chip-maker Broadcom said it will keep Brocade’s Fibre Channel and storage area networking line but will sell the company’s IP networking business, which includes routing, switching and wireless technologies that it just recently acquired from Ruckus Wireless.

“This strategic acquisition enhances Broadcom’s position as one of the leading providers of enterprise storage connectivity solutions to OEM customers,” said Hock Tan, Broadcom’s CEO, in a statement. “With deep expertise in mission-critical storage networking, Brocade increases our ability to address the evolving needs of our OEM customers. In addition, we are confident that we will find a great home for Brocade’s valuable IP networking business that will best position that business for its next phase of growth.”

Since acquiring Foundry Networks eight years ago, Brocade has struggled to carve a significant niche in the enterprise networking market. Broadcom is selling the IP business in part so that its current relationship with networking customers that buy its chips–which include Cisco and Juniper–won’t be imperiled.

Broadcom said the transaction is expected to close in mid-2017.

September 30, 2016  2:58 PM

Looking at the future of networking, Reddit style

Eamon Earls Profile: Eamon Earls

What does the coming decade hold in store for networking’s future?

That’s the question recently posed by a contributor on Reddit’s r/networking enterprise networking forum.

The answers: Advances in IP networking, mesh networking and SDN were among the most common predictions.

User dm18 mentioned shifts in networking that would favor software and IoT. Some of the possible changes proposed might include self-organizing networks without the need for manual configuration, cloud-based systems to automate threat response, patch management and backup. The same user projected widespread interconnection, with outdoor access points powered by built-in batteries and solar panels and interconnections between access control, cameras, climate control, lights, firearms, facial recognition and appliances.

Device density might necessitate more organized networks and eliminate large segments of home networking as telcos and large IT companies like Google step in to provide free, city-wide wireless. Managing huge quantities of data—perhaps transmitted wirelessly—might mean a new emphasis on data compression.

Some users offered up networking humor in response to the question about the future of computer networking. “In 15 years, all network gear (switches, routers, etc.) will have built in Jet Packs so that they won’t need a rack, they will just hover on jets in the designated space,” one user commented. However, others struck a more serious note, suggesting widespread mesh networking and SDN fully fulfilling its promises by 2031.

Networks will automate

“Large-budget networks will automate; small-budget networks won’t,” said user jiannone, looking to networking’s future. “Small-budget networks [will] get by on branded whiteboxes [sic] with licensing and support fees attached to low cost, high-enough throughput boxes that are more ASIC than general CPU architectures,” the user added, suggesting that today’s entertainment infrastructure may shift to IP.

User patchate brought up PCI express switching in the discussion of the future of computer networking, “It doesn’t offer any compatibility with current Ethernet-based technologies, but the underlying technology seems sound to me, at least for short-range interconnects.” The user added, enthusiastically, “If ToR switches could be replaced by PCI express lanes with CPUs having DMA access to any device installed within a rack, that would be so very incredibly awesome.”

September 14, 2016  12:56 PM

Extreme buying Zebra’s WLAN biz for $55M

Chuck Moozakis Chuck Moozakis Profile: Chuck Moozakis

Extreme Networks Inc. said it will purchase Zebra Technologies Corp.’s wireless LAN business for $55 million in cash to bolster its existing WLAN portfolio.

The transaction is expected to close later this year pending closing conditions and regulatory approvals.

In a blog post, Extreme CEO Ed Meyercord said Zebra’s WLAN products will be meshed with the company’s ExtremeWireless product line. Among Zebra products are a series of new access point offerings, which include a wall plate and tri-radio APs. Zebra’s wireless intrusion prevention system will also be integrated within Extreme’s products. Zebra is also known for its NSight visibility and analytics tool.

“WLAN is the fastest growing segment in the networking industry,” Meyercord said in a statement.” Our heritage of delivering innovative and pioneering technology is reinforced with today’s announcement, underscoring our commitment to providing customers worldwide with unified visibility and control across their wired and wireless networks.”

Farpoint Group principal analyst Craig Mathias said the deal will provide additional technological heft to Extreme, which will also inherit products Zebra acquired from its 2014 purchase of Motorola Solutions’ enterprise group. “They have a strong customer base and perhaps even some useful products at a bargain price,” he said.

Extreme’s purchase of Zebra’s WLAN operations comes as networking systems vendors continue to snap up wireless vendors. In the last four years, Cisco acquired Meraki, Hewlett Packard Enterprise purchased Aruba Networks, Fortinet bought Meru Networks and most recently, Brocade plunked down $1.2 billion to purchase Ruckus Wireless. Dell-EMC, meantime, struck an agreement with Aerohive Networks earlier this year to consolidate some of its products and to resell others in a bid to extend Dell’s enterprise switching business.

June 2, 2016  2:47 PM

IBM, Cisco add Watson to edge

Chuck Moozakis Chuck Moozakis Profile: Chuck Moozakis

Cisco and IBM said they’d work together to add Big Blue’s Watson artificial intelligence and analytics technology to Cisco’s edge devices.

The alliance reflects Cisco’s strategy to push more intelligence to the edge of the network, eliminating the need to push the data to the cloud, said Mike Flannagan, Cisco’s vice president and general manager, data and analytics group.

“The combination of these technical capabilities provides the flexibility of processing and analyzing data everywhere, at the edge and in the cloud, so it can be leveraged in time and context as the business needs to use it,” he said in a blog posted today.

Cisco has been beefing up its edge and fog analytics capabilities. Late last year, the company acquired ParStream, an IoT analytics company, to allow it to better process and manage the terabytes of data generated by remote sensors and other IoT components.

Adding intelligence to the edge

The addition of Watson will layer cognitive computing on top of Cisco’s existing analytics capabilities, giving Cisco’s edge routers more agility and flexibility in how they process and direct traffic.

MachNation analyst Steve Hilton said the partnership between Cisco and IBM should benefit enterprises that are looking for ways to analyze their IoT deployments. “Often enterprises choose not to buy an IoT solution because deployment and integration of the solution is worse than a migraine headache,” he said.

Cisco said three companies–Bell Canada, the Port of Cartagena in Colombia and SilverHook Powerboats in San Diego–are among early adopters testing the technology.

April 4, 2016  11:11 AM

Brocade to buy Ruckus in $1.2B deal

Chuck Moozakis Chuck Moozakis Profile: Chuck Moozakis

Brocade said it has struck an agreement to purchase Ruckus Wireless Inc. in a stock and cash deal valued at $1.2 billion.

The transaction, expected to close later this year, will add Ruckus’ line of wireless products to Brocade’s existing enterprise networking portfolio and help let Brocade compete more aggressively with vendors like Hewlett Packard Enterprise and Fortinet, both of which acquired wireless suppliers in the past year.

HPE, in its purchase of Aruba Networks; and Fortinet, which bought Meru Networks, are eager to offer customers a complete line of networking and wireless products as more enterprises evaluate the role Wi-Fi and the wireless LAN will play in their organizations. Juniper Networks and Dell, meantime, have partnered with Aerohive Networks to resell its line of wireless gear to complement their networking products. Market leader Cisco and Extreme Networks Inc. also offer a blended line of networking and wireless products.

Brocade, in a statement, said the combined company will rank No. 1 in storage area networking and service provider Wi-Fi, and No. 3 in enterprise Wi-Fi and enterprise edge networking in the United States, European, Middle East and African markets.

Brocade also said the acquisition will also let it pursue new markets such as those emerging around 5G mobile services, Internet of Things and municipal services.

“This strategic combination will position us to expand our addressable market and technology leadership with Ruckus’ fast-growing wireless LAN products, and supports our vision to deliver market-leading new IP solutions that enable the network to become a platform for innovation,” said Lloyd Carney, chief executive officer of Brocade, in a statement.

Selina Lo, president and CEO of Ruckus, will remain with the company and report to Carney.

March 25, 2016  5:44 PM

Group begins work on 400 Gbps QSFP interfaces

Chuck Moozakis Chuck Moozakis Profile: Chuck Moozakis

Thirteen networking and electronics industry suppliers said they would work together to develop a new generation of double-density quad small form-factor pluggable (QSFP) interfaces that would support speeds of up to 400 Gigabit Ethernet (GbE).

The Multi Source Agreement (MSA) Group is spearheading the effort; members include Broadcom, Brocade, Cisco, Intel, Juniper Networks and Mellanox Technologies.

The new double-density interface is being engineered to accommodate a projected spike in the demand for bandwidth that’s being fueled by more Internet users, mobile devices and machine-to-machine connections.

A Cisco Visual Networking Index Forecast, released last spring, projected that IP traffic will more than triple between 2014 and 2019, reaching 2 zettabytes, or 2 billion terabytes, by 2020.

Higher-speed lanes anchor development efforts

The new interface will build on the existing QSFP form factor, a four-lane electrical interface that allows servers and other networking devices to be connected to switches. Individual QSFP lanes now operate at 10 Gbps or 25 Gbps, enabling throughputs of 40 Gbps or 100 Gbps, respectively.

Double-density interfaces will employ eight lanes that operate at either 25 Gbps or 50 Gbps, quadrupling the aggregate to as much as 400 Gbps. This can enable up to 14.4 Tbps aggregate bandwidth in a single switch slot, MSA said.

The next-gen transceivers are being developed even as vendors like Cisco develop higher capacity ASICs. The firm’s most recent cloud-scale ASICs, for example, can support up to 36 ports of 100 GbE in a single design. As these speeds continue to increase, a higher-capacity QSFP interface is essential.

MSA said the new double-density designs will be backwards compatible to allow customers to increase network speeds without having to redesign the underlying architecture.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: