Monday, June 27, 2016

OIF Approves Multi-Link Gearbox 3.0

The Optical Internetworking Forum has approved Multi-Link Gearbox (MLG) 3.0, an agreement that supports 100G links and allows independent 10GBASE-R signals to transit physical 20G and 40G lanes for higher bandwidth capability.

The MLG 3.0 specifies a logic layer between the Ethernet MAC and PHY layer hardware that allows the data from multiple MACs to be aggregated onto higher speed data links.  This allows independent 10GBASE-R and 40GBASE-R signals to transit 4x25G and 8x25G gearboxes. The agreement defines three MLG configurations: A 4x25G lane configuration is comprised of 20 MLG lanes. An 8x25G lane configuration is comprised of 40 MLG lanes. A 2x20G/1x40G lane configuration is comprised of 4 MLG lanes (similar to 40GBASE-R) to carry up to four 10GBASE-R signals.

In addition, the OIF has commenced work on a new analog coherent optics project that supports higher baud rate and higher wavelength/ carrier-count applications at higher density than the existing CFP2-ACO. The new project, dubbed CFP8-ACO, utilizes the existing CFP8 definition from the CFP-MSA group and provides up to 4 wavelengths/carriers per module. In addition to a 20w power profile, the new specification includes a 9.5mm module height, allowing for a double-stack line card or belly-to-belly. A 40mm module width will enable a 2 x 8 configuration for a 16 module line card.  This allows for an increased number of modules as well as an increased number of wavelength/carriers.

“The OIF is looking ahead to what is needed in 2018 and we need to get started now to support the market needs for more wavelength/carriers in coherent optics modules,” said Karl Gass of Qorvo and the OIF Physical and Link Layer Working Group optical vice chair.  “Our goal with the CFP8-ACO module is a 4x increase in faceplate density and we expect to complete this next year.”

http://www.oiforum.com/

3GPP Outlines Work Plan for 5G Specs

The 3GPP Technical Specifications Group outlined a detailed workplan for Release-15, the first release of 5G specifications.

The plan includes a set of intermediate tasks and check-points for putting 3GPP in a position to make the next major round of workplan decisions when transitioning from the ongoing studies to the normative phase of the work in December 2016:- the start of SA2 normative work on Next Generation (NexGen) architecture and in March 2017:- the beginning of the RAN Working Group’s specification of the 5G New Radio (NR).

“We now have a more concrete plan to guide the studies in the Working Groups and to put us in the position to address both short term and long term opportunities of 5G” Dino Flore, Chairman of 3GPP TSG RAN, said.

“3GPP continues to actively coordinate radio access NR and Next Generation system level work to standardize target services on schedule” added Erik Guttman, Chairman of 3GPP TSG SA.

http://www.3gpp.org/news-events/3gpp-news/1787-ontrack_5g

Qualcomm Shows 5G Prototype in Sub-6GHz Band

Qualcomm unveiled a 5G New Radio (NR) prototype system and trial platform that operates in the sub-6 GHz spectrum bands and is being utilized to showcase the company’s innovative 5G designs to efficiently achieve multi-gigabit per second data rates and low latency.

The 5G NR prototype system consists of both a base station and user equipment (UE), serving as a testbed for verifying 5G NR capabilities. It supports wide RF bandwidths over 100 MHz, capable of delivering multi-gigabit per second data rates. It also supports a new integrated subframe design for significantly lower over-the-air latency than what is possible in today’s 4G LTE network.

The prototype system is being utilized to drive 3GPP standardization for a new, OFDM-based 5G NR air interface.

“The 5G NR prototype further demonstrates our leadership in developing a unified, more capable 5G air interface, building upon our long-standing expertise in delivering OFDM chips and technology with LTE and Wi-Fi,” said Matt Grob, executive vice president and chief technology officer, Qualcomm Technologies, Inc. “We are excited to collaborate with leading network operators like China Mobile Communications Corporation on 5G technology development and testing to support the work required for 3GPP 5G standardization.”

“We are happy to be working with Qualcomm to showcase the sub-6 GHz 5G prototype system at Mobile World Congress Shanghai,” said Madam Huang Yuhong, the DGM of China Mobile Research Institute. “This is a great example of the 5G technology collaboration we set out to accomplish when we announced the 5G Joint Innovation Center earlier this year.”

http://www.qualcomm.com

Red Hat JBoss Targets Cloud-Native Apps

Red Hat released its JBoss Enterprise Application Platform 7 (JBoss EAP), an open source Java EE 7 compliant application server, and introduced JBoss Core Services Collection, a set of technologies that provide customers with common and fundamental application components.

Red Hat said these releases will help enterprises to transition to emerging architectures and programming paradigms that will require a lightweight, highly modular, cloud-native platform.

Specifically, JBoss EAP 7 has been optimized for cloud environments. When deployed with Red Hat OpenShift, JBoss EAP 7 offers containers, load balancing, elastic scaling, health monitoring, and the ability to deploy to a container directly from the IDE which can improve developer productivity and experience. In addition, JBoss EAP with OpenShift contributes to a more architecturally efficient DevOps environment since overlapping features are no longer needed. This DevOps efficiency can be compounded when using additional middleware components on OpenShift.

“Organizations should be able to choose when and how they move to new architectures and programming paradigms. This freedom is a hallmark of open source, and something we embrace at Red Hat. With JBoss EAP 7, we are addressing the needs of both enterprise IT and developers with a balanced vision designed to bridge the reality of building and maintaining a business today with the aspiration of IT innovation tomorrow,” stated Mike Piech, vice president and general manager, Middleware, Red Hat.

http://www.redhat.com

Quantum Random Number Generators for Better Encryption

Quantum random number generators could become the building blocks for effective encryption, according to the Cloud Security Alliance's Quantum-Safe Security (QSS) Working Group.

A newly published whitepaper titled Quantum Random Number Generators looks at leveraging quantum mechanics in the real of cyber security as an improvement over today's software or hardware-based random number generators.

https://downloads.cloudsecurityalliance.org/assets/research/quantum-safe-security/quantum-random-number-generators.pdf

Sunday, June 26, 2016

Blueprint: Why SD-WAN Cannot Solve for the MPLS Conundrum

by Gur Shatz, Co-Founder and CTO, Cato Networks

Software-defined infrastructure has firmly gained traction in public and private data centers and clouds, because of its game-changing nature: It has virtualized the server, giving it scalable capacity on demand at a fraction of the cost of its hardware counterpart. And what software-defined did for the server and storage markets, it is bound to do for the network, too.

Initial advances in software-defined networking include SD-WAN, which is poised to grow from $225 million in 2015 to $6 billion by 2020, according to IDC. Yet, SD-WAN has not fully cracked the network performance and security conundrum. SD-WAN still relies on MPLS links to ensure low-latency connectivity, and the use of the Internet is mostly for WAN backhauling and doesn’t fully address the need for secure Internet and cloud access.  This points to the need for a new software-defined approach that firmly binds network and security as one, and which frees up valuable networking resources.

Why SD-WAN Is Not Enough

The promise of SD-WAN lies in providing standard, low-cost Internet connections to supplement the managed, low-latency, yet expensive MPLS with its guaranteed capacity. However, a survey of network security professionals found that one-third cited latency between locations as their biggest network security challenge, and a quarter cite direct Internet access from remote locations.[1]

SD-WAN, while taking some of the network performance issues and costs out, cannot fully provide the game-changing impact of true software-defined infrastructure; it is a primarily a networking technology, not a security solution. For SD-WAN to be a viable solution for today’s hybrid networks, it needs to be secured in a way MPLS is not. Due to its nature as a private network, companies didn’t need to encrypt MPLS traffic. While MPLS networks are often not encrypted, SD-WAN cannot forego encryption – a new problem for most network teams. Furthermore, it has no impact on enabling direct internet access – for example, at the branch level – without adding third-party security solutions. SD-WAN requires investment in core security capabilities, such as app control, URL filtering, next-generation firewalls, and cloud access control (among others) – all of which add costs and management complexity right back into the enterprise.

SD-WAN++

SD-WAN tackles the legacy enterprise WAN: branches and datacenters. It adds Internet links to the MPLS-based WAN, but must continue and rely on MPLS for low-latency connectivity. This limits its impact. A contemporary WAN design should integrate, in addition to physical locations, mobile users and public cloud infrastructure. It should enable low-latency connectivity on a global basis to ensure consistent user experience, even if MPLS is not used. And, it should include an integrated security stack to protect WAN and Internet-bound traffic to Public Cloud Applications (SaaS) for all network users. To truly evolve the network, today’s IT leaders need a new simple, scalable and secure solution that binds a global network and built-in security. Such a unified, software-defined solution could enforce policies for all users and locations, with access to all data, in a way that reduces complexity and management overhead.  

Effectively, such a system becomes the real solution to the MPLS conundrum: it optimizes performance/latency and enables enterprise-grade security, creating the true hybrid network of the future - today. 

About the Author

Gur is co-founder and CTO of Cato Networks. Prior to Cato Networks, he was the co-founder and CEO of Incapsula Inc., a cloud-based web applications security and acceleration company. Before Incaspula, Gur was Director of Product Development, Vice President of Engineering and Vice President of Products at Imperva, a web application security and data security company.
Gur holds a BSc in Computer Science from Tel Aviv College.

About Cato Networks

Cato Networks is rethinking network security from the ground up and into the cloud. Cato has developed a new Network Security as a Service (NSaaS) platform that is changing the way network security is delivered, managed, and evolved for the distributed, cloud-centric, and mobile-first enterprise. Based in Tel Aviv, Israel, Cato Networks was founded in 2015 by cybersecurity luminary Shlomo Kramer, who previously cofounded Check Point Software Technologies and Imperva, and Gur Shatz, who previously cofounded Incapsula. Cato Networks is backed by Aspect Ventures and U.S. Venture Partners. For more information, visit http://www.catonetworks.com/.




[1] Based on feedback from 70+ network professionals who took part in “MPLS, SD-WAN and Cloud Networks: The path to a better, secure and more affordable WAN," May 18, 2016.


Ayla Networks Raises $39 Million for IoT Platform

Ayla Networks, a start-up based in Santa Clara, California, announced $39 million in Series C funding to propelling its global Internet of Things (IoT) platform for manufacturers.

Ayla's end-to-end software, which is offered as a Platform-as-a-Service, runs across devices, the cloud, and applications to provide secure connectivity, data analytics, and feature-rich user experiences for our customers as well as the end consumer. The company has now established IoT clouds in North America, China and Europe.

The company said its IoT platform is gaining traction with manufacturers in many markets, including home appliances, residential and commercial HVAC (heating, ventilation, air conditioning) systems, water heaters, water softeners, and home fire and safety products. During the past year, the company has announced new or expanded relationships with manufacturing customers that include Changhong, Dimplex, Fujitsu General, Hampton Brinks, Hunter Fan, Kidde, LockState, Ozner, TCL and United Technologies Electronic Controls (UTEC).

The Series C financing round was led by Ants Capital, a boutique investment bank based in China, and co-led 3NOD, a leading original design manufacturer (ODM) of smart lifestyle products; and joined by new investors Mitsui and Acorn Pacific. Existing Ayla investors Cisco Investments, Crosslink Capital, International Finance Corp. (IFC, a division of World Bank Group), Linear Venture, SAIF Partners/Oriza Ventures, SJF Ventures and Voyager Capital also reinvested in this financing round.

http://www.aylanetworks.com

Big Switch Rolls Out Big Enhancements for SDN

Big Switch Networks rolled out significant updates to its SDN-based Big Monitoring Fabric and Big Cloud Fabric solutions. The enhancements target use cases in security monitoring, network function virtualization (NFV) and IP storage, as well as support for the latest open networking switches.

Big Monitoring Fabric (BMF) is a next-generation network packet broker (NPB) that leverages SDN principles, Open Networking switches and an x86-based DPDK service node to provide feature-rich, scale-out data center monitoring.  New capabilities in Big Monitoring Fabric include advanced feature additions to the Big Switch DPDK service node and enhanced network services for out-of-band network monitoring to achieve pervasive network visibility and security. Big Cloud Fabric updates include deeper integration with VMware vSphere, and support for Red Hat OpenStack Platform 8, with a recently completed 300 node scale benchmark validation test with Dell & Red Hat. Big Switch is also announcing support for the latest open networking switches based on Broadcom Trident-II+ and Tomahawk ASICs, including copper 10G (10GbT) and higher-density 64x40G to double the scale of both SDN fabric solutions.

Big Cloud Fabric (BCF) is a leaf/spine SDN fabric promising hyper-scale agility, economics and operational simplicity for OpenStack Platform clouds or VMware virtualization environments. Updates to Big Cloud Fabric include:

  • NFV Everywhere -- To expand NFV deployments beyond the data center to Central Offices, smaller POPs and remote locations via NEBS support, a new VM controller option and stretched-fabric deployments
  • Enhanced VMware vCenter GUI Plug-in -- To deliver physical network automation, visibility and now troubleshooting directly from vCenter to simplify provisioning and operations for the cloud/virtualization admin.
  • Support for Software-Defined Storage -- In addition to traditional IP storage, now supports production deployments with Red Hat Ceph
  • Inter-Pod/Inter-DC L2 Extension -- Enables tenant services and application mobility across pods and data centers leveraging VXLAN (beta support)
  • Expanded SDN Security -- Crypto security for SDN control-plane (CPSec) now includes controller-to-vSwitch and controller-to-controller traffic as well as controller-to-pSwitch previously supported
  • Container Networking Demonstration -- Plug-in for Kubernetes container orchestration to demonstrate network automation, visibility and troubleshooting in Docker container environment

Expanded Support for Open Networking Hardware -- Both Big Monitoring Fabric and Big Cloud Fabric to support latest Broadcom Trident-II+ and Tomahawk based Open Networking switches from Dell and Edgecore Networks, including:

  • 64x40G: Dell's S6100 high-density Broadcom Tomahawk-based platform to double 40G fabric scale for both Big Cloud Fabric and Big Monitoring Fabric
  • 10GbT: Copper 10G platform (48x10GbT + 6x40G) based on Broadcom Trident-II+ for cost-optimized deployments
  • 32x40G and 48x10G + 6x40G: fiber 10G and 40G platforms based on Broadcom Trident-II+
  • These platforms are available for beta trials in Q3 2016.


http://www.bigswitch.com

Saturday, June 25, 2016

AT&T Adds Venture Capitalist to Board

AT&T announced the appointment of Geoffrey Yang to its Board of Directors, where he will serve on the company’s Corporate Development and Finance Committee.

Yang is a founding partner and managing director of venture capital firm Redpoint Ventures, which has supported more than 40 IPOs and more than 60 acquisitions since its inception in 1999. Yang has funded, helped found or served on the boards for a variety of consumer media, Internet and infrastructure companies, including Juniper Networks, Netflix, TiVo, MySpace and Arista Communications.

“Geoff has an outstanding track record in technology and emerging forms of media and entertainment,” said Randall Stephenson, chairman and CEO of AT&T. “His extensive experience in these areas is a terrific fit with AT&T and we look forward to his contributions as a member of the board.”

http://www.att.com

Friday, June 24, 2016

Hedvig at DockerCon 16

Overview of Hedvig software-defined storage for containers and CloudScale Reference Architectures at DockerCon 2016 with Docker DataCenter, ContainerX, and ClusterHQ (Flocker).

See video: https://youtu.be/UJO_CAP_IVs




http://www.hedviginc.com


Thursday, June 23, 2016

Cisco Prevails over Arista in Patent Case

Cisco has prevailed in a long-running patent dispute with Arista (the '944 case).

On Thursday, the International Trade Commission issued a Final Determination that Arista’s products infringe three Cisco patents. Two of the patents cover Cisco’s private VLAN network security technology which Arista included in its switches. The third covers Cisco’s proprietary core SysDB technology.

Additional court ruling are expected in the coming months for a different group of patents covered by a second ITC investigation (the ‘945 Investigation). A further trial covering patent and copyright infringement is expected in November.

In a blog post, Mark Chandler, General Counsel at Cisco, writes the ITC remedies include an exclusion order, which would ban all Arista switches and their components from importation into the U.S., and a cease and desist order blocking them from building infringing products in the US that are comprised of any imported components.

Arista has as much as acknowledged the infringement of the Private VLAN patents, announcing that they will discontinue the private VLAN feature “for now,” belying their claim that they had developed workarounds.  The remedies also include a cease and desist order prohibiting the marketing, sale, and distribution of infringing Arista switches in the U.S. These orders are scheduled to go into effect at the end of the Presidential Review Period on August 23, 2016. Arista made much of the fact that it had challenged the validity of Cisco’s patents. Arista did not challenge the validity of the Private VLAN patents, however, and the Patent and Trademark Office declined to institute review proceedings on six claims in the SysDB patent which the ITC found infringed.

For its part, Arista noted that the ITC ruled in its favor with respect to two of the five patents under investigation (U.S. Patent Nos. 7,290,164 and 7,340,597), finding that two accused Arista features do not infringe the asserted claims. Arista previously announced that it has released a new version of its EOS software containing design-arounds that it believes address the ITC’s findings with respect to the features implicated in the Final Determination. Arista said it intends to seek appropriate regulatory approvals for these design-arounds.

http://blogs.cisco.com/news/final-itc-determination
http://investors.arista.com/company/investors-relations/press-releases/press-release-details/2016/ITC-Issues-Final-Determination-in-944-Investigation/default.aspx


Huawei Marine Builds Cable Linking Kamchtka-Sakhalin

Rostelecom has authorized Huawei Marine to begin the construction of a 900-km submarine fiber cable connecting Kamchatka and Sakhalin.

The construction represents the second phase of the Far East cable system that connects the regions of Kamchatka-Sakhalin-Magadan.

Phase One connecting Sakhalin – Magadan was completed in 2015 along with the land-based  telecommunication network on the Kamchatka peninsula. This terrestrial network connects to the submarine cable in the area of Ust-Bolsheretzk, from where the submarine cable is buried beneath the seabed as it crosses the Okhotsk sea, connecting Ust-Bolsheretzk in Kamchatka with Okha residential point in Sakhalin.

http://www.huaweimarine.com/marine/marine/commonWeb.do?method=showContent&webId=487
http://www.rostelecom.ru/projects/FarEast_FOCL/

OpenDaylight Lauches TransportPCE Projects

Orange, with the support of Telia Company and AT&T, has initiated a new TransportPCE project within OpenDaylight.

The new Transport PCE project aims to make it easier to deploy multi-layer transport use cases using OpenDaylight, as well as IP/MPLS. The project will develop the first Transport PCE for L1 service requests and serve as a testing and validation means for network topology updates. The group said it seeks to foster broad adoption of common YANG data models for Layer 0/1 networks and devices.

https://www.opendaylight.org/news/foundation-news/2016/06/european-telecom-operators-orange-and-telia-take-leadership-role

Pica8 Adds Support for 25/50/100 GbE

Pica8 is rolling out a new version of its networking operating system for white box switches that adds support for 25/50/100 Gigabit Ethernet (GbE) networking.

PicOS supports ultra-fast networking on switches based on Cavium’s XPliant and Broadcom’s Tomahawk switch ASICs. These enhancements are incorporated into PicOS 2.7.1, which is now shipping on 100GbE white box switches from Edgecore Networks and Inventec.

In addition, PicOS 2.7.1 introduces AdvanceFlow, a set of features for more granular flow management and optimization that allows customer to achieve greater scale. This includes larger tables for L3 flows, controls for specifying hardware vs. software flows, and better integration of L2 and L3 tables into the memory tables of the switch.  These enhancements, along with the recent introduction of Table Type Patterns (see Pica8 Unlocks Last Open Networking Black Box at OCP), further solidify Pica8 as a brand leader in SDN scale and optimization for large-scale service provider deployments.

http://www.pica8.com/

Samsung and Red Hat Collaborate on NVMe + Ceph Storage

Samsung Electronics and Red Hat announced a high-performance, data center storage architecture that combines NVMe SSDs with Ceph.

Samsung said its NVMe Reference Design platform, together with Red Hat Ceph Storage, can deliver a highly scalable, more efficient TCO reference architecture that supports unified storage for enterprise IT or cloud environments in handling transactional databases, machine-generated data and unstructured data.

The combined storage solution – referred to as the Red Hat Ceph/Samsung Reference Architecture – can be deployed in an OpenStack environment to support the bandwidth, latency and IOPS requirements of high performance workloads and use cases, such as distributed MySQL databases, telco nDVR content retrieval and financial services. The Samsung NVMe Reference system is a dual-socket Xeon-based system with an EIA-compliant, 2RU chassis. It uses 4x 40Gb/s networking connectivity with remote direct memory access (RDMA).

“The data center community will appreciate the importance of the Red Hat Ceph/Samsung Storage Reference Architecture, as the harvesting of data analytics becomes a priority for businesses that want to better understand their customers and stay ahead of their competition,” said Jim Elliott, corporate vice president, memory marketing, Samsung Semiconductor, Inc. “Data-driven companies in search of performance optimization in an OpenStack environment can benefit from the high performance offered by Red Hat Ceph Storage software and our NVMe Reference Design as a compliment to existing capacity-optimized infrastructure,” he added.

http://www.samsung.com/semiconductor/support/tools-utilities/All-Flash-Array-Reference-Design/

Wednesday, June 22, 2016

CenturyLink Intros SD-WAN Service

CenturyLink rolled out a software-defined wide area network (SD-WAN) service that provides business customers with centralized control over a variety of private network access technologies.

The fully-managed service bundles site connectivity, equipment, software licensing, configuration, performance tuning and monitoring with a management and analytics portal. CenturyLink said the customer has the option of managing their own policies or letting CenturyLink manage their policies. CenturyLink also can manage connectivity from a wide range of providers as part of an aggregated solution. Customers can build standalone SD-WAN networks or pursue hybrid approaches that seamlessly integrate MPLS and SD-WAN connected sites. Some key features:

  • Unified management – One network manager that ties disparate networks and access types into a more agile, responsive wide area network that is easy to administer.
  • Access to bandwidth – Leverage broadband connectivity for bandwidth-intensive applications.
  • Speed and agility – Turn up new locations quickly and easily.
  • Simplicity – Add on-demand features that previously required hardware procurement.
  • Security – Access, implement and enforce a broad array of security controls.
  • Economic pricing – Reduce capital expenses and operating expenses for equipment, maintenance and staffing.
  • Visibility – Monitor network and application performance at any point in the network, with access to broad and granular analytics and reporting.
  • Reliability – Experience uniform service levels across all locations, thanks to flexible carrier choices and the ability to scale using network functions virtualization (NFV).
  • Integration – Extend and complement existing network services, such as MPLS and Ethernet, through integration into the SD-WAN platform.
  • Proactive customer support – Access personal support, ongoing performance tuning and recommendations from CenturyLink.


CenturyLink is launching a free-of-charge, 90-day proof-of-concept offer for businesses interested in testing SD-WAN within their wide area network.

"Cloud-based applications, media streaming, video surveillance, enhanced analytics and in-store experience continue to push the network needs of the enterprise. Without significant increases to their traditional private network budgets, enterprises are challenged to meet these ever-growing demands, improve the end-user experience and ensure security and application performance," said CenturyLink Chief Technology Officer Aamir Hussain. "CenturyLink SD-WAN offers a game-changing approach, enabling an instantly better network experience and addressing many of the common pain points faced by organizations that need high-speed, cost-effective network services for numerous locations."

http://news.centurylink.com/news/centurylink-unveils-fully-managed-sd-wan-service

Equinix Silicon Valley Expansion - Interview with Karl Strohmeyer

Equinix has just broken ground on its eight data center in the San Francisco Bay area.

The new building, Equinix SV10, joins two other data centers on the company's campus in south San Jose.  The first phase is expected to come online in 2017 with capacity for about 800 cabinets. Karl Strohmeyer, President of the Americas for Equinix, says this first phase of expansion represents an investment of about $125 million. Equinix is aiming for 100% sustainable power.

See video:  https://youtu.be/qqevSOs0M1Q





Elisabetta Romano: Immersive Experience & VR

Immersive experiences and virtual reality will drive transformative change across the media business.

Big changes in media patterns over the next 5 years will be much more impactful than the industry's evolution over the preceding 50 years, says Elisabetta Romano, VP and Head of TV & Media, Ericsson.



See video:  https://youtu.be/AqKKJ2NiNiE


See also