Tuesday, June 30, 2015

Azure Service Fabric Powers Microsoft's Cloud



Microsoft's Azure Service Fabric is a microservice application platform that allows developers to decompose their work into logical subsystems that are loosely coupled and can be updated independently.

In this video, Mark Russinovich, Chief Technology Office for Microsoft Azure,  talks about how Azure Service Fabric is becoming a key differentiator for the company's cloud initiatives.

Recorded at Open Networking Summit 2015 in Santa Clara, California.

http://azure.microsoft.com/en-us/campaigns/service-fabric/

https://youtu.be/R_zwGMQuuaA


#ONS2015 - Microsoft Azure Puts SDN at Center of its Hyperscale Cloud


To handle its hyperscale growth, Microsoft Azure must integrate the latest compute and storage technologies into a truly software-defined infrastructure, said Mark Russinovich, Chief Technology Officer of Microsoft Azure in a keynote presentation at the Open Networking Summit in Santa Clara, California. The talk covered how Microsoft is building its hyperscale SDN, including its own scalable controllers and hardware-accelerated hosts.  Microsoft...


More on core technologies for enabling hyperscale clouds

See Brad Booth on Hierarchical SDN, the move toward on-board optics, and Flexible Ethernet for data center operations.

Blueprint: Two-factor Authentication Signals the Death of the Password and Physical Token

by Andy Kemshall, Co-founder and CTO of SecurEnvoy

Considering the frequency and severity of data breaches today, we have reached a point of Cybercrime 2.0.  This requires an approach of Security 2.0. The challenge of protecting company data and systems is a continually evolving IT infrastructure.   Companies need enhanced authentication solutions that allow them to protect access to the data and resources critical for operations remotely. With that, the case for multi-factor authentication becomes stronger.

According to the Ponemon “2015 Cost of Data Breach Study: Global Analysis,” the average total cost of a data breach increased from $3.52 to $3.79 million. The average cost paid for each lost or stolen record containing sensitive and confidential information increased from $145 in 2014 to $154 in this year’s study1.

Once only considered for high-end companies (e.g., banks), today companies large and small in the government, healthcare, energy, financial services, insurance, manufacturing, marketing, retail, telecommunications, charity, legal and construction sectors are turning to two-factor authentication (2FA) for their internal security needs.  Although the evolution is slow, a change in attitude is taking place due to the growing concern what a breach can result in including: company downtime, lawsuits, lost business and a damaged reputation. This is motivating executives to pay closer attention to their company’s security.

Within a work environment, most companies utilize standard security measures.  This is with either a simple username and password or a physical token to enable employees to access important data and applications.

The Password

Over the years, we’ve trusted the password.  We trust its ability to keep our companies safe from thieves and those who would do us harm. Passwords met an impasse five years ago, and today they need to have 12 characters or you need to write them down in order to keep track of them.  Moore’s law tells us that every two years computing power doubles – meaning every two years the amount of time it takes to crack a password using a brute force attack is cut in half. It’s now reached the point where a password can be cracked in minutes, sometimes seconds. The antidote: 2FA.  This incorporates something you know, such as a password or PIN, something you are, such as a fingerprint or retinal scan, and something you own, which can either be a physical token or a soft token on a device you use every day, such as a mobile phone. The idea behind 2FA is to bring two of these separate methods together for a stronger level of security, should one of the methods become compromised.

The Physical Token

Companies employing the traditional physical token are likely to experience the following downsides to this approach including: contractors and employees can misplace them, overloading the IT department in replacements; physical tokens do not scale well, can be expensive, deployment of a newer version can take a while (three months to a year) and are less secure than 2FA.

These are non-issues when considering 2FA with a mobile device approach as it is extremely simple to deploy, easy-to-use and adoption with employees is quick. There are seven billion GSM devices in the world and people are very attached to their mobile devices.  Also, if employees want to upgrade their mobile device, the user self-enrolls their new device rendering the old one safe for disposal.

Lastly, the costs of tokens versus a mobile 2FA approach.  The life of a token is three to five years and to replace all of them in a medium or large-sized company can cost hundreds of thousands of dollars, plus it can take three to twelve months to completely roll out.  This holds companies back in terms of productivity.  A mobile 2FA approach simply leverages devices employees already have with them, saving companies money and time to change over new systems.

Implementation of 2FA

If a company wishes to implement a mobile 2FA approach for its network architecture, networking insiders can choose to deploy this in three different ways: on-premise, through managed service provisioning (MSP) or via the cloud.

On-premise allows direct integration within your own network. This unique approach seamlessly dovetails an existing infrastructure. A major benefit of this is that user data resides within the company and leverages existing replication infrastructure such as Active Directory.

Some solutions providers have a partner network for MSP deployment. Utilizing a dedicated MSP partner allows greater choice of integration to suit your network. This approach also allows a security vendor to take over the overall operation and day-to-day administration of your tokenless two-factor authentication system. Reducing the burden of one’s resources, this approach makes it easy for the vendor to provide 2FA solutions for the cloud, integrating into the login seamlessly into your environment.

Although on-premise is the most ideal approach, cloud should be considered if there is a different setup, for SMBs and for companies with several servers and several locations.  Although a lot of companies turn to the cloud as a solution, when it comes to security, there are drawbacks.  These include:

  • Needing constant synchronization with the information people have any time it changes;
  • A cloud environment can be ceased by any government; and
  • The cloud environment cloud stores the seed records (with sensitive information and passwords), which can be hacked.


An additional advantage of on-premise approach is that the seed records are under the control of your company security as security providers like SecurEnvoy do not hold any seed records.

In conclusion, two-factor authentication via mobile devices is evolving into an ideal method that should be considered today to authenticate the end user. It is stronger, the adoptability is easy - as the end-user can pick what mobile device they can use (and in some cases, how they can receive a passcode via SMS, email or voice), it is simple to deploy and overall, it costs less.

About the Author

Andy Kemshall, Co-Founder and CTO at SecurEnvoy is one of the leading European experts in two-factor authentication. As the co-founder and CTO of SecurEnvoy, he brings nearly 20 years of IT security authentication experience to SecurEnvoy. Andy is the inventor of both SMS and secure mail recipient -based two-factor authentication, and more recently NFC based one-swipe authentication. Prior to his role at SecurEnvoy, Andy was one of the original customer-facing technical experts at RSA Europe.  While at RSA, he served as the Sales Engineering Manager where he managed high-level customer relationships, developed the product and advised RSA HQ on new and emerging technologies from Europe.

About SecurEnvoy

SecurEnvoy (www.securenvoy.com) is the trusted global leader of mobile phone-based Tokenless® two-factor authentication. Its innovative approach to the multi-factor authentication market now sees millions of users benefitting from its solutions all over the world. Controlling endpoints located across five continents, SecurEnvoy design innovative two-step verification solutions that leverage both the device the user carries with them and their existing infrastructure. The solutions are the fastest to deploy and the most secure in the industry. With no hardware or deployment issues, the ROI is dramatically reduced and easily managed.

Ponemon’s 2015 Cost of Data Breach Study: Global Analysis 
http://public.dhe.ibm.com/common/ssi/ecm/se/en/sew03053wwen/SEW03053WWEN.PDF


Got an idea for a Blueprint column?  We welcome your ideas on next gen network architecture.
See our guidelines.

Cisco to acquire OpenDNS for $635 Million

Cisco agreed to acquire OpenDNS, a privately held security company based in San Francisco, for approximately $635 million in cash and assumed equity awards.

OpenDNS provides a secure DNS offering with advanced threat protection for "any device, across any port, protocol or app." Its predictive security model is designed to anticipate malicious activity, including botnets and phishing. Its DNSCrypt technology converts regular DNS traffic into encrypted DNS traffic to prevent eavesdropping and man-in-the-middle attacks. The service is hosted in peering data centers around the world.

Cisco said the acquisition will boost its Security Everywhere approach by adding broad visibility and threat intelligence from the OpenDNS cloud delivered platform.

"As more people, processes, data and things become connected, opportunities for security breaches and malicious threats grow exponentially when away from secure enterprise networks," said Hilton Romanski, Cisco chief technology and strategy officer. "OpenDNS has a strong team with deep security expertise and key technology that complements Cisco's security vision. Together, we will help customers protect their extended network wherever the user is and regardless of the device."

https://www.opendns.com/


  • OpenDNS was founded in 2006 by David Ulevitch. Investors included Sutter Hill Ventures, Greylock Partners, and Sequoia Partners.

AWS Plans Data Center in India

Amazon Web Services announced plans to open an AWS infrastructure region in India for its cloud computing platform in 2016.

AWS did not reveal the location of its new data center but cited a number of partners in India including Accenture, Blazeclan, Frontier, Intelligrape, Minjar, Progressive, PWC, SaaSforce, SD2labs, Team Computers, Wipro, and many others.

"Tens of thousands of customers in India are using AWS from one of AWS's eleven global infrastructure regions outside of India. Several of these customers, along with many prospective new customers, have asked us to locate infrastructure in India so they can enjoy even lower latency to their end users in India and satisfy any data sovereignty requirements they may have,” said Andy Jassy, Senior Vice President, AWS. “We're excited to share that Indian customers will be able to use the world’s leading cloud computing platform (AWS) in India in 2016 – and we believe India will be one of AWS's largest regions over the long term."

https://aws.amazon.com

Distil Raises $21M for Bot Detection and Mitigation

Distil Networks, a start-up with offices in Arlington, Virginia and San Francisco, raised $21 million in Series B funding for its bot detection and mitigation solution.

Distil helps to defend websites against malicious bots used for web scraping, brute force attacks, competitive data mining, account hijacking, unauthorized vulnerability scans, spam, man-in-the-middle attacks and click fraud.

Its unique approach monitors every single Web request and builds a signature, or fingerprint, of every incoming connection, allowing the company to accurately detect, flag and block that unique fingerprint for all other sites under Distil’s protection.

By having blocked more than 50 billion bad bots to date, Distil said it has amassed the largest known database of malicious bots.

The funding round was led by new investor Bessemer Venture Partners (BVP), with participation from current investors Foundry, TechStars, ff Venture Capital, Idea Fund and Correlation Ventures.

http://resources.distilnetworks.com/h/i/98730273-distil-networks-announces-21m-in-funding-led-by-bessemer-venture-partners

The OPNFV Project Expands its Member Roster

The OPNFV Project announced that Altera, Brain4Net and CertusNet have joined as Silver members. Launched in September 2014, the OPNFV project is supported by 60 member companies.

“Collaboration is key to accelerating the open source software development of NFV, and with Arno now available, we’re seeing that vision materialize,” said Heather Kirksey, director, OPNFV. “We look forward to the contributions our newest members will bring to the community with their knowledge of FPGA technologies and orchestration and control solutions for SDN and VNF.”

Open Platform for NFV is a carrier-grade, integrated, open source flexible platform intended to accelerate the introduction of new products and services using NFV.

http://www.opnfv.org
http://www.linuxfoundation.org

OPNFV Community Delivers Arno, its First Release



The OPNFV Project, which is the community based effort sponsored by the Linux Foundation to develop an open source platform to accelerate the introduction of Network Functions Virtualization (NFV), announced the availability of OPNFV Arno, its first software release. Arno provides an initial build of the NFV Infrastructure (NFVI) and Virtual Infrastructure Manager (VIM) components of ETSI NFV architecture. Key capabilities of OPNFV Arno: Availability...


Microsoft Contributes Device System Bridge to Alljoyn

The AllSeen Alliance has contributed the open source Device System Bridge (DSB) code to the AllSeen open source software project.

DSB enables interoperability with legacy and purpose-built device networks under the AllJoyn open source software framework.  For example, using the AllJoyn DSB, developers can connect BACnet-based devices for building automation or Z-Wave smart home products to AllJoyn-enabled devices locally or remotely, depending on the design configuration.

The AllSeen Alliance said DSB complements the AllJoyn Gateway Agent, an extension of the AllJoyn software framework that connects AllJoyn devices in a local network to external networks, delivers remote access, device management and fine-grained security and privacy control. By comparison, the AllJoyn DSB acts as a “superconnector” for devices using their existing non-AllJoyn interfaces and creates a virtual version of these devices on the AllJoyn system.  This enables other AllJoyn devices and applications to interact with these BACnet, Z-Wave or similar protocol devices as if they were simply additional AllJoyn devices in the AllJoyn system.

“Millions of connected devices exist. We see significant savings for companies that bridge existing automation systems and devices to leverage their existing infrastructure and put it to work in IoT,” said Jason Farmer, AllSeen Alliance Gateway Working Group contributor and Lead Program Manager at Microsoft. “Microsoft is committed to making the IoT as accessible, secure, cost-effective and simple as possible. Our DSB contribution to the AllSeen Alliance will help bring real-world applications to market quickly with existing devices and infrastructure, accelerating the Internet of Your Things.”

https://allseenalliance.org/

EU to End Roaming Charges in mid-2017

The European Union will adopt new rules to end mobile phone roaming fees by mid-2017. Under the agreement, roaming surcharges in the European Union will be abolished as of 15 June 2017. However, roaming providers will be able to apply a 'fair use policy' to prevent abusive use of roaming. This would include using roaming services for purposes other than periodic travel.

Roaming fees will already go down on 30 April 2016, when the current retail caps will be replaced by a maximum surcharge of €0.05 per minute for calls, €0.02 for SMSs and €0.05 per megabyte for data.

The European Parliament is also planning the first EU-wide open Internet rules (Net Neutrality), whereby operators will have to treat all traffic equally when providing Internet access services.

"This is a great success for the European Union and the Latvian presidency", stressed Anrijs Matīss, the Latvian Minister for Transport. "The Latvian presidency has put a lot of effort into finalising the Telecom Single Market proposal - we revived the proposal from scratch and reached agreement. This would not have been possible without the commitment and constructive approach of the member states, the European Parliament and the European Commission".

http://www.consilium.europa.eu/en/press/press-releases/2015/06/30-roaming-charges/

Taiwan's Chunghwa Telecom Picks Ericsson for LTE Expansion

Chunghwa Telecom, the largest telecom operator in Taiwan, awarded a contract to Ericsson to boost its LTE coverage and capacity on the island. Financial terms were not disclosed.

Ericsson will continue to serve as sole supplier for the entire core network, including a multi-access Evolved Packet Core, and as a major supplier for RAN in Taiwan's most populated areas, including Taipei city.

Jan Signell, Head of Region North East Asia at Ericsson, says: "This further demonstrates our commitment to our long term strategic business relationship with Chunghwa Telecom. As a major supplier to Taiwan's largest operator, it is our mutual interests to not only deliver a superior network to optimize customer experience, but also create new revenue opportunities for Chunghwa Telecom in the enterprise business segment."


http://www.ericsson.com/news/1932549

Bharti Airtel Selects Nokia for 3G Expansion in 5 Circles

Bharti Airtel awarded a four-year contract to Nokia Networks to roll out its 3G network in 5 new telecom circles and network expansion in 3 existing telecom circles. Financial terms were not disclosed.

Under the 4-year contract, the company will provide its radio elements and services expertise to power Bharti Airtel’s infrastructure.  The rollout includes Nokia's Flexi Multiradio 10 Base Station, its all-IP multicontroller RNC (mcRNC) NetAct, a cloud-ready virtualized OSS, and network planning services.

http://networks.nokia.com/news-events/press-room/press-releases/nokia-networks-inks-4-year-deal-with-bharti-airtel-india-for-3g-network-rollout

Monday, June 29, 2015

The OpenDaylight Project Announces Lithium Release

The OpenDaylight Project announced its third open SDN software release -- Lithium.

OpenDaylight is a highly available, modular, extensible, scalable and multi-protocol controller infrastructure built for SDN deployments on modern heterogeneous multi-vendor networks. OpenDaylight provides a model-driven service abstraction platform that allows users to write apps that easily work across a wide variety of hardware and southbound protocols.

New features and improvements in the OpenDaylight Lithium release include:
  • Increased scalability and performance. OpenDaylight’s Integration Group spent significant time testing against end user-defined use cases and requirements to boost scalability and performance of core architectural components in Lithium.
  • Network services for cloud data center platforms. Native support for the OpenStack Neutron framework combined with features such as SFC, Virtual Tenant Networking (VTN) and Group-Based Policy (GBP) allow users to easily design device, user and group-level policies including customized service chains for firewall, load balancing and other application network services.
  • New features for security and automation. Unified Secure Channel eases secure communication between OpenDaylight and widely distributed networking equipment; Time Series Data Repository (TSDR) enables collection and analysis of large amounts of network activity; Device Identification and Driver Management (DIDM) provides end users the ability to discover, manage and automate a wide range of existing hardware in their infrastructure; Persistence ensures application-specific data is preserved over time or in the event of a catastrophe; and Topology Processing Framework allows for filtered and/or aggregated views of a network, including multi-protocol, underlay and overlay representations.
  • New and enhanced APIs for interoperability. Network Intent Composition (NIC) enables the controller to manage and direct network services and resources based on describing the “intent” for network behaviors and network policies, while Application Layer Traffic Optimization (ALTO) provides abstractions and services for simplified network views and network services. These new policy/intent-based abstractions augment the existing GBP project that was introduced with the Helium release. Distributed Virtual Router (DVR)
  • Six new protocols to support an ever-widening set of use cases. This includes Source Group Tag eXchange (SXP), Link Aggregation Control Protocol (LACP), IoT Data Management (IoTDM), SMNP Plugin, Open Policy Framework (OpFlex) and Control and Provisioning of Wireless Access Points (CAPWAP).

“End users have already deployed OpenDaylight for a wide variety of use cases from NFV, network on demand, flow programming using OpenFlow and even Internet of Things,” said Neela Jacques, executive director, OpenDaylight. “Lithium was built to meet the requirements of the wide range of end users embedding OpenDaylight into the heart of their products, services and infrastructures. I expect new and improved capabilities such as service chaining and network virtualization to be quickly picked up by our user base. We are really happy to see the interest the Telco/NFV community has shown in ODL.”

The OpenDaylight Project also noted that 466 people have contributed over 2.3 million lines of code.

The second annual OpenDaylight Summit is scheduled for July 27-31 in Santa Clara, California.

The OpenDaylight Project also introduced an Advisory Group of technology leaders from enterprise, telco and academic organizations: Pedro Aranda, Telefónica I+D; Margaret Chiosi, AT&T; Dr. Jamil Chawki, Orange; Chris Donley, CableLabs; Jay Etchings, Arizona State University; Chris Luke, Comcast; Harvey Newman, Caltech; Liang Ou, China Telecom; Dominick Paniscotti, Nasdaq; Ralf Trezeciak, Deutsche Telekom; Beau Williamson, T-Mobile; and Alex Zhang, China Mobile.

http://www.opendaylight.org/announcements/2015/06/opendaylight%E2%80%99s-third-open-sdn-release-broadens-programmability-intelligent

Pica8 Powers France’s TOUIX Internet Exchange with SDN

TOUIX, one of France’s leading Internet exchanges, is leveraging Pica8’s network operating system and white box switches to program and optimize its exchange fabric. TouIX is providing an interconnected network infrastructure in 4 PoPs around Toulouse city and is interconnected with the Paris FranceIX and LyonIX IXPs.

Pica8 said its software enables TOUIX to avoid network outages and congestion caused by broadcast storms. The deployment is leveraging Ryu, the NTT Labs open-source controller, with parallel development underway for ON.Labs’ ONOS controller. Additionally, for this installation, developers used Pica8’s REST API as a means to communicate with a Graphical User Interface (GUI), simplifying common operational tasks.

“With traditional MAC-based switches, exchanges have restrictions on how to easily scale and avoid broadcast storms,” said Marc Bruyere, researcher at LAAS CNRS. “By default, an OpenFlow driven network does not do anything until you tell it. Traditional switches are routers that use lower-performance CPUs compared to servers, which is good enough to scale routed BGP networks, but not high performance enough to handle all of the MAC lookups. By controlling end-to-end paths using OpenFlow, we know the destination explicitly.”

“Low-cost, top-of-rack switches are ideal for our needs,” Bruyere added, “as the OpenFlow environment is more programmable circuit by circuit, and lack of a broadcast domain reduces what providers call broadcast ARP overhead. TOUIX’s OpenFlow design provides the optimal Ethernet fabric for IXP members to do BGP peering in a secure and stable manner. SDN OpenFlow is a fantastic opportunity to develop innovative services like a metropolitan neutral marketplace interconnecting all of the datacenters and IT services for the city of Toulouse.”

http://www.pica8.com

TE Connectivity Intros Fiber-rich Distribution Hub for FTTH

TE Connectivity (TE) introduced a new line of fiber distribution hubs featuring higher fiber counts, smaller footprint and improved mounting options.

The new sealed fiber distribution hub (FDH) 4000 brings high-density fiber connectivity to a compact, weatherproof enclosure. It serves to connect the feeder and distribution cables via optical splitters in the fiber to the home (FTTH) network. It features 144 distribution ports, 9 splitter ports and 72 pass-through ports. Its small, compact size overcomes space challenges in crowded hand holes and strands, and offers less visual impact to meet aesthetic or security requirements.

In addition, TE said its FDH 3000 enclosure now offers double the splitter capacity – up to 48 splitter slots – giving network engineers more options in deploying high-bandwidth services over FTTH networks. Additional splitter slots allow engineers to reduce split ratios or add CWDM and DWDM components to deliver even higher bandwidth services.

"Service providers are under pressure to deliver more bandwidth to their customers, but increasingly, regulatory restrictions are impeding their ability to do that," said Jaxon Lang, general manager and vice president of TE Broadband Network Solutions. "Our FDH 4000 and FDH 3000 solutions help solve these challenges by providing service providers with more high-capacity solutions in a smaller footprint. As a result, service providers are able to realize faster network construction and gain better cost control of their FTTH assets."

http://www.TE.com  

Huawei and Alstom Test LTE for Railway Signalling

Huawei and Alstom completed a live pilot test of LTE multi-services based on Communications-based Train Control (CBTC), a railway signalling system based on wireless ground-to-train communication.  The testing covered the unified multi-service capabilities of several systems including CBTC, Passenger Information System (PIS), and closed-circuit television (CCTV).

The pilot was carried out at metro lines near the Valenciennes commune area in France with Huawei optimizing the network planning, broadband data services, and mission critical voice trunking services, and Alstom providing the technology integration support. During the pilot, Huawei and Alstom jointly conducted several tests, including laboratory and static test on trains, dynamic test on metro tracks, and testing of eLTE multi-services capabilities.

Alstom is the world's first train manufacturer to integrate LTE 4G into its signalling system solution, the Urbalis Fluence CBTC solution, which greatly improves the suitability of eLTE, providing a converged ground-to-train wireless communication network for metro operations.

Huawei said it first developed the eLTE broadband trunking solution with a focus on multimedia applications, voice trunking dispatching, and broadband data services based on 4G LTE standards to satisfy growing demands from the rail transportation industry.

Huawei's eLTE solution enables metro operators to ensure safe train operations by leveraging eLTE-based CBTC train signals while providing mission critical voice trunking dispatching and broadband data services such as live video streaming of CCTV images and Passenger Information System (PIS).

To date, Huawei has signed 111 eLTE network contracts and established 53 eLTE commercial networks in more than 30 countries. Huawei's eLTE solution has also been successfully deployed in a number of railways around the world.

http://www.huawei.com
http://www.alstom.com/products-services/product-catalogue/rail-systems/signalling/products/urbalis-fluence/

AT&T Confirms $3 Billion to Upgrade Networks in Mexico

AT&T last week confirmed plans to invest US$3 billion to extend its high-speed, mobile Internet service to Mexico, covering 100 million people in Mexico by year-end 2018. This is in addition to the US$4.4 billion AT&T invested earlier this year to acquire Iusacell and NEXTEL Mexico.

Specifically, AT&T said the first phase of the mobile network will be complete in the next six months and cover 40 million Mexicans, about one-third of the population. By the end of 2016, AT&T expects its mobile Internet service will reach 75 million people, nearly two-thirds of the population. AT&T plans to reach 100 million people by year-end 2018.

AT&T is preparing to introduce new plans around a North American Mobile Service Area, letting customers extend their plans across both countries.


http://about.att.com/story/att_to_invest_approximately_3_billion_in_mexico_to_extend_mobile_internet_to_100_million_consumers_and_businesses_by_year_end_2018.html

AOL and Microsoft Deal Covers Advertising and Search

Microsoft and AOL (now a division of Verizon) announced a major, 10-year deal under which AOL will assume management and sales responsibility for all of Microsoft’s display, mobile and video advertising inventory in nine key global markets -- the United States, the United Kingdom, Canada, Brazil, France, Germany, Italy, Spain, and Japan. AOL will represent inventory from across Microsoft’s suite of online brands, including MSN Homepage and verticals, Outlook Mail, Xbox, Skype and ads in apps.

In addition, Microsoft will provide its Bing-powered search capabilities to AOL beginning January 1, 2016.

Commenting on the partnership, AOL President, Bob Lord said, “We have enjoyed a terrific relationship with Microsoft, and this expanded partnership is a win for both companies and our advertiser partners as our industry continues to rapidly transform and evolve. This collaboration further validates our leadership position in digital advertising and the shift to automation, while also allowing Microsoft to focus on what they do best: industry leading services and search innovation.”

http://www.aol.com
http://www.microsoft.com

SK Telecom and Nokia Target 5G R&D

SK Telecom and Nokia Networks announced the opening of a 5G research and development center at Nokia Networks' Korean office. The center will serve as a venue where researchers from the two companies will study and develop core 5G technologies, including gigabit-level data transmission technology and cloud-based virtualized base stations. Moreover, SK Telecom and Nokia Networks will open a test bed within the end of 2015 to verify and demonstrate 5G technologies.

The companies said they have successfully verified the performance of the co-developed “user plane and control plane separation technique,” one of the key enabling technologies for hybrid core network architecture for 5G.

“SK Telecom is spearheading the efforts to develop 5G enabling technologies and architecture to flawlessly support high-speed transmission of massive data, including immersive multimedia contents,” said Alex Jin-sung Choi, the Chief Technology Officer of SK Telecom. “We will continue to work closely with Nokia Networks to optimize network architecture in preparation for the 5G pilot service demonstration in 2018.”

http://www.sktelecom.com/en/press/detail.do?idx=1127


Cloud Security Open API Working Group Gets Underway


CipherCloud and the Cloud Security Alliance (CSA) are forming a Cloud Security Open API Working Group to jointly define protocols and best practices for implementing cloud data security as a part of the cloud access security broker (CASB) framework.

The Cloud Security Alliance is an industry coalition for promoting best practices for providing security assurance within cloud computing. CipherCloud offers an open platform for cloud application discovery and risk assessment, data protection – searchable strong encryption, tokenization, data loss prevention, key management and malware detection – along with user activity and anomaly monitoring services.

 “Cloud is the killer app for security innovation,” said Pravin Kothari, founder and CEO of CipherCloud. “But currently, inefficiencies at the technical level in the form of custom connector protocols can hold back innovations in cloud security. Defining a uniform set of standards can enable us all to operate from the same playbook. As a pioneer in CASB, we are excited to co-lead this initiative with CSA to accelerate security across clouds.”



In this video, Chenxi Wang talks about the need for cloud security open APIs as a means to govern how data is accessed, classified and protected within cloud applications.  The reason for cloud security open APIs is that everyone will benefit by a wider pool of contributors.

https://youtu.be/qYISZfO4YtA



CoreSite Announces $500 Million Credit Facility

CoreSite Realty Corporation, which operates high-performance data centers across the US, announced an amended and expanded $500 million senior unsecured credit facility.

The credit facility, consisting of a $350 million revolving credit facility and a $150 million term loan, extends CoreSite’s debt maturity profile and increases total debt capacity. The revolving credit facility has a four-year primary term, expiring in June 2019, with a one-year extension option, while the term loan has a five-year term maturing in June 2020. The term loan bears interest at a variable rate, and CoreSite elected to swap the variable interest rate associated with $75 million, or 50% of the principal amount of the term loan facility, to a fixed rate of approximately 2.95%. Net proceeds from the term loan will be used to partially pay down the current revolving credit facility balance.

KeyBank National Association served as administrative agent, and KeyBanc Capital Markets, RBC Capital Markets LLC, Regions Capital Markets and TD Securities (USA) LLC, all served as joint lead arrangers and joint book managers.

“The $500 million credit facility allows us to increase our overall liquidity, decrease our cost of borrowing, and maintain both financial flexibility and a balance between fixed and variable-priced instruments in our capital structure," said Jeff Finnin, CoreSite’s Chief Financial Officer. "When combined with our strong cash flows and balance sheet, the credit facility supports our future growth and development initiatives. We would like to thank our lending institutions for their continued support of CoreSite."

http://www.CoreSite.com


Sophos Completes IPO

Sophos completed its IPO last week on the London Stock Exchange raising nearly £80 million.

Sophos, which is headquartered in Oxford, UK, offers encryption, endpoint security, web, email, mobile and network security backed by SophosLabs - a global network of threat intelligence centers. The company has annual revenue of approximately US$447 million and about 200,000 customers.

http://www.sophos.com

Sunday, June 28, 2015

Open networking shifts the dynamics to SDN apps

The whole Open Networking revolution is really about transforming how infrastructure is built, and changing the dynamics from switches and protocols to the business applications, says Kumar Srikantan, President and CEO of Pluribus Networks.

If you think about this, it's no different that what has happened in the world of mobile devices.  Android and iOS are not really about mobile telephony but rather a platform for other applications.

Open networking is all about enabling the next generation of applications.

http://open.convergedigest.com/2015/06/open-networking-shifts-dynamics-from.html


UCSD Cites Major Advancement in Optical Transmission

Researchers at the University of California - San Diego announced a breakthrough in photonic transmission with the potential to increase the efficiency of long haul fiber optic cables.

Research published in the June 26 issue of the journal Science describes a solution to a long-standing roadblock to increasing data transmission rates in optical fiber: beyond a threshold power level, additional power increases irreparably distort the information travelling in the fiber optic cable.

“Today’s fiber optic systems are a little like quicksand. With quicksand, the more you struggle, the faster you sink. With fiber optics, after a certain point, the more power you add to the signal, the more distortion you get, in effect preventing a longer reach. Our approach removes this power limit, which in turn extends how far signals can travel in optical fiber without needing a repeater,” said Nikola Alic, a research scientist from the Qualcomm Institute, the corresponding author on the Science paper and a principal of the experimental effort.

In lab experiments, the researchers at UC San Diego demonstrated transmission over a distance of 12,000 kilometers with standard amplifiers and no repeaters (electronic regenerators). The breakthrough relies on wideband “frequency combs” that the researchers developed. The frequency comb described in this paper ensures that the signal distortions — called the “crosstalk” — that arises between bundled streams of information travelling long distances through the optical fiber are predictable, and therefore, reversible at the receiving end of the fiber.

“Crosstalk between communication channels within a fiber optic cable obeys fixed physical laws. It’s not random. We now have a better understanding of the physics of the crosstalk. In this study, we present a method for leveraging the crosstalk to remove the power barrier for optical fiber,” explained Stojan Radic, a professor in the Department of Electrical and Computer Engineering at UC San Diego and the senior author on the Science paper. “Our approach conditions the information before it is even sent, so the receiver is free of crosstalk caused by the Kerr effect.”

http://ucsdnews.ucsd.edu/pressrelease/electrical_engineers_break_power_and_distance_barriers_for_fiber_optic_comm

OneWeb Advances its Vision for Ku-band LEO Constellation

OneWeb, the venture planning to build, deploy and operate a low earth orbit (“LEO”) Ku-band satellite constellation, announced $500 million in funding from  Airbus, Bharti Enterprises, Hughes Network Systems, (Hughes), a subsidiary of EchoStar Corp., Intelsat, Qualcomm, The Coca-Cola Company, Totalplay, a Grupo Salinas Company, owned by Ricardo B. Salinas, and Richard Branson's Virgin Group.

"The dream of fully bridging the digital divide is on track to be a reality in 2019,” said Greg Wyler, founder of OneWeb. “Together with our committed and visionary founding shareholders we have the key elements in place: regulatory, technology, launches, satellites, as well as commercial operators in over 50 countries and territories. We are committed to solving one of the world’s biggest problems – enabling affordable broadband Internet access for everyone. We are excited about the next phase, which will involve working with countries, telecom operators and aid organizations to help them realize their goals of open and ubiquitous access.”

Some highlights on the OneWeb plan:
  • OneWeb aims to launch a constellation of 648 small, low Earth orbit (LEO) satellites to provide global broadband and mobile telephone services.
  • The system will bring more than 10 Tbps of new capacity to rural areas around the globe.
  • OneWeb’s User Terminals will provide high-speed connectivity with no change in latency during satellite handovers to ensure excellent voice quality, gaming and web experience. The terminals can operate with optionally included solar panels, battery packs, and WiFi/LTE/3G and 2G radios to provide coverage directly to cell phones, tablets and laptops.
  • OneWeb's microsatellites will use onboard GPS sensors and ground-tracking measurements to know their position within meters. The satellites will be able maneuver to avoid obstacles.  They will automatically de-orbit at end-of-life to minimize the space junk problem.
  • OneWeb has developed a “Progressive Pitch” technology that enables it to use satellite spectrum in the most efficient way by gradually and slightly tilting the satellites as they approach the equator to make sure they never cause, or receive, interference from GEO satellites.
  • OneWeb has contracted Arianespace for 21 multi-satellite launches on Soyuz rockets beginning in 2017, plus options for five (5) additional Soyuz launches and three (3) Ariane 6 launches. 
  • OneWeb satellites will be launched into a near polar orbit at an altitude of 500 kilometers before raising themselves to their operational orbit.
  • OneWeb satellites will weigh less than 150kg.
  •  Virgin Galactic has been selected to provide 39 singlel-sat launches using it's LauncherOne smallsat launch vehicle.
  • Intelsat will partner with OneWeb to use OneWeb’s LEO platform, once established, to complement Intelsat’s geostationary orbit (“GEO”) satellite services, resulting in the first and only fully global, pole-to-pole high throughput satellite system. 
  • Intelsat will make a minority share investment of $25 million in OneWeb. 

http://www.oneweb.world/

Telstra Launches Nationwide Wi-Fi Service in Partnership with Fon

Telstra is launching a nationwide Wi-Fi service that provides its customers with access to hotspots across Australia and overseas.

Telstra Air includes access to thousands of newly deployed Wi-Fi hotspots in payphone sites and retail outlets in popular locations across Australia.

Telstra has joined exclusively with Fon to allow Telstra Air members to access their home broadband allowance at 15 million hotspots overseas in 18 countries including the UK, Spain, Brazil, Japan, France and Germany, making it easier and more affordable to connect when travelling.

Telstra home broadband customers, including customers on the NBN, can become a Telstra Air member at no additional charge provided they have a compatible gateway.

https://www.telstra.com.au/broadband/wifi

Friday, June 26, 2015

San Francisco Public Library Gets 10G Internet Connection

San Francisco Public Library (SFPL), the Corporation for Education Network Initiatives in California (CENIC), and the City and County of San Francisco announced today that they have collaborated to provide unprecedented direct connection at 10 Gbps access speed to CENIC’s California Research and Education Network (CalREN) and from there to the world.

SFPL accesses city-owned fiber that is used to connect them to CalREN. SFPL has a direct 10 Gigabit connection to their main library. Seven branches now connect to the main branch at 1 Gigabit, with plans to connect all 27 branch libraries at this speed using city-owned fiber. From CalREN, San Francisco’s libraries are connected to California’s K-12 and higher education systems, to research and education networks throughout the world, and to the public Internet.

http://www.cenic.org
http://www.sfpl.org

Brocade Signs OEM Deal with China's Sugon

Brocade announced an OEM partnership with with Dawning Information Industry Co Ltd (“Sugon”), one of the leading high-performance computing vendors formed under the purview of the Chinese Academy of Sciences.

Specifically, Sugon will integrate Brocade VDX 6740 Switches, featuring VCS Fabric technology, with its flagship blade server product line – TC6600, as a 10/40 Gigabit Ethernet (GbE)/16 Gbps Fibre Channel converged network switch module. The embedded switch module in the TC6600 will be named VDX 2741, and is capable of supporting 10 and 40 GbE requirements for cloud computing, Big Data analysis, and Infrastructure-as-a-Service (IaaS), as well as supporting 16 Gbps Fibre Channel requirements for the deployment of high-performance data center networking solutions. The VDX 2741 embedded Ethernet fabric switch is a critical component of the Sugon TC6600 blade system.

http://newsroom.brocade.com

Pluribus Partners with Super Micro Computer and Red Hat

Pluribus Networks has partnered with Red Hat and Super Micro Computer to demonstrate an open and scalable converged infrastructure.  The solution combines Pluribus Open Netvisor Linux (ONVL), Micro-Blade servers from Supermicro and Red Hat OpenStack.

“With the Pluribus Open Netvisor Linux operating system, the entire network underlay can be exported as one logical fabric via Neutron plugin and RESTful APIs. Netvisor’s VNET-based segmentation allows the fabric to be freely virtualized, with each VNET managed by its own Neutron plugin allowing multiple OpenStack and other cloud management systems to share the same network without impacting each other,” said Sunay Tripathi, Co-Founder and CTO of Pluribus Networks, “Most importantly, the much acclaimed Pluribus Open Netvisor Linux fabric-wide visibility and analytics are available also as OpenStack’s Horizon dashboard extensions. This deep interoperability with OpenStack enables a level of computing and networking convergence only dreamed about several years ago. Both NetOps and DevOps teams can take full advantage of our solution without the typical re-learning and forklift-upgrade approaches seen elsewhere.”

Pluribus Networks delivers a unique SDN approach "that can be managed much like any common server is managed today, along with complete Layer-2 and Layer-3 support to allow it to be used in all existing infrastructures."

http://www.pluribusnetworks.com
http://www.supermicro.com

Thursday, June 25, 2015

Automating Visibility inside the Cisco Live Network with Gigamon and JDSU

The Cisco Live Network and its state-of-the-art network operations center serve all of the attendees of Cisco's big annual event. Equipment must be deployed rapidly. As soon as the show begins, the network supports tens of thousands of clients and pushes terabytes of data to the Internet.

This video takes a look at the Cisco Live Network and the use of Gigamon's new software-defined visibility,  which leverages APIs to make real-times changes in the types of data under analysis. Software-defined visibility allows the NOC to change the nature of the visibility fabric to provide only the type data needed by the testing tools in real-time.  In addition, the video features a live use-case presented by JDSU covering software-defined visibility and their tools.

Presented by Andy Huckridge, Director of Service Provider Solutions at Gigamon; Joe Clarke, Distinguished Engineer at Cisco; and Charles Thompson, Senior Director, Product Line Management, at JDSU.

See video:  https://youtu.be/giYXwy2thlQ

Masergy Deploys Commercial NFV at the Network Edge

Masergy, which owns and operates an independent global cloud networking platform for enterprises, has commercially deployed pure-play network functions virtualization (NFV) at the edge of its network using technology from Overture, Brocade, Fortinet  and Intel.

The deployment provides Masergy with greater agility, enabling it to deliver new and advanced premium services quickly and easily.

“Our primary focus is on service agility and our pure-play NFV deployment sets the stage for immediate response to customer requests,” said Tim Naramore, Masergy’s chief technology officer. “Masergy has long been an innovator, providing our customers with solutions that give them real-time control and the ability to get the services they need, when they want them.  With this launch, we’re adding incredibly agile and flexible solutions to our Managed Network f(n) family of distributed, fully managed network functions.”

Masergy’s NFV deployment, Virtual f(n) comprises virtualized network services at the edge of the network and is based on the Overture Ensemble Carrier Ethernet (ECE), Brocade Vyatta 5600 vRouter and Fortinet FortiGate-VM firewall virtualized network functions (VNFs) running on the Overture 65vSE VNF compute node platform, based on the Intel Atom processor, at the customer premise.

“The promise of pure software-based NFV has become a reality. Other operators have been taking a hybrid approach, using software functionality in existing Layer 2 devices or leveraging proprietary features in backbone switching equipment to deliver NFV-like services,” said Prayson Pate, Overture’s chief technology officer. “Masergy’s deployment, with our Ensemble Carrier Ethernet platform as the foundation, shows how a completely software-defined NFV environment can deliver performance comparable to today’s hardware-based solutions.”

“We work closely with Intel Network Builders members, including Overture, to ensure that their NFV solutions meet the stringent requirements of operator networks,” said Lynn Comp, Director of Market Development, Intel Network Platforms Group. “These collaborative efforts with the ecosystem have helped service providers understand the many benefits of running virtual network functions on open, Intel architecture-based systems in their deployments.”

http://www.overturenetworks.com/first-deploy
http://www.masergy.com

New RDMA over Converged Ethernet (RoCE) Initiative Gets Underway

A new RDMA over Converged Ethernet (RoCE) Initiative has been launched by the InfiniBand Trade Association (IBTA) to raise awareness about the benefits that RoCE delivers for cloud, storage, virtualization and hyper-converged infrastructures.

Remote Direct Memory Access (RDMA) enables faster movement of data between servers and between servers and storage with much less work being done by the CPU. RoCE utilizes RDMA to enhance infrastructure solutions for hyper-converged data centers, cloud, storage, and virtualized environments (see RoCE video). The technology brings greater network utilization with lower latency and improved CPU efficiency, in addition to reducing overall financial investment by increasing server productivity while leveraging Ethernet technology. RoCE technology transports data across Layer 2 and Layer 3 networks, providing better traffic isolation and enabling hyperscale data center deployments.

“The RoCE Initiative will be the leading source for information on RDMA over Ethernet solutions,” said Barry Barnet, co-chair, IBTA Steering Committee. “The IBTA remains committed to furthering the InfiniBand specification, of which RoCE is a part. The RoCE Initiative expands our potential audience and will enable us to deliver solution information and resources to those requiring the highest performing Ethernet networks.”

http://www.RoCEInitiative.org

Juniper Debuts 3 Tbps PTX1000 Supercore Router

Juniper Networks introduced its compact, 3 Tbps, PTX1000 supercore router.

Like the larger PTX3000 and PTX5000 core routers, the new two-rack unit (RU) router uses Juniper's 28nm ExpressPlus chipset for IP/MPLS performance applications. The 28-nanometer chip can drive 5x100G interfaces and leverages 3D memory architecture, which reduces power consumption and space requirements. In addition, the PTX1000 features flexible port interface options to maximize investment protection and ensure smooth upgrade cycles.

Commercial deliveries are expected in Q3.

“For telecom service and cloud content providers, the network is the lifeblood of their business. Juniper is always looking for new ways to ensure the network is a true competitive advantage for them. In developing the PTX1000, we recognized that these customers can increase performance while reducing operational complexity by distributing the load of serving up content across multiple peering points to deliver the high quality user experience that consumers expect,” stated Paul Obsitnik, vice president of service provider marketing, Juniper Networks.

http://www.juniper.net


In March 2015,  Juniper Networks rolled out a series of enhancements to its Converged Supercore PTX Series router based on new custom silicon and expanded software-defined networking (SDN) capabilities. The PTX routers combine full IP and MPLS functionality, transport integration and SDN programmability.

Juniper said its new ExpressPlus custom ASIC is capable of performing more than 1.5 billion filtered operations per second and scaling up to 500 Gbps (1 Tbps half-duplex).It delivers four times the performance and three times the efficiency gains over Juniper’s previous-generation Express chipset. 

The new silicon enables the PTX5000 routers to deliver 3 Tbps per slot (30x100GE interfaces) for a total capacity of 24 Tbps (48 Tbps half-duplex).  Energy efficiency is estimated at 1/2 watt per gigabit. In terms of size, the PTX3000 is designed for space-constrained environments and can scale up to 8 Tbps or (16 Tbps half-duplex) in a form factor 91 percent smaller than its nearest competitor. Juniper will also introducing new line cards for the PTX Series core routers.

In addition, Juniper has extended the capabilities of its NorthStar Controller to provide visibility and control into additional layers of the network and fully support and handle dynamic traffic, such as that driven by mobile and cloud applications. Juniper said these capabilities enable the NorthStar Controller to increase utilization by dynamically adjusting to changing network conditions in real-time.

Qwilt Raises $25 Million for its NFV-based Open Video Caching Delivery

Qwilt announced $25 million in Series D funding for its open caching and online video delivery solution.

Qwilt’s solution is 100 percent software-based, running on commodity, off-the-shelf hardware. Its open cache software architecture leverages the NFV/SDN environments being implemented by network operators worldwide. The company said its sales grew 400 percent year-over-year in 2014 with more than 80 deployments of its Qwilt Video Fabric solution worldwide.

The funding round was led Disrupt-ive with a $16 million investment, and includes new funding from Google Chairman Eric Schmidt’s Innovation Endeavors and continued funding from Cisco Investments. Existing investors Accel Partners, Bessemer Venture Partners, Marker LLC and Redpoint Ventures also contributed to the round. The company has raised $65 million to date.

“Since we launched just a few years ago with a vision to solve the streaming video problem for network operators, the strategic value of open caching has been broadly embraced as a crucial part of the new network architecture that is required to scale online video for the future,” said Alon Maor, CEO and co-founder of Qwilt. “We recognized the full scope of the opportunity early on and enhanced our open caching solution to support all types of online video, including live streaming. Furthermore, we have proactively extended our product line to address any network medium or configuration, including mobile, telco, cable and even university campus networks. This new funding speeds our ability to scale the company and get our technology deployed faster. We’re proud to be included in the impressive portfolios of these strategic investors.”

http://www.qwilt.com

Blueprint: Next Gen Mobile Video Optimization


Mobile Streaming is the Future – It’s Also the Problem We Must Solve by Mark Fisher, VP Marketing and Business Development at Qwilt To be sure, streaming video really is the future. The online video phenomenon is creating a market and technology transformation that rivals some of the greatest technology disruptions in history. Just like the disruption of broadcast radio and cable television in their day, streaming video is transforming both...

Qwilt: iOS 8 Update Causes Big Spike in Network Traffic


Qwilt, a provider of online video delivery and analytics solutions, published data showing a huge spike in Internet traffic due to Apple's release of iOS 8 on Wednesday.  iOS 8 weighs in at 1.3GB (compared to 750 MB for iOS 7) and over the coming days is expected to be installed by hundreds of millions of iPhones and iPads worldwide. Qwilt has been tracking the effects of iOS 8 in networks where its transparent caching solutions are deployed. Daily...

Qwilt and Procera Partner on Transparent Caching + Policy Control


Qwilt, a provider of online video delivery and transparent caching solutions, and Procera Networks have formed a partnership to offer a transparent caching and Internet Intelligence solution for service providers. Qwilt’s QB-Series transparent caching technology and Procera’s PacketLogic platform together provide a plug-and-play solution to seamlessly deliver over-the-top (OTT) video traffic and improve quality of experience (QoE). “Our PacketLogic...

Qwilt Enables Transparent Caching for Live Video Streaming


Qwilt, a start-up based in Redwood City, California, introduced a  transparent caching solution for live-streamed events online. The Qwilt Live Stream Cache, which is a software upgrade for the company's QB-Series Video Fabric Controllers, detects trending and popular live OTT video streams, enabling the QB-Series to instantly direct those streams into the controller's FastCache, a dedicated control and storage path optimized for quick delivery...


See also