Monday, May 11, 2015

IoT is Contributing to Rise in Simple Service Discovery Protocol Amplification Attacks

There has been a significant growth in Simple Service Discovery Protocol (SSDP)-based amplification attacks, according to a recently published DDoS Threat Report from NSFocus, which specializes in enterprise-level, carrier-grade solutions for DDoS mitigation, Web security and enterprise-level network security.

The NSFOCUS report cites the rise of IoT-connected devices, such as webcams, as primary agents responsible for an increase in SSDP reflection attacks.

The report is based on statistical analysis and key observations from actual DDoS attacks that occurred during the second half of 2014. This data was collected from a mix of global enterprises, Internet service providers, regional telecom operators and Internet hosting companies.

Some key findings:

  • Any network-connected device with a public IP address and vulnerable operating system will increase the number of devices that could be used to launch SSDP–based reflection attacks. This particular type of DDoS attack was seen as the second most dominant threat, after NTP-based attacks, in 2H2014.
  • More than 30 percent of compromised SSDP attack devices were network-connected devices such as home routers and webcams. Findings also revealed that globally, more than 7 million SSDP-controlled devices could potentially be exploited.
  • While 90 percent of DDoS attacks lasted less than 30 minutes, one attack lasted 70 hours. This shorter attack strategy is being employed to improve efficiency as well as distract the attention of IT personnel away from the actual intent of an attack: deploy malware and steal data. These techniques indicate that today’s attacker continues to become smarter and more sophisticated.
  • Online retailers, media and gaming remain top targets: As retailers, entertainment and gaming companies increasingly employ online environments, consumers demand the highest level of quality of service. By slowing down or flooding these servers, attackers look to take advantage of online businesses through a variety of means, including blackmail, unfair business competition or asset theft.

"We are watching the evolution of attack technologies that amount to nothing less than 'bullying' (flood attacks) and 'leveraging' (resource exhaustion) tactics that enhance the impact by exploiting network bandwidth. To counteract these assaults, organizations must look to traffic- cleaning devices in conjunction with other security protocols," stated Yonggang Han, COO of NSFOCUS.

http://www.nsfocus.com

Pica8 Runs on White Box Switches Powered by Broadcom's Tomahawk

Pica8 announced support for white box switches powered by Broadcom’s latest chipset, Tomahawk, which enables line rate 100G Ethernet, as well as support for 25G and 50G Ethernet.

To support Tomahawk, Pica8 has ported its network operating system, PicOS, to Inventec’s DCS Series 1-RU top of rack switch, which comes with 32x100G QSFP28 ports. Pica8 said it has limited samples of Inventec’s Tomahawk platform available for testing.

“Our go-to-market model is through hardware ecosystem partners, giving customers and integrators choice in which platform they use,” said Olivier Vautrin, head of product management for Pica8, “We are excited to support 100G on Inventec’s DCS Switch platform. We see demand for 100G now and believe white boxes will continue to take significant share in the coming months.”

“Inventec’s partnership with Pica8 and the porting of PicOS to the DCS7032Q28 is a testament of how open solutions are changing the face of networking technology,” said Alex Johnstone, Product Line Manager, Inventec Network Infrastructure Design Center. “Customers can now leverage the world-class design, distribution and support capabilities of Inventec coupled with an advanced-technology, feature-rich operating system from Pica8. The net result is a high-value and economically efficient solution for our customer’s complex business challenges.”

“We are currently experiencing high demand in a faster alternatives for 10 GbE interfaces, especially for so called Software Defined Storage, and we want to move to a white box model for our data center to create the operational flexibility we have on our server side,” said Oleg Alekseenko, CIO of CloudDC. “Being able to leverage an industry-standard CLI minimizes integration risk, and having Linux for DevOps automation gives us the best of both worlds. In a world where dumb white boxes rule the network, the choice of software for your switches is very important. It's not all about reducing costs; it's also about getting technical and strategic business advantages.”

http://www.pica8.com

In September 2014, Broadcom introduced its next-generation, StrataXGS "Tomahawk" switch, packing 2 Tbps of switching performance in a single chip that is capable of supporting 32 ports of 100 Gigabit Ethernet, 64 ports of 40GE/50GE or 128 ports of 25GE. The new chip, which represents the 7th generation of Broadcom Ethernet switching silicon, is designed for the programmable fabrics needed in next-gen, cloud-scale data centers. The StrataXGS Tomahawk Series is powered by more than 7 billion integrated transistors in 28nm. It supports new 25GE and 50GE protocol standards, and is the first chip to scale to 32-ports of 100G on a single device.

Significantly, Tomahawk implements Broadcom's FLEXGS and Smart-Flow technology, enabling the switch to be software configured for specific policies while preserving deterministic latency. The new design brings a 12X increase in application policy scale compared to previous generation switches, along with increased flexibility of packet lookups and key generation, and rich load balancing and traffic redirection controls. 

StrataXGS Tomahawk Key Features
  • 3.2 Tbps multilayer Ethernet switching
  • Integrated low-power 25Ghz SERDES
  • Authoritative support for 25G and 50G Ethernet Consortium specification
  • Configurable pipeline latency enabling sub 400ns port-to-port operation
  • Supports high performance storage/RDMA protocols including RoCE and RoCEv2
  • BroadView instrumentation: provides switch- and network-level telemetry
  • High-density FleXGS flow processing for configurable forwarding/match/action capabilities
  • OpenFlow 1.3+ support using Broadcom OF-DPA
  • Comprehensive overlay  and tunneling support including VXLAN, NVGRE, MPLS, SPB
  • Flexible policy enforcement for existing and new virtualization protocols
  • Enhanced Smart-Hash™ load balancing modes for leaf-spine congestion avoidance
  • Integrated Smart-Buffer™ technology with 5X greater performance versus static buffering
  • Single-chip and multi-chip HiGig™ solutions for top-of-rack and scalable chassis applications

IBM Rolls out new Bluemix Cloud Capabilities

IBM rolled out a number of new services on its Bluemix cloud development platform.

Bluemix, which was IBM launched last year as part of a $1 billion investment to boost its cloud activities, now has over 100 services in its catalog for developers. Bluemix enables developers to mix and match different services and tools that best fit their strategy.

The new tools include:

  • Bluemix API Management allows developers to rapidly create, deploy, and share large scale APIs and provides a simple and consumable way of controlling critical APIs not possible with simpler connector services.
  • New mobile capabilities available on Bluemix for the IBM MobileFirst Platform, which provide the ability to develop location-based mobile apps that connect insights from digital engagement and physical presence. 
  • Public availability of the .NET Runtime (preview) in IBM Bluemix and open sourcing of .NET Buildpack that grants developers in any Cloud Foundry based environment the ability to leverage Microsoft's development capabilities, making it easier to integrate multiple cloud workloads.
  • Namara.io platform by ThinkData Works aggregates and catalogues available open data into a single portal, providing businesses, developers, and citizens with API access to high value information.
  • Cupenya Insights provides an analytics foundation that allows developers to connect and monitor business activities across several Bluemix applications, define key performance indicators and receive performance overview of the entire business process or supply chain.
  • flowthings.io by Flow Corporation collects real-time data and provides complex event processing, and data delivery that makes it easier to integrate applications with almost any software or device in the Internet of Things space.
  • Reappt from Push Technology delivers data at unmatched scale and speed over the Internet to give your apps a performance edge.

IBM also announced support for the expansion of independent Cloud Foundry Dojos.  The company is establishing the first IBM Cloud Foundry Dojo in Raleigh, NC. The IBM Cloud Foundry Dojo will be a physical place open to all developers where IBM will help accelerate skills on the Cloud Foundry Code base and mentor developers to dramatically increase the number of code committers to Cloud Foundry.

http://www-03.ibm.com/press/us/en/pressrelease/46810.wss

Infonetics: Market for 100G Data Center Transceivers is Accelerating

Revenue from 10-, 40- and 100-Gigabit optical transceivers sold into the enterprise and data center markets grew 21 percent in 2014 to $1.4 billion, almost entirely due to increased 40G QSFP (quad small form factor pluggable) spending, according to a new report from Infonetics.

“40G transceivers are ramping up hard as data centers deploy 40GbE, particularly as a high-density 10G interface via breakout cables. 40G QSFP demand growth over single-mode fiber is primarily a result of large shipments to internet content providers Microsoft and Google,” said Andrew Schmitt, research director for carrier transport networking at IHS Infonetics.

“The market for 100G data center optics is accelerating, but it has yet to be turbocharged by widespread data center deployment in the way 40G QSFP optics have. This will change dramatically in 2016 as cheap 100G silicon reaches production and QSFP28 shipments surge as a result,” Schmitt said. “Next year is going to be huge for 100GbE.”

IHS Infonetics’ biannual 10G/40G/100G Data Center Optics market size and forecast report tracks in granular detail optical transceivers, or short reach optics, by speed, reach, wavelength and form factor. Some highlights:

Data center transceivers account for 65 percent of the overall (telecom and datacom) 10G/40G/100G optical transceiver market
Total 40G transceiver revenue grew 81 percent in the second half of 2014 (2H14) over the same period a year ago (2H13)
10G shipments in the data center continue to grow at healthy rates, but are being impacted by growth of 40G interfaces used as high-density 10G interfaces
Meanwhile, worldwide revenue for client 10G modules was flat on a year-over year basis in 2014
IHS Infonetics expects the datacom optical transceiver market to grow to over $2.1 billion by 2019.

http://www.infonetics.com

Hibernia Cites Progress with Trans-Atlantic Express Cable

Three ships are now in the water laying Hibernia Networks' new, high-capacity, Trans-Atlantic Express Cable. The company announced that the Express cable project is on schedule to launch commercial services in September 2015.

Hibernia Express utilizes a 6-fiber-pair submarine cable, with a portion of the fibers optimized for lowest latency and a portion optimized for 100X100 Gpbs design capacity. The total cross-sectional design capacity of the cable will be over 53 Tbps. Hibernia Express will initially launch with 100 Gbps transmission capacity using TE SubCom’s C100 SLTE platform.

Hibernia Express follows the most direct route between the UK and North America, promising to reduce latency by at least 5 milliseconds over existing cables.

“Having the cable laying ships in the Atlantic is a huge milestone for Hibernia Express,” said Bjarni Thorvardarson, CEO of Hibernia Networks. “This historic cable build has been a long time coming, and included arduous planning, financing, land and sea surveying and cable manufacturing. The process has required the hard work and determination of our entire team here at Hibernia Networks, the support of our investors and customers, and our top partners like TE SubCom, to allow us to see this project through to fruition. In a few short months, Hibernia Express will be ready for service and collectively, we will make history for deploying the highest capacity, lowest-latency trans-Atlantic cable connecting North America and the UK. We are excited and proud, not just for Hibernia Networks, but for the much-needed, fast and high-performance capacity we can bring to communications networks around the world.”

http://www.hibernianetworks.com

Microchip to Acquire Micrel for $744 Million

Microchip Technology, which supplies microcontroller, mixed-signal, analog and Flash-IP solutions, agreed to acquire Micrel for $14.00 per share, representing a total equity value of about $839 million, and a total enterprise value of about $744 million.

Micrel, which is based in San Jose, California, is a leading manufacturer of IC solutions for the worldwide high-performance analog and high-speed mixed signal, LAN and timing and communications solutions markets. Its products include high performance analog, power, advanced mixed-signal and radio frequency semiconductors; high speed communication, clock management, and LAN solutions including Ethernet switch and physical layer transceiver integrated circuits. These products address a wide range of rapidly growing end markets including cellular handsets, portable and enterprise computing, enterprise and home networking, wide area and metropolitan area networks and industrial equipment. Micrel was founded in 1978 and has been profitable in 33 of its 34 years of its existence. The Company has consistently generated positive cash flows since going public in 1994.

"We are pleased to have Micrel become part of the Microchip team. Micrel's portfolio of Linear and Power Management products, LAN solutions and Timing and Communications products, as well as their strong position in the Industrial, Automotive and Communications markets, complement many of Microchip's initiatives in these areas.  We believe that combining Micrel's business with Microchip's business will enable significant synergies and cross selling opportunities," said Steve Sanghi, President and CEO of Microchip Technology.  "Ray Zinn founded Micrel and has led the company for the last 37 years.  I want to thank Ray for his vision in guiding Micrel from a start-up to almost a quarter billion dollars in annual sales," added Mr. Sanghi.

"We are excited to join Microchip Technology, a premier company in the semiconductor industry. Microchip has demonstrated consistent profitability, technology leadership and growth in its core businesses.  We believe that this acquisition provides the best vehicle for us to realize significant value for Micrel's shareholders and is a fantastic outcome for our employees and customers, as well as the opportunity to scale up to the much stronger sales and manufacturing platforms of Microchip," said Ray Zinn, President and CEO of Micrel.

http://www.microchip.com/

OTEGLOBE Expands with Infinera DTN-X platform

OTEGLOBE, a leading international telecommunications carrier in Southeastern Europe and member of OTE Group, is expanding its European backbone network with the Infinera DTN-X platform. The carrier recently signed an agreement to land a new international submarine cable system, named AAE-1, at its international landing station at Chania, Crete, aimed to transform Greece into a major European Internet gateway to the Middle East and North Africa regions and beyond.

“Our goal is to become the alternative hub in the Mediterranean for the continuously increasing Europe to Asia transit traffic,” said Mr. Andreou, OTEGLOBE’s CEO. “To address this increasing demand, we deployed Infinera's solution which enables us to enhance the scalability of our backbone with one solution from the Mediterranean to the core of Europe.”

“We are pleased to continue to upgrade OTEGLOBE's network,” said Chris Champion, senior vice president, EMEA at Infinera. “With the Infinera Intelligent Transport Network, OTEGLOBE has doubled network capacity and provided increased capacity to its customers at the optical layer. This is a direct result of the deployment of super-channel FlexROADM technology unique to Infinera.”

http://www.oteglobe.gr/
http://www.infinera.com

Sierra Wireless to Acquire Accel for LTE Aggregation Service

Sierra Wireless, which offers 2G, 3G and 4G embedded modules and gateways, has agreed to acquire Accel Networks. Financial terms were not disclosed.  The deal is expected to close in June 2015.

Accel Networks provides primary and back-up connectivity services to more than 300 enterprise customers in sectors such as retail, finance, security, energy, and hospitality. The company delivers an end-to-end solution – integrating 4G LTE gateways and the iMaestro antenna, with cloud-based radio frequency link optimization and remote management. Accel Networks was founded in 2002 and is headquartered in Florida, with its primary operations center located in Georgia. The company currently employs 28 full time staff.

“Since founding the company in 2002, we have been successful in building a strong customer base by developing solutions that overcome the challenges of utilizing cellular for mission-critical networking and by delivering robust indoor connectivity in a highly cost-effective manner,” said Mark Gianinni, co-founder and CEO of Accel Networks. “Looking forward, we are excited to join Sierra Wireless to further expand our offering and accelerate our growth.”

http://www.accel-networks.com/

Kenya's Safaricom Awards Upgrade Contract to Ericsson

Safaricom, Kenya's largest mobile operator, has awarded a multi-year contract to Ericssion to support the upgrade and expansion of its converged mobile network infrastructure. Ericsson will deploy Wi-Fi for the first time on the Safaricom network as well as expand and enhance its MINI-LINK microwave transmission network.

The upgrade includes the Ericsson SSR 8000 family, which will provide Safaricom with a highly scalable, consolidated platform for both fixed and mobile services for IP/MPLS routing. Ericsson's microwave transmission includes MINI-LINK TN, LH and PT, which support capacity growth and the use of new frequency bands such as V and E bands. It transports voice and data traffic from the radio access to the core network, enhancing the capacity of the mobile transmission network to cope with increased traffic in the radio network. The Wi-Fi solution, comprised of Ericsson Wi-Fi Access Points and Ericsson Wi-Fi Manager (Ericsson's Wi-Fi Network Management software solution), will complement the data services provided by the existing 3G network and ease the load on the 3G resources through traffic offload to Wi-Fi in selected areas. In addition, the Broadband Network Gateway (BNG) based on SSR 8010 is deployed by the service provider as the first aggregation point in the Carrier Grade Wi-Fi network.

http://www.ericsson.com

See also