Wednesday, January 13, 2016

ADVA Acquires Overture for NFV-enabled Carrier Ethernet Solutions

ADVA Optical Networking has acquired Overture, bringing together two of the industry’s largest manufacturers of Carrier Ethernet (CE) access equipment. Financial terms were not disclosed.

ADVA described the acquisition as a key step to further expand its cloud access solution portfolio. The acquisition completes the ADVA FSP 150 product family with an Ethernet-over-Copper solution, a programmable white-box network interface device (NID), a virtualized NID and an end-to-end orchestration solution. This means ADVA to deliver CE-based cloud services in a hybrid or NFV-pure-play environment.

Overture is a privately-held company based in North Carolina.

“Our acquisition of Overture is a defining moment in the cloud access market. We’re building something remarkable here,” said Brian Protiva, CEO, ADVA Optical Networking. “Firstly, we’re creating a number one player in Ethernet access devices. There’s a full account and product synergy between our companies, ensuring a complete solution set for business Ethernet, mobile backhaul and carrier wholesale applications that can be sold into each other’s customer base. Secondly, we have a shared vision for the future of the cloud services market and the virtualized network. Adding Overture’s NFV-pure-play and orchestration solutions to our hybrid NFV solutions, operators can select what best fits their plans. And last but not least, we’re creating an incredible team. Overture has great people with a wealth of knowledge. With one united company, we’re going to help CSPs take a huge leap forward. There can be no question that exciting times are ahead.”

http://www.advaoptical.com/en/newsroom/press-releases-german.aspx



Overture + Hatteras Merger Targets Carrier Ethernet Acceleration

Overture Networks and Hatteras Networks agreed to merge, creating a larger and more competitive supplier of Carrier Ethernet products. Hatteras is a leading supplier of Ethernet over Bonded Copper solutions, while Overture is the frontrunner in Ethernet over TDM and recently introduced a set of Ethernet over Fiber platforms. Financial terms were not disclosed. Both companies are venture-backed, privately-held start-ups based in North Carolina's Research Triangle Park.





CableLabs Awards First DOCSIS 3.1 Modem Certifications

CableLabs awarded the first DOCSIS 3.1 certifications to five cable modem vendors: Askey, Castlenet, Netgear, Technicolor and Ubee Interactive. Certification verifies compliance to the specifications, interoperability among products and enables competition and choice in the marketplace.

DOCSIS 3.1 technology is designed to meet the demand for higher speeds cost effectively by improving network efficiency and scalability while operating on existing cable operator networks, maintaining backward compatibility with existing DOCSIS deployments. DOCSIS 3.1 technology also reduces network latency, and so dramatically improves responsiveness for sophisticated applications such as gaming and rich web experiences. Cable operators can deploy multi-gigabit services over their existing Hybrid Fiber Coax networks based on consumer demand, leveraging their existing network infrastructure and DOCSIS devices to enable a smooth migration to the new capabilities of the DOCSIS 3.1 technology. This also represents the first set of DOCSIS specifications with worldwide applicability, a key element to delivering rapid scale and cost-effective products.

“Today’s news marks a key milestone for CableLabs in technical leadership and time to market,” said Phil McKinney, President and CEO of CableLabs. “The DOCSIS 3.1 specifications assure the cable industry’s leadership in the delivery of broadband services. This represents the most rapid development and implementation cycle for a broadband technology development program ever delivered by CableLabs. Development of the initial DOCSIS 3.1 specifications to product certification has occurred in half the time of previous DOCSIS specifications.”

http://www.cablelabs.com

BT Wins Cloud Contracts with the European Commission

BT has been awarded two new contracts by the European Commission to deliver public and private cloud services across 52 major European institutions, agencies and bodies - including the European Parliament, the European Council and the European Defence Agency.

Both framework contracts - awarded last December - run for up to four years with a combined worth of more than €24 million. Following execution of the framework contracts, BT will implement the contracted private cloud services, and becomes one of five providers that will compete for public cloud projects.

Corrado Sciolla, President Europe and Global Telecom Markets, BT Global Services, said: “This is a milestone in our journey to be the leading global cloud services integrator, and demonstrates how we minimise the complexity, risks and costs for our customers as they move to the cloud. I’d like to take this opportunity to, once again, thank the EU for putting its trust in BT.”

http://www.btplc.com/news/#/pressreleases/bt-secures-major-cloud-services-contracts-with-the-eu-1290656


  • Last August, BT signed another framework contract with the European Commission, with a value of up to €15.2 million over seven year, that included voice services across 21 major European institutions, agencies and bodies. This followed a large framework contract signed in March 2015 - with a maximum value of €55.7 million over five years - for the delivery of dedicated internet access to all major European institutions, agencies and bodies across the 28 member states.

Seagate Releases 10TB HDD Aimed at Data Centers

Seagate Technology launched its first 10TB enterprise capacity hard disk drive (HDD).

The new, 10TB Enterprise Capacity 3.5 HDD incorporates seven platters and 14 heads. The drive seals in helium to create a turbulence-free, quiet environment, decreasing both friction and resistance on the platters and delivering the industry’s lowest power/TB ratio and weight specifications for a 10TB HDD. It delivers an improved MTBF of 2.5 million hours and provides consistent performance to customers in a 24x7 multi-drive environment. Enterprise ready, the Seagate Enterprise Capacity 3.5 HDD is available in both a 6Gb/s SATA and 12Gb/s SAS interfaces.

“Cloud-based data center storage needs are expanding faster than many current infrastructures can sustain, rendering the capacity demands of users a herculean task for cloud managers,” said Mark Re, senior vice president and chief technology officer, Seagate. “Built on our years of research and development of sealed-drive technology, our new helium-based enterprise drive is designed precisely to help data-centric organizations worldwide solve the needs of their growing storage business.”

http://www.seagate.com

Fujitsu Network Communications Joins Canada's CENGN Consortium

Fujitsu Network Communications has joined Canada’s Centre of Excellence in Next Generation Networks (CENGN), which is a consortium of industry, academic and research leaders dedicated to accelerating the commercialization of next generation communications solutions.  CENGN’s fully operational multi-vendor data centre houses an OpenStack production  environment connected to a real world WAN enabling connectivity speeds of more than 100 Gbps.  This unique environment is used to validate and test the performance and interoperability of proof-of-concept (PoC) end to end solutions based on emerging network technologies such as SDN and NFV.

“Fujitsu will be a great addition to our membership,” says Ritch Dusome CENGN President and CEO. “CENGN is aligning the global leaders in SDN and NFV solutions and Fujitsu will provide significant value considering their NGN expertise, technical competencies, and robust product and development environment.  This global collaboration is required to accelerate the development and introduction of new SDN and NFV products and services.”      

CENGN’s members also include Alcatel-Lucent, Allstream, BTI Systems, Cisco, EWA Canada, EXFO, Invest Ottawa, Juniper, Mistral Ventures, Rogers, TELUS and Viavi.

http://www.fujitsu.com/us/about/resources/news/press-releases/2016/fnc-20160113.html
http://www.cengn.ca/

Ixia Offers First 50 Gigabit Ethernet (GbE) Validation Test

Ixia introduced its 50GbE validation solution based on its Xcellon-Multis family of load module.

The 50GbE capabilities on Ixia’s Xcellon-Multis QSFP28 follow the company’s introduction of the world’s only shipping 25GbE solution in April 2015, based on the field tested Xcellon-Multis platform.

The company said it has already successfully connected its Xcellon-Multis QSFP28 load modules over copper media and demonstrated full line rate 50GbE interoperability with the ConnectX-4 Dual-Port network interface adapter and LinkX 50 Gbps direct attached copper cables from Mellanox Technologies.

“Ixia has developed and introduced the world’s first validation solutions for many Ethernet technologies, including 100, 40, 25 and now 50-Gigabit Ethernet,” said Sunil Kalidindi, Vice President of Product Management at Ixia.

http://www.ixiacom.com

Seaborn Completes $500 Million Funding for US-Brazil Cable

Seaborn Networks has secured the US$500 million in project funding for Seabras-1, a new transoceanic subsea fiber optic cable system directly connecting points of presence (POPs) in New York City (US) and São Paulo (Brazil). All conditions to this project financing have been fully satisfied; debt and equity funds have been drawn.

Full project equity capital was provided by Partners Group and development capital was provided by Seaborn. The project funding also includes total project debt of up to US$267 million provided by Natixis, Banco Santander, Commerzbank and Intesa Sanpaolo, which debt is backed by COFACE, the French Export Credit Agency.

Seabras-1 is a six-fiber pair system with initial maximum design capacity of 72 Tbps. It is the first system to provide a direct point-to-point route between the commercial and financial centers of the United States and Brazil. Seabras-1 also includes branching units installed on certain of its fiber pairs that point towards Halifax (Canada), Ashburn (US), Miami (US), St. Croix (US), Fortaleza (Brazil), Rio de Janeiro (Brazil), and Las Toninas (Argentina).

"Seabras-1 is a key telecommunications infrastructure project for the Americas and will bring tangible benefits to businesses and individuals in Brazil and neighboring countries," stated Todd Bright, Managing Director and Head of Americas Private Infrastructure at Partners Group.

Alcatel-Lucent Submarine Networks, now part of Nokia, is currently constructing Seabras-1 for Seaborn under a contract in force.  Diverse, dark fiber backhaul and metro routes at each end of the system have been fully secured. Manufacturing of the Seabras-1 system is in progress, and the committed ready-for-service date is in the second quarter of 2017.

htt://www.seabornnetworks.com

Infinera Appoints Scott Jackson to Head Subsea Business Group

Infinera appointed Scott Jackson as vice president, responsible for overseeing the Infinera Subsea Business Group.

Mr. Jackson was involved in undersea fiber systems from their genesis, including the first transoceanic optical cable, TAT-8, connecting North America and Europe. In fact, he spoke the first words carried on fiber between continents.

Mr. Jackson’s experience includes 18 years at Bell Labs Submarine Systems, later Tyco Undersea Systems, where as a managing director, he led development of undersea repeaters and later undersea terminal equipment. Designs for the first optically-amplified repeaters, the first terminals incorporating forward error correction (FEC), the first remote-pump terminals, and the first wavelength division multiplexing (WDM) terminals all came from his group. Mr. Jackson also served as vice president and general manager for the Finisar NJ Transmission Technology Center, vice president of engineering for Kodeos Communications, vice president of engineering for Defense Photonics Group, and most recently, chief technical officer for 4D Security Solutions.

http://www.infinera.com

Tuesday, January 12, 2016

GÉANT Deploys Infinera Cloud Xpress with 100 GbE for DCI

GÉANT, Europe’s leading collaboration on e-infrastructure and services for research and education (R&E), and operator of the pan-European R&E network that interconnects Europe’s National Research and Education Networks (NRENs), has deployed the Infinera Cloud Xpress to extend their 100 gigabit Ethernet (GbE) network connectivity into data centers.

Initial connectivity is being provided to Jisc, the UK organization for education and research digital services and solutions, which enables the Janet network, and CERN, the European Organization for Nuclear Research, to deliver connectivity to their data center in Budapest. The addition of the Cloud Xpress allows GÉANT to extend GbE services seamlessly into more European data centers with hyper-scale density, operational simplicity and low power consumption.

http://www.infinera.com/geant-deploys-cloud-xpress-100-gbe-for-data-center-interconnect/



Europe's GEANT Deploys ONOS

GEANT, the European research network formed last year through the integration of the TERENA and DANTE initiatives, has deployed the Open source SDN Network Operating System (ONOS) on its pan-European testbed network. The ONOS installation allows researchers to define, build, test and rebuild highly scalable, high capacity virtual networks quickly, easily and cost-effectively.

Specifically, GEANT is running a new Inter Cluster ONOS Network Application (ICONA) – developed by CREATE-NET and the University of Rome Tor Vergata/CNIT in collaboration with the ONOS project – to efficiently manage the intercommunication of geographically distributed ONOS clusters and deliver faster controller response time during network events such as failures or congested links.

GEANT's GTS network is currently comprised of four points of presence (PoPs) located in Amsterdam, Bratislava, Lubiana and Prague, creating a software-defined network entirely based on OpenFlow. Each external entity (e.g. CREATE-NET and University of Rome) connected to the testbed exposes a "legacy" Border Gateway Protocol (BGP ) router that peers directly with the border router placed in the Amsterdam PoP of the GTS network, thus exchanging IP routes with the rest of the global network IP prefixes. This enables the entities connected to communicate together and with the rest of the universities and the research institutions attached to the global network. In fact, the Amsterdam PoP connects GTS directly with Internet2 in the U.S. Through ONOS' application intent framework, the ONOS clusters are able to provide L2 connectivity between all the "legacy" routers connected at the edge of the network.

Southern Cross Cable Deploys Ciena 8700 Packetwave Switch

Southern Cross Cable Network, which connects Australia, New Zealand and Hawaii, completed its latest upgrade adding 900 Gbps to all segments of the network, bringing total Network lit capacity to 5.8Tbs. In addition, Southern Cross Cable Network has deployed the Ciena 8700 Packetwave packet switching platform, augmenting its existing suite of Carrier Ethernet services.

“While we have augmented our transmission by 900 Gbps per segment, we have also upgraded our key Ciena 5430 nodes to 15 Tbps OTN switching capability, a first for the region and a world first for a submarine cable operator as far as we are aware. Southern Cross’ key switching nodes are now capable of switching over 100 times Southern Cross’ original segment capacity," stated Anthony Briscoe, president & CEO of Southern Cross.

“Our latest expansion has also deployed Ciena’s 200Gbs per wavelength technology across our Hawaiian inter-Island network in another world first in technology activation, as well as continuing to leverage Ciena’s flexible grid, GeoMesh and 8D-2QAM technologies to maximise capacity and resiliency within our Network while ensuring operational simplicity, scalability and evolution toward software defined networking (SDN).“

“The introduction of Ciena’s 8700 with integrated coherent 100G WaveLogic3 line modules for this market application is yet another world first achieved by Southern Cross. Southern Cross remains critically focused on product and service innovation to continue to enhance its existing product suites to satisfy changing customer and industry demands. The deployment of Ciena’s 8700 platform allows us to provide a seamless MEF CE2.0 compliant Carrier Ethernet packet offering from 1Gbs all the way through to 100Gbs.”

The Southern Cross Cable Network is owned by Spark NZ (50%), Singtel-Optus (40%) and Verizon Business (10%).

http://www.southerncrosscables.com
http://www.ciena.com


Diablo Raises $19 Million, Appoints New CEO

Diablo Technologies, a start-up developing flash memory technology, secured an additional $19 million in capital for its Series C Financing round.

Diablo's technology is able to deliver flash-as ‘system memory’ without any changes to server hardware, operating systems, or end-user applications. The resulting Memory1 platform provides greater memory capacity with fewer servers and lowers data center costs by up to 70 percent.

In addition, the company named Mark Stibitz as its new Chairman and Chief Executive Officer. He has previously worked at Anobit, Elliptic Technologies, PMC-Sierra, Agere Systems and Lucent/AT&T-Microelectronics. Stibitz assumes this position after having served as an independent member of Diablo’s Board of Directors since February 2012. Diablo Co-founder and previous CEO, Riccardo Badalone, has been appointed the technology-centric and customer-facing role of Chief Product Officer.

The new funding was led by new investor ICV with participation from Battery Ventures, BDC Capital, Celtic House, and Hasso Plattner Ventures. The funding will be used to further accelerate customer deployments via expansion of sales, applications support and R&D.

http://www.diablo-technologies.com/


  • Diablo Technologies has developed a Memory Channel Storage (MCS) technology that provides tens of terabytes of ultra-fast NAND flash storage in a DIMM form factor, and enables it to interface with the CPU via DDR3 at near-DRAM speeds. The company says its Memory Channel Storage allows for extremely large "big data" sets to be placed entirely within the NUMA system architecture, resulting in real-time processing and analytics. MCS significantly minimizes storage latency and provides a level of predictability that cannot be attained with pre-existing flash storage technologies. With the MCS architecture, systems in big data clusters, such as Hadoop, have access to terabytes of deterministic, ultra-low latency persistent memory.

Converged Memory Acceleration: Combining DRAM with Flash


In this 3-minute video, Riccardo Badalone, CEO of Diablo Technologies, discusses Converged Memory -- a powerful new concept that combines the best performance attributes of DRAM with the advantages of Flash, including persistence and low cost.

Diablo's NanoCommit technology supports hundreds of millions of transactions per second, with nanosecond latency.

Click to view on YouTube - http://youtu.be/LV5BtBO11u0

PCCW Global Picks CPLANE to Orchestrate OpenStack Cloud Services

PCCW Global has selected CPLANE NETWORKS’ OpenStack Product Suite to provide its worldwide Multi-Site and Multi-Tenant Networking and Lifecycle Service Orchestration for components of its distributed cloud offering.

PCCW Global’s Inter-Domain Cloud Federation solution allows customers to quickly and easily build clouds that span multiple sites using a self-service interface. The customer can continue to adjust their compute, storage, and network connectivity configuration to meet dynamic business and operational demands across multiple continents.

CPLANE’s Dynamic Virtual Networks – Data Center (DVNd) product provides a scalable solution for OpenStack SDN Networking where high-performance virtual machine communication, operational ease of use, service assurance, and seamless integration across multi-site and worldwide OpenStack deployments are required.

CPLANE’s Multi-Site Manager (MSM) consolidates multiple requests from PCCW Global’s customer portal and OSS/BSS environments while simultaneously orchestrating OpenStack cloud provisioning across multiple sites. MSM then creates a single cloud image by automatically provisioning an Overlay Gateway Router at each site to provide secure connectivity across the wide area network.

“A crucial aspect of multi-site cloud orchestration is assuring the creation of a single view of the customer. DVNd provides seamless network integration across OpenStack networks instances and helps extend them to other cloud-based service providers. MSM federates the customer image across all sites, and then synchronizes and orchestrates the service requests from the various front-end systems. CPLANE’s rich northbound API services, combined with the transactional integrity and operational visibility of our carrier-grade service orchestration platform, ensure that all OpenStack service requests are completed quickly and reliably across multiple sites,” said John Casey, CTO, CPLANE NETWORKS.

http://www.cplanenetworks.com

Wind River Intros Helix Cockpit for Automotive Controls

Wind River introduced an automotive software platform for the command center of the connected car.

The Wind River Helix Cockpit, which is a GENIVI-aligned, Linux Yocto Project–based software platform, incorporates technologies from consumer-oriented embedded devices such as infotainment, telematics, and digital cluster systems; safety-oriented systems such as advanced driver assist systems (ADAS) and autonomous driving systems; and cloud-based development tools and enhancements for the applications.

Key features for Cockpit include the following:

  • Connectivity framework: Integrated connectivity solutions help to extend and bridge the car experience to the IoT devices and landscape, including the cloud.
  • Firmware and software over-the-air (OTA) management: Cockpit includes the ability to manage and update software over-the-air throughout its lifecycle.
  • Flexible platform: Flexibility in car system design, from consolidated to distributed architecture, allows functional services to be distributed across ECUs.
  • Long term support: A secure Linux base from the market leader in commercial embedded Linux allows for extensibility over time with evolving IoT offerings, protocols, and developments.
  • Built-in security: Security Profile for Wind River Linux delivers secure data handling from boot to run time.

Wind River has also updated its software for ISO 26262 certifiable automotive safety-critical applications, Wind River Helix Drive. Cockpit and Drive are the latest offerings under Wind River Helix Chassis.

“The emergence of IoT is pushing automotive systems to become more connected within and outside of the car through the use of software. As such, carmakers must have a strong grasp of the holistic software environment in order to orchestrate a successful vision of the connected car,” said Marques McCammon, general manager of connected vehicles at Wind River. “Wind River Helix Cockpit provides carmakers with the framework to fully own the software environment and realize their vision. By turning to Wind River’s decades of embedded software leadership and rich technology expertise in mission-critical industries such as aerospace and defense, the auto industry can quickly become software savvy and begin their IoT transformation.”

http://www.windriver.com

AT&T Supplies Cloud Connectivity for FCC

AT&T was awarded a 5-year contract by the FCC to provide an IP solution that will support mobile and cloud-based applications.

AT&T said its secure service will link a number of offices and data centers and let the FCC change network and Internet needs on demand. Using AT&T's services, the FCC can connect to diverse cloud service providers.

"Our set of strategic services can help the FCC modernize its technology and use cloud services in a highly secure manner," said Mike Leff, vice president-Civilian, AT&T Government Solutions.

http://www.att.com

MultiPhy Raises $17 Million for 100/400G DSP-ICs

MultiPhy, which specializes in digital-signal-processing based integrated circuits for high-speed communications, announced $17 million in new funding from existing and new investors, comprising of both venture capitalists and major strategic corporate leaders. The company supplies 100 Gbps and 400 Gbps CMOS chipsets with advanced modulation schemes.

“We are pleased to have such a strong vote of confidence from both our investors and the industry”, said Avi Shabtai, CEO at MultiPhy. “The commitment and support of our investors sends a clear message that MultiPhy is the leading player in high speed 100G single lambda Data Center connectivity. As the market sets clear demand for significant increase in throughput connectivity and cost effectiveness, we expect single lambda 100G modules to become the mainstream with millions of ports deployed worldwide.”

http://www.multi-phy.com/en-us/newsevents/pressreleases/prmultiphyraises17million.aspx


U.S. Army Implements Secure Command Post Wi-Fi from Aruba

The U.S. Army is implementing secure Command Post Wi-Fi from Aruba at Army, Army National Guard, and Army Reserve Tactical Units worldwide.

Fielded as part of the Army’s Warfighter Information Network-Tactical Increment 1 (WIN-T), the U.S. Army’s tactical communications network backbone, the deployment of Aruba 802.11ac wireless infrastructures will reduce the time it takes to install and dismantle critical communications networks from hours to minutes, increasing force agility by expediting the mobility of troops when needed.

The NSA-accredited unclassified and classified secure Command Post Wi-Fi solution is being supplied to the Army as kits. Each kit will include Aruba indoor and outdoor Gigabit Wi-Fi access points (APs), which deliver high performance in high-density environments, 7000 Series Cloud Services Controllers with RFProtect, Policy Enforcement Firewall and Advanced Cryptography, and AirWave for network management. The kits have been purchased through the CHS4 contract.

“Operational flexibility is critical to modern military practices,” said Jon Green, Senior Director of Security Architecture for Aruba. “Aruba’s Command Post Wi-Fi solution gives armed forces the maneuverability they need, backed by the secure, robust network access they require, to accomplish their missions and achieve their objectives.”

http://www.arubanetworks.com

Radisys Sees Preliminary Q4 Revenue at High End of Guidance

Radisys reported preliminary results for its Q4 2015, saying it now expects revenue to be approximately $44 million and non-GAAP earnings of approximately $0.08 per diluted share -- at the high end of the company's previous guidance.

“We continue to build momentum across all of our product lines as customers look to Radisys to solve implementation challenges for next-generation communications networks, including VoLTE and the key building blocks for Software-Defined Networks,” commented Brian Bronson, Radisys President and Chief Executive Officer. “Our performance during the quarter enabled us to exceed the full year revenue and earnings expectations that we set at the beginning of 2015, while also supporting incremental investments in key growth product lines to set the stage for growth in 2016 and beyond.”

http://www.radisys.com


Monday, January 11, 2016

Blueprint: What’s Coming in 2016 and Beyond for Cybersecurity

by Vincent Weafer, VP of Intel Security’s McAfee Labs, Intel Corporation

A five-year look ahead at how cybersecurity is likely to evolve

Clouds, devices, and sophistication are three of the big areas that will affect cyber threats and security over the next five years, according to McAfee Labs 2016 Threats Predictions report. Cloud applications, storage, and services are converging with rapid growth in mobile and connected devices to create an ever-expanding attack surface. At the same time, increasing sophistication and sharing among cybercriminals is making attacks more targeted and harder to detect. These issues will drive significant changes in cybersecurity over the next five years, including transformation of the efficiency and effectiveness of defenses, broader threat intelligence collaboration, and sophisticated behavioral analytics.

Criminals follow the money, so as long as we have valuable digital assets, we will have cybercrime. The increasing attack surface gives them more vectors of attack and increasingly valuable assets. The value of personal data is growing rapidly, and is already outpacing payment card info as the prime target. This trend will only continue, as criminals apply big data techniques to build warehouses of personal information for sale.

The increasing sophistication of attackers and malware developers will have an interesting effect, as they develop more targeted and stealthy attacks, but also deliver packaged cybercrime-as-a-service tools to a growing audience possessing fewer tech skills. This commoditization of cybercrime will fuel new waves of personal and customized attacks, with new criminal motivations including embarrassment, harassment, and vandalism.

Security industry response

Our research and predictions dictate some fundamental changes to digital security. Network perimeters, isolated security tools, and file or signature based defenses are a rapidly fading paradigm. Instead, we will need to re-architect the tools to operate more efficiently. Using machine learning techniques, we will improve scanning speeds by identifying trusted processes and focusing resources on suspicious activities. Security in silicon will be necessary, not only to combat the growth of low-level hardware and firmware attacks, but also to protect the billions of devices that may not have sufficient general-purpose computing power to protect themselves. Secure boot, trusted execution environments, tamper protection, active memory protection, and immutable device identity will improve the effectiveness of our digital defenses as we fight attacks that try to go lower in the stack to remain undetected.

Improved defenses will be insufficient unless we take them out of isolation. Sharing and integrating threat intelligence between endpoints, gateways, and centralized analytics will improve detection and significantly speed up correction efforts, quickly blocking new attack vectors and protecting vulnerabilities before they can be exploited in multiple locations. Threat data sharing and collaboration between businesses, governments, industry organizations, and security vendors will also deliver faster and better protections, as threat exchanges expand throughout supply chains, industries, and nations.

Behavioral analytics will augment detection capabilities as the newest weapon for defenders. Baselines for normal behavior and continuous monitoring will quickly separate legitimate activities and identities from suspicious and compromised ones. These products are in their early stages today, but applying skills from big data and other analytics and machine learning research will help them to mature rapidly over the next five years.

Poor integration, talent shortages, and the costs of failure

The lack of integrated security technology, shortage of skilled talent, and rising cost of breaches. These factors will drive increased automation and machine learning, greater simplification of security controls, and predictable funding and insurance models for security operations.

With attacks growing in sophistication and stealth, isolated individual defenses quickly fall behind. Fileless attacks, remote shell exploits, and credential theft are increasing in popularity as ways to evade detection by traditional tools. The speed of these attacks means that response times of minutes or hours leave the system open to compromise and data exfiltration. Machine learning and greater automation are necessary to match defense speed to attack speed. We are seeing steady progress in the ability of systems to translate alerts and behavior into appropriate action, detecting and correcting an attack far faster than a human operator can. At the same time, the automation will notify the operations center of its actions, so that they can begin further investigations and take any additional necessary steps.

Automation and machine learning will also help alleviate the growing shortage of skilled security personnel. Shared threat intelligence, behavioral analytics, and contextual information will enable much better orchestration between the various defense elements. An endpoint under attack will immediately publish that information so that other endpoints and gateways can block the malicious files and addresses. Threat intelligence exchanges will deliver context, scored for trust and quality, and corroborate attack info to reduce false positives. Perhaps more important, these tools will reduce the complexity of security system configurations and operations, easing the transactional burden on security personnel. Whether it is improved default configurations, automated actions based on learned behavior, or intelligently filtered and scored alerts, machines will play a vital role in augmenting the skills and resources of the security team.

Finally, the rising cost of breaches and demand for increased predictability will bring innovations in risk management, investment, and even insurance. As the value of personal data goes up, so does the total cost of a security breach. At the same time, the increasing range of security tools will make it more difficult to plan and budget. Insurance and hedging products will emerge that enable predictable levels of security investments, or limit the organization’s financial exposure to a catastrophic security event. Security as a service will continue to evolve, shifting more of the security budget to operating expenses instead of capital outlays.

Over the next five years, we are going to see some far-reaching changes in digital security, as the perimeter-based models that we have worked with almost since the dawn of the industry are replaced by a more fluid, mobile, and cloudy reality.

For a more detailed look at these and other predictions, download McAfee Labs 2016 Threats Predictions report.

About the Author

Vincent Weafer is a Sr. Vice President of McAfee Labs at Intel Security, where he oversees a team of hundreds of researchers in dozens of countries, as well as millions of sensors around the globe, all dedicated to helping protect Intel customers from the latest cyber threats. He has presented at numerous international security conferences, is the coauthor of a book on Internet security has also been invited to testify on multiple government committees, including the United States Senate Committee on the Judiciary hearing on Combating Cyber Crime and Identify Theft in the Digital Age; the United States Sentencing Commission’s public hearing on Identity Theft and the Restitution Act of 2008; and the United States Senate Committee on Commerce, Science, and Transportation on Impact and Policy Implications of Spyware on Consumers and Businesses.


Got an idea for a Blueprint column?  We welcome your ideas on next gen network architecture.
See our guidelines.

See also