Monday, March 7, 2016

U.S. Dept. of Commerce Ruling Hits ZTE and Suppliers

The U.S. Department of Commerce has added ZTE to the list of entities involved in "activities contrary to the national security or foreign policy interests of the United States."

The Export Administration Regulations (EAR) listing, which limits the availability of most license exceptions on U.S. technology sales to ZTE, was driven by a finding that ZTE willingly resold restricted U.S. technology products to Iran during the period of economic sanctions,

The move could block U.S. semiconductor companies from selling to ZTE, potentially impacting a wide range of networking gear and mobile devices.

ZTE said it is working expeditiously towards resolution of this issue and that it is fully committed to compliance with the laws and regulations of the jurisdictions in which it operates.

FBI Opens Criminal Investigation into ZTE Shipments to Iran

The FBI has opened a criminal investigation into whether ZTE shipped U.S.-made networking components and surveillance equipment to Iran.  According to various news sources, including Reuters, The Washington Post and The Smoking Gun, various documents have emerged, including a shipping manifest, related to a $130 million sales contract between ZTE and the Telecommunications Company of Iran.  Equipment reportedly includes systems from Cisco, Dell, Hewlett-Packard, Juniper, Microsoft, Oracle and Symantec.

Mellanox Sets Out an Open Composable Network Framework

Mellanox Technologies unveiled its next-generation Open Composable Networks (OCN) platform aimed at helping enterprises and service providers to unlock performance and unleash innovation with predictable application performance and the efficiency of Web-Scale IT.

Mellanox said its OCN framework leverages the network disaggregation model pioneered by the hyperscale cloud operators, where functional independent modules are combined with open, clearly-defined abstraction interfaces.

Some highlights:
  • The Mellanox end-to-end 25/50/100 Gb/s Ethernet portfolio includes Spectrum switches, ConnectX adapters, and LinkX cables.
  • Mellanox has been a key contributor to the development open networking initiatives including OCP ONIE and SAI, and Linux switchdev, where Spectrum is the first switch supported upstream in Linux
  • The Mellanox NEO management package enables network automation and software defined intelligence. Through integration with other cloud management platforms and Software Defined Networking (SDN) controllers, NEO helps to enhance network operational efficiency, and make network infrastructure easy to deploy, manage, and scale.

At this week's Open Compute Project Summit in San Jose, Mellanox will be showcasing OCN with a live demo of end-to-end 10/25, 50, 100 Gb/s network composed of LinkX cables, the new ConnectX-4 Lx based OCP adapter cards, and the flagship Spectrum Ethernet switches capable of running multiple network operating systems (NOS) and applications, including Cumulus Linux, OpenSwitch, Metaswitch IP Routing, and Mellanox MLNX-OS, running on open software interfaces such as OCP Switch Abstraction Interface (SAI) and Linux Switchdev.

In addition, Mellanox has added Cumulus Linux support for its Spectrum line of 10/25, 40/50, and 100 Gb/s Ethernet switches.

AT&T Introduces UC Collaboration Service

AT&T introduced a hosted voice and collaboration service aimed at improving employee productivity.

AT&T Collaborate provides a full array of cloud-based voice features and collaboration tools, such as instant messaging and presence, audio, video and web conferencing, and content sharing. The service offers more than 30 calling features, plus a mobile client for use on your smartphone or tablet. Service options include:

  • AT&T Collaborate-Enhanced Voice – Includes additional voice features for employees with more advanced requirements such as selective call acceptance, alternate numbers, instant group calls and more.
  • AT&T Collaborate-Unified Communications – Includes instant messaging, employee presence, desktop sharing and conferencing features.
  • AT&T Collaborate-Contact Center – Includes basic agent and supervisor call center features as well as web client services.
"With AT&T Collaborate, you're able to design a collaboration solution that best fits your business needs – whether you need basic voice capabilities or a full unified communications experience," said Rick Hubbard, senior vice president, Networking Product Management, AT&T Business Solutions. "The solution provides a flexible way for you to connect your employees while helping control costs and complexity."

PLUMgrid Partners with Edgecore on OpenStack Cloud

Taiwan-based Edgecore Networks will resell PLUMgrid’s full SDN portfolio of solutions including its Open Networking Suite (ONS) for OpenStack, CloudApex SDN visualization and monitoring platform.

“Partnering with Edgecore brings their extensive networking and integrated solutions experience to our joint clients in Asia,” said PLUMgrid CEO Larry Lang. “Combining their expertise and knowledge of regional markets with our integrated ONS platform and SDN solutions dramatically advances OpenStack networking and delivers significant value to our enterprise and service provider clients.”

Video: Apps, Virtualization, Security and the Cloud

Art Gilliland, CEO of Skyport Systems, discusses Application, Virtualization, Security and the Cloud at RSA 2016.

When you think about isolating applications or workloads, you want to be able to put security around them. Virtualization gives you a compartment to do that. But companies really need to think about how to manage those environments. Skyport addresses this challenge by bringing the new security perimeter all the way down to the application.



Video: Defending the Whole: IaaS, PaaS, and SaaS

Mark Nunnikhoven, VP of Cloud Research at Trend Micro, reflects on the Cloud Security Alliance Summit at #RSA2016.  Enterprises are using a lot of cloud services, each of which may have its own security implementation.  Taken together, implementing a consistent security stance becomes a challenge, which the industry is starting to address.  The roadmap is bright.


Video: Malware Attack Fan-out via Cloud Storage Converge! Network Digest Converge! Network Digest

Cloud storage services are popular but they are becoming a vector for the rapid spread of malware.  Krishna Narayanaswamy, Founder and Chief Scientist at Netskope, describes how malware is the start of a sophisticated attack cycle.


Video: As Perimeter Defenses Fail, Harden the Interior

Almost all cyber intrusions involve a failure of perimeter defenses, says Leo Taddeo, Chief Security Officer at Cryptzone.  It's time to harden the interior of the corporate network.


Hughes to Provide Satellite Backhaul for Entel Bolivia

Entel Bolivia has selected Hughes Network Systems' JUPITER System to extend cellular and Internet access in remote areas. Entel serves more than 4.5 million users in Bolivia.

Under the deal, Hughes will provide a JUPITER System gateway and approximately 550 terminals to power Entel's delivery of Internet access service in remote areas and for satellite backhaul of 3G and 4G LTE cellular base stations. The services will operate in the Ku-band satellite spectrum over the Túpac Katari 1 satellite.  Financial terms were not disclosed.

The Hughes JUPITER System features a flexible and robust gateway architecture with lights-out operation, enhanced IPoS air interface for bandwidth efficiency, and high-throughput terminals, enabling operators to achieve the highest possible capacity and efficiency for any satellite broadband implementation. The underlying technology is the powerful JUPITER System on a Chip (SoC), a custom–designed microprocessor employing a multi-core architecture and enabling 100 Mbps of throughput on every terminal in the JUPITER family.

"We are proud to have been chosen by Entel Bolivia for this very important initiative to close the digital divide in Bolivia," said Hugo Frega, senior sales director of the Central America and Latin America (CALA) region for Hughes. "Satellite is the ideal technology for extending connectivity to remote areas beyond the reach of traditional terrestrial options, and our JUPITER System is the proven market leader in supplying high-availability and high-performance networks to support cellular and Internet access worldwide."

Sunday, March 6, 2016

Video: The Intersection of IoT and Security

Jason Porter, VP of Security Solutions from AT&T, gives a 2-minute overview of the intersection of #IoT and security.  Not surprisingly, the top concern from enterprises deploying IoT technologies is ensuring end-to-end security for all elements in the ecosystem.


Video: The State of Cloud Security

Jim Reavis, CEO of the Cloud Security Alliance, provides a 2-minute update on the state of the industry and highlights of the day-long Cloud Security Summit held at RSA 2016.

The current state of security in cloud computing is strong, but uneven. Many issues remain to be addressed, including as services transgress international boundaries or even go from one operator to another.


Video: CSA Global Enterprise Board's Call to Action

Vinay Patel, Global Head of Information Security for Citi Enterprise Infrastructure, issues a call-to-action on behalf of the Cloud Security Alliance's Enterprise Advisory Board.

For enterprises, the stakes could not be higher in ensuring that cloud services are safe, secure, transparent and trusted platforms.


Video: New Approaches to Cloud Security with Prevoty

Arpit Joshipura discusses New Approaches to Cloud Security at RSA 2016.

Conventional cyber solutions based on malware signatures, white-lists, black-lists, data flow analysis are no longer effective.  The focus needs to move to a layered approach that includes runtime application security within the applications themselves.


Vertical Systems: 2015 U.S.Carrier Ethernet LEADERBOARD

AT&T captured the top spot in Vertical Systems Group's U.S. Carrier Ethernet LEADERBOARD results for year-end 2015.

The following companies achieved LEADERBOARD status (rank order based on retail port share): AT&T, Level 3, Verizon, CenturyLink, Time Warner Cable, Comcast, Cox, XO and new entrant Windstream.

To qualify for the LEADERBOARD, providers must have four percent (4%) or more of the U.S. Ethernet services market. Shares are measured by number of ports in service at businesses and enterprises as tracked by Vertical, with input from surveys of Ethernet providers.

“For the full year 2015, the Ethernet market grew by more than 20 percent, however the second half of the year showed moderating growth going into 2016,” said Rick Malone, principal at Vertical Systems Group. “During this cycle, Windstream moved up to the LEADERBOARD from the Challenge Tier based on the strength of its Ethernet private line service and its presence in many smaller markets that others do not serve.”

Ethernet providers cited footprint expansion and support for increased speeds as their top initiatives for 2016 in response to Vertical Systems Group’s Year-End 2015 Ethernet/IP VPN/Fiber and LEADERBOARD Survey. Price compression and provisioning intervals are considered the primary challenges.

A key competitive requirement cited by Ethernet providers is MEF CE 2.0 certification. Seven of the nine companies on the 2015 U.S. LEADERBOARD have MEF CE 2.0 certified services. Additionally, all LEADERBOARD-ranked companies employ MEF Carrier Ethernet Certified Professionals (MEF-CECPs).

Other providers selling Ethernet services in the U.S. are segmented into two tiers as measured by port share. The first or Challenge Tier includes providers with between 1% and 4% share of the U.S. retail Ethernet market. For 2015, the following five companies attained a position in the Challenge tier (in alphabetical order): Bright House, Charter, Cogent, Lightpath and Zayo.

Saturday, March 5, 2016

Crehan: Data Center Switch Market Hits $12B in 2015, Reports Crehan Research

The data center switch market reached $12 billion in sales in 2015, according to a new report from Crehan Research.

Ethernet, which accounts for the majority of data center switch revenues, grew 7% in 2015, while InfiniBand revenues surged to a record year, surpassing its prior record of 2012. In contrast with Ethernet and InfiniBand, Fibre Channel switch revenues declined slightly following growth in 2014.

“Ethernet remained by far the dominantdata center switch technology during 2015," said Seamus Crehan, president of Crehan Research. "With the recent introductions of attractively priced 25 gigabit Ethernet (GbE), 50GbE, and 100GbE switches, we expect this to continue," he said, adding, "InfiniBand is also enjoying a strong resurgence, in conjunction with the adoption of Intel’s higher performing Grantley-based server platforms and ever-expanding high performance computing applications."

Some highlights:

  • 10GBASE-T and 40GbE were the main data center Ethernet switch growth drivers in 2015, with both technologies seeing an approximate doubling of annual shipments
  • Modular data center Ethernet switch shipments returned to growth after two consecutive years of decline
  • 25GbE/50GbE/100GbE data center switches saw initial shipments in 4Q15, along with the server adapters to connect to these switches. These products are expected to ramp strongly in the second half of 2016 
  • Cisco accounted for 60% of total data center Ethernet switch revenue in 2015
  • Arista’s total data center Ethernet switch revenue increased more than 40% in 2015, resulting in a two-point share gain
  • Huawei’s 4Q15 data center Ethernet switch revenue more than doubled year-over-year, as data center upgrades and build-outs continued to be strong in China despite macro-economic volatility
  • For full-year 2015, 16Gbps Fibre Channel became a solid majority of total Fibre Channel switch  shipments, laying the foundation for the ramp of recently introduced 32Gbps Fibre Channel products
  • White box and ODM-direct data center Ethernet switching accounted for 4% of total 2015 data center switch revenue

Frontier Launches Ethernet Private Line Service

Frontier Communications has added Ethernet Private Line (EPL) to its E-Line Ethernet Solutions portfolio.

EPL joins Frontier’s local IntraLATA EVPL offering and will be available in Frontier’s service areas with the same bandwidth profiles and at the same rates.

EPL has also been rolled into the Carrier InterLATA EPATH offering, previously launched in October 2015 as a service multiplexed, vlan aware only offering, in Frontier’s Idaho, Indiana, Illinois, Iowa, Michigan, Minnesota, New York, Ohio, Pennsylvania, Tennessee, West Virginia and Wisconsin markets. Frontier’s current traffic prioritization classes and associated Silver, Gold and Platinum Service Level Agreements will accompany this enhancement.

SpaceX Launches SES-9 on Falcon 9 Rocket

SpaceX successfully launched the SES-9 satellite using a Falcon 9 rocket from Cape Canaveral Air Force Station, Florida.

SES-9 is SES’s largest satellite to serve the Asia-Pacific region. It weighed 5.3 tonnes at the launch and has 57 high-power Ku-band transponders – equivalent to 81x36 MHz transponders’ It thus provides significant expansion capacity to serve the buoyant and fast-growing video, enterprise, mobility and government sectors across Northeast Asia, South Asia, India, Indonesia and the Philippines.

Boeing was lead contractor.

In addition, SES-9 is equipped with dedicated mobility beams to provide maritime coverage vessels on high-traffic maritime routes between the Suez Canal and Strait of Malacca.

The Falcon 9 rocket attempted to land on a drone ship in the Atlantic, but missed narrowly.

In Memory: Raymond Tomlinson

Ray Tomlinson, who is credited with developing email while working on ARPANet in 1971, has died. He was 74.

The first email was sent between two machines that were literally side-by-side using a program that Tomlinson developed called SNDMSG. Tomlinson chose the user@host addressing format that remains in use today.

Thursday, March 3, 2016

Blueprint: Monitoring as a Discipline and the Network Administrator

by Leon Adato, Head Geek, SolarWinds

As IT professionals, we know our way around data centers like the backs of our hands. But what consistently surprises me when I speak with other admins is the general lack of knowledge about and resources put towards what we at SolarWinds call monitoring as a discipline, especially as it pertains to monitoring networks.

Evolution of the network

The network is a complex thing, and it has evolved considerably over the past decade.

For example, the network used to be defined by a mostly wired, physical entity controlled by routers and switches. Business connections were based on T1 and ISDN, and Internet connectivity was always backhauled through the data center. Each network device was a piece of company-owned hardware, and applications operated on well-defined ports and protocols. VoIP was used infrequently, and anywhere connectivity—if even a thing—was provided by the low-quality bandwidth of cell-based Internet access.

Today, however, wireless is becoming ubiquitous—it’s even overtaking wired networks in many instances—and the number of devices wirelessly connecting to the network is exploding (think Internet of Things). It doesn’t end there, though—networks are growing in all directions. Some network devices are even virtualized, resulting in a complex amalgam of the physical, the virtual and the Internet. Business connections are DSL/cable and Ethernet services. BYOD, BYOA, tablets and smartphones are prevalent and are creating bandwidth capacity and security issues. Application visibility based on port and protocol is largely impossible due to applications tunneling via HTTP/HTTPS. VOIP is common, also imposing higher demands on network bandwidth, and LTE provides high-quality anywhere connectivity.  

And the future isn’t looking any simpler. The Internet of Things (IoT); software defined networking (SDN); and hybrid IT, with its accompanying challenge of ensuring acceptable quality of service to meet the business performance needs for any given service delivered via a cloud provider, are all cresting the horizon.

What’s my point? These trends, challenges and complexities underscore a new set of monitoring and management essentials.

Enter monitoring as a discipline

What is monitoring as a discipline?

Monitoring as a discipline varies from simply monitoring in that it is an actual role, the defined job of one or more individuals within an organization, not just something “everyone kind of does when it’s needed.” The most important benefit of such a dedicated role is the ability to turn data points from various monitoring tools and utilities into more actionable insights for the business by looking at all of them from a holistic vantage point, rather than each disparately.

Although such a monitoring-dedicated individual or team is in reality probably only likely at larger organizations at this point in time, small- and medium-sized businesses may want to take note, as their infrastructures, all of which rely on the backbone known as the network, are only going to get more complex, bringing the need for even them to create such a role into sharp focus. Don’t believe me? Think about how common hiring a dedicated information security professional was ten years ago—nearly unheard of. But today, many organizations of almost every size consider this to be a necessity given the constant specter of security breaches.

Now reflect on how IT environments, not just the network, have grown, both in size and complexity, being distributed across geographies more than ever. In turn, monitoring them has equally grown in complexity. In fact, due to hybrid IT, it has become extremely difficult to pinpoint the root cause of issues—whether they lie with the cloud services provider or the organization’s internal network itself.

Thus, the “old way” of monitoring, where network admins, server admins and storage admins, etc. each operate in silos, monitoring only within their specific realm without much if any cross-silo oversight, is no longer really a viable option. By employing an expert who monitors as a specific discipline across all of the traditional silos can provide a cohesive view across an organization’s IT spectrum, making root cause analysis much more efficient and accurate, reducing costs in the process.

Expanding monitoring skillsets

All that said, given budget constraints, the reality for IT departments at many small- and medium-sized businesses will be one without such a dedicated monitoring expert for at least the near future. If having a dedicated monitoring expert is not in the cards for now, the next step is to expand your current IT team’s monitoring skillset. At minimum, your team should at least be able to effectively monitor:
  • Hardware
  • Networks (i.e. NetFlow and syslog)
  • Applications
  • Virtualization
  • Configurations
Configuration monitoring is especially important because when it comes to configs—what changed as well as the exact moment the change was made is critical to both the security and stability of entire environments. In fact, 80 percent of all corporate outages are caused by unexpected or uncontrolled config changes. And, in all honesty, in the absence of a dedicated monitoring expert, we generalist network admins are perhaps best positioned to step in and corral all this monitoring data into one cohesive set of actionable insights.

In conclusion

As the network becomes more complex and expands in nearly every direction, monitoring as a discipline will become more critical to business success. In summary, companies of all sizes should consider:
  • Adding a dedicated monitoring expert or experts who can provide a holistic view of the organization’s infrastructure performance, turning seemingly disparate data points gathered by monitoring tools into valuable, actionable insights.
  • If a dedicated expert is not possible, ensure the current IT team understands the nuances of monitoring hardware, networks, applications, virtualization and configurations and has a comprehensive, but not necessarily expensive, suite of monitoring tools available.
  • Putting network admins in charge of corralling all this monitoring data.
About the Author

Leon Adato is a Head Geek and technical evangelist at SolarWinds, and is a Cisco Certified Network Associate (CCNA), MCSE and SolarWinds Certified Professional (he was once a customer, after all). Before he was a SolarWinds Head Geek, Adato was a SolarWinds® user for over a decade. His expertise in IT began in 1989 and has led him through roles as a classroom instructor, courseware designer, desktop support tech, server support engineer, and software distribution expert. His career includes key roles at Rockwell Automation®, Nestle, PNC, and CardinalHealth providing server standardization, support, and network management and monitoring.

About SolarWinds 
SolarWinds (NYSE: SWI) provides powerful and affordable hybrid IT infrastructure management software to customers worldwide from Fortune 500® enterprises to small businesses, government agencies and educational institutions. We are committed to focusing exclusively on IT Pros, and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. Regardless of where the IT asset or user sits, SolarWinds delivers products that are easy to find, buy, use, maintain and scale while providing the power to address all key areas of the infrastructure from on premises to the cloud. Our solutions are rooted in our deep connection to our user base, which interacts in our thwack online community to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at 

Got an idea for a Blueprint column?  We welcome your ideas on next gen network architecture.
See our guidelines.

Verizon Digital Media Enable Direct Link to Google Cloud

Verizon Digital Media Services is now allowing customers to use Google Cloud CDN Interconnect to more safely and securely transfer content between the Verizon Digital Media Services content delivery network (CDN) and Google Cloud Platform.

The high-performance interconnections provide a direct link between Google Cloud Platform and Verizon Digital Media Services' CDN, allowing content to move between the two directly without traversing other networks, providing increased availability and reduced latency for important content.

"Our commitment to open collaborations with companies like Google ultimately expands the choices our customers have to move their data and content efficiently, securely and affordably," said Verizon Digital Media Services Chief Technology Officer Rob Peters. "The combined power of Verizon Digital Media Services and Google Cloud Platform gives our customers the edge they need in today's digital media environment that demands constant innovation."

Verizon Digital Media Services customers that use Google Cloud Platform can save more than 65 percent on their cloud egress costs for an easier, more cost-effective delivery path that is optimized to move and scale content between Google Cloud Platform and Verizon's CDN. This provides an exceptional content experience that leverages Verizon's world-class CDN to reach any screen, anywhere.