Monday, April 11, 2016

Blueprint: Endpoint Visibility in the IoT

A Five-Step Action Plan for Securing the Network in the Age of IoT

by Tom Kelly, CEO, AccelOps

A report from BI Intelligence projects that Internet of Things (IoT) deployments will create $421 billion in economic value for cities worldwide in 2019. Cities will enjoy benefits such as improved traffic flow, a reduction in air pollution and better public safety.

This is just one example of the advancements the IoT will bring to all sectors. However, along with all the positives comes the negative of heightened security concerns. The IoT represents a proliferation of endpoints such as has never been experienced, and at a stunning rate.

All these endpoints are creating pinholes across the enterprise security landscape. It is clear that the malicious intent of hackers has not only increased, but it has become more creative. The reality is that the IoT is changing everything, especially cyber security, and without the proper tools, it is nearly impossible to know what is connecting to your network.

The IoT’s Dark Side

Smart devices have proven to be a double-edged sword. While delivering greater work efficiencies, they also offer more inroads for crime. By using connected devices that are agentless, malicious actors are able to gain access to corporate networks and may not be discovered until after an attack.

To add to the problem, the vendor landscape has become more complex. CISOs now must extend their security monitoring policies and procedures to incorporate every supplier and vendor in the supply chain, no matter how benign their products might seem to network security.

A real-world example will serve to drive the point home. A major carrier recently suffered a breach, resulting in hackers posting 300,000 customer records online. Imagine the look on the CEO’s face when he learned that the data was stolen from a third-party marketing firm involved in the carrier’s supply chain. Smart CISOs and CIOs must look to implement vendor risk management processes as part of their own operational security reviews before they find themselves facing an angry board of directors who are looking for answers as to how the latest breach occurred.

Five Recommendations for Today’s Network Security

Security, availability and compliance have become inextricably linked as a result of the hyper-connected world of cloud-based apps, sensors and mobile devices. More importantly, if you can’t see it, you can’t protect it, so before proceeding, be sure you know what is connecting to your network.

Here are five recommendations to manage the corporate IoT environment.

1. Analyze and measure it to fix it. Turn to real-time network topology monitoring and best practices to improve correlation accuracy. Best-of-breed solutions incorporate rich analytics collection and cross-correlation along with third party big data analytics tools to help network and security operations personnel apply methods that are faster and more accurate. If you can’t measure it, you can’t fix it.

2. Analyze root causes and cross-correlate. It’s no longer good enough to simply monitor your network. Today’s security challenges require that network operations and security operations work together to ingest all meaningful data for analysis. Gone are the days of keeping technology domains in silos. Correlate across security, availability and performance for events, logs and configuration files. By pulling together all available network data, it is possible to turn data collection into a weapon against hackers and create actionable information that provides a mechanism for improved root cause analysis.

3. Compare intention to behavior. Network forensics will be easier if you map user identities, locations and behaviors. Look for solutions that help ingest more than just an event, but also correlate performance, log and security data. Additionally, by looking at user IDs, locations and behavior patterns, you can determine if the user connecting to the network through proper login and password entries is authorized or is a malicious actor with stolen credentials.

4. Use visual analytics to describe security health. Does upper management understand what has happened after a breach? With accountability moving down the chain of command, it is more important than ever to use the language of the business stakeholder. Communicate issues so that business people understand how IT affects the health of the business.

5. Manage compliance for audits proactively. Look for solutions that report across common compliance frameworks such as PCI, ITIL, COBIT, SOX, HIPAA etc. No matter your industry, establish a compliance posture for formalized management and gain a deep understanding of how compliance failures may affect your organization, looking beyond the revenue impacts and potential for fines, plus embarrassing media exposure, to things like impact on brand, reputation, trust with customers, supplier relationships and employee productivity.

Keeping IoT Devices in Check

There’s no practical way around IoT devices connecting to the network. These devices provide the promise of many new and useful tools in their ability to perform business better and to predict unforeseen risks. Where you have identified the needs for IoT devices in your organization, insure you fully understand the risk benefit analysis, before deploying them. Methodologies such as Synthetic Transaction Monitoring can help you safely identify what the baseline behavior, or “normal” functionality, is as well as expected behaviors for how it should interact with other devices, and applications in the network.

Like any vulnerable and protected resource, it is important to insure these devices are kept behind trusted firewalls and, as with any device in your network, constantly monitor them for changes against normal. Other best-practice methods include establishing a “multi-tenant” reporting environment consolidating and isolating IoT devices into a unique and highly granulated reporting domain.

About the author

Tom Kelly is a technology industry veteran, having led companies through founding, growth, IPO and strategic acquisition. He has served as a CEO, COO or CFO at Cadence Design Systems, Frame Technology, Cirrus Logic, Epicor Software and Blaze Software.  Tom led successful turnarounds at Bluestar Solutions, MonteVista Software and Moxie Software, having served as CEO in repositioning and rebranding the companies in advance of their new growth. He serves on the Boards of Directors of FEI, Fabrinet, and ReadyPulse.  Tom is a graduate of Santa Clara University where he is member of the University’s Board of Regents.

Got an idea for a Blueprint column?  We welcome your ideas on next gen network architecture.
See our guidelines.

Dell SecureWorks Sets IPO

SecureWorks, a provider of information-security services based in Atlanta, announced its initial public offering of 9,000,000 shares of its Class A common stock. The initial public offering price is expected to be between $15.50 and $17.50 per share.

SecureWorks will trade on the NASDAQ Global Select Market under the symbol “SCWX.”

Some background notes on the company:

  • Dell acquired SecureWorks in 2011.
  • Claims 4,200 clients worldwide.
  • Generates revenue from managed security and threat intelligence solutions through subscription-based arrangements, as well as revenue from security and risk consulting engagements through fixed-price or retainer-based contracts. 
  • Total revenue was $339.5 million in fiscal 2016, $262.1 million in fiscal 2015 and $205.8 million in fiscal 2014, for annual growth of 30% and 27%, respectively. 
  • Incurred net losses of $72.4 million in fiscal 2016, $38.5 million in fiscal 2015 and $44.5 million in fiscal 2014. 
  • Headed by Michael R. Cote
  • Total of 2,47 employees

IDC: Worldwide Cloud IT Infrastructure Spend Grew 21.9% in 2015

Vendor revenue from sales of infrastructure products (server, storage, and Ethernet switch) for cloud IT, including public and private cloud, grew 21.9% year over year to $29.0 billion in 2015, according to a new report from IDC.

"The cloud IT infrastructure market continues to see strong double-digit growth with faster gains coming from public cloud infrastructure demand," said Kuba Stolarski, Research Director for Computing Platforms at IDC. "End customers are modernizing their infrastructures along specific workload, performance, and TCO requirements, with a general tendency to move into 3rd Platform, next-gen technologies."

Some highlights:

  • Compared to overall IT infrastructure spending, the share of cloud IT infrastructure sales climbed to 32.2% in 4Q15, up from 28.6% a year ago. 
  • Revenue from infrastructure sales to private cloud grew by 17.5% to $3.3 billion, and to public cloud by 14.6% to $4.9 billion. 
  • In comparison, revenue in the traditional (non-cloud) IT infrastructure segment decreased 2.7% year over year in the fourth quarter, with declines in all three technology segments (server, storage and Ethernet switch).
  • All three technology markets showed strong year-over-year growth in both private and public cloud segments, except for storage in the public cloud, which declined 4.0% in 4Q15 on a difficult compare with a very strong quarter in the prior year. 
  • Private cloud growth was led by Ethernet switch with 19.6% growth. In public cloud, Ethernet switch led the way with 56.9% year-on-year growth, while public cloud revenue from server grew 28.9% year on year in 4Q15. For the full year, server revenue in private cloud grew by 23.0% year on year, while Ethernet switch revenue in public cloud grew by 36.6% during the same period.

SmartSky Picks Brocade + VMware for NFV Capabilities

SmartSky Networks selected Brocade and VMware to supply the pre-certified network functions virtualization (NFV) capability for its air-to-ground broadband network. SmartSky's new Air-to-Ground, pan-US network network connects more than 250 cell sites strategically placed across the continental U.S.

SmartSky is deploying the Brocade Virtual Evolved Packet Core (vEPC) running on VMware vCloud NFV. The network will deliver differentiated services for different types of customers.

“We are building SmartSky’s network from the ground up, enabling us to rethink how a cross-continental air-to-ground network such as this should be built,” said David Claassen, Vice President of Network and Service Architecture at SmartSky. “As we worked through the design, it became clear that using an NFV approach and leveraging commodity hardware for the underlying physical fabric would deliver the best ROI while increasing our service-ability and reducing many of the operational headaches common with traditional hardware-based networks. Brocade and VMware are delivering a combined NFV solution that will help us accelerate our delivery of this unique service offering.”

Brocade said its full-function vEPC features independent slices of control, data and session management capabilities. The vEPC provides seamless data service across the continent while eliminating redundant functionalities and internode dependencies.

“Brocade and VMware have collaborated for years as NFV partners, driving performance, scalability and life-cycle management for network functions to customers such as SmartSky,” said Nishi Kant, vice president of mobile networking, Brocade. “Stability, ease of deployment and ongoing management of the Brocade vEPC solution are recurring themes in our customer deployments, and certification of the Brocade vEPC as VMware Ready for NFV gives customers confidence in the interoperability of our NFV platforms.”

SanDisk Brings 12 Gbps to InfiniFlash for Data Centers

SanDisk introduced its InfiniFlash IF150 system featuring upgraded 12Gbps SAS connectivity and the same massive capacity for big data and hyperscale workloads.

The IF150 system delivers up to two million raw IOPS and consistently low latency, the IF150 system supports demanding workloads by addressing scalability and availability challenges. It offers up to half a petabyte (512 terabytes) of flash storage in one 3-rack-unit (3U) system and can directly connect up to eight off-the-shelf-servers.

SanDisk cites a $1 per GB price point for raw flash.  Compression and de-dupe capability in storage software (available from SanDisk InfiniFlash ecosystem partners) can further reduce the effective price per GB.

“Since its launch, the game-changing performance and economic benefits of the InfiniFlash System have been recognized by customers—from data centers in research institutions doing big data analytics to web providers, hyperscalers and video streaming companies who manage data on a massive scale, and more,” said Ravi Swaminathan, vice president and general manager of systems and software solutions at SanDisk. “With our new IF150 system, we have pushed the performance even further, while at the same time delivering massive-scale storage at a price point that makes business sense.”

DragonWave and Mitel Target 5G

DragonWave and Mitel are collaborating on 5G technology development.

Mitel, which supplies network function virtualization (NFV) mobile solutions, will contribute software and mobile network expertise to the project. DragonWave will contribute all outdoor networking expertise combined with small cell-focused and high-capacity, spectrally-efficient packet wireless backhaul solutions.

"Enabling increased coverage in both dense urban and rural environments while supporting the thrust for virtualization drives the need for new relationships," said Peter Allen, President and CEO, DragonWave. "We are pleased to work closely with Mitel who has both scale and a common customer base. We share a focus to bring innovative solutions to the 5G mobile market."

"5G opens the door to a fundamental new way to architect mobile networks, including increased integration between access and backhaul components and smaller cell sizes, where an integrated solution becomes more critical," said Pardeep Kohli, President of 5G Cloud Connectivity, Mitel. "This collaboration enables an integrated 5G solution set that will be easier to deploy, optimize and maintain."

Sunday, April 10, 2016

OpenStack Mitaka Focuses on Scalability

The OpenStack community released the 13th version of its open source software for building clouds, with a focus on manageability, scalability and end-user experience. OpenStack is an integration engine that can manage bare metal, virtual machines, and container orchestration frameworks with a single set of APIs.

OpenStack is approaching its sixth anniversary.

Here are some highlight's of the OpenStack Mitaka release:

  • Simplified Manageability - includes numerous advancements that focus on improving day-to-day ease of use for cloud deployers and administrators. One highlight is a simplified configuration for the Nova compute service that introduces additional standard defaults and reduces the number of options that must be manually selected. The Keystone identity service, too, has been greatly simplified, with multi-step processes for setting up the identity management features of a cloud network—installing, running, authenticating, distributing tokens, etc.—streamlined into a one-step process. Another example of the enhanced manageability available in Mitaka is found in Neutron, which now features improved Layer 3 networking and Distributed Virtual Router (DVR) support.
  • Greater Scalability - Heat’s convergence engine, which first appeared in the Liberty release, can now handle larger loads and more complex actions for horizontal scaling, while delivering better performance for stateless operations. Similarly, in Keystone, fernet tokens increase the number of API operations the identity service can support. Developers also made significant progress on Cells v2, another feature introduced in Liberty that aids in horizontally scaling out OpenStack compute clouds.
  • Improved User Experience -  a unified OpenStack Client provides a consistent set of calls for creating resources so end users don’t have to learn the intricacies of each service API. Mitaka also delivers improved support for software development kits (SDKs) across a number of different languages. Another improvement that simplifies that experience for application developers is the ongoing work to add the “get me a network” function in Neutron. This feature will remove all the steps necessary to create a network, attach a server to it, assign an IP to that server, and make the network accessible, and consolidates these steps into a single action. Elements of this functionality are introduced in Mitaka.

The next OpenStack Summit will be held in Austin on April 25-29.

Sprint to Sell and Lease-back of Certain Network Assets

Sprint announced an arrangement to sell and lease back certain existing network assets, thereby raising $2.2 billion for addressing upcoming debt maturities.

Under the deal, several bankruptcy remote entities (collectively “Network LeaseCo”) will acquire certain existing network assets and then lease them back to Sprint. The assets acquired by Network LeaseCo will be used as collateral to raise approximately $2.2 billion in borrowings from external investors, including SoftBank. The $2.2 billion of cash proceeds Sprint expects to receive from the transaction is scheduled to be repaid in staggered, unequal payments through January 2018.

“Sprint and SoftBank have worked together again to create a unique structure that provides Sprint with an attractive source of capital,” said Sprint CFO Tarek Robbiati. “This transaction is an important first step in addressing upcoming debt maturities and allows us to stay focused on our corporate transformation, which involves growing topline revenues and aggressively taking costs out of the business to improve operating cash flows.”

KT Tests 5G Backhaul in E-Band with NEC

KT completed a 5G wireless backhaul proof of concept (PoC) in conjunction with NEC.

The test, which was conducted at Phoenix Park Ski World in PyeongChang, South Korea, used KT's commercial mobile network infrastructure. NEC supplied its ultra-compact, iPASOLINK EX microwave communications system operating in E-Band spectrum (70-80GHz).  The microwave radios were used to interconnect KT's LTE base stations.

NEC's iPASOLINK EX supports ultra-multilevel modulation (256QAM) technology for high capacity transmission of up to 3.2Gbps. It also supports narrow band transmission (channel width of 250MHz and 500MHz).

KT aims to launch 5G trial services in 2018. This PoC is based on a collaboration agreement in the field of 5G networks signed between KT and NEC in August 2015. The carrier is considering microwave backhaul using E-Band spectrum for 5G services in mountainous areas, where it is difficult to lay optical fibers.

“We are honored to have contributed to KT's 5G-related trial," said Hideyuki Muto, Deputy General Manager, Mobile Wireless Solution Division, NEC Corporation. “NEC's iPASOLINK EX can operate in harsh environments, and is easy to install at various outdoor locations without large scale installation works because it is compact and light weight. This joint PoC took advantage of these features in order to implement a high-capacity mobile backhaul network in snowy, mountainous areas very quickly. Going forward, NEC will strengthen its partnership with KT to contribute to the launch of their 5G trial services in 2018."

Corning to Acquire AFOP for Passive Optical Components

Corning agreed to acquire Alliance Fiber Optic Products (AFOP) for $18.50 per share in cash, representing a transaction value of approximately $305 million.

AFOP, which is based in Sunnyvale, California designs and manufactures high-performance passive optical components that are used by cloud data-center operators and leading datacom and telecom OEMs (original equipment manufacturers). Corning uses AFOP products in a number of its existing connectivity solutions. AFOP was founded in 1995 and has manufacturing and product development capabilities in the U.S., Taiwan and China.

Upon closing of the acquisition, Corning will integrate AFOP into its Optical Communications business segment. Corning expects the acquisition to expand its market access to cloud data-center operators and OEMs, broaden its presence in Asia, and provide product and cost synergies. Corning expects the acquisition to be accretive to its earnings per share during the first year.

“Combining AFOP’s components expertise with Corning’s broad portfolio of connectivity solutions further strengthens our position in the high-growth, cloud data-center market segment,” said Clark S. Kinlin, executive vice president, Corning Optical Communications. “And, it adds additional products that Corning can offer our broad customer base while providing an opportunity for manufacturing synergies.”

Peter C. Chang, AFOP founder and CEO, commented, “We are excited to join forces with Corning. We believe Corning’s scale provides an excellent platform for our products to access a broader customer base and drive a higher level of growth than we would be able to achieve as a standalone company. Our board believes that this transaction is in the best interests of our stockholders and provides our stockholders with substantial cash value for their investment. In addition, we believe becoming part of a larger company with Corning’s strong track record benefits both our employees and customers.”

SAP's Cloud Revenue Rises 33% in Q1

SAP reported strong growth for its cloud services in Q1.  Cloud subscriptions & support revenue, along with software support revenue, reached 69% share of total revenue for the quarter.

First quarter non-IFRS cloud subscriptions and support revenue grew 33% year-over-year (33% at constant currencies) to €0.68 billion. New cloud bookings grew a solid 22% (25% at constant currencies) in the first quarter and reached €0.14 billion.

Another highlight: SAP added more than 500 S/4HANA customers in the quarter, of which approximately 30% are net new SAP customers.

"SAP's fundamental growth drivers are rock solid – from our best-in-class S/4HANA applications to our completeness of vision in the cloud," said Bill McDermott, CEO of SAP. "We expect increasing momentum as the year progresses, fully consistent with our guidance for the full year. SAP continues to be a highly profitable growth company."

Alibaba Joins OpenDaylight

The Alibaba Group has joined The OpenDaylight Project at the Silver level.

Alibaba's SDN-enabled infrastructure supported its record-breaking 11.11 Global Shopping Festival, which was the largest one-day online sales event in 2015. On 11.11, Alibaba attracted over 115 million buyers to its marketplaces and enabled RMB91.2 billion (US$14 billion) in GMV settled through Alipay on Alibaba’s platforms. Alibaba’s network infrastructure supported 467 million delivery orders during a 24-hour period and enabled about 140,000 peak transactions processed per second. To support all these, Alibaba’s network had to handle a surge of more than ten times the normal daily volume.

“Open Standards and Open Source are complementary and both important to the Internet industry. Nowadays, standardization helps improve interoperation, reduce costs and can increase the products’ scalability, etc. Open source is an effective way in accelerating the application of standards,” said Judy Zhu, Standardization director, Alibaba Group.

Friday, April 8, 2016

Orange County K-12 Gets 100G Internet Connection

CENIC, the Orange County Department of Education (OCDE) and the California Department of Education have activated the world’s first 100-Gigabit per second K-12 connection.

The Orange County 100Gb dark fiber connection is the first of a number of planned 100Gb connections for K-12 sites in California. CENIC is working to complete 100Gb connections for Riverside and San Diego County Offices of Education within the next few months. An additional ten 100Gb connections for K-12 sites are included in CENIC's consortial E-Rate filing and planned for production after July 1, 2016, coinciding with the current FCC E-Rate cycle.

“Our new 100-Gigabit ethernet connection will directly benefit more than half a million students and 20,000-plus teachers across 27 school districts. In doing so, it reflects our commitment to the vision that Orange County students will lead the nation in college and career readiness and success,” said Orange County Superintendent of Schools Dr. Al Mijares.

CENIC is the nonprofit organization that operates the California Research & Education Network (CalREN), a high-capacity network designed to meet the unique requirements of over 20 million users, including the vast majority of K-20 students together with educators, researchers, and other vital public-serving institutions.

Thursday, April 7, 2016

Blueprint: Top 10 Best Practices for Planning and Conducting an Endpoint PoC

by Paul Morville, Founder and VP of Products, Confer

Few things are more disappointing or costly than deploying a product that fails to live up to the vendor’s claims or doesn’t meet the team’s expectations. More often than not, there is a very large grey area where it’s difficult to discern what the PowerPoint slides promise versus what the product will actually deliver. A well-structured Proof of Concept (PoC) can be extremely useful in turning this grey area into black and white. But, these PoCs can be complicated and costly to run, sapping security operations center and security analyst resources that are already spread too thin.

For endpoint security, planning and conducting a good POC is even more important than usual because security’s reputation is on the line. While improving endpoint security is essential in today’s environment, endpoint deployments can be risky. They are highly visible across the company and a failed deployment will get the security team into hot water with their end users.

By designing a solid and comprehensive PoC, you can vastly improve your chances of managing the gaggle of vendors vying for your business, make the right decision and ultimately, ensure a smooth rollout and a successful project.

Our Top 10 Do’s and Don’ts:

1: Don’t delegate the scoping and planning process

Senior security team members are typically at maximum capacity, so it’s tempting to delegate the task of planning a PoC to a more junior staff member. Don’t. The PoC is the chance to define what the organization wants from an endpoint security solution in terms of technical, operational and business requirements. In forward-thinking organizations, an experienced CISO is engaged in the upfront planning to ensure the requirements are well-defined.

2: Do ask yourself, “Will it flatten the stack?”

When testing a product, ask yourself whether it will help you flatten the endpoint security stack, thereby reducing management cost and complexity. How many items can you check off on your requirement list? How many endpoint agents can you retire?

The PoC should thoroughly evaluate every function the product claims to offer. For example, if the product blocks attacks – what kind? If the product supports incident response, does it give full visibility into the details and impact on the endpoint?

3: Do adopt the mindset of the adversary

The PoC test should serve as a proxy for the determined adversaries the organization faces. By adopting the mindset of the adversary, the CISO can emulate the types of attacker behaviors they are likely to face.

Skilled attackers can easily penetrate most networks, so the test scenarios should not focus solely on breach prevention. It’s also critical to evaluate the level of damage the attackers can do once they are inside the network, and how readily their behavior can be detected and thwarted.

4: Do form Red and Blue Teams

Conducting a PoC that most accurately reflects a real-world scenario in a specific organization requires selecting members of the security staff to mimic the attackers who are constantly trying to compromise employees’ devices and steal valuable data. These employees become the Red Team. On the flip side, staff members chosen to mimic the defenders, those who work to mitigate all threats facing the organization, become the Blue Team. If everyone knows their roles, the PoC will be as close to reality as possible.

5: Do allow those teams to work together

Often, the Red Team launches an attack and then, a month later, writes a report that says, “We got in, and here are the vulnerabilities we found.” The PoC will be far more useful if one or two key members of the Blue Team are sitting alongside the Red Team and interacting with them. The Blue team can watch how an attack unfolds, analyze how the defenses react, and evaluate what kind of information is generated by the product being tested. In turn, this gives them a better sense of how the product can actually be used, and how it will perform in a real-world environment.

6: Do testing in both the lab and the real world

A typical medium enterprise will have over 5 million executables in their environment and will see upwards of 5,000 new executables enter the environment every day. Every one of these executables has the potential to generate a false positive, but that’s impossible to simulate in a lab. Therefore, a well-designed PoC will strike a balance between bench-testing live malware in a virtual-lab setting, and testing a subset of the real-world production environment under the conditions of an actual attack. An effective PoC should include deployment on at least 20 devices from the general population to provide the real world perspective.

7: Do use a representative set of attacks

Organizations are most likely to be attacked by the same actors who have attacked them in the past, using methods that were previously successful. The goal, therefore, is not to test against the most obscure or exotic malware, but rather to focus on threats the organization has already faced. Maintaining a repository of malware samples from past incidents is a good start. Also, include malwareless attacks – such as document-based or PowerShell scripts. They are common in today’s enterprise and just as damaging as a malware-based attack.

8: Don’t blindly accept tests from your vendors

If a CISO relies on the vendor to provide malware test samples, it will be very important to ask questions about how those samples were derived.  Vendors sometimes skew PoC results by repackaging known malware so it evades their competitors’ products, but is detected by their own engine (not a big surprise, since they generated it.) Ask questions and use a mixture of sources.

9: Don’t test malware on a live network

At the risk of stating the obvious, it is never wise to test live malware in a production environment. Inexperienced security personnel have actually done this, triggering a full-scale outbreak in the environment. For live malware testing, the best case is to use a segregated network consisting of virtual machines that are immediately reimaged after infection so as to avoid an actual attack.

10: Don’t test on a suspect endpoint

When conducting a PoC, it can be tempting to “kill two birds with one stone” by including real devices that are suspected of already having been compromised. This approach is not advised because it presents an incomplete picture. If the attacker has already come and gone, you often have very little to go on. Unless you plan to install the product exclusively post-incident, try to simulate the whole attack lifecycle.

Following these 10 best practices will help test how well a product addresses specific endpoint security requirements in the only environment that truly matters – yours.

About the Author

Paul Morville has been working in information security for more than 15 years. Prior to founding Confer, Paul held numerous roles at Arbor Networks, including VP Product Management and VP Corporate Business Development. Paul was an early employee at Arbor and helped take the company from pre-revenue to more than $100M in annual sales, establishing it as the leader in network security DDoS detection and prevention.

While there, Paul developed and launched Arbor’s flagship enterprise network security product line, established partnerships with ISS/IBM, Cisco and Alcatel-Lucent; managed Arbor’s Security Engineering & Response research team; acquired a company; and ultimately managed Arbor’s sale to Danaher Corporation in 2010.

Prior to entering the security industry, Paul worked for several other startups. He holds an MBA with Distinction from Michigan’s Ross School of Business.

About Confer

Confer offers a fundamentally different approach to endpoint security through a Converged Endpoint Security Platform, an adaptive defense that integrates prevention, detection and incident response for endpoints, servers and cloud workloads. The patented technology disrupts most attacks while collecting a rich history of endpoint behavior to support post-incident response and remediation. Confer automates this approach to secure millions of devices, regardless of where they are, allowing security teams to focus on more important activities.

Rackspace Offers Hosted OpenStack Private Clouds

Rackspace is now its fully-managed OpenStack services in any data center -- including private enterprise data center, a third party data centers of the customer's choosing, a Rackspace-supported third party colocation facility or a Rackspace data center.

Rackspace will fully manage the underlying OpenStack software and hardware, including all compute, network and storage. The company promises "Fanatical Support."

The company said this new approach enables customers to run OpenStack private clouds without the high cost, risk and operational burden of doing it themselves. And companies can free up money and resources by moving their IT infrastructure from a capital expense to an operating expense model.

“Companies realize they can free up money and resources for more strategic business investments when they turn their IT capital expenses into operating expenses,” said Darrin Hanson, GM and VP of OpenStack Private Cloud at Rackspace. “When OpenStack is consumed as a managed service, businesses can remove non-core operations, reduce software licensing, and minimize infrastructure acquisition and IT operations costs.”

Unwired Planet to Sell Patent and Trademark Assets

Unwired Planet, an intellectual property company focused exclusively on the mobile industry, will sell its  patent and trademark assets to Optis UP Holdings for $30 million in cash and up to an additional $10 million in cash on the second anniversary of the closing of the transactions.

Unwired Plantet claims approximately 2,500 issued and pending US and foreign patents, includes technologies that allow mobile devices to connect to the Internet and enable mobile communications. The portfolio includes patents related to key mobile technologies, including baseband mobile communications, mobile browsers, mobile advertising, push notification technology, maps and location based services, mobile application stores, social networking, mobile gaming, and mobile search.

Intel Acquires YOGITECH for ADAS

Intel is acquiring YOGITECH S.p.A., which specializes in semiconductor functional safety and related standards. Financial terms were not disclosed.

YOGITECH's work focuses on functional safety (including Advanced Driver Assistance Systems or ADAS) of transportation and factory systems. One of the fastest-growing segments in automotive electronics, ADAS makes features like assisted parking possible and paves the way for fully autonomous vehicles in the not-so-distant future.

The YOGITECH team, based in Italy, will join Intel’s Internet of Things Group.

Electric Imp Raises $21 Million for IoT Platform

Electric Imp, a start-up based in Los Altos, California with offices in Cambridge, UK, raised $21 million in Series C funding for its IoT platform that securely connects devices to advanced cloud computing resources.

Electric Imp's solution includes fully integrated hardware, OS, security, APIs and cloud services.

London-based Rampart Capital led the funding round alongside company insiders and returning venture capital firm Redpoint Ventures. This brings total funding to $43 million.

"This funding is a natural step in Electric Imp’s ongoing expansion and validates our approach with large commercial and industrial customers including Pitney Bowes and other yet to be announced global enterprises,” said Hugo Fiennes, CEO and co-founder of Electric Imp. "Our company is strategically positioned to maximize the potential of our industry-leading technology platform where proven security and scalability are critical to commercial and industrial enterprises.

“In 2014, we proved the reliability and usability of our scalable platform in the consumer market, and partnered with Murata to design and build our hardware modules, enabling our customers to connect their devices quickly, easily, and securely,” continued Fiennes. “In 2015, we launched our enterprise cloud offerings, which allow customers to build on top of our class-leading platform, accelerating their company-wide IoT strategies. Our continued focus on enterprise services has helped us with key customer wins, and has enabled our customers to get their devices connected in record time without sacrificing security.”

Puppet Refreshes its Brand

Puppet Labs officially shortened its name to "Puppet" as part a corporate rebranding aimed at the $200 billion software infrastructure market that is emerging as a result of mass migration to the cloud.

“Software powers everything around us, from the devices on our wrists and our walls to the work we do, the fun we have, and everything in between. Modern cars are powered by millions of lines of code, our financial world is entirely mediated by software to enable speed and throughput, and it’s critical to delivery of core functions like medicine, utilities, and food. Nevertheless, most businesses take weeks, months and even years to deliver everything from simple upgrades to the latest innovations, and too much of this software is out of date, insecure, and thus a barrier to progress rather than an enabler of it,” said Luke Kanies, Puppet founder and CEO.

Puppet also announced today new leadership, product updates, integrations, resources and branding.

Sanjay Mirchandani was named president and COO -- the first executive to hold this position at Puppet. He previously served as a senior vice president of VMware.

Project Blueshift and Puppet Enterprise 2016.1 – Blueshift represents Puppet's engagement with leading-edge technologies and their communities — technologies like Docker, Mesos and Kubernetes — and Puppet's commitment to giving organizations the tools to build and operate constantly modern software. The new Puppet Enterprise 2016.1 gives customers direct control of — and real-time visibility into — the changes they need to push out, whether to an app running in a Kubernetes cluster or a fleet of VMs running in AWS. For complete details, read our press release.

Atlassian HipChat integration – This new integration makes it possible for DevOps teams to direct change with the Puppet Orchestrator, see change as it occurs, then discuss and collaborate on changes in process — all right in HipChat. For complete details, read our press release.

Splunk integration – Proactive monitoring of infrastructure and applications is a key DevOps practice, enabling continuous improvement. The Puppet Enterprise App for Splunk now extends the Splunk platform to Puppet customers to diagnose issues and solve problems faster, so they can deploy critical changes with confidence. For complete details, read our press release.

Molex Acquires Interconnect Systems

Molex has acquired Interconnect Systems, which specializes in the design and manufacture of high density silicon packaging with advanced interconnect technologies.

Interconnect Systems, which is based in Camarillo, California, delivers advanced packaging and interconnect solutions to top-tier OEMs in a wide range of industries and technology markets, including aerospace & defense, industrial, data storage and networking, telecom, and high performance computing.

Molex said the acquisition enables it to offer a wider range of fully integrated solutions to customers worldwide.

“We are thrilled to join forces with Molex. By combining respective strengths and leveraging their global manufacturing footprint, we can more efficiently and effectively provide customers with advanced technology platforms and top-notch support services, while scaling up to higher volume production,” said Bill Miller, president, ISI.