Wednesday, May 25, 2016

Video: Karen Bartleson - Advancing IEEE's Internet Initiative

The IEEE is the world's largest professional society with over 400,000 members around the world and dedicated to advancing technology for the benefit of humanity, Karen Bartleson, President-elect of the IEEE, discusses her involvement with the IEEE's Internet Initiative, which is tacking tough problems in cyber security, privacy, and governance.

She also talks about inspiring future engineers, especially young women, to take up the challenge of improving technology for betterment of the world.

See video: https://youtu.be/xzYEy4gtAdQ







Salesforce Signs with AWS as Preferred Cloud

Salesforce has selected Amazon Web Services (AWS) as its preferred public cloud infrastructure provider.

Under the deal, Salesforce will expand its use of AWS to core services—including Sales Cloud, Service Cloud, App Cloud, Community Cloud, Analytics Cloud and more—for the company's planned international infrastructure expansion. Financial terms were not disclosed.

Many Salesforce services, including Heroku, Marketing Cloud Social Studio, SalesforceIQ, and the recently announced Salesforce IoT Cloud, already run on AWS infrastructure. Salesforce will utilize AWS to help bring new infrastructure online more quickly and efficiently.

“We are excited to expand our strategic relationship with Amazon as our preferred public cloud infrastructure provider,” said Marc Benioff, chairman and CEO, Salesforce. “There is no public cloud infrastructure provider that is more sophisticated or has more robust enterprise capabilities for supporting the needs of our growing global customer base.”

“Leading enterprises and ISVs around the world are migrating their business-critical applications to the AWS Cloud to be more agile and efficient, reduce costs, and take advantage of the security, reliability, and broad functionality we offer,” said Andy Jassy, CEO, AWS. “Companies rely on Salesforce to transform their businesses and we are thrilled Salesforce has chosen AWS as their public cloud infrastructure partner, helping them continue to scale, add new services and maintain their incredible momentum.”

http://aws.amazon.com
http://www.salesforce.com



Viptela Pulls In $75 Million for its SD-WAN Platform

Viptela, a start-up based in San Jose, announced $75 million in Series C funding for its Software-Defined WAN (SD-WAN) platform. The company cites deployments by more than 25 Fortune 500 enterprises including some of the world’s largest retailers, financial institutions, conglomerates, healthcare organizations and other businesses that have many geographically distributed locations. The company has licensing partnerships with Tier-1 carriers Verizon and Singtel; and has been recognized as a Gartner Cool Vendor and a Next Billion Dollar Startup by Forbes.

Viptela said it plans to use the proceeds to scale sales, marketing, technical support and research & development to meet aggressive customer demand for its products and execute its global go-to-market strategy.

The round was led by Redline Capital with participation from new investor Northgate Capital and existing investor Sequoia Capital. This brings total funding to nearly $110M.

“Our ability to raise this level of financing, while many technology vendors are struggling to raise capital or experiencing ‘down rounds’ is a testament to our team, technology and execution,” said Amir Khan, CEO of Viptela. “These funds will enable us to add the resources to expand into new geographies, extend our lead in this hyper-growth sector and capture a lion’s share of the market.”

http://www.viptela.com

Viptela Intros LTE-enabled SD-WAN Routers

Viptela introduced a compact SD-WAN router that natively supports any transport method including 3G/4G/LTE and wireless LANs.

The company said the new product extends the business case for SD-WAN to smaller companies, home/remote offices, ATMs and other sites that don’t require the scalability of the company’s existing enterprise and campus vEdge models.

The Viptela vEdge-100 provides the same secure data connectivity over any transport technology as the vEdge-1000 and 2000 router models, while adding integrated support for 3G/4G/LTE connections and Wireless LANs. It can be deployed without any onsite configuration and is centrally managed via the cloud.  The unit is fully integrated with the Viptela SEN platform and establishes secure DTLS sessions with the vSmart controller and IPsec sessions with other vEdge routers. It performs full IP router functions including OSPF, BGP, QoS, ACLs, etc.

“Increasing bandwidth requirements being generated by cloud, mobile and unified communications applications are making the use of MPLS connections cost prohibitive, especially for small/home offices, remote sites, retail outlets and ATMs,” said Ramesh Prabagaran, Vice President of Product Management at Viptela. “The new line of vEdge-100 devices opens up the use of SD-WAN to a wide range of new business locations with the addition of integrated wireless capabilities. It eliminates the complexity associated with using third-party add-ons or external modems to deploy 3G/4G/LTE as a WAN connection. Like all our vEdge models, it supports zero-touch deployment and is centrally managed which eliminates need for an onsite technician to bring new sites online.”

http://www.viptela.com

Verizon Delivers SD-WAN with Viptela

Verizon will deliver a new software defined networking solution using Viptela’s Software Defined WAN Platform. Viptela also entered into an exclusive managed services arrangement with Verizon in the United States.

The new Verizon service, powered by Viptela, allows enterprises to “mix and match” private and public IP connections such as MPLS, wireless LTE, broadband and Ethernet to meet an organization’s unique application requirements based on geographic location, bandwidth and application service availability needs. The new managed service is being offered in the U.S., Europe and the Asia Pacific region. It is delivered from Verizon’s cloud and will be supported by Verizon’s IT consulting group.

The Viptela SD-WAN solution expands Verizon’s Managed SD WAN portfolio currently based on Cisco’s iWAN technology in the US, Europe and the Asia-Pacific region.

Key features of Viptela’s SD-WAN platform:

  • Centralized management and increased agility: Deploy changes in service policies in minutes using centralized management and zero-touch capabilities
  • Application performance and service availability: Visibility into application and infrastructure performance to enable informed decisions on resource utilization and application tuning
  • Security: Every device is authenticated and every packet encrypted in the network for added protection while supporting network segmentation
  • Service-chaining: Enables supplementary L4 – L7 services like WAN optimization, firewalls and data leak prevention delivered from the Verizon cloud across the enterprise network
“Viptela SD-WAN creates a unified and secure WAN that allows Verizon to deliver a new range of business application capabilities with exceptional levels of security, performance and availability,” said Amir Khan, CEO of Viptela. “The new Viptela-powered service enables Verizon to expand its WAN footprint by harnessing the power of software defined networking, and capitalize on new business opportunities made possible by the cloud and virtualized infrastructures.”

http://www.viptela.com

Blueprint: What’s Wrong with the WAN?



by Khalid Raza, CTO, Viptela Today’s WANs are built on largely the same infrastructure as they were 10 years ago.  Back then, demands by users and applications were more predictable, resulting in more expected traffic patterns and bandwidth requirements.  And there was no cloud.  And there was no virtualization. But things are different today.  Delay-sensitive real-time applications such as VoIP and video are now enterprise...


Telefónica Renews Submarine Cable Maintenance Contracts

Telefónica has renewed the marine maintenance service agreement for its domestic and South America-1 (SAM-1) submarine cable systems with Alcatel-Lucent Submarine Networks (ASN), now part of Nokia, and TE SubCom.  The five-year extension will take effect on January 1, 2017.

Under the Atlantic Private Maintenance Agreement (APMA), ASN and TE SubCom will continue to make available three dedicated maintenance vessels in the Western Atlantic (Curaçao) and Eastern Atlantic (Cape Verde and Calais), as well as experienced, fully trained and certified personnel for cable repairs on Telefónica’s domestic and SAM-1 cable systems, totaling more than 27,000 km. The SAM-1 cable systems provide high bandwidth connectivity between the U.S. and Argentina, Brazil, Chile, Colombia, Ecuador, Guatemala, and Peru, with Telefónica’s domestic network providing service between Spain’s mainland and the Canary Islands.

“Telefónica is committed to providing best-in-class services to its customers by partnering with trusted companies for the provisioning of the fastest and best quality service and solutions,” said Telefónica Communications Department. “The high quality marine maintenance services demonstrated since 2012 by TE SubCom and ASN made it easy for our organization to decide to renew the APMA service agreement for another five years.”

http://www.nokia.com
http:/www.subcomm.com

eero Raises $50 Million for Home WiFi System

eero, a start-up based in San Francisco, raised $50 million for its home WiFi system.

ero uses multiple 802.11ac access points placed throughout the home to provide strong coverage in every room.  The company will use the funding to build its customer support team and prepare for a widespread retail presence in Best Buy.

The funding was led by Menlo Ventures with significant participation by Index Ventures. They join eero’s existing investors, First Round Capital, Shasta Ventures, Redpoint Ventures, Playground Global, and others, which also participated in the round, bringing the company's total funding to over $90 million.

“Since we started shipping eero systems to customers earlier this year, we have been building on our momentum, scaling our infrastructure, and improving our software so we can support our growing customer base,” said Nick Weaver, eero founder and chief executive officer. “With this round of funding from leading investors, eero is well-positioned to provide a strong foundation for the connected home on an even larger scale.”

http://www.eero.com

CloudBolt Manages Cloud Bursting to VMware, AWS, Azure, Openstack

CloudBolt, a start-up based in Campbell, California, has added cloud bursting capabilities to its cloud management platform.

CloudBolt said its tech-agnostic approach to cloud bursting and cloud management enables IT teams to build and rebuild VMs in an automated fashion, eliminating the need for complicated and resource-intensive migration of live VMs from one technology to another. These same CloudBolt blueprints can be deployed and scaled into different environments and technologies, enabling both the initial automated provisioning and cross-technology auto-scaling.

CloudBolt customers can define tiers within services that can be deployed to VMware, Azure, OpenStack, AWS, a physical server, or any of the other technologies CloudBolt supports. Key capabilities include:

  • Automated cloud bursting based on load levels detected on servers
  • Per application-tier scaling configuration, including configurable thresholds, minimums, maximums, and behavior on how to scale when conditions are met
  • Automated scale back
  • Scaling triggered by users, on a schedule, or via CB’s REST API
  • Inter- and intra- technology scaling. For example, the ability to scale from VMware to AWS or from one VMware cluster to another.
  • Support for the 14 resource handler technologies that CloudBolt supports, including seven public clouds, six private virtualization technologies, as well as physical server provisioning
  • Out of the box support for four different load balancers, three configuration management systems, plus common IPAM, change management, SDN, and monitoring systems

“Cloud bursting is the shining promise of hybrid cloud, capable of cutting IT costs by optimizing resource utilization. However, because of the complexity of implementing cloud bursting, these benefits have been within the reach of only the smallest fraction of organizations,” said Jon Mittelhauser, CEO, CloudBolt. “CloudBolt’s cloud management platform takes the complexity out of cloud bursting by making it easier for IT shops to set up and build on top of what they already have, and by enabling them to extend the behavior to include and automate their processes and procedures. With CloudBolt’s cloud bursting, IT shops can own the base and rent the spike.”

http://www.cloudbolt.io

Tuesday, May 24, 2016

Nita Patel Introduces the IEEE Women in Engineering Conference

The annual IEEE Women in Engineering International Leadership Conference (IEEE WIE ILC) brings together women from across the globe to share ideas on closing the gender gap as technologists, engineers and scientists in the STEM fields.

Nita Patel, Founder and Chair of the IEEE WIE ILC, introduces the event and invites you to join the movement.

http://ieee-wie-ilc.org/





HPE's Services Business to Merge with CSC for Global IT Services

Hewlett Packard Enterprise will spin-off its Enterprise Services business and merge the unit with CSC, creating a pure-play, global IT services company with annual revenues of approximately $26 billion, more than 5,000 customers in 70 countries and employees in every major global region.

The companies said the combination will give them greater scale to service global clients migrating to the cloud. The deal is expected to produce first-year cost synergies of approximately $1 billion post-close, with run rate of $1.5 billion by end of year one.

Mike Lawrie, the current head of CSC, will become chairman, president and CEO of the new company, and Meg Whitman will join the Board of Directors. The new company's board will be split 50/50 between directors nominated by HPE and CSC.

After the spin-off, the remaining HPE will still have $33 billion in expected annual revenue. The company says the plan enables it to sharpen its focus on secure, next-generation, software-defined infrastructure built on its portfolio of servers, storage, networking, converged infrastructure, as well as its Helion Cloud platform and software assets.

"The 'spin-merger' of HPE's Enterprise Services unit with CSC is the right next step for HPE and our customers," said Meg Whitman, president and chief executive officer of Hewlett Packard Enterprise. "Enterprise Services' customers will benefit from a stronger, more versatile services business, better able to innovate and adapt to an ever-changing technology landscape."

"As a more powerful, versatile and independent global technology services business, this new company will be well positioned to help clients succeed on their digital transformation journeys," said Mike Lawrie, CSC chairman, president and chief executive officer. "Together, CSC and HPE's Enterprise Services will have the scale, foundation and next-generation technologies to innovate, compete and grow in a rapidly changing marketplace. We are excited by the great potential this merger brings to our people, clients, partners and investors, and by the opportunity to strengthen our relationship with Hewlett Packard Enterprise."

https://www.hpe.com/
http://www.csc.com/

Facebook's Telecom Infra Project Gets Organized

The Telecom Infra Project (TIP), which was kicked off by Facebook earlier this year with a mission to take the principles of the Open Compute Project (OCP) model and apply them to software systems and components involved in access, backhaul, and core networks, has expanded its membership and formed the first set of technical project groups.

New TIP members include Axiata Digital, Indosat, MTN Group, Telefonica, Vodafone, Acacia, ADVA, BlueStream, Broadcom, Coriant, Deloitte, Juniper Networks, and Lumentum. TIP launch partners included Intel, Nokia, Deutsche Telekom and SK Telecom.

The new Project Groups include:

Access
System integration and site optimization – Chaired by SK Telecom
New integration via innovative, cost-effective and efficient end-to-end solutions that address rural and urban regions difficult to serve profitably.

Unbundled solutions – Co-chaired by SK Telecom and Nokia
Taking a fresh look at access, specifically through a cost-effective approach for low-power, low-maintenance solutions.

Media-friendly solutions – Chaired by Intel
Focusing on methods to increase effective throughput and further enhance the mobile user experience by bringing compute and storage capacity closer to the network edge.

Backhaul
High-frequency autonomic access – Chaired by Facebook
Defining thin and extensible software stack to autonomously coordinate routing, addressing and security related functions in packet-switched IPv6 networks.

Open optical packet transport – Co-chaired by Facebook and Equinix
Defining Dense Wavelength Division Multiplexing (DWDM) open packet transport architecture that triggers new pace of technology innovation and flexibility, and avoids implementation lock-ins.

Core and Management
Core network optimization – Chaired by Intel
New innovation through disaggregation of traditional telecom core network via deconstructing traditionally bundled components.

Greenfield telecom networks – Co-chaired by Nokia, Facebook and Deutsche Telekom
Accelerating operator-friendly evolution towards a pure and efficient IT-based network architecture via greenfield solutions designed from the ground up.

https://telecominfraproject.com/news/updates-to-the-tip-foundation/

Facebook's Terragraph Accelerates WiGig for City Access

Facebook took the wraps off of two terrestrial connectivity technologies for fast wireless access.

Terragraph is a 60 GHz, multi-node wireless system for dense urban areas and that uses radios based on the WiGig standard. Facebook said Terragraph will deliver gigabits of data capacity. IPv6-only Terragraph nodes will be placed at 200m intervals. Terragraph will incorporate commercial off-the-shelf components and aim for high-volume, low-cost production. Facebook noted that up to 7 GHz of bandwidth is available in the unlicensed 60 GHz band in many countries.  U.S. regulators are considering expanding this to a total of 14 GHz.

Facebook Terragraph will also leverage an SDN-like cloud compute controller and a new modular routing protocol that Facebook optimized for fast route convergence and failure detection. The architecture also tweaks the MAC layer to solve shortcomings of TCP/IP over a wireless link. The company says the TDMA-TDD MAC layers delivers up to 6x improvement in network efficiency while being more predictable than the existing Wi-Fi/WiGig standard.

Terragraph is already in operation at the Facebook campus in Menlo Park, California, where it delivers 1.05 Gbps bidirectional (2.1 Gbps total throughput per distribution node) in P2P mode, up to 250 meters away. A wider trial is planned for San Jose, California.

Facebook also released details on Project ARIES, a transmission technology that is a) spectrally efficient and allows for higher throughput in even the smallest bandwidths, and b) energy efficient, allowing for extended coverage range.

The proof-of-concept system features a base station with 96 antennas and can support 24 streams simultaneously over the same radio spectrum. Researchers have demonstrated 71 bps/Hz of spectral efficiency. The target is aiming for an unprecedented 100+ bps/Hz of spectral efficiency. Facebook said ARIES is an embodiment of Massive MIMO — by using “spatial multiplexing,” the antenna array at the base station can serve a multiplicity of autonomous user terminals on the same time-frequency resource. This opens up possibilities such as resource sharing as an alternative not only to the need for spectrum licensing.

Facebook already has an ARIES testbed delivering 10x spectral and energy efficiency gains in point to multi-point deployments.

https://code.facebook.com/posts/1072680049445290/

vArmour Raises $41 Million for Micro-Segmentation

vArmour Networks, a start-up based in Mountain View, California, raised $41 million in Series D funding for its work in software-defined security for virtualized data centers.

vArmour, which was founded in January 2011 by two NetScreen veterans, specializes in application-aware micro-segmentation with advanced security analytics. Its Distributed Security System (DSS) enables organizations to gain application-layer visibility and control of their network, applications and users to prevent, detect and respond to cyber attacks and breaches in data center and cloud environments. The company cites deployments at hundreds of organizations across the globe, including a significant number of the world’s largest banks, telecom service providers, government agencies, healthcare providers and retailers.

The funding round was led by Redline Capital, Telstra and other strategic investors, bringing total company funding to $83 million.

"vArmour is now segmenting and protecting critical data for some of the largest national infrastructure and financial institutions in the world,” said Tim Eades, CEO of vArmour. “We have proven that our product and model are extremely effective, cost efficient and scalable, and this new round of funding and investment from global distribution partners will propel company growth."

https://www.varmour.com




Team Grush Wins $1 Million from Intel, TBS, Mark Burnett

Team Grush - inventors of a digital toothbrush that uses virtual games to motivate children to brush their teeth, was voted the winner in the season 1 finale of the tech reality TV challenge America’s Greatest Makers.  The team beat out 23 other entrants and was awarded $1 million in prize money.

All of the teams presented new devices built with Intel technology.

Intel and Burnett, president of MGM Television and Digital Group, confirmed a second season of America’s Greatest Makers would air in the United States in 2017.

https://www.americasgreatestmakers.com/

Ericsson Lands IT Managed Services Contract with du

Ericsson announced a long-term deal to manage and operate du's IT infrastructure. Financial terms were not disclosed.

Ericsson will deploy its global tools, processes and ways of working on an end-to-end basis to improve du's infrastructure performance and support high-quality customer experiences. Ericsson will manage du's IT service desk, data center operations, and user computing and enterprise system management processes. In addition, Ericsson will manage IT application operations for du's Enterprise Support Systems as well as Operational and Business Support Systems.

http://www.ericsson.com

Ericsson Divests its Fiber Cable Business in NZ

Ericsson will sell its fiber cable and duct business in Wellington, New Zealand, to Hexatronic Group AB.  Financial terms were not disclosed.

Hexatronic offers all 19 Ericsson employees who are currently employed in the business, employment in the continuing business.

http://www.ericsson.com

Monday, May 23, 2016

Netronome Integrates P4 and C Programming on Production Server NICs

Netronome introduced a P4 and C compliant Integrated Development Environment (IDE) for dynamically programming new networking capabilities on its Agilio CX and LX family of intelligent server adapters (ISAs).

The news is significant because bringing SDN capabilities into a server NIC could help identify and resolve tenant application performance bottlenecks rapidly, enabling cloud service providers to maintain high levels of user experience.

For telco NFV deployments, Netronome said its solution enables a significantly higher degree of dynamic data center traffic observability, helping telco operators to pinpoint issues related to call drops or poor call and video quality in 4G and 5G networks. AT&T and Netronome are presenting and demonstrating this use case at the P4 Language Consortium workshop this week at Stanford University.

The P4 Language Consortium, of which Netronome is an active member, is currently developing specifications for the P4 programming language and associated compilers.The Netronome IDE leverages the Consortium’s open source P4 compiler to deliver 10 Gbps to 100 Gbps performance for popular data center networking functions using the Agilio server networking platform. Extensions developed by  Netronome also enable integration with optional C-based programming for sophisticated functions such as stateful processing.

“Server-based networking has evolved as the most widely deployed form of SDN; its fundamental tenets are feature velocity and control - important requirements for data center operators,” said Sujal Das, senior vice president and general manager, marketing and corporate strategy. “As a pioneer in hardware-accelerated, server-based networking solutions, we take great pride in being the first in the industry with shipping products that can truly help customers realize the value of integrated P4 and C programming for their data center applications.”

A beta release of the Netronome IDE with Programmer Studio v6.0 featuring P4 and C programming on Agilio CX and LX ISAs is available.

http://www.netronome.com
http://www.open-nfp.org
http://www.p4.org

Netronome Brings Hardware-Acceleration to OpenStack Networking

Netronome has tuned its Agilio Server Networking Platform for delivering hardware-acceleration for OpenStack networking, allowing data centers to accelerate applications such as network virtualization, security, load balancing and telemetry using different data plane options suitable for use cases spanning traditional IT to IaaS and Telco NFV workloads. Netronome's own testing has found a 5X boost in VM performance when network functions are offloaded to its Agilio interface cards.

At this week's OpenStack Summit in Austin, Netronome, in collaboration with Ericsson and Mirantis, is showcasing acceleration of open source datapath implementations, specifically, Open vSwitch (OVS), Stateful Firewall (Connection Tracking) and OpenContrail vRouter using Agilio CX intelligent server adapters. The company said this approach will be incorporated as an enhanced OpenStack networking plug-in architecture specification. As a result, critical networking functions that would otherwise hamper performance of the OpenStack implementation are offloaded to the Agilio platform, accommodating significantly more virtual machines per server leading to up to 6X lower TCO and higher services revenue per server compared to traditional NICs.
http://www.netronome.com


Netronome's Agilio Server Networking Accelerates Cloud Data Centers

Netronome introduced its Agilio Server Networking Platform for transparently offloading server-based networking data paths, such as open virtual switch (OVS), Juniper Networks Contrail vRouter, and Linux firewall.

The company said its hardware and software-based Agilio platform delivers up to 5X higher throughput while reducing CPU requirements by up to 80 percent compared to traditional NICs and server-based networking implemented in software.

Server-based networking is being widely deployed in cloud data centers to handle virtualization, firewalls, load balancing, telemetry, zero-trust security using micro-segmentation, virtual network functions (VNFs) and application-based analytics. The big cloud providers (AWS, Microsoft Azure, Google) are using server-based networking in their mega data centers. Netronome's Agilio solution accelerates such server-based networking functions by offloading compute-intensive flow and tunnel processing from the CPUs.

The Agilio CX intelligent server adapters (ISAs) are based on Netronome's own flow processing silicon (NFP-4000) and software architecture (Agilio Software). The Agilio ISAs use onboard memory to support up to two million security policies, and deliver 28Mpps of throughput using hardware-based acceleration.

NTT Creates High Density Optical Fiber with 19 Cores

Researchers at NTT, Fujikura, and Hokkaido University have demonstrated the world’s highest density optical fiber.

The optical fiber has a diameter of less than 250 µm and contains 19 optical paths (cores) that can support six kinds of optical signals (modes). It provides 114 (= 6 modes × 19 cores) spatially multiplexed communication paths (channels) in one optical fiber.

The researchers calculate that the ultra-large capacity optical fiber that can handle a Peta- to Exa-bit transmission capacity.

The work was partially based on work commissioned by the National Institute of Information and Communications Technology (NICT).

http://www.ntt.co.jp/news2016/1605e/160516a.html

Xilinx Adds Data Center Accelerators to 16nm UltraScale+ Roadmap

Xilinx plans to add acceleration enhanced technologies for the Data Center to its 16nm UltraScale+ product roadmap.

The resulting products will deliver the combination of Xilinx's 16nm FinFET+ FPGAs with integrated High-Bandwidth Memory (HBM), and support for the recently announced Cache Coherent Interconnect for Acceleration technology (CCIX).

CCIX is initially driven by a group of seven companies to enable an acceleration framework that works with multiple processor architectures.

Specifically, Xilinx HBM-enabled FPGAs will improve acceleration capabilities by offering 10X higher memory bandwidth relative to discrete memory channels. HBM technology enables multi-terabit memory bandwidth integrated in package for the lowest possible latency.

"Having already delivered 19 billion transistors on a chip at 20nm leveraging our second generation 3D IC technology, we are creating a third generation 3D IC breakthrough  for data center acceleration and other compute intensive designs," said Victor Peng, executive vice president and general manager, Programmable Products at Xilinx. "When combined with next generation CCIX acceleration framework and our software defined SDAccel™  development environment, this technology will enable a new breed of high-density, flexible platforms for accelerating compute, storage and networking applications."

http://www.xilinx.com

Microsoft Awards Grants for Affordable Internet Access

Microsoft announced Affordable Access Initiative grants for 12 entrepreneurial businesses to help scale their solutions and business models to increase affordable Internet access in communities around the world.

Microsoft's Affordable Access Initiative aims to democratize access to the Internet through grants, commercial partnerships, connecting new leaders and community engagement.

The winners are:

Power Solutions
African Renewable Energy Distributor (Rwanda)
New Sun Road (Uganda)

Hardware Solutions
Zaya Learning Labs (India)

Connectivity Solutions
AirJaldi (India)
Axiom Technologies (United States)
C3: Communications Consulting Centre (Malawi)
Ekovolt (Nigeria)
Wi-Fi Interactive Network (Philippines)

Application Solutions
Kelase (Indonesia)
Movivo (United Kingdom)
Tambero.com (Argentina)
VistaBotswana (Botswana)

"With more than half of the world's population lacking access to the Internet, connectivity is a global challenge that demands creative problem solving," said Peggy Johnson, executive vice president of business development at Microsoft. "By using technology that's available now and partnering with local entrepreneurs who understand the needs of their communities, our hope is to create sustainable solutions that will not only have impact today but also in the years to come."

https://www.microsoft.com/en-us/affordable-access-initiative/home

Telco Systems Releases CloudMetro 10 vCPE Platform

Telco Systems has released its CloudMetro 10, a new 1GE virtualization platform and announced the completion of a series of commercial trials with Tier 1 service providers around the world.

CloudMetro 10 is a new member of Telco Systems' Open Metro Edge (OME) portfolio, which includes CloudMetro vCPE 1GE to 10GE family of virtualization platforms, EdgeGenie Orchestrator for management and orchestration, and TelcoApps library of pre-configured packages of virtualized network functions.

CloudMetro 10 supports hardware acceleration and pre-integrated VNF applications enabling carrier-grade performance with multi-service chaining.

Telco Systems has also expanded its library of VNF applications, which includes security, routing, SD-WAN and WAN-optimization services from leading vendors, including Check Point, Audio Codes, Palo Alto and Netrounds.  The company has recently successfully tested additional VNF applications with Cisco, Brocade, Juniper, Silver Peak, Riverbed and Fortinet.

"We are proud of the progress and achievements we have made with our CloudMetro platforms and OME solution," commented Raanan Tzemach, Vice President of Product and Marketing at Telco Systems. "We are positioning our customers to take full advantage of the benefits of SDN and NFV and efficiently offer a new set of virtualized services with flexible business models based on our VNF-packages."

http://www.telco.com

Sunday, May 22, 2016

Blueprint: Evolving Security for Evolving Threats in Payments

by Jose Diaz, Director, Payment Strategy, Thales e-Security

At this point in the history of cyber security, it seems like the eternal optimism of “it couldn’t happen to me” is the only reason consumers by the millions haven’t abandoned the digital life and gone back to cash-only transactions. Huge-scale data breaches persist, snatching more and more personal data. Retailers certainly want to protect their customers and their reputation, but are they really doing all they can?

There’s a reason why we are still experiencing huge breaches, and it’s not a lack of technology. Solutions that provide increased protection for cardholder data, while maintaining the highest levels of performance—up to millions of transactions per day—were defined and developed after the highly publicized breaches in 2009. The Payment Card Industry (PCI) released solution requirements for Point-to-Point Encryption to assist merchants in protecting cardholder data and reducing the scope of their environment for PCI DSS assessments. However, these approaches still seem to be a concept rather than common practice.

This is a critical issue in need of a thorough solution. Reducing the risk of payment data breaches requires encrypting sensitive data at the point of swipe (or dip in the case of EMV cards) in the payment device and only decrypting it at the processor. Direct attacks on devices in the payment acceptance process have become increasingly common and highly sophisticated, but strongly encrypted cardholder data is useless to cyber criminals. To understand the approaches, and the benefits, of implementing sensitive data protection, let’s focus on two key areas: traditional payment acceptance terminals and mobile.

Accepting Payment at the Terminal

Transaction speed is important to both customers and merchants; electronic POS solution providers need to maximize security for payment card transactions without slowing performance. Their solutions need to encrypt cardholder data from the precise moment of acceptance on through to the point of processing, where transactions can be decrypted and sent to the payment networks. By deploying point-to-point encryption (P2PE), intermediate systems that sit between the POI (point of interaction – the point of swipe) device and the point of decryption at the processor are removed from the scope of most PCI-DSS compliance requirements, since the sensitive data passing through them is encrypted.

All encryption is not the same. There’s a difference between encrypting the data at the point of swipe device and encrypting the data in the POS system, more specifically the retail terminal. POI devices are subject to a PCI certification process, thereby providing high-assurance cryptography and key management functionality. Retail terminals, on the other hand, are typically PC/tablet-based devices that in most cases only offer software-based encryption and do not have the security controls of PCI-certified devices.

Data decryption takes place at the point of processing using HSMs for secure key management, as required by PCI-P2PE requirements. HSMs perform secure key exchanges and, in most applications, key management that produces a unique key to protect each and every payment transaction. Taking advantage of these security capabilities, solution providers can build high-capacity and redundant secure systems so that multiple servers and multiple HSMs, deployed at multiple data centers, can combine seamlessly to service high transaction volumes with automated load balancing and failover.

With a distinctive combination of strong security and risk mitigation against malicious capture of cardholder data, Verifone—a provider of secure payment acceptance solutions—is one example of a P2PE solution provider that follows this approach. At the same time, this approach ensures performance and availability for transactions – a win-win for retailers. The Verifone VeriShield solution was specifically designed to enable retailers to implement Best Practices for Data Field Encryption, providing security that helps reduce the scope of PCI-DSS audits.

Accepting Payments on the Fly

Smaller merchants are now able, thanks to the mobile revolution, to afford on-the-go payment acceptance. However, with the increasing availability of mobile payment acceptance options, small merchants and mobile businesses need to take a moment to consider the security of their customers’ payment data.

Mobile devices equipped with an economical card reader “dongle” enable mobile point-of-sale, or mPOS. A mobile phone or tablet can accept payments from both EMV and magnetic stripe payment cards in this way. As with traditional POS, it is critical that the card reader encrypt the sensitive payment data it receives.

It can be challenging to secure mPOS solutions. CreditCall and ROYAL GATE, two payment services providers, overcame this challenge by using point-to-point encryption (P2PE) to protect the sensitive payment data from their mobile acceptance offerings. They integrated HSMs with their processing application as a critical component to manage keys and secure customer data following PCI P2PE solution requirements. The use of HSMs enables them to defend against external data extraction threats and to protect against compromise by a malicious insider.

Securing Payment Credentials

There are several options on the market that allow mobile devices to make payments, but Host Card Emulation (HCE) has distinct market advantages. Because the security of the payment data and transaction is not dependent on hardware embedded in the phone, it has much broader applicability; any smartphone could use the HCE approach by loading payment credentials on the device and using it in place of a physical card.

Mobile devices have a NFC (near field communications) controller, which HCE-based applications leverage to interact with a contactless payment terminal. However, since the application cannot rely on secure hardware embedded in the phone for protection of the payment credentials, alternative approaches for protecting sensitive data and transaction security have to be used. These approaches include tokenizing payment credential numbers as well as actively managing and rotating keys used for transaction authorization. This enables issuers to manage the risk introduced by having a less secure mobile device environment for payment credential data.

The approaches that protect this data are based on HSMs in the issuer environment, which not only create the rotating keys but also to send them securely to the mobile device. In addition, the HSMs are also a critical part of the tokenization and transaction authorization process. The HCE infrastructure does not actually introduce any new security processes or procedures for retailers and processors; it just enables issuers to combine their existing strong security practices—comprising key generation/distribution, data encryption and message authentication—into a cohesive offering to enable payments with mobile devices.

Protecting What’s Yours

The sophistication and determination of malicious actors has resulted in a global,
multi-billion-dollar industry. The real possibility of huge financial reward spurs cyber criminals to evolve their methods, including attacks on payment devices themselves. But the reality is that retailers and their acquirers can reduce their risk and fear if the sensitive cardholder data in their possession is nonsense to hackers. This is why P2PE is so critical in the fight to reduce fraud.

In addition to using P2PE and PCI-certified devices to keep card data safe, merchants are using HSMs in the processing environment to protect critical secure data protection and transaction keys. These steps also create a trust environment that complies with PCI requirements and reduces risk on payment acceptance and HCE-based credentials. Following these best practices will help merchants and their acquirers safeguard the lifeblood of their business, protecting their bottom line and their good name.

About the Author

Jose Diaz has worked with the Thales group for over 35 years and is currently responsible for payment product strategy at Thales e-Security. He has worked with payment application providers in developing solutions and roadmaps for securing the payments ecosystem. During his tenure at Thales, Jose has worked in Product Development, Systems Design, Sales in Latin America and the Caribbean, as well as Business Development.


Got an idea for a Blueprint column?  We welcome your ideas on next gen network architecture.  See our guidelines.

Video: BT Americas - Cloud Security is a Board-level Issue

Security cannot be an afterthought when moving to the cloud. The perimeter has completely changed and is now about the individual and the data.

Identity and access management coupled with the cloud are of such critical importance that they have become board-level concerns, says Jason Cook, BT Americas' CISO.

See video: https://youtu.be/dM7-3tbZzaE