Network Strategies for 2015

As we say goodbye to 2014 and review our network equipment plans for the new year, looking at replacement options is not enough.

We have to consider the currents that network technology flows in and where they are taking us.

Ignoring buying decisions and looking at the bigger picture provides an opportunity to assess what emerging companies are doing to redefine and redirect our network thinking, from the higher levels of standardisation, convergence and virtualisation down to how startups are meeting these challenges.

Here is what you should be aware of in 2015.

Standardisation

2015 will see the shifts in IT investments move towards standardised hardware and software products. The software and hardware standardisation efforts inherent in software-defined networks (SDN) and network function virtualisation (NFV) initiatives in the wide area network (WAN) will affect corporate network

Virtualisation

Existing datacentre hardware is being optimised in virtualised environments, and applications are being farmed out to public cloud providers, significantly changing the hardware equation.

Convergence

Hyperconverged infrastructure products combine compute, networking and storage resources to create all-in-one solutions. Hyperconverged appliances offer the scale-out architecture that fits the needs of most shared virtualised environments. To facilitate this, unified software packages have been adopted to converge networking functions previously allocated to dedicated hardware boxes such as WAN optimisers, packet shapers, application development controllers, application and network performance managers, load balancers and next-generation firewalls. This means storage and security are becoming intrinsic to networking topologies and, as such, will become embedded in networking hardware and software.

New challenges in 2015

The specific board-level demands to most enterprise network managers in 2015 will include:

  • Handling 100% traffic growth with the same budget as in 2014.
  • Recognising that much of that traffic growth, namely video, will be latency sensitive.
  • Ensuring the growing bring your own device (BYOD) demand for connectivity is secure and delivers quality of service (QoS) to the customers.
  • Minimising capital expenditure and go with industry-standard, bare-metal hardware to support SDN/NFV.
  • Maximising operating expenses in software and hardware deals.

This translates into key concepts around aligning networks to support business processes, shifting more traffic to Ethernet, flexible cloud deployments and better integration of security and storage capabilities. Startups present interesting next-step products to dominant suppliers in all these categories.

Aligning Network Hardware To Business Processes

When the buyer focus shifts to commoditisation, this presents a serious challenge to profit margins for premium network hardware brands such as Cisco, HP and IBM. Conversely, it presents an opportunity for nimble startups in the network hardware business, as brand loyalty is eroded and the focus shifts to supporting horizontal business processes.

Startup hardware suppliers are adopting the same hyperconvergence logic as software suppliers by integrating complementary software functionality into their boxes to facilitate core business processes. The result is hardware with better integration levels, cheaper and simpler deployments and easier scale-out capacity than their software and brand-name competitors. Instead of outsourcing functions, these network hardware startups advocate on-premise enterprise networking strategies. The message certainly whets the appetite of investors.

They are not looking for startups selling Lego blocks for DIY constructions, but rather emerging suppliers with the integrated hardware and software to handle specific business needs with faster time to value than existing value propositions on the market. Market leader VMware, with its Evo: Rail concept, has aligned all parts of its vSphere and Virtual SAN (storage area network) ecosystem with seven hardware partners (Dell, EMC, Fujitsu, Inspur – China’s dominant cloud computing and service provider, NetOne – Japanese infrastructure optimiser, HP, and SuperMicro – the US application-optimised server, workstation, blade, storage and GPU systems provider).

Startup company Scale Computing, with its HC3 platforms, presents an interesting challenge to the Evo: Rail design, aimed at small and medium-sized enterprises (SMEs), and values simplicity and fast deployment. The three HC3 platforms scale from 40 to 400 virtual machines (VMs). Scale Computing uses a customised version of Red Hat’s KVM hypervisor and leverages a block-level storage architecture as opposed to Virtual SAN’s (VSAN) object-based approach. While KVM may not have as many features as vSphere, Scale Computing is banking on the simplicity of operation along with aggressive pricing compared to the competition, and uses a scale-out architecture that can handle four nodes as the infrastructure grows.

Large enterprises should look at the startup Simplivity and its OmniCube, a hyperconverged infrastructure that delivers the economies of scale of a cloud computing model while ensuring enterprise IT performance and resiliency for virtual workloads. OmniCube has a data architecture that addresses data efficiency and global management requirements in virtualised and cloud computing environments. Its single unified stack runs on standard and hyperconverged x86 building blocks, simplifying and lowering the cost of infrastructure. Deploying a network of two or more OmniCubes creates a global federation that facilitates efficient data movement, resource sharing and scalability.

Ethernet deployments

Ethernet adoption continues to expand and startups such as Arista provide important contributions with the 10-1000Gbps Ethernet switches that target cloud service providers with purpose-built hardware. Its EOS network operating system provides single-binary system images across all platforms, maximum system uptime, stateful fault repair, zero-touch provisioning, latency analysis and a fully accessible Linux shell. With native support for VMware virtualisation and hundreds of Linux applications integrated into hardware platforms, it is designed to meet the stringent power and cooling requirements of today’s most demanding datacentres.

Cloud in a box

In the SME market, SixSq’s Nuvlabox offers a turnkey private cloud in a box. The Mac Mini-sized box includes a complete infrastructure as a service (IaaS) framework, powered by StratusLab, and a platform as a service (PaaS) powered by Slipstream. The built-in Wi-Fi provides network connectivity. With the ability to run up to eight VMs, capacity constraints are solved by adding more boxes and managing them as a single unit. Nuvlabox comes with a library of standard apps and operating system images, including different flavours of Linux and Windows and allows secure remote monitoring and application deployment from a single dashboard. To bypass the capital expenditure objection, SixSq has shifted its business model towards business-to-business licensing, where service provider customers pay rental fees for the equipment and SixSq provides ongoing maintenance and call centre support.

Network Security

Increased use of IT adds value to corporate network transactions and attracts a lot of unwelcome attention. In 2015, we expect more hackers, script kiddies, professional thieves and state-sponsored advanced persistent threat (APT) attacks to target corporate networks. But there is still a lot of low-hanging fruit to gather, such as increased employee awareness of weak passwords and phishing exploits, faster remediation of security holes and better denial of service protection measures. There is also a need for better tools and procedures to protect the enterprise network and ensure these measures meet corporate governance, risk and compliance (GRC) requirements.

One supplier aiming to address these needs is Bromium, which combines a software client on any device with a central security server. Instead of using signatures, behaviours or heuristics to identify potential threats, its vSentry client creates hardware-isolated micro‑VMs for every network-related task, such as visiting a web page, downloading a document or opening an email attachment. All micro-VMs are separated from each other and from the trusted enterprise network. Thus, malware is contained in the hardware-isolated micro-VM. Bromium’s Live Attack Visualization and Analysis (Lava) server converts each micro-VM in the enterprise into a honeypot and automates the often prolonged post-attack malware analysis process. An entire attack is automatically and instantly forwarded to the Lava console, which provides an automatic in-depth analysis of the advanced malware.

Network Storage

Video and social network communications from mobile devices with always-on technology has mushroomed data flows. In the enterprise, big data analytics relies on huge volumes of unstructured data, itself often comprised of large file formats that require secure storage and fast retrieval capacity. Network data volumes are moving from exabyte to zettabyte levels of data and higher. Most pundits and some analyst firms predict traffic and storage volumes will continue to double every two years. Next-generation storage systems include hyperscale data storage, virtualisation to improve utilisation, cloud storage for disaster recovery and lower power consumption to save costs. To enhance storage security, storage systems may incorporate data dispersal and keyless encryption to keep data secure against breaches.

The startup company Solidfire has developed a storage system built on the native ability to achieve significant scale, guarantee storage performance, and enable complete system automation. Combined with enterprise applications and deeply integrated with key management frameworks, Solidfire delivers validated products that make a next-generation datacentre deployment more cohesive, automated, and dynamically scalable.

At the high end, Insieme Networks is the driving force behind Cisco’s Application Centric Infrastructure (ACI) at the core of Cisco’s long-awaited SDN strategy. The ACI architecture leverages a mix of merchant and custom Asics, along with Cisco’s new line of Nexus 9000 switches and its Application Policy Infrastructure Controller (APIC).

Establishing business models

Startup companies in the network hardware business are not only introducing new technology perspectives, they are also exploring new business models and establishing customer relationships. Building on standardised platforms allows users to do more process management and security tasks themselves. With higher levels of personalisation and control, users can more easily explore alternative business processes and combine functions across different platforms, which translates into faster time to value. 2015 promises to be an exciting year for enterprise IT departments looking to revamp their corporate network infrastructures – they may actually meet their boards’ network targets.

Thanks to Computerweekly for the article

5 Ways to Use APM for Post-Event Security Forensics

Most security experts agree that the rapidly changing nature of malware, hack attacks and government espionage practically guarantees your IT infrastructure will be compromised. According to the 2014 Cost of Data Breach Study conducted by the Ponemon Institute, the average detection, escalation and notification costs for a breach is approximately $1 million. Post-incident costs averaged $1.6 million.

Once an attacker is within the network, it can be very difficult to identify and eliminate the threat without deep-packet inspection. The right Application Performance Management (APM) solution that includes network forensics can help IT operations deliver superior performance for users, and when incorporated into your IT security initiatives, deep packet inspection can provide an extra level of support to existing antivirus software, Intrusion Detection System (IDS) and Data Loss Prevention (DLP) solutions. The ability to capture and store all activity that traverses your IT infrastructure acts like a 24/7 security camera that enables your APM tool to serve as a backstop to your business’ IT security efforts if other lines of defense fail.

To use APM solutions for security forensics for post-event analysis, you must have a network retrospective analyzer that has at least the following capabilities:

  • High-speed (10 Gb and 40 Gb) data center traffic capture
  • Expert analytics of network activity with deep packet inspection
  • Filtering using Snort or custom user defined rules
  • Event replay and session reconstruction

Capacity to store massive amounts of traffic data (we’re potentially talking petabytes) for post-event analysis

Like utilizing video footage from a surveillance camera, captured packets and analysis of network conversations can be retained and looked at retrospectively to detect, clean up and provide detailed information of a breach. This back-in-time analysis can be especially important if the threat comes from within, such as a disgruntled employee within a company firewall. It also allows companies to determine exactly what data was compromised and help in future prevention.

Below are five ways to use network monitoring and analysis to investigate breaches:

  1. Identify changes in overall network traffic behavior, such as applications slowing down that could be a sign of an active security breach.
  2. Detect unusual individual user’s account activity; off-hour usage, large data transfers, or attempts to access unauthorized systems or services — actions often associated with disgruntled employees or a hacked account.
  3. Watch for high-volume network traffic at unusual times, it could be a rogue user in the process of taking sensitive data or stealing company IP.
  4. View packet capture of network conversations to determine how the breach occurred and develop strategies to eliminate future threats by strengthening the primary IT security.
  5. Discover what infrastructure, services, and data were exposed to aid in resolution, notification, and regulatory compliance.

By incorporating retrospective network analysis, companies can use their network monitoring as a back stop to IDS and DLP solutions, and accelerate detection and resolution.

Thanks to APM Digest for the article. 

A Unified View of Network Monitoring

NMSaaS Unified Network Monitoring

In the past few years, the enterprise computing technology has changed dramatically. Virtualization, SaaS, and cloud computing are creating fundamental changes, and leading to an time in which enterprises distribute critical IT applications across multiple service providers and infrastructure. These changes are rendering legacy monitoring tools, which have their roots in the computing environments of a decade or more ago, virtually useless. This paper explores today’s computing trends and their monitoring implications. In addition, it reveals how a new monitoring paradigm, the NMSaaS architecture, uniquely addresses the monitoring realities of today’s and tomorrow’s enterprises—whether they rely on internal platforms, external service providers, or a combination of both.

Download the white paper

NMSaaS - Unified View of Network Monitoring

Data Security and Performance Management from Network Instruments

Network Instruments Data Security and Performance Management

Is your performance management solution a target for attackers? With increasingly creative exploits, it is important to stay ahead of the curve when it comes to data protection. Performance monitoring tools that do not keep pace can leave your information vulnerable.

TOTAL PERFORMANCE MANAGEMENT

The Observer® Performance Management Platform is a fully integrated solution, purpose-built to support the highest level of network security.

Its features include:

  • TLS-based 256-bit encryption for data in motion and data at rest
  • Power to keep up with line-rate during encryption
  • Network invisibility option with internal Gen2 capture card
  • Web-based interface for reduced learning curve, maximum ease of use
  • Centralized management of AAA

The Observer Platform delivers a return far above its cost, as not only a powerful monitoring solution but a wise addition to any enterprise security strategy.

Learn more by downloading the white paper

Network Instruments Data Security and Performance Management

The 5 Main Questions You Have to Ask in Network Management

Cloud Computing

Although many people may perceive Network Management as an extremely complicated and diverse area of specialty, there really are only 5 questions that every Network Manager needs to think about. The main components behind every problem in Network Management, are as follows:

What do I have?

If you don’t know what you have how can you manage or monitor it. Most of the time in Network Management you’re trying to track down potential issues and how you’re going to resolve these issues. This is a very hard task especially if you’re dealing with a large scale network. If one thing goes down within the network it starts a trickle effect and then more aspects of the network will in return start to go down.

If you don’t know what you have how are you meant to know if you need an upgrade. Numerous enterprises are paying for upgrades that aren’t needed and getting charged for unnecessary maintenance. A simple tool like automated discovery management can help resolve this. It identifies what you have, displays topology maps and automatically compiles reports.

Is anything broken?

At times, technology seems like it is advancing faster than we can keep up with it. As the industry evolves, your business must adapt to take these changes, especially if you want to stay as efficient as possible. Finding out if there are any issues with your infrastructure sooner rather than later is an obvious factor, but some people find this harder than others with the size of their IT infrastructure.

Having the right Network Management solution enables you to find the flaws early on so they don’t snow ball into a catastrophe. Continuous monitoring of all systems ( devices, services, UPS’s) are all key components to eliminate these issues, an application such as Root Cause Analysis or Weathermapping can help you manage these complications.

Why is it slow?

The number one complaint is why is it slow? Everyone always presumes that it’s the networks fault that the application is slow, in reality there is a number of issues. These concerns include over capacity of links, poorly written applications, firewall problems or even QoS issues. Sometimes it’s tricky to find the actual cause of the application being slow as most of the time there is no evident issue to be found.

What can be done? TEST, TEST, TEST, and then correlate these to come up with a realistic resolution. You can use NetFlow to get a real deep dive into what’s going on.

Cloud Computing

Is it secure?

Is my network secure is a hot topic these times with breaches occurring in some of the top firm’s applications. Company’s such as JP Morgan, EBay and Snapchat have all had security threats in 2014 with a lot of their customer’s information being jeopardized. Many wonder if these networks are safe and the answer is that that they are.

There is always going to be vulnerabilities no matter what, in the first of half 2014 there were over 400 security breaches within companies withholding personal information. As long as you have a trusted network manager you should be ok, a lot of these hacks are just wake up calls for companies to improve their security network.

Our approach to security is to create, push and perform security policies. Every network application should have a good protection policy configuration. Here at NMSaaS we can create those policy checking systems which have the possibilities to take down any possible vulnerabilities and eliminate them.

Can I recover if something fails?

In reality nothing lasts forever, the average life span for a hardware device is 4 years. The main concern is are you able to recover your data if a problem arises, and the answer is yes.

What to do

  • Back up all of you device configuration files (off site)
  • Maintain a consistent schedule of backups.
  • Have a quick and simple restoration process if something does fail.
  • There are always going to be problems no matter what, but what you have to remember is that there is always a solution to every problem!

Security & Compliance Monitoring

Ixia's Net Tool Optimizer

High-stakes Monitoring

Global finance moves fast. When data and transactions don’t take place as smoothly or securely as expected, the company’s revenues and reputation may instantly suffer, causing valued customers to seek more reliable providers. Regulatory requirements are also growing, creating a greater need for security and compliance monitoring.

To mitigate risk and ensure performance, Ixia’s network visibility solutions deliver the ongoing data needed to dynamically detect, avoid, and address issues that affect production networks, private clouds, and applications. With security and compliance monitoring requirements increasing and physical networks becoming more complex, the Ixia suite of network monitoring switches optimizes use of network monitoring access points and overcomes hardware limitations for increased visibility at reduced cost.

Leveraging industry-leading network visibility technology, Ixia’s solutions enable engineers running the world’s most demanding networks to:

  • Minimize latency and speed transaction times
  • Prevent fraud and secure data across multiple networks and private cloud infrastructures
  • Maintain compliance with rigorous regulatory standards associated with PCI-DSS and other governance
  • Maximize existing investments while evolving to 40Gbps and beyond
  • Demonstrate fairness to customers and compliance with requirements tied to Service Level Agreements

Ixia’s suite of solutions also supports testing, assessing and optimizing of network and application performance, security, compliance, and management under diverse conditions. These breakthrough solutions deliver:

  • Increased network visibility by efficiently providing network, application, and security monitoring tools the exact data they need
  • Expanded network monitoring capacity with aggregation, filtering, and replication of data enabling simultaneous monitoring of multiple connection points from a single port
  • Maximum tool utilization extending 1Gbps monitoring tools to 10Gbps and 40Gbps networks to defer costly upgrades
  • Automated troubleshooting that reduces mean time to repair (MTTR)
  • Industry-first “drag and drop” interface that speeds and simplifies configuration and management

Related Products

Ixia's Net Tool Optimizer Net Optics Network Taps Net Optics Phantom Virtualization Tap Net Optics Network Packet Brokers Ixia's Application and Threat Intelligence Processor

Net Tool Optimizers
Out-of-band traffic
aggregation, filtering, dedup, load balancing

Net Optics Network Taps
Passive network access for security and monitoring tools

Phantom Virtualization Tap
Passive network access to traffic passing between VMs

Net Optics Network Packet Brokers
Inline traffic aggregation,
filtering, deduplication and
load balancing for monitoring
tools

Ixia Application and Threat Intelligence Processor
Better data for better
decisions

Resources

The Real Secret to Securing your Network

Ixia's- The Real Secret to Securing your Network

Thanks to Ixia for the article.