Network Management, Network Security
Article | July 17, 2023
The promise of Open vRAN is to give back to mobile operators some form of control over their networks. The “open” refers to the opening of RAN interfaces. It is critical because it gives operators the possibility to buy the radio unit and the baseband unit from different vendors, rather than having to buy an integrated system, and therefore helps them diversify their suppliers and reduce their dependence on traditional vendors. The “v” refers to virtual. Virtualization is about disaggregating hardware and software and enabling the use of commercial off-the-shelf servers, instead of the usual purpose-built hardware, to run network functions in order to increase flexibility and reduce costs.
Across Asia-Pacific, the announcements and activities from operators including Airtel, Axiata, NTT Docomo, Rakuten Mobile, Smartfren and Telkomsel indicate a growing appetite for open and virtualized radio access networks. In countries like India, Indonesia, Malaysia and Thailand, open RAN can for example help to address the challenges of remote connectivity and to deploy a network in places where it has been traditionally difficult to achieve a satisfactory return on investment.
Read More
Enterprise Mobility
Article | June 15, 2023
The second quarter of 2020 was the strongest second quarter the data center market has ever recorded. Server shipments in what is seasonally a weak period exceeded 3.4 million units. Despite this record baseline, first data points on 2Q21 indicate server shipments exceeded 3.4 million units yet again.
Demand for data center compute continues to be strong and we believe 2Q21 would have been even stronger had it not been for semiconductor supply shortages. We saw strong indication that shortages in CPU substrate materials and other components impacted server supply in 2Q21. This seems to have impacted Intel in particular with AMD gaining share in the quarter.
AMD set their own record, for the first time crossing the 15% server market share threshold. It looks like demand from hyperscale cloud service providers, and Google in particular, has been a big contributing factor for AMD’s strong performance. The historic best AMD performance in the data center server market was in 2006 when 14% of the servers shipped were configured with an AMD CPU. 2Q21 indeed proves that the EPYC roadmap is highly competitive.
In 2Q21, servers with arm-based CPUs again made up a
Read More
Network Infrastructure, Network Management
Article | July 27, 2023
Network security today is losing the battle and a lot of it is blamed upon the traditional security devices. Imagine running next-gen IT Infrastructure secured by security tools made to secure legacy IT.Data breaches have increased substantially and IT professionals are continuously looking at new ways to improve their network security. In this scenario, SD-WAN emerges as one formidable option to implementthat will bolster your network security.
Table of Contents:
- What is SD-WAN?
- How does SD-WAN work?
- What are the main benefits of SD_WAN to network security?
- What are the other advantages of SD-WAN?
.
Let’s dig into it.
What is SD-WAN?
SD-WAN stands for software-defined wide area network (or networking). A WAN is a connection between local area networks (LANs) separated by a substantial distance—anything from a few miles to thousands of miles. The term software-defined implies the WAN is programmatically configured and managed. So, it can be easily adapted quickly to meet changing needs.
How does SD-WAN work?
An SD-WAN connects end users to virtually any application, hosted at any location (e.g., in the public cloud or a company data center), via the best available or most feasible transport service, whether that’s an MPLS (Multiprotocol Label Switching), broadband, cellular or even satellite internet link. To deliver this level of flexibility and performance to users in digital workspaces, an SD-WAN utilizes a control function that continuously analyzes traffic flows across the WAN and intelligently directs traffic in accordance with current policies.
Centralized control
The primary means of control in an SD-WAN is centralized. It often resides in a SaaS application running on a public cloud. Control is decoupled from the hardware to simplify network management and improve the delivery of services. SD-WAN appliances (and virtual appliances) follow operational rules passed down from the central controller. This greatly reduces or eliminates the need to manage gateways and routers on an individual basis.
Multi-connection, multi-transport
SD-WAN gateways support hybrid WAN, which implies that each gateway can have multiple connections using different transports—MPLS, broadband Internet, LTE, etc. A virtual private network (VPN) is typically set up across each WAN connection for security. Consequently, the SD-WAN can be an overlay spanning a diverse communications infrastructure.
Dynamic path selection
Another feature of SD-WAN is dynamic path selection—the ability to automatically and selectively route traffic onto one WAN link or another depending on network conditions or traffic characteristics. Packets may be steered onto a particular link because another link is down or not working very well, or to balance network traffic across all available links. SD-WAN can also identify packets by application, user, source/destination, etc. and send them down one path or another based on those characteristics.
Policy-based management
Policy is what determines where dynamic path selection will steer traffic and what level of priority (quality of service, or QoS) it is given. Business intentions can be implemented as policies via the central management console. New and updated policies are translated into operational rules and downloaded to all SD-WAN gateways and routers under control.
For example, to ensure the best performance for VoIP and interactive web conferences, a policy may be created by giving their packets transmission priority and routing them onto low-latency paths. Cost savings can be realized by sending file back-ups across a broadband Internet connection. WAN traffic that requires a high level of security can be restricted to private connections (e.g., MPLS) between sites and required to pass through a robust security stack when entering the enterprise.
Service chaining
SD-WAN has the ability chain itself together with other network services. WAN optimization (acceleration) is often combined with SD-WAN to improve network and application performance. Internet traffic leaving and entering a branch office may be routed across a VPN to a cloud-base security service to strike a balance between performance, security, and cost.
Read more: GET THE MOST OUT OF YOUR SD-WAN: FEATURES YOU NEED TO START USING TODAY
What are the main benefits of SD_WAN to network security?
Eliminate VPN concerns
One of the first areas in which SD-WAN impacts security is when a company uses the internet as a method of transport.
Before SD-WAN came along and companies were using internet as a backup or even a primary transport method, they would build a VPN or a DMVPN to ensure secure transport of their traffic. This introduces a couple of issues, the first of which is this proliferation of VPNs that has to be managed. The company must have firewalls sitting at their data center, along with a VPN device or firewall sitting in the remote locations to be able to do these VPNs. Every site is dependent on the effort to be up on the network.
- Hamza Seqqat, Director of Solutions Architecture, Apcela
Failover is an issue with this VPN approach, he said. Companies can’t seamlessly failover from a fiber-based type of transport without having to strike some keys in between. It's hard and expensive to do seamless failover.
“Now you don't have to have firewalls for VPNs. You don't have to worry about building your own VPNs or encrypting your traffic,” Seqqat said. “Every SD-WAN product comes with a controller that takes care of things seamlessly. That means there is this smart software-defined engine that builds all these IPsec tunnels between all the locations as soon as you plug the device in. You're not actually having to build a VPN—the controller does it automatically for you, so all you have to do is give the device an IP address or enable DHCP and let it pick an IP address from the DHCP server. Suddenly it's on the network and its building tunnels to all the sites.”
He added that the SD-WAN controller builds a full mesh, so it can talk to every one of the sites without having to go back to the data center. This feature alone can reduce a company’s security footprint significantly because the site-to-site traffic becomes secure, easy, and seamless.
Reduce traffic going through security
A second significant benefit of SD-WAN that impacts security strategy is that it reduces the amount of traffic that needs to go through security parameters because all site-to-site traffic is encrypted. This makes security a bit easier to manage.“For a lot of companies, when they do VPNs for site-to-site traffic, they have to go through firewalls or some kind of encryption mechanism, and that increases their security footprint. It increases the complexity and the cost of security,” Seqqat said. “SD-WAN changes how traffic is routed through security.”
Seqqat gave an example of a site that has a gig worth of bandwidth, and out of that gig of bandwidth, some traffic goes to the internet and some goes to site-to-site.
“Without SD-WAN, generally you would have to run that whole gig through a firewall, and the firewall will split the traffic into what goes to the data center and what goes to the internet,” he said. “When you do SD-WAN, you don't have to do that. You can separate the traffic at the SD-WAN with a split tunnel, so you take half of the traffic and push it through the firewall to go to the internet and the other half goes straight site-to-site without having to go through a security parameter. Now you have a firewall to handle 500 megs as opposed to a gig, and that makes a huge difference because most security products are based on throughput and utilization. So, that can bring some cost benefits and ease management as well.”
Security inherent to SD-WAN
A third area where SD-WAN changes security strategy is the fact that certain security features can be implemented directly through the SD-WAN platform, which reduces costs and complexity in the actual security platform.
“This depends on what aspects of security you're talking about,” Seqqat said. “For example, security is included in the Silverpeak SD-WAN product, so the Silverpeak devices really do most of the security for you. You don't have to deploy another firewall on top of that. With Versa’s SD-WAN, you can virtualize the firewall, so there’s no need to deploy physical firewalls.”
For sites that simply need very basic security, SD-WAN has some inherent security capabilities. It can do things such as allow and deny certain sites and limit traffic that goes to certain sites.
When you look at most SD-WAN products, you can usually kind of steer toward one or another based on your security requirements. Deploying SD-WAN in itself can really eliminate the need for security at several locations or extend the security you have been using.
- Hamza Seqqat, Director of Solutions Architecture, Apcela
Simplify use of security platforms
In his final point, Seqqat said SD-WAN providers are making a lot of progress in partnering with both cloud security providers and cloud service providers. By making traffic encrypted and secure via SD-WAN, security platforms will only have to deal with public internet traffic.
“SD-WAN providers are really working towards partnering and certifying different security products,” he said. “Consider Zscaler as an example. Some SD-WAN products automatically route all your traffic through Zscalar, which does a cloud-based security parameter before it goes out to the internet or to cloud service providers.”
Seqqat said the most important part comes in the fact that Zscalar is distributed across 35 or 40 data centers that are all security parameters.
“Making that routing decision as to what data center your traffic goes through before it goes out to the Internet is extremely important to performance,” he said. “If your Office 365 instance is hosted in Seattle and your users in Europe are trying to reach that, which Zscalar data center the traffic is going to go through before it goes through the Seattle instance of O365 makes all the difference in what latency is going to be at round trip.
“SD-WAN provides somewhat of an automation and optimization of how traffic goes through Zscalar data centers based on performance metrics. SD-WAN can pull latency and jitter and packet loss and all that kind of stuff, so there is some intelligence that happens when a routing decision is being made as to where user traffic is going to go for security scrubbing or security features before it goes out to the cloud provider or to the Internet. That’s a huge feature that comes into play whenever you deploy SD-WAN.”
Read more: FOR SERVICE PROVIDERS SD-WAN IS A MIXED BLESSING
What are the other advantages of SD-WAN?
SD-WAN has many advantages when implemented well:
More predictable and reliable application performance, which helps support users in any digital workspace, across all connections. Superior connection security for cloud applications, without the performance tradeoffs of MPLS backhauling. Congestion reduction due to lack of bandwidth or brownouts with aggregation of bandwidth via multiple bonded and disparate or redundant links.
More reliable access to apps and fewer slowdowns due to congestion.
Resiliency and redundancy with fast failover when outages impact WAN connections.
Quality of service for prioritizing business-critical application traffic.
Fast deployments that fuel business agility when bringing applications online at a branch office, or simply changing the configurations. Zero-touch provisioning allows fast set up of sites in minutes with local staff instead of hours or days.
Reduced network transport costs and more flexibility through the use of MPLS-alternatives like broadband and cellular. Quick procurement of bandwidth from multiple transport services, contrast to the long lead times needed with legacy WAN carrier-based technologies.
Simplified administration with a centralized console eliminates the complexity of configuring edge devices in the field.
Deep SD-WAN analytics to monitor links for performance characteristics. Analytics benefit administrators who can use them when troubleshooting problems across the WAN.
Simpler branch office infrastructure that doesn’t require management of as many single-function devices
Intelligent traffic steering and dynamic path selection
Integrated security with leading 3rd-party solutions, including those for SaaS security
Conclusion
Interest in SD-WAN among organizations is on the rise, and we hope to see a tremendous rise in its adoption in network security strategies over the next few years. Vendor selection will be one of the factor for successful implementation of SD-WAN, as many are quickly developing new and effective software-defined platforms. An ideal vendor would be the one who effectively addresses your specific pain points and is able to meet your current as well as future requirements.
Read more: SD-WAN SECURITY: THE IMPACT OF ORCHESTRATED SERVICES MULTIPLICITY
Read More
Enterprise Mobility
Article | June 15, 2023
Uncover the future of network monitoring at computer networking conferences. Explore insights, collaborations, and growth opportunities to harness the power of secured network infrastructures.
Network monitoring is a critical aspect of the ever-evolving networking industry; helping ensure efficient and secure operation. It involves the continuous surveillance, analysis, and management of network infrastructure, performance, and security. To stay abreast of the latest developments and advancements in this field, industry executives and managers must attend the upcoming network monitoring conferences scheduled between June and September 2023. The events provide a crucial platform for professionals to gain in-depth insights into emerging trends, innovative technologies, and best practices in network monitoring. The computer network monitoring conferences aims to address challenges businesses face with IT infrastructure, operations and cloud. The conferences are broken up into several tracks, each with a different area of focus. The agenda and key speakers offer more opportunities to learn and discover knowledge and improve the network monitoring operations.
Top 7 Network Monitoring Conferences of 2023
1.TMA Conference 2023
June 26-30, 2023 | Naples (Italy)
The 7th edition of Network Traffic Measurement and Analysis Conference will offer a significant opportunity for leaders in the networking industry. Organized by the prestigious University of Naples Federico II, the TMA Conference 2023 provides a platform for presenting cutting-edge research and controversial work in network measurements. One of the Technical Program Committee (TPC) chairs for this year's conference is Johanna Ullrich, a renowned researcher at SBA Research and the Head of the Networks and Critical Infrastructures Security Research Group. With her expertise and insights, Ullrich will share insights with a compelling keynote speech that will offer valuable knowledge to attendees. Moreover, the event boasts technical sponsorship from reputable organizations such as IFIP, IFIP TC6-WG6.6, IEEE, and IEEE ComSoc, further solidifying its significance in the networking industry.
2.IEEE International Black Sea Conference on Communications and Networking
July 4-7, 2023 | Istanbul (Turkey)
A significant event for networking industry leaders, IEEE BlackSeaCom 2023, offers grants to participants who have registered and co-authored accepted papers, fostering engagement and recognition within the conference networks. The special session on machine learning and intelligent algorithms for emerging wireless communications brings forth groundbreaking research. Esteemed speakers like Henning Schulzrinne, Melike Erol-Kantarci, Bülent Kaytaz, and BASIL MANOUSSOS to offer valuable insights about network monitoring in the event. Attending this network monitoring conference will allow industry leaders to network, collaborate, and stay updated on the latest advancements in event monitoring and network monitoring events.
3.IEEE International Symposium on Local and Metropolitan Area Networks
July 10-11, 2023 | London (UK)
IEEE LANMAN 2023 provides a robust platform for industry leaders by bringing together experts to discuss the latest technical advances in local and metropolitan area networking. With a focus on theory and experimentation, LANMAN 2023 invites advanced papers pushing network monitoring events' boundaries. The keynote speakers, including Tommaso Melodia and William Lincoln Smith, are to delve into topics like open RAN systems, edge computing, routing, and network functions. Attending LANMAN 2023 allows industry leaders to expand their conference networks, gain valuable insights, and stay at the forefront of network events and management, empowering them to drive innovation and enhance their network monitoring strategies.
4.International Conference on Computer Communications and Networks (ICCCN 2023)
July 24-26 2024 | Hawaii (US)
A must-attend event for computer communications and network industry leaders serves as a platform for presenting innovative ideas and fundamental advancements in computer communications and networks. The conference facilitates communication and collaboration among researchers and practitioners, driving scientific and technological innovation to enhance communications and networking. Keynote speakers including, Ness B. Shroff, Puneet Sharma, and Dr. Gene Tsudik will address designing future XG networks, complexities of edge-to-cloud platforms, and compromise/malware detection for low-end devices. Attending ICCCN will help expand network through conferences, gain a deeper understanding, and advance their network monitoring techniques with shared expertise and knowledge.
5.SmartNets 2023
July 25-27, 2023| Istanbul (Turkey)
SmartNets 2023 is a pivotal networking conference aiming to bridge the gap between the physical world and cyberspace by connecting everything. The event will bring together experts and researchers from academia to discuss the challenges and solutions in areas like embedded equipment design, resource-constrained media communications, security, data analysis, and services. The conference will be focusing on future scientific issues, covering topics such as Industry 4.0, smart cities, healthcare systems, big data analytics, edge computing, next-generation networks, and more. SmartNets 2023 will enable leaders to gain access to the latest research findings, address digital transformation challenges, explore wireless communication technologies, and exchange experiences on implementing secure and reliable communication services.
6.IEEE International Mediterranean Conference on Communications and Networking
September 4-7, 2023 | Dubrovnik (Croatia)
IEEE MeditCom is a highly anticipated networking conference that brings together worldwide visionaries from academia, research labs, and industry. The event will focus on addressing the challenges in communications and networking. It will provide a platform for researchers to present their work on various topics, including theoretical and systems research and vertical technologies. By attending IEEE MeditCom, industry leaders in the networking industry will be able to discover the latest advancements and research findings. Furthermore, the conference will offer an opportunity to engage with local IEEE Sections, ComSoc Chapters, and Sister Societies from the Mediterranean region. The presence of distinguished keynote speakers like Gerhard P. Fettweis, Petar Popovski, Jean-Claude Belfiore, Mohamed-Slim Alouini, and Antonia M. Tulino will further enhance the value of this event.
7.Cyber Security Training at SANS Network Security Las Vegas 2023
September 6-11, 2023 | Las Vegas (US)
SANS Network Security 2023 offers industry leaders in the network industry the opportunity to learn valuable real-world cybersecurity skills from experts. The event, both live online and in Las Vegas, will provide interactive training with hands-on labs and the chance to participate in NetWars Tournaments. Attending SANS Network Security will allow professionals to enhance their knowledge, network with peers in real-time, and stay up-to-date with industry trends. With courses aligned with GIAC certifications, attendees can validate their expertise in specialized InfoSec, network monitoring domains and job-specific roles. Jon Gorenflo, a prominent figure in the field, is a keynote speaker at the event, and will be sharing his expertise and on-field experience.
Conclusion
The event listing showcases numerous opportunities for networking businesses to gain a competitive edge. By experiencing these upcoming conferences, industry leaders can tap into the latest research, emerging technologies, and best methods in network monitoring. This invaluable knowledge equips them to make informed decisions, develop innovative solutions, and optimize processes. The conferences allow to connect and enable businesses to explore new avenues, forge strategic alliances, and unlock potential growth opportunities. Ultimately, the comprehensive insights gained from these conferences empower networking businesses to adapt to evolving market dynamics, enhance their capabilities, and thrive in an innovative environment.
Read More