SECaaS Is an SMB Market Opportunity

Author Avatar Posted on December 3, 2015 by Wedge Networks Administrator

By Mari Silbey, Senior Editor, Cable/Video, Light Reading. Published on LightReading.com on December 3, 2015.

NEW YORK — Carrier Network Security Strategies — Security-as-a-service may need a better moniker (ahem, SECaaS), but if it makes money for service providers, does that really matter?

In a panel moderated by Heavy Reading Chief Analyst Patrick Donegan at the Carrier Network Security Strategies event, executives from Telefónica , Wedge Networks and Intel Corp. (Nasdaq: INTC) examined the opportunities for monetizing security services, and all agreed that there’s a sweet spot for sales in the small to midsized business market.

“I would say, just given our history, certainly the small to medium businesses are the best opportunity,” said James Hamilton, CEO of Wedge Networks. “And to be able to go to them and say we’re going to be able to offer you an extension of this broadband … security [as an add-on service] I think has resonated the most.”

Hamilton also explained why SMB customers are more attractive when it comes to security services than other parts of the market.

Large enterprises already address security in house, and that means anything a service provider can offer would only be at a level of augmenting technology and processes already in place. At the other end of the spectrum, there might be some opportunity to sell security services to consumers, but that type of offering would have to be packaged just right, and the model (beyond free antivirus software) isn’t well proven yet.

In the SMB market, however, security is something companies need, and, at some level, something they’re willing to pay for.

For service providers, the other advantage to the SMB market is the opportunity for standardization. That’s true from a technology perspective, but also from an operational perspective. Where large enterprises need customization, the end-to-end process with smaller companies can be refined and then replicated. As Luis Francisco Gonzalez, the head of marketing for part of Telefonica’s Global B2B Security business characterized it, that standardization includes everything along the customer journey from the initial marketing of a service, to collecting feedback, and even to helping a customer exit the service if they decide to try another solution.

All of the executives on the panel also highlighted the same reason that security-as-a-service makes sense in the SMB market now. When a service is delivered over software versus proprietary hardware, it’s suddenly feasible to offer a try-before-you-buy model — something the SMB market often requires. With a free trial, customers can see the value of a security service before having to invest any money.

The issue of virtualization also came up with regard to a new possible entry point in the SMB sales process. Bob Ghaffari, director for the Data Center/Network Platforms Group at Intel, noted that service providers now have an opportunity to experiment with virtual CPE offerings, and once a proprietary piece of hardware is subtracted from the customer premises, that opens the door to a discussion of introducing a new software-based security service.

“You’re taking a look at an entry point where you’re sort of consolidating functions on a standard piece of hardware,” said Ghaffari, “and you basically are in a way de-risking the different elements in a small/medium business from having a separate router.”

In the near term, the most compelling security application for SMB companies is the virtual firewall. However, Wedge Networks’ Hamilton also pointed out that URL filtering has appeal. If security as a service takes off, those applications are likely where the SMB market will spend its money. And it’s where service providers should place their early bets.

For the full article, please see LightReading.com.

LightReading logo

Posted in Industry News, Latest Security News, Wedge News | Tagged , , | Leave a comment

Securing The Enterprise Network With Big Data Science – From The Cloud

Author Avatar Posted on November 26, 2015 by Wedge Networks Administrator

By Wedge Networks. Published on Telecomkh.com on November 26, 2015.

Forget simply defending the network perimeter. There is no perimeter. Mobility, cloud IT and hosted applications have nearly dissolved the boundaries that once defined the perimeter. Enterprise networks are vulnerable from malicious websites, hostile content, compromised end points, and new vulnerabilities that exploit mobile hotspots, and of course the cloud. Ironically, security solutions based in the cloud also represent the best approach for securing the enterprise network, using tools provided by Internet service providers and secure telecommunications carriers

For years, enterprises have assumed full responsibility for their data security, at considerable expense. Deploying hardware appliances like firewalls; software solutions like intrusion detection/prevention systems; management platforms and more. A lot of time, a lot of expenses, all to try to stay one step ahead of the bad guys. All the while, evolving threats and new mobility and cloud vulnerabilities have generally rendered those premises-based approaches insufficient.

What about carriers? Their traditional role is to provision connections and move packets between Point A and Point B. The competitive differentiators of carriers were factors such as bandwidth, latency, geographic reach, ease of creating new services, uptime, redundancy, service level agreements, and of course price. Thanks to evolving technologies like Software Defined Networking (SDN) and Network Functions Virtualization (NFV), carriers and ISPs are now able to offer their customers Security-as-a-Service – and this is a game changer, especially with the type of innovations offered by pure-play cloud-based security players like Calgary, Alberta-based Wedge Networks.

Wedge has become well known for its Cloud Network Defense platform, which is a massively scalable security software system that runs within a carrier’s network. As a software solution designed to run in the new service provider data center architecture, it can be deployed with minimal upfront costs and scaled up as the carrier adds new security customers. Installed on typical data center servers, it allows ISP or carriers operating as Managed Security Service Providers (MSSPs) to enforce enterprise grade Security-as-a-Services to individual enterprises according to their subscribed security services agreement. Because it runs in cloud environments using SDN and NFV, the software dynamically scales to process high volumes of network — without slowing down the traffic.

The security technologies in Cloud Network Defense are state-of-the-art, including Wedge’s deep inspection engines to detect and block malicious attacks and data exfiltration from L3 to L7 and content; an identity based policy engine that selectively applies security services that meets the subscription level; an intuitive single-pane-of-glass user interface for enterprise customers; and support for all current and evolving virtualization platforms, such as OpenStack and KVM. That’s only the start, however.

The newest twist in Cloud Network Defense is a data science based service called WedgeIQ. This Big Data functionality employs a set of unique threat detection and remediation algorithms and a variety of pattern-matching and machine learning techniques to identify targeted cyber threats against individual enterprises. It enables real-time response to security outbreaks, and presents the results as easy to understand analytics to the enterprise customers to help them appreciate the security services in action.
Consider this real-world security intervention with a service provider running Cloud Network Defense with WedgeIQ: Phonoscope Lightwave of Houston,deployed the Wedge Cloud Network Defense platform,and was using it in a detect-only mode to monitor the broadband traffic of one of their customers, a school in Texas. The intent was to gather threat intelligence data that would be shared with the customer, along with information about a new Security-as-a-Service offering under consideration. Ironically during the monitoring period, the customer experienced a massive network attack, resulting in a customer network outage. Phonoscope Lightwave immediately used the threat intelligence data gathered by WedgeIQ analytics and threat learning techniques to help the customer to rapidly detect, isolate and resolve the problem.

In this example, the Wedge system was in detect-only mode, but the detection of the threat illustrated that the entire attack and network outage could have been detected and blocked if the Security-as-a-Service offering was already in place.

Because WedgeIQ is based in the cloud, security is becoming democratized. In the past, very large enterprises – think Fortune 500 – could afford world class, multi-layered defense systems. Small and mid-size businesses, not so much: They only had the security and countermeasure capabilities commensurate with their IT staff’s capabilities, and of course, their ability to buy and manage expensive on-premises solutions. This not only left their data systems, customer data and intellectual property vulnerable, but placed them at a competitive disadvantage compared to better-funded corporations.
That is changing: As carriers across the globe adopt SDN and NFV, and add Security-as-a-Service solutions like Cloud Network Defense, small and mid-size businesses can receive the same security technologies as their larger counterparts – and only pay for what they use.

The enterprise network perimeter no longer exists. Remote employees, field offices, mobile users and cloud computing have rendered premises-based security systems insufficient. The only way to effectively protect the small, medium or enterprise-sized network is to filter traffic as it traverses the network. As more carriers adopt SDN and NFV, Software-as-a-Service is becoming the new model for effective network defense. Multi-tenant solutions like Wedge Networks’ Cloud Network Defense, augmented by data science with WedgeIQ, are at the leading edge of protecting the modern business.

For the full article, please see telecomkh.com.

Telecomkh

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , | Leave a comment

At GEN15, Network Operators Stepped Their Game

Author Avatar Posted on November 25, 2015 by Wedge Networks Administrator

By Rob Powell. Published on TelecomRamblings.com on November 25th, 2015

“Last week I had the pleasure of attending the MEF’s GEN15 conference in Dallas, Texas as a media sponsor. Software-defined Networking, Network Functions Virtualization, and Lifecycle Service Orchestration were the big buzzphrases just as they were last year. But there was a distinct difference in the air.

The vendors were there, talking up their wares as usual. The MEF was of course everywhere, talking up its ongoing Third Network LSO standards efforts. But this year, it was increased engagement of the network operators that I really noticed. The US contingent was led by AT&T, who seemed to be everywhere, with Verizon, Cox, Comcast, Time Warner Cable, Windstream, Level 3, and CenturyLink also there in force. International operators like Colt, PCCW, TI Sparkle, and Telstra were as well.

And more to the point, they were pretty much all there to talk about what they are actually doing with all the new technologies at their disposal, and how their industry would be reshaped by them. Last year, the tone was set by the vendors, who were making the case for those technologies — apparently they succeeded. Most of the time, the technology actually being used was still on a limited scale, but with little doubt of future expansion and transformation. At GEN15, the story was about current implementations, the need for more extensive implementations, and the even bigger need to adjust internally to really take advantage of the potential of those implementations.

There were a variety of interesting Proof of Concept demonstrations, with a growing emphasis on relevant real-world implementations.

Two network operators showed off new capabilities solo, as AT&T demonstrated its new network-on-demand platform, and PCCW did similarly.

And there were of course many team efforts.

Colt, which seemed to have a bit of a headstart at last year’s event, continued their collaboration with the Ciena (formerly Cyan) Blue Planet team with LSO-powered, vCPE-hosted NFV across both data center and WAN.

Another interesting demo was by Cox Business and Accedian, who showed the automated provisioning and operation of strand-mounted small cells. I suspect we’ll be hearing more about that sort of thing in 2016.

Wedge Networks teamed up with Houston fiber operator Phonoscope Lightwave to demonstrate Security as a Service using VNFs, SDN, and service Chaining. CenturyLink, Sandvine, and RAD teamed up for application-aware network policy control.

WebNMS teamed with Omnitron and Veryx to show an LSO-orchestrated on-demand service via CE 2.10 and an SDN-powered data center network.

CENX, which has seen rapid revenue growth this year helping the wireless carriers manage their backhaul networks, took aim at service quality for the Internet of Things via LSO and NFV.

MRV demonstrated distributed NFV via cloud-based multi-factor authentication.

Another interesting impression I had of GEN15 was how little I heard the word ‘Ethernet’ in comparison to things like SDN, NFV, LSO, and the like. Oh it was there, complete with Bob Metcalfe and some pretty good keynote jokes, but Ethernet was more present as the background of the painting than of the subject being painted.

I also got a look at GEN15’s LSO Hackathon, which despite the name had little to do with cracking anyone’s security. Rather, it was simply a room full of software guys from companies around the sector test-driving and improvising on each other’s latest APIs. I suspect a few of next year’s Proofs of Concept will have been born in that room.”

For the full article, please visit TelecomRamblings.com.

TRLogo2_003

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , | Leave a comment

OpenCloud Connect Elects New Board

Author Avatar Posted on November 25, 2015 by Wedge Networks Administrator

and promises OCC standard interface definitions will be with you shortly
OpenCloud-Connect-Large
London 25th November 2015: The board of OpenCloud Connect (OCC), the open source movement which is the driving force behind a new wave of network innovation and higher levels of industry collaboration, has approved its 2015-2016 Board of Directors, and reaffirmed its mission to advance vendor-neutral industry standards for cloud connectivity.

With virtual machine populations running into the millions across geographically dispersed datacenters, plus the rise of SaaS and other cloud based services, companies face many business and technical challenges. OpenCloud Connect provides a unique consensus-building framework for industry stakeholders to collectively develop solutions that address the challenges of integrating multiple clouds, managing security and policy models across multi cloud and carrier environments, and enabling applications and networks to exchange status requirements and changes.

James Walker, President of the OCC, said, “Our aim over the next few months is to enable our members to start aligning their external API interfaces to the OCC’s standard interface definitions. There are huge benefits to enterprises, including dramatically reducing the cost of integrating their suppliers, allowing them to enforce a single consistent security policy across all their network and cloud services, as well as opening up new business opportunities.

I’m extremely excited and proud to be at this stage where all the hard work done over the last two years, will be visible and start delivering the promised benefits our members believe so passionately in.”

The new Board of Directors who will serve for a year in office were elected during the 2015 Annual Members Meeting in Dallas on November 16, 2015.

Serving on the OCC Board of Directors for 2015-2016 are:
Chairman:
Jeff Schmitz is Executive Vice President of Spirent, where he is responsible for leading the business segments that deliver solutions for Wireless Networks & Devices, Service Assurance, Positioning & Automotive, and Customer & Network Analytics. Jeff serves as Chairman of the OCC, where he led the OCC in defining key initiatives to address the growing demands of delivering cloud services.

President:
James Walker is Vice President, Managed Network Services for Tata Communications, and is responsible for leading the company’s VPN line of business – covering enterprise and wholesale Ethernet, MPLS, managed IPSec and datacentre interconnect services. James launched OpenCloud Connect in May 2013, and has served as President since OCC’s formation.

Treasurer:
Doug Wills is vice president of marketing for Akanda, Inc, an OpenStack network virtualization start-up that delivers routing-as-a-service inside VMs and Linux containers. Wills has 20 years software and network infrastructure experience, working for Cisco, Ericsson, Juniper and Microsoft. At Juniper, Doug was responsible for its network operating system and several software defined networking programs and was Juniper’s lead representative at the Open Networking Foundation, OpenStack, MEF and CloudEthernet Forum.

Plamen Minev is a Director of Engineering at Cisco’s Chief Technology and Architecture Office (CTAO). He leads a team focused on next generation network and systems management architectures for cloud and communications service providers and large enterprises.

Vinay Saxena is Distinguished Technologist at HP, and acts as the Chief Architect for HP’s NFV business. In this role, Vinay is responsible for defining the overall NFV technology architecture, strategy and future vision including the evolution of the solution plan of record.

Dr. Mehmet Toy is Distinguished Engineer of Comcast, co-chair of OpenCloud Connects Programmability Working Group and chair of IEEE Cable Networks and Services Committee. Currently he is leading the development of Business Ethernet Services over DPoE (DOCSIS over EPON).

Dr. Hongwen Zhang is a co-founder of Wedge Networks. As Chief Technical Officer, he is instrumental in developing Wedge’s high performance security platform. Dr. Zhang holds a Ph.D in Computer Science from the University of Calgary; an M.Sc in Computer Engineering from the Institute of Computer Technology of Chinese Academy of Sciences, and a Bachelor of Science in Computer Science from Fudan University. With more than two decades of high-tech leadership experience, Dr. Zhang is a co-inventor and holder of several patents in the area of computing and networking. Prior to establishing Wedge Networks, he was a co-founder of the 24C Group Inc., which pioneered the first digital receipts infrastructure for secure electronic commerce. Dr. Zhang was previously principal of Servidium Inc., now ThoughtWorks Inc., a global leader in agile development methodology.

Dawane Young is the Division Vice President of Platforms and Applications for Verizon’s Partner Solutions organization. Dawane’s team engages in Security, Data Center Collocation, Professional Services, Internet of Things (IoT) and Cloud sales opportunities with partners and resellers globally.
Dawane holds a Bachelor of Science Degree in Mass Communications from James Madison University.

About: Open Cloud Connect;
Open Cloud Connect is an industry organization that are focused on facilitating the $200B cloud services market through open standards development thus making cloud services easier, faster, more secure, and affordable to deploy and manage.

A global industry alliance of market-leading cloud service providers, network service providers, equipment manufacturers, system integrators and software developers their founding mission is to address the need for deploying, managing and securing services built across the cloud ecosystem.

OCC’s members include: Akanda, Alcatel-Lucent, Avaya, Cisco, Comcast, CoreSite, Coriant, Cyan, Ericsson, HP, Interxion, Iometrix, Neustar, Nuage Networks, PCCW Global, Spirent, Tata Communications, Verizon, Veryx, and Wedge Networks.

Open Cloud Connect is an independent MEF organization. For more information, please visit www.OpenCloudConnect.org.

PR Contacts:
International:
Kate Innes
Zonic PR
kinnes@zonicgroup.com
+44 (0)1672 550123

Asia Pacific:
Shirley Yeh
Zonic PR Asia
syeh@zonicgroup.com

USA:
Greg Cross
Zonic Group
Gcross@zonicgroup.com

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

Wedge Networks announces industry leader James Hamilton as CEO

Author Avatar Posted on November 18, 2015 by Wedge Networks Administrator

New CEO to accelerate global growth in cloud security sector

GEN15 Dallas, November 18, 2015 — Wedge Networks, the leader in orchestrated threat management solutions, today announced the appointment of James Hamilton as chief executive officer to spearhead the company’s global charge in the rapidly growing cloud security market.

Hamilton, a Wedge Networks board member since 2013, brings extensive executive leadership experience to the rapidly growing company and is widely recognized as one of the cybersecurity industry’s most respected and influential leaders. Most significantly as chief executive officer of TippingPoint, the company that defined Intrusion Prevention Systems (IPS) and that was acquired for $430 million by 3Com, where he stayed on and continued to lead the TippingPoint line of business.

Throughout James career spanning 25 years in network and security industries he has played a major part in defining next generation technologies, successfully taking four companies public, all of which were subsequently acquired. He was also an executive of three other private companies that were acquired, for a total acquisition value exceeding $3.8 billion. Other highly notable achievements include his role as president of Efficient Networks Inc. which became the global leader in DSL technology and was acquired of Siemens AG for approx. $1.5 billion. He also led the first wave of VoIP technology as vice president of worldwide sales and service at Picazo Communications Inc., an IP telephony company sold to Intel Corporation. More recently James was a senior executive for Cyan, a leader in software-defined networks (SDN) and network functions virtualization (NFV) orchestration acquired by Ciena.

“Wedge Networks has developed truly compelling cloud security and orchestration solutions that embody the spirit of new SDN and NFV frameworks,” said Mr. Hamilton. “I believe our cloud-based security software addresses critical gaps in conventional security frameworks, and our open, multi-vendor, software approach is an attractive alternative to the proprietary hardware-intensive conventional approach.”

Jeff Wilson, Principal Security Analyst from IHS said: “Hamilton has a proven background in building highly successful and innovative security companies like TippingPoint. I look forward to tracking his progress helping Wedge Networks capitalize on the rapidly-expanding cloud security opportunity.”

Dr. Hongwen Zhang, former chief executive (CEO) and co-founder, actively recruited James to his former role and will continue on as CTO, with a primary focus on leading product development. “I am absolutely thrilled to have James join us as CEO,” said Dr. Zhang. “He is a world class leader in the security and networking industry. His market insight and input as board member have been incredibly valuable these past few years. Having him lead our team will help us to accelerate our market success and achieve our full potential.”

Wedge Networks are also today launching the addition of WedgeIQ™, an integrated multi-technology threat intelligence engine, to its revolutionary Cloud Network Defense™ security platform. Wedge Networks will be showing real-time security services running with WedgeIQ and using Network Functions Virtualization for Security (NFV-S) on the Phonoscope LightWave network as Proof of Concept (PoC) demonstrations at the MEF GEN15 Conference Dallas, Texas, Nov. 16-19, 2015.

About Wedge

Wedge Networks™ is transforming the way security is delivered. Powered by the innovative WedgeOS™, Wedge Networks’ Cloud Network Defense™ is an orchestrated threat management platform designed to combat the shifting threat landscape associated with cloud, mobility, Internet of Things and consumerization of IT. By embedding security within the network as an elastic, scalable service, it is the only cloud security solution to perform high-performance content inspection without requiring traffic to leave the network. The award winning Wedge Platform™ is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, internet services providers, and across all industry verticals. Wedge Networks is headquartered in Calgary, Canada and has international offices in Dallas, USA; Beijing, China; and Manama, Bahrain. For further information visit: http://www.wedgenetworks.com/

Media Contacts:
USA & International PR contact:
Emma Jefferies
Zonic Group PR
ejefferies@zonicgroup.com
+44 (0)1672 550 130
+44 (0) 7804 903 026

Posted in Industry News, Wedge News | Tagged , , | Leave a comment

Wedge Networks Introduces Advanced Threat Intelligence for Assured Security Lifecycle Services Orchestration with WedgeIQ™; Solution to Be Demonstrated At MEF GEN15

Author Avatar Posted on November 17, 2015 by Wedge Networks Administrator

A powerful new combination of big data analytics, intuitive threat visualization, automated learning, and real-time threat intelligence distribution further enhance Wedge Cloud Network Defense™ for agile, assured and orchestrated threat management

Calgary, Alberta, November 17, 2015 — Wedge Networks, the leading orchestrated threat management solutions company for cloud-connectivity, today announced the addition of WedgeIQ™, an integrated multi-technology threat intelligence engine, to its revolutionary Cloud Network Defense™ (CND) security platform. WedgeIQ introduces powerful, Fortune 500 Enterprise-grade threat intelligence with carrier-grade reliability and scale providing deep threat discovery analytics, intuitive visualization, reporting, automated learning, and real-time global threat intelligence distribution for Wedge CND network security operators and their Security-as-a-Service (SECaaS) customers. Wedge CND with WedgeIQ will be demonstrated running in a real-world carrier network at MEF GEN15, coming to Dallas in November 2015.

WedgeIQ is the newest technology addition to Wedge CND, an orchestrated threat management platform that combats the shifting threat landscape associated with cloud, mobility, Internet of Things and consumerization of IT. By embedding security within the network as an elastic, scalable service, Wedge CDN provides high-performance content inspection in the cloud, in real-time, and applies orchestrated threat management policies on a per customer basis. Wedge security technologies are deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, internet services providers, mobile operators, and across all industry verticals.

By integrating multiple technologies for analytics, visualization, learning, and data distribution, WedgeIQ introduces capabilities that allow its threat intelligence to grow and evolve as rapidly as the threat industry, to keep up with and protect against ever increasing threats. The ability of WedgeIQ to analyze big data and produce compelling and intuitive visualizations of threats encountered by the network conveys valuable data that customers can use to evaluate and when appropriate adjust their own internal policies and practices to minimize potential threats. In many cases, it also serves as Wedge CNDs own value-advocate by clearly visualizing the scope and magnitude of threats being managed and mitigated by Wedge CND.

“We’ve all seen the disturbing trend where rapidly changing security threats are outpacing the ability for many organizations to keep up” said James Hamilton, Wedge’s recently appointed CEO. “They simply can’t allocate enough human and capital resource to win the security battle on their own. The ability for conventional service providers to leverage Wedge CND to protect their own network and simultaneously deliver Fortune 500 Enterprise-grade Security-as-a-Service with carrier-grade reliability and scale to their customers will improve the security landscape for everyone.”

Wedge Networks will be showing real-time security services running with WedgeIQ and using Network Functions Virtualization for Security (NFV-S) on the Phonoscope LightWave network as Proof of Concept (PoC) demonstrations at the MEF GEN15 Conference Dallas, Texas, Nov. 16-19, 2015.

“We provide broadband, internet connectivity and other services for several thousand businesses and educational institutions across the greater Houston area, representing well over a million students and customer employees” said Mike Mason, senior business development executive of Phonoscope LightWave. “We’ve been evaluating Wedge Cloud Network Defense for both protecting the servers in our hosting environment and for protecting our end customers via Security-as-a-Service. Wedge CND’s ability to detect, diagnose, visualize and act on threats has greatly exceeded our expectations, giving us confidence that we can add security as a compelling incremental service in our portfolio.”

About Wedge
Wedge Networks™ is transforming the way security is delivered. Powered by the innovative WedgeOS™, Wedge Networks’ Cloud Network Defense™ is an orchestrated threat management platform designed to combat the shifting threat landscape associated with cloud, mobility, Internet of Things and consumerization of IT. By embedding security within the network as an elastic, scalable service, it is the only cloud security solution to perform high-performance content inspection without requiring traffic to leave the network. The award winning Wedge Platform™ is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, internet services providers, and across all industry verticals. Wedge Networks is headquartered in Calgary, Canada and has international offices in Dallas, USA; Beijing, China; and Manama, Bahrain. For further information visit: http://www.wedgenetworks.com/

Media Contacts:
USA & International PR contact:
Emma Jeffries
Zonic Group PR
ejefferies@zonicgroup.com
+44 (0) 1672 550 130
+44 (0) 7804 903 026

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

How Savvy Carriers Should Respond to Challenges Posed by IoT

Author Avatar Posted on October 8, 2015 by Wedge Networks Administrator

– Staff Reporter, Singapore Business Review, Thursday, October 8, 2015

The IoT is exploding – and its traffic is totally unlike anything that network operators have encountered.

Here’s how savvy carriers can respond to this challenge – and use standards to turn the IoT from a management and security headache into a business opportunity to offer new agile services.

Network operators and service providers are gearing up for the Internet of Things (IoT) – and the IoT mixes revenue opportunities with technology challenges.

Consumers are going crazy for IoT devices, from wearables like the Apple Watch and Fitbit health band, to Internet-connected thermostats, to the Amazon Echo cloud music player to connected vehicles. Businesses, too, love the IoT, using IP-based technologies for inventory control, smart signage and medical devices.

It’s a huge market, estimated to reach US$1.7 trillion by 2020 in direct products and services, with a $263 billion support market there will be billions of connected “things” in the IoT, with estimates ranging from 13-25 billion by 2020.

While many technology-driven conversations about the IoT focus on the end point (like fitness bands) and the back-end applications (like social networks that track and analyze exercise), the truth is that the Internet of Things depends entirely upon safe, secure, highly available connectivity. For the end point, that’s everything from home and coffee shop WiFi access points to 4G cellular data services to business Internet. On the back end, service providers manage IoT from the device to data centers or the cloud, tied together with MEF CE 2.0, MPLS and fiber optical networks.

IoT presents opportunities for the telecommunications companies that provide that connectivity, and for industry vendors that provide hardware, software and services to the carriers. It presents challenges as well, because IoT traffic has different characteristics than traditional network traffic, explains Marie Fiala Timlin, Director of Marketing for CENX, which offers lifecycle service orchestration solutions for Software-Defined Networks.

“Internet of Things traffic is characterized by high-volume signaling and low-bandwidth data traffic. There are a lot more events happening in the network, which leads to a lot more data being collected. And when I’m talking about data, it’s not necessarily the consumer application or subscriber-type data — it’s network events happening,” Timlin said.

She continued, “IoT exacerbates the big data network problem and creates a need for service providers to even more efficiently manage their network, because of all these events that are happening in the system, for example, whether it’s for troubleshooting or for ensuring high quality of service. That really drives the need for lifecycle service orchestration, because here you’ve got a big data problem, and you’re trying to apply all the cloud computing technologies that have already been used to solve big data analytics problems in the business world.”

Planning for Traffic Impact

“Because the IoT is such a fast-growing market”, added Dr. Hongwen Zhang, CEO & Co-Founder of security services provider Wedge Networks, “when carriers try to do infrastructure deployment, and they have to do the capacity planning, they are looking at a three-to-five year planning cycle. Maybe longer. How do you handle IoT with a fast-growing future, with limited capital? One thing that can provide the solution is Software Defined Networks and Network Functions Virtualization. Spend your money there, and don’t over-invest in firewalls and switches.”

Timlin added: “Operators have to track network events for each network device and the connection in order to keep the pipe up and running. They also have to aggregate subscriber-level events, such as which application is being used. The best of both worlds is actually marrying those two types of data so you can intelligently determine when and where you need to augment network capacity. That’s where NFV comes into play, because then you can do that augmentation much more flexibly and cost-effectively.”

That means analytics – lots of analytics – about network traffic, said Angus Robertson, Vice President of Product Marketing at insightsoftware.com, which sells software to assist customers of enterprise resource planning systems. His company will rely upon those analytics to serve its customers, he explains: “With the Internet of Things, you’ve got millions of devices that can provide you additional leading and lagging indicators to give you greater visibility into your business and help drive the right actions from a business standpoint to increase your overall business performance.”

Robertson continued, “When it comes to Big Data, we’re talking the three Vs, volume, velocity and variety. So being able to deal with the big data that is always associated with these millions of data sources through the IoT is a challenge. What’s important is the ability not only to have the level of performance that you need but also the ability to capture and integrate those data sources really effectively.”

Modeling after Mobile

“The traffic patterns and scaling of IoT is reminiscent of mobile backhaul, which might provide a model for the future”, suggests Raghu Ranganathan, Principal of Network Architecture, Office of CTO, at Ciena, a global telecommunications equipment provider.

“In the Internet of Things, most of the traffic is from the source back up to the cloud, as opposed to the vanilla use case of a user downloading stuff from the cloud,” Ranganathan said. Reliable connectivity is extremely important. In addition scale has to be partitioned from the perspective of there being some IoT devices that would have very low data volume and have high signaling traffic, but there could be another class of devices like CCTVs that could send lots of traffic.”

“Reliable connectivity is extremely important. Scale has to be partitioned from the perspective of there are some IoT devices that would have very low data volume and have high signaling traffic, but there could be another class of devices like CCTVs that could send a boatload of traffic.”

Ranganathan continued, “What does the network look like? Why should it be any different from the way the mobile backhaul is being done? You have things that are connected to a base station through an air interface, like WiFi or 4G cellular. You have wired backhaul. Organizations like 3GPP, for example, are saying ‘how do I update my LTE specifications for more upstream traffic as opposed to downstream traffic?’ ”

A future architecture of this type, Ranganathan added, might look like the Cloud RAN design, which centralizes and virtualizes base station baseband processing. “As a network operator, I can use my SDN paradigm to program the network connectivity to those Cloud RAN endpoints to allow the traffic to be optimally collected and processed across the network.”

Traffic Prioritization and Security

A lot of applications of the IoT have been consumer-oriented – smart watches, fitness bands, home thermostats. While no service provider wants consumers to suffer outages, none of those are mission-critical. That’s not always the case, pointed out Arie Goldberg, CEO of Omnitron Systems Technology, which sells Ethernet and TDM devices.

“Some IoT connectivity services are static; once established, they will sit there forever and not change, like CE 2.0,” he said. “There are also dynamic, on-demand services. You don’t know where they’re going to pop from, whether it’s a car that is traveling across the highway or whether that’s some sort of pacemaker that is connecting a patient to his doctor, and he’s traveling in a train.”

Goldberg continued, “IoT brings up some very interesting issues of security, reliability, especially for those kind of mission-critical type of applications, whether those are life-support type of applications, those need to be there at very, very high priority. It’s going to be very interesting how we discriminate in favor of or against different type if IoT traffic to give priority to the ones that are more critical than others, like fire department services, instead of streaming a movie. Sometimes sufficient network resources won’t be available for everybody.”

Ciena’s Ranganathan added, “There will be certain security embedded in edge devices, such as the ability for the device to use an IPSec tunnel. There are chipsets available that can support a secure tunnel creation. That secure tunnel could terminate at a required server endpoint, which is in a controlled environment so nobody can hack into it.”

He cautioned, however, at the limitations of that approach. “Consider smartphones. There are many possible ways of connecting to the phone, such as WiFi and cellular. My WiFi router at home could be very secure, controlled by me, but my LTE uplink could be a nice open gateway to come and hack my phone, record whatever, or even hijack my camera.” The consumer, he pointed out, has no control over the security of the cellular connection.

“Security is the number one thing,” said Wedge Networks’ Zhang. “What are the potential breaches, potential vulnerabilities? In the Internet of Things, there’s data acquisition and also there are devices that cars can be driven, drones can be flying and many, many other things. In the middle of this is the correlation of sensor information to physical information. That means that damage can escalate very, very quickly beyond data theft into real-world harm.” That’s not theoretical, he continued, pointing out that the United States power grid has been vulnerable for years.

As a point of reference: In 2012, the U.S. Department of Homeland Security reported 198 attacks against critical infrastructure in the United States – several of which were successful.

The Role of SDN, NFV, LSO and Standards

“If you look at services providers today, they’ve got connectivity services that already enable IoT applications,” said Anthony Peres, Marketing Director at Alcatel-Lucent, a networking equipment manufacturer. “That being said, in order to broadly support the onslaught of IoT applications, there is a need to evolve to what we call cloud-era networks. SDN and NFV play a role to make these networks more agile, as well as deliver high-performance.”

Peres nailed the subject right on the head: “If you don’t have visibility into the resources you have available within your network infrastructure, how can you provision a service and make sure it’s actually going to work? How can you guarantee the actual performance that you need? That aspect of unifying service automation with network optimization will make it faster to provision and guarantee dynamic services.” “Not only that,” he said, “but SDN and NFV will enable the gathering of analytics to get information on what the network is actually doing, and allow for changes so that performance is ensured.”

CENX’s Timlin said: “That’s absolutely true. Of course service providers have to find value; in order to participate in the value from these machine-to-machine applications, they actually have to show more value, going beyond layer two to layer three, and really using the full capabilities of network policy control, deep packet inspection, and so-on to understand that consumer behavior. And that’s also where the analytics comes in and marrying that with the network events with lifecycle service orchestration.”

Wedge Networks’ Zhang called for standardization to address the concerns that network operators have with the IoT ranging from intercarrier service provisioning, performance management and security. “Device manufacturers and network service providers need the IoT to be standardized so that there is no gap in between service layers.”

Zhang referenced the work of two industry organizations, the MEF, which is building specifications for end-to-end multicarrier lifecycle service orchestration (LSO), and OpenCloud Connect (OCC) which is defining standardized cloud services. “The MEF and OCC are coming up with use cases and interoperability and compliance requirements, so that we can actually form a safe computing environment for IoT. Security breaches go for the weakest link, so that’s why standardization is very important.”

CENX’s Timlin agreed: “The IoT is creating so much volume and additional data that LSO is needed to manage virtualized network functions (VNFs). The MEF is extending, for example, the service information model to take into account attributes for VNFs. That’s really critical, because service providers are going to need to extend their capacity in a very flexible way to take into account all this volume, all the different applications. And they can only do it cost effectively with NFV.”

She added, “The most important piece from my perspective is really taking into account virtual network functions. Also, it applies to SDN, because SDN enables the central control for programmability of VNF service chaining, so when you’ve got multiple services, one right after another, that also has to be taken into account for end-to-end management and orchestration.”

insightsoftware.com’s Robertson added, “With the Internet of Things, there’s a real opportunity just to be a really effective network and partner with the service providers and those cloud service providers. You’re dealing with these kinds of devices. You’re dealing with these kinds of schedules to optimize the network. You’re dealing with mobile and stationary devices providing different types of data profiles. Here’s how we’re going to deal with it, and the kind of security that we’re going to provide. And the end result is just a much more rapid adoption of the Internet of Things.”

To see the original article, please see Singapore Business Review.

Singapore Business Review

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

MEF Announces 21 Participants in 12 Proof of Concept Showcase Demonstrations at GEN15

Author Avatar Posted on September 25, 2015 by Wedge Networks Administrator

Showcase is the Centerpiece of the World’s Premier Networking Event Focused on Dynamic Third Network Services Powered by LSO, SDN, NFV, and CE 2.0

September 22, 2015 11:38 AM Eastern Daylight Time

LOS ANGELES–(BUSINESS WIRE)–The MEF is pleased to announce that 21 companies in 12 participant groups have been selected to showcase interactive Proof of Concept (PoC) demonstrations of new service & technology innovations enabling the future of global networking. The live Proof of Concept Showcase will be the focal point of the GEN15 event (www.gen15.com) being held on 16-19 November 2015 at the Omni Hotel in Dallas, Texas. The GEN15 Showcase will feature leading-edge implementations of dynamic Third Network connectivity services with LSO (Lifecycle Service Orchestration), SDN, NFV, and CE 2.0 (Carrier Ethernet 2.0) innovations.

Selected Showcase participants and themes are listed below and can also be found on the PoC Showcase page on the GEN15 site:

  • AT&T: Demonstrate Network on Demand services built on software-defined (SDN) and virtualization (NFV) technologies that allow customers to control, scale, and add new services via direct self-service access.
  • RAD, Sandvine, CenturyLink: Demonstrate how communication service providers can deploy application-aware network policy control (Layer 7) in conjunction with Layer 2/Layer 3 SLA assured services for a richer business application experience and greater operational efficiency.
  • Ciena, Colt Technology Services: Demonstrate multi-domain lifecycle service orchestration of virtual CPE (vCPE) virtual network functions (VNFs) across an NFV-ready data center infrastructure and an SDN-enabled Carrier Ethernet WAN. This Colt-sponsored, multi-vendor PoC showcases an open and future-proof architecture that allows network operators to efficiently integrate best-in-class VNFs, as well as to rapidly develop and operationalize innovative new NFV-enabled Carrier Ethernet business services.
  • Accedian, Cox Business: Demonstrate innovative outdoor strand-mount small cells as-a-service and turn-key indoor backhaul solutions that integrate Carrier Ethernet LSO automation and elastic bandwidth with automated deployment, provisioning, service activation testing, and QoS monitoring. Will showcase how Carrier Ethernet can ubiquitously enable the small cell business case.
  • ADVA, Time Warner Cable Business Class: As communication service providers eye the revenue potential of fast and agile service activation facilitated by NFV, they are looking for a seamless evolution path from existing networks and operational processes. PoC participants will demonstrate how MEF-principles can form the basis for optimized NFV performance when combining CE 2.0 demarcation technology with VNF hosting capacity and intelligent supporting functions on the basis of open interfaces and open-source software.
  • PCCW Global: Demonstrate one-stop-shop for network connectivity and cloud services with event-driven bandwidth adjustments. The solution is based on an open-framework approach enabling future integration with other network service providers and public cloud service providers.
  • CENX: Highlight the criticality of LSO-enabled dynamic assurance when machines are connected across a hybrid physical and virtualized core network. Without real-time monitoring, troubleshooting, and service restoration LSO capabilities, essential applications, such as home surveillance, are rendered unreliable.
    Cisco: Demonstrate implementation of the Third Network, featuring CE 2.0 Lifecycle Service Orchestration through SDN over a self-healing infrastructure that includes physical and virtual network elements. Will showcase the business benefits of automating service lifecycle orchestration through integrating SDN into the Carrier Ethernet infrastructure to achieving service agility.
  • Oracle Communications, Infovista, Juniper Networks: Inspired by the MEF’s Third Network Vision, will demonstrate real-time, zero-touch lifecycle service orchestration and assurance of a multi-site ELAN service over multiple operator networks with physical and self-adjusting NFV components (vCPEs and vPEs), fully integrated into the service providers’ critical business processes to deliver the ultimate NaaS customer experience.
  • MRV: Demonstrate distributed NFV utilizing cloud-based multi-factor authentication. Security is often a concern within a distributed NFV environment; however, adding multi-factor authentication via a cloud service provides enhanced security with ease of use – eliminating the need for resources to build and integrate the authentication service into an internal system.
  • WebNMS, Omnitron, Veryx: Demonstrate lifecycle service orchestration of an SDN-managed data center and a CE 2.0 WAN network, providing: elastic service creation and delivery; automated service turn-up testing & active performance monitoring; dynamic bandwidth on-demand; OpenMUL-based software abstraction of network control plane & data forwarding plane; and a cloud-based self-service customer SLA portal.
  • Wedge Networks: Demonstrate on-demand security services delivered through a service provider network using NFV and cloud orchestration capabilities.

“The Proof of Concept showcase will feature service and technology innovations that deliver on the MEF’s Third Network and LSO visions in relation to CE 2.0, SDN, and NFV,” said Nan Chen, President of the MEF. “The response to our call for participants was exceptional, with more than 30 companies involved in the submission process. We thank each collaborating group and the individual organization for participating. We congratulate the companies who have been selected and look forward to seeing all of these PoC demos in action at GEN15.”

PoC Showcase participants were required to submit proposals based on interactive, on-site, and live networking that demonstrates new and upcoming implementations. Detailed Showcase profiles will be made available on the PoC Showcase page in the near future.

For questions about the PoC Showcase, please contact Bruno Giguère, Director of Product Marketing, MEF, bruno@mef.net.

For GEN15 program and sponsorship information, contact MEF GEN15 Program Director Stan Hubbard at stan@mef.net.

For more event information, visit www.gen15.com and see the main conference program here.

Register here for GEN15 and receive a 20% early registration savings until 25 September 2015. Attendance is free for qualified service end-user professionals from enterprises, businesses, government, defense, educational, or non-profit organizations.

About GEN15

With a target audience exceeding 1,250 attendees from 325+ companies, GEN15 is the must-attend annual networking event for executives and other senior professionals involved in the combined Carrier Ethernet + Third Network services & technology ecosystem. GEN15 will bring together a global array of 120+ Carrier Ethernet, LSO, SDN, NFV, and Cloud expert speakers from around the world to contribute to the event’s program and networking opportunities. Event content and peer-to-peer networking opportunities are designed to appeal to experts from retail, wholesale, and mobile service providers; cloud service providers; mid to large businesses; government & defense organizations; network solutions vendors; the press; analyst firms; investment firms; and others.

GEN15 will encompass industry-leading keynote speakers, educational roundtables, and panels with dedicated tracks for enterprise end-users; retail, wholesale, mobile, and cloud service providers; and others. This year’s event includes a special Enterprise Day in conjunction with our partner Network Computing as well as the addition of a groundbreaking LSO Hackathon sponsored by Cisco DevNet. We also are expanding popular elements of last year’s program, including the MEF Certified Professionals Convention, Verizon Partner Conference, the Proof of Concept Service & Technology Showcase, Global Media Hub, and MEF Excellence Awards program that recognizes outstanding service, technology, and professional leadership and innovation. See www.gen15.com for details.

About the MEF

The MEF is the driving force behind the $80+ billion global market for Carrier Ethernet services and technologies and the defining body for LSO (Lifecycle Service Orchestration) standards that underpin emerging Third Network services with CE 2.0, SDN, and NFV. An industry alliance consisting of nearly 220 member organizations based in 43 countries, the MEF operates through a powerful collaborative framework of service providers, network solutions suppliers, and other stakeholders to achieve CE 2.0 and LSO development and globalization objectives.

MEF’s flagship work is CE 2.0, including specifications, operational frameworks, and certification programs for services, equipment, and professionals. Visit www.mef.net for more details on these programs.

Building on fourteen years of success with Carrier Ethernet, the MEF is now focused on development of LSO with APIs to enable paradigm-shifting agile, assured, and orchestrated services over more efficient, automated networks. The MEF’s vision for the transformation of network connectivity services and the networks used to deliver them is referred to as the “Third Network,” which combines the on-demand agility and ubiquity of the Internet with the performance and security assurances of CE 2.0. For information on the Third Network and LSO download the MEF’s Third Network Vision & Strategy White Paper and Third Network Lifecycle Service Orchestration (LSO) Vision White Paper.

Contacts

USA & International PR contact:
Hannah Whitrow
Zonic Group PR
hwhitrow@zonicgroup.com
+44 7760 806 070
or
EMEA:
UWE Scholz
Zonic PR EMEA
uscholz@zonicgroup.de
+49 172 3988 114
or
Asia Pacific:
Shirley Yeh
Zonic PR Asia
syeh@ZonicGroup.com
+86 21 321 00018

Posted in Industry News, Latest Security News, Wedge News | Tagged , , | Leave a comment

Planet of the Things

Author Avatar Posted on August 13, 2015 by Wedge Networks Administrator

-By Dr. Hongwen Zhang, CEO & Co-Founder, Wedge Networks and Co-Chair of the OpenCloud Connect Security Working Group
(Published on CompareTheCloud.net, August 13, 2015)

Stephen Hawking touched a nerve when he reiterated his warning about the danger to humanity posed by artificial intelligence. In May this year he and a group of leading scientists had said:

“Whereas the short-term impact of AI depends on who controls it, the long-term impact depends on whether it can be controlled at all. All of us should ask ourselves what we can do now to improve the chances of reaping the benefits and avoiding the risks.”

Futuristic artificial intelligence may seem a far cry from today’s Internet of Things (IoT), but in both cases the fundamental problem is about the uncertainty and risks of scaling complexity. Early experiments on the interactions between very simple elements – analogous to termites obeying a few basic rules – showed how surprisingly intelligent behaviour begins to emerge as the number of elements increases. Putting an emphasis on “surprisingly” – rather than “intelligent” – means that we are not predicting some malevolent intelligence to emerge from the growing network of smart fridges, but rather that we may find ourselves facing unexpected consequences by adding billions of relatively simple devices to our already complex Internet.

Even before we get on to those surprising consequences, however, there is the all-too-predictable certainty that criminal minds are already planning ways to exploit the IoT and create new forms of cyber attack. We recently saw a smart, Internet-connected fridge sending out spam as part of a junk mail campaign that had hijacked more than 100,000 connected devices. But why should this be any more worrying than the existing threat of botnet-launched spam campaigns?

IoT – the added challenge

The first big difference lies in the sheer number of devices that could be, and eventually will be, connected. The world’s population is around seven billion people, and already there are many more devices than that connected to the Internet – although estimates seem to vary considerably. According to IDC’s estimation the number of connectible devices approaches 200 billion while the number of sensors (e.g., the accelerometer in a smart phone) that track, monitor, or feed data to those things is already more than 50 billion, with scientists talking about trillion-sensor networks within 10 years. Of those 200 billion things around 20 billion are already connected, and the number is predicted to reach 30 billion connected devices by 2020. So the first problem is not so much about the impact of any particular thing as about the possibility of unpredicted responses or vulnerabilities emerging out of sheer complexity.

The second big difference, and the one posing more immediate risk, is the fact that most of the devices now being connected are new to the IT arena. Whereas each new computer added to the Internet comes with some degree of malware protection built into its operating system, things like smoke detectors, security alarms and utility meters come from a different culture: traditionally they were either autonomous units or else, if they were connected, it was on a closed, dedicated network. Fire alarms were installed by one company, control and instrumentation networks came from a different vendor, the electricity meter was installed by the power supplier and none of these networks overlapped. While computers and IT systems have for many years been fighting off attacks, none of these simple devices joining the IoT have inherent defences and they remain wide open to cyber attack.

The risk is not only that the particular function could be compromised – say fire alarms disabled before an arson attack – but the IoT could provide a weak link or point of entry to an otherwise strong security chain. The infected fridge continued sending out spam mail without drawing attention to itself, because its normal operation was not affected. Despite this relative vulnerability, the most publicised attacks so far on IoT control systems have penetrated the system via IT: attackers using simple phishing-style means to breach the perimeter and then target privileged access accounts. As well as gaining access to databases and high value systems, this approach lets them use the same privileges to reach control systems and whole new opportunities for sabotage and cyber war.

That brings us to the third difference. A lesser difference, but potentially the most dangerous of all, is that many of the things joining the IoT have more of a direct physical role than the computers, game consoles and databanks currently populating the Internet. When the Stuxnet worm closed down some thousand centrifuges at Iran’s Natanz nuclear facility in 2010, IT departments all over the world woke up to the fact that a cyber-attack could cause actual physical damage. This was not simply an attack generating a signal to shut down the centrifuge, but one designed to force changes in the centrifuges’ rotor speeds that could lead to destructive vibrations and internal damage – causing far more serious delays to the nuclear program than any simple shut down.

A couple of years ago we heard about a breach affecting Telvent control system designed to be used with “smart grid” networks. The attackers installed malicious software on the network and also accessed project files for its OASyS DNA system – designed to integrate an electricity company’s IT network with the grid control systems so that legacy systems and applications can communicate with the new smart grid technologies. There was nothing inherently wrong with OASyS DNA: it was a highly sophisticated system in use since the late 90s, but it was never designed to connect to the Internet.

The IoT adds enormous extra scale to the already crowded internet.

Project files provide a clever way to spread malware because vendors have full rights to modify customers’ systems through the project files. The files hold a lot of customer-specific system data, so an attacker could also use the project files to study a customer’s operations for vulnerabilities in order to design further attacks on critical infrastructure. The Stuxnet attack was a sophisticated example of how a project file was studied to discover how the centrifuges were controlled and then the file was modified so that they were now behaving in a different, harmful manner.

So the IoT adds enormous extra scale to the already crowded Internet, and it also adds extreme diversity. On the one hand we are networking highly critical systems: industrial and utility grid control systems that could cause widespread damage or economic harm if breached; critical healthcare and remote medical devices containing sensitive personal data or responsible for life support; navigation and control systems for connected cars, air traffic control and so on. At the other extreme we have small low-cost monitoring devices, meters, wearable devices, simple switches for remote control of household lighting etc.

It would be unrealistic to insist that everything joining the #IOT should have its own build-in defences.

With such a range of devices it would be unrealistic to insist that everything joining the IoT should have its own built-in defences. The latest malware signature has some sixty million records and to be sure of identifying it by current pattern matching techniques would require 3-4 Gb RAM. A more sophisticated defence is provided by behavioural analysis – studying how the code behaves when quarantined in a “sandbox” environment. Such analysis of behaviour for signs of malignancy is what computer scientists call an “NP Complete” problem – or what the layperson would call “very difficult”.

Reducing operational costs is one major driver for IoT connection – so adding sophisticated cyber-security to a ten-dollar switch would be hopelessly uneconomic. There is no way that we can realistically defend the IoT on the militia model, where every device is armed against attack – so how is it possible to provide protection across such a vast and diverse cloud?

How to disinfect the Internet of Things

VASPA: Virtualization, Automation, Security, Programmability, and Analytics

Security is at the centre of the five key challenges being addressed by the OpenCloud Connect (OCC), spelled out under the acronym VASPA, namely: Virtualization, Automation, Security, Programmability, and Analytics. The OCC, established in 2013, is an industry organisation embracing every type of cloud stakeholder – including major users as well as cloud service providers, network service providers, equipment manufacturers, system integrators and software developers.

The most promising approach so far to securing the cloud, and so the IoT, is to adopt the SDN principle and consider the traffic flow as a virtual network, rather than a string of hardware elements, and so define a distinct “security layer” to orchestrate Security as a Service.

Today’s Internet has been compared to a water supply without any guarantee of purity, leaving responsibility for filtering and sterilizing the water to the customers. Internet users are expected to install their own anti-virus software, firewalls and other forms of security. Security as a Service, however would mean providing traffic that is already decontaminated – so even the most humble connected switch on the IoT could benefit from the most sophisticated security that would be provided by the network itself.

On the network scale, deep packet inspection, pattern recognition with a cloud databank for security, behavioural analysis and other costly high-level malware defences become an economic proposition. Security as a Service provides a very attractive revenue stream and the ultimate added-value proposition for building customer loyalty and reducing churn.

Security as a Service allows organisations to order whatever level or type of security is essential for their operation – knowing that it is being continually maintained, updated and providing security for all their devices.

Please see the original article at CompareTheCloud.net.

CTC_Logo_Main

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , | Leave a comment

Beware Household Gadgets That Can Take Control And “Spy” On You

Author Avatar Posted on June 29, 2015 by Wedge Networks Administrator

Makers of connected devices for the Internet of Things must focus on security to protect consumers’ privacy

By Charles Orton Jones. Published on Raconteur.net on June 28, 2015

Excerpts:

“The Samsung TV incident was a massive wake-up call. An investigation in February revealed some Samsung smart TVs could be “spying on customers”. A clause in the privacy policy advised buyers that spoken words could be “captured and transmitted to a third party”. The media exploded with indignation. Orwell’s 1984 was cited in which telescreens track to citizens’ every move and word. Will your TV report you if you mention your tax affairs? Or sell leads to marketing companies if you mention product names?

When the story broke, Samsung admitted it was logging users’ activity and voice commands, but claimed users agreed to in the terms and conditions, and had enabled the function when setting up their TV. The option could be turned off.

In truth, Samsung was engaging in what many companies do, which is to learn from voice commands in order to improve the service. Use Siri on an iPhone and something similar is taking place. But the episode publicised just how dangerous it could be to install internet-connected devices.”

“Should we be pessimists about IoT? Hongwen Zhang, co-chairman of OpenCloud Connect, the industry alliance of cloud and IoT makers, says even if doubters are right, consumers will still enjoy using IoT devices. “Your above items of threat are all valid. However, the benefits of IoT overweigh all these fears. We have passed the point of no return in our evolution path with IoT,” he says.

He warns the real danger isn’t nosy governments or teenage hackers. But something more sinister – artificial intelligence.

Dr Zhang admits this: “On the speculation spectrum, the irony is that we will soon able to build terminators before we figure out how to do time travel. The evil actors may not be humans but ‘superintelligence’ as described by Professor Nick Bostrom of Oxford University in his book Superintelligence: Paths, Dangers, Strategies. Let’s hope humanity avoids those bad paths that lead to extinction.”

He adds sensibly: “We are good at finding cures.” If he’s wrong, dodgy kettles and sweary dolls would be the least of our worries.”

For the full article, please see Raconteur.net.

Raconteur_logo

Posted in Industry News, Latest Security News, Wedge News | Tagged , , | Leave a comment