leechmod.biz network world middle east 2011-09s370 t
TRANSCRIPT
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
1/52
www.networkworldme.com | Issue 150 | September 2
PLUS: NEXT GEN FIREWALLS | DESKTOP VIRTUALISATION | M2M COMMUNICATIONS | SIEM
Key strategies, concepts and tools
Network securityessentials
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
2/52
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
3/52
Follow us on
18 Network security essentialsKey strategies, concepts and tools
COVER STORYBITS
Stay Connected
ISSUE 150 | SEPTEMBER 2011
twitter.com/networkworldme facebook.com/NetworkWorldMiddleEast
06 Ericsson partners with PacificControls
07 HP simplifies virtual infrastructuredeployments
08 Global Knowledge sets up new HQin Egypt
10 Brocade caters to cloud customers
14 IPv6 adoption slow in Africa
IN ACTION
16
Speed delivery: Lebanon Onlinehas deployed a Web cachingsolution to reduce bandwidth costsand enhance end-user experience
FEATURE
22 Demystifying next-gen firewalls:The market is slowly drifting towardapplication-aware firewall withintrusion prevention and filtering
26 Why SIEM is more important thanever: IT environments are growingmore distributed, complex anddifficult to manage, making the roleof SIEM more important than ever.
OPINION
38 Competing in the mobile Internet era
TEST42 Palo Alto PA-5060 is one
fast firewall
NEW PRODUCTS
48 A guide to some of the newproducts in the market
LAYER 8
50 All the news thats fit for nothing
QUICK FINDER
Page 6-26
Ericsson, Zain KSA, HP, Huawei, Global Knowledge,
Honeywell, Brocade, Alcatel-Lucent, Astaro, Motorola
Mobility, Google, Blue Coat, CA, Sophos, McAfee,
Enterasys Networks, SonicWall, Fortinet, help AG,
Page 26-48
NetApp, CommVault, Huawei, Palo Alto, Dell,
Ericsson, Yealink, Cisco, Molex, OCZ
inside
ILLUSTRATION: DAN MATUTINAhTTp://TwISTeDfORk.Me
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
4/52www.networkworldme.com4 Network World Middle East September 2011
The moving target
Jeevan Thankappan
Senior Editor
Is perimeter security dead? For almost two decades,
the predominant security model has been focused on
hardening the perimeter, with a irewall defending
your network. Now with the torrent of smartphones
and tablets entering the corporate networks and
given the collaborative nature of the business, we are moving
to a world without network boundaries, which is forcing
IT managers to think about network security in a different
way. We instinctively trust insiders and distrust outsiders
and the security model in most organisations relects that
a fortiied perimeter with a soft inside. But, studies after
studies show that nearly half of the security breaches were the result of users abusing their
rights to the sensitive data. In this age of cloud computing, telecommuting and remoteaccess, most companies are slowly getting used to the fact that their sensitive data is moving
over networks that are often not their own, beyond the controls of corporate irewalls. It is
becoming accepted wisdom among IT managers that it is almost impossible to protect your
network boundaries because you no longer know where they are or where your security
holes are. Security experts say those companies that take a step back, review risks and
identify their crown jewels and develop a plan to deal with foreseeable problems stand
in good stead. Probably, the biggest shift in network security today is the focus on data;
its no longer suficient to protect just your hardware but you must consider the sensitive
information that resides in those. It is also imperative to educate users about safer network
behaviour. In most cases, companies spend on expensive security tools and solutions and
forget the all important part of educating the users. Often the weakest link in security is not
technology, but the people who use it. And remember this oft-repeated advice: trust no-onewhen it comes to security and treat every device like a suspect.
NOT YOUR COPY?If youd like to receive your own copy ofNWME every month. Just log on and requesta subscription: .erkrldme.m
FROM THE EDITOR
www.networkworldme.com | Issue 150 | September2011
PLUS: NEXT GEN FIREWALLS | DESKTOP VIRTUALISATION | M2M COMMUNICATIONS | SIEM
PUBLICATIONLICENSEDBYTHEINTERNATIONALMEDIAPRODUCTIONZONE,D
UBAITECHNOLOGYANDMEDIAFREEZONEAUTHORITY
Key strategies, concepts and tools
Network securityessentials
PublisherDominic De Sousa
COONadeem Hood
Managing DirectorRichard Judd
[email protected]+971 4 440 9126
Sales Director
Rajashree R [email protected]+971 4 440 9131
EDITORIAL
Dave [email protected]+971 4 440 9106
Senior EditorJeevan Thankappan
[email protected]+971 4 440 9109
ADVERTISING
Sales ManagerSean Rutherford
[email protected]+971 4 440 9136
CIRCULATION
Database and Circulation Manager
Rajeesh [email protected]+971 4 440 9147
PRODUCTION AND DESIGN
Production ManagerJames P Tharian
[email protected]+971 4 440 9146
Art DirectorKamil Roxas
[email protected]+971 4 440 9112
DesignerFroilan A. Cosgafa IV
[email protected]+971 4 440 9107
PhotographerCris Mejorada
[email protected]+971 4 440 9108
DIGITALwww.networkworldme.com
Digital Services ManagerTristan Troy Maagma
Web DevelopersJerus King Bation
Erik BrionesJefferson de Joya
Louie Alma
[email protected]+971 4 440 9100
Published by
1013 Centre Road, New Castle County,
Wilmington, Delaware, USA
Branch OfficePO Box 13700
Dubai, UAE
Tel: +971 4 440 9100Fax: +971 4 447 2409
Printed by
Printwell Printing Press LLC
Regional partner of
Copyright 2011 CPIAll rights reserved
While the publishers have made every effort to ensurethe accuracy of all information in this magazine, they
will not be held responsible for any errors therein.
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
5/52
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
6/52www.networkworldme.com6 Network World Middle East September 2011
bits
Ericsson and Pacific Controls have signed a
Memorandum of Understanding (MoU) to
jointly develop ICT enabled smart solutions
for vertical industry sectors. With the
combined efforts and experience of both
companies, Ericsson and Pacific Controls
will enable customers to offer smarter
services and products to their end-users.
The agreement calls for Ericsson and Pacific
Controls to jointly cater to the business needs
of sectors such Energy, Utilities and certain
areas of Government. With Ericsson as the
global leading provider of telecommunication
technology and services and its consulting and
systems integration capabilities combined with
Pacific Controls expertise in the fields of energy
management, remote monitoring, controlling
and M2M (Machine-to-Machine) applications,
customers will be able to cut their costs, increase
their revenues and enhance their overall
productivity.
In addition to adding value to customers
business and introducing initiatives to provide
optimum benefits to end-users, the one year
agreement is also in line with Ericssons 50
Billion Connected Devices by 2020 vision.
Anders Lindblad, President, Ericsson
Region Middle East and North East Africa,
said: Offering customized solutions to
enhance our customers business needs
is one of Ericssons main objectives. This
collaboration will enhance our customers
productivity and reduce operational costs, and
enrich the lives of their end users.
Ericsson partners with Pacific Controls
Zain Saudi Arabia (Zain KSA), a mobileoperator in the Kingdom of Saudi Arabia,
has selected Alcatel-Lucents IP/MPLS-
based mobile backhaul solution to respond
to the sharp increase in bandwidth
requirements, and to keep pace with
subscribers demands.
Saudi Arabia is widely recognised as the
largest telecommunications market in the
Middle East region, with growth in this sector
currently estimated at about 30% per annum. A
recent report by the Riyadh-based Economics
Studies House, commissioned by the MTN
Group, showed that the penetration rate of
mobile phones in Saudi Arabia could grow from
the current 32% to 60% by 2014, with over
20 million subscribers. The report noted that
this would not only require a rapid rollout of
capacity to service almost 13 million new lines
over the coming nine years, but would also
require dramatic increases in network coverage
and service availability to meet demand in the
Kingdom.
The Alcatel-Lucent solution offers a
Dr. Saad Al Barrak, Zain KSA CEO &Managing Director
Zain KSA goesall IP
Anders Lindblad, President, Ericsson Middle East and North East
converged, scalable, multi-access
and all-IP network allowing
dynamic service creation and
delivery at the lowest cost per
bit while enabling broadband
accessibility to all Zain KSAsubscribers, delivering service
innovation, streamlining
network operations and
generating new revenues for
the operator. As part of the
Alcatel-Lucents High Leverage
Network architecture, the
solution will offer to Zain an
increased capacity at lower cost while providing
the necessary service reliability and quality
of experience that subscribers expect, while
it will strengthen the ability of Zain KSA to
offer its customers the best possible quality
of experience and also prepare its network
infrastructure to immediately launch next
generation communication and data services.
Zain KSA looks forward to working with
Alcatel-Lucent on this important
network evolution project
designed not only to improve
the customer experience with
a reliable and stable network,
but also to take our customersto the next level of mobility
and beyond, said Dr. Saad
Al Barrak, Zain KSA CEO &
Managing Director. Through
our competitive vendor
selection process, Alcatel-Lucent
demonstrated that they are
ready to deliver innovative, cost-
effective, state-of-the art technology and deliver
financial value to Zain KSA.
As part of this project, Alcatel-Lucent is
deploying its 7750 Service Router (SR) and 7705
Service Aggregation Router (SAR) along with
the Alcatel-Lucent 5620 Service Aware Manager
(SAM) and the Alcatel-Lucent 5650 Control
Plane Assurance Manager (CPAM). The Alcatel-
Lucent IP portfolio will make it possible for Zain
KSA to deliver scalable, evolvable, cost-efficient
and fully managed IP-based transport able to
adapt to the expected increase in core traffic
for years to come and to the advances brought
about by the introduction of fourth-generation
mobile technology.
8.2%growth in bladeserver shipmentsin Q2
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
7/52September 2011 Network World Middle Easwww.networkworldme.com
HP has unveiled HP VirtualSystem for
VMware, an optimised, turnkey solution
that gives organisations a virtualised
infrastructure that speeds implementation
and provides a foundation for cloud
computing.
As virtualisation has gained adoption,
multi-tier network architectures, virtual
Worldwide server shipments in the
second quarter of 2011 grew 8%
year on year, while revenue moved
upward 19.5% year on year, according
to Gartner. The second quarter
produced solid growth on a yearly
basis, as the recovery that started
in 2010 continues to eke out slow
improvements, said Jeffrey Hewitt,
research vice president at Gartner.
All regions showed yearly growth in
both shipments and vendor revenue,
although in both measures the market
is again below the pre-downturn
levels we saw in the corresponding
quarter of 2008.
x86 servers forged ahead and
grew 8.4% in units for the quarter
and 17.7 percent in revenue. RISC/
Itanium Unix servers declined 8.5%
in shipments but showed a revenue
increase of 4.3% compared with the
same quarter last year. The other
CPU category, which is primarilymainframes, showed a strong growth
of 48.8%, Hewitt said.
All of the top five global vendors
had revenue increases for the second
quarter of 2011. HP continued to lead
the worldwide server market based
on revenue. The company posted over
$3.9 billion in server vendor revenue,
accounting for 29.8% of the server
market based on revenue. This share
was down 2.2 percent year on year.
In server shipments, HP remained
the worldwide leader in the second
quarter of 2011 with a year-on-year
shipment increase of 11.7%. This
growth was driven by increases in
HPs ProLiant brand. HPs worldwide
server shipment share was 30.8%,
representing a 1.0 percent increase in
share from the same quarter in 2010.
Of the top five vendors in server
shipments worldwide, all but Dell
posted increases in units for the
second quarter of 2011.
sprawl, inflexible storage, unpredictable
workloads and security concerns have
increased complexity and limited broad
deployment. To help midsize to large
organisations address these challenges, HP
VirtualSystem for VMware includes virtualised
HP Networking solutions, HP Converged
Storage, HP BladeSystem servers, HP Insight
software with on-site installation services.
HP says with Virtual System, users can
accelerate virtual machine mobility by up to
40% while doubling throughput and reducing
network recovery time by more than 500
times with the new HP FlexFabric virtualised
networking solution.
Virtualisation has become mainstream
for clients, but there are obstacles to broad
deployment, said Alaa Al-Shimy, Enterprise
Servers, Storage and Networking Director,
HP Middle East. With HP VirtualSystem for
VMware, clients can simplify and scale their
virtualisation deployments to provide a clear
path to the cloud.
Server shipments,
revenue grow in Q2
HP simplifies virtual infrastructure
deployments
Huawei Enterprise has rolled out latest
switching hardware devices that its
company claims will transform the way in
which IT networks are designed to benefit
business operations in the long run.
Huaweis new switch X7 series: S1700,
S2700, S3700, S6700 and S7700 provide full-
featured networking technology to a wide
range of businesses from SMBs to larger size
companies. The latest switch series, says
Huawei, will support and simplify large and
complex projects including the deployment
of Local Area Networks (LAN) for campuses
as well as Data centres, using its innovative
switching technology.
With increased performance thanks to
a faster wire-speed network throughput
and reduced power consumption by
10%, Huaweis latest X7 Switch series are
also designed for easy installation and
maintenance. In addition, its state-of-the-
art architectural design runs on a common
operating system via Huaweis patented
technology Versatile Routing Platform
(VRP), allowing businesses to optimize the
operational cost of their IT assets.
We are moving into a world where
features including Voice over IP, video-
sharing and social media networking
applications are dominant tools that
businesses typically need to communicate
with one another, said Dr. Liu Qi, President,
Enterprise Middle East. The increasing
use of such applications has intensified the
network traffic flow of every organisation
and requires that switching technologies are
more reliable, flexible and perform better in
terms of connectivity.
huai xands sitcing ortolio
Alaa Al-Shimy, Enterprise Servers, Storage and Networking
Director, HP Middle East
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
8/52www.networkworldme.com8 Network World Middle East September 2011
Telecom Egypt turns on 40Gcable network
Global Knowledge sets up newHQ in Egypt
Honeywell has completed its acquisition
ofEMS Technologies, for approximately
$491 million. EMS is a leading provider
of connectivity solutions for mobile
networking, rugged mobile computers
and satellite communications. The
acquisition will enhance Honeywells
existing capabilities in rugged mobile
computing technologies within its
Automation and Control Solutions business
(ACS) and satellite communications
within its Aerospace business. EMSs
Global Resource Management (GRM)
division provides highly ruggedised
mobile computing products and services
for use in transportation, logistics, and
workforce management settings as well
as secure satellite-based asset tracking
and messaging technology for search
and rescue, warehousing, and field force
automation environments. Through itsAviation division, EMS provides terminals,
antennas, in-cabin network devices, rugged
data storage, and surveillance applications
predominantly for use on aircraft and in
other data gathering objectives.
Honeywellcompletes EMSacquisition
bits
Telecom Egypt and Alcatel-Lucent have
announced that the TE-NORTH Cable System,
provisioned with 40 Gigabit per second
(40G) wavelengths across the Mediterranean,
is in service. TE-NORTH is the first
Mediterranean cable network to provide
commercial service using this newest 40G
technology.
The 3600km system connects Abu Talat,
Egypt, to Marseille, France, with a branch to
Pentaskhinos, Cyprus and also includes other
branching units for further expansions in the
Mediterranean basin. The introduction of this
advanced technology, essentially doubles the
original design capacity of the system from 10
Terabits per second to over 20 Terabits per
IT and business skills training provider
GlobalKnowledge has relocated of its Cairo
office and training centre to Sheraton Heliopolis
from Korba Heliopolis. The companys new
headquarters house additional classrooms and
offers a state of the art learning environment.
Global Knowledges investment in its Egypt
operations comes at a time when recent
political events have resulted in an uncertain
economic climate, with other companies
freezing or decreasing investment in the
country. The company says relocation and
expansion reflects its long standing dedication
to Egypt and growing the Egyptian IT training
market.
Global Knowledges MD of Egypt and North
Africa Maged Thabet said, Were extremely
pleased to be relocating to our new Sheraton
headquarters, giving us additional classroom
space and state of the art facilities. It is a strong
reflection of Global Knowledges unwavering
commitment to Egypt and our valuablecustomers here. Were certain our new
facilities will further maximise the value and
return customers receive from our training.
With its new facilities, Global Knowledge
says it has enhanced the value for class
attendees by providing even more classrooms
and completely upgrading them and its
testing centre. The companys new six floor
office features 24 classrooms and labs, fully
equipped with the latest computers and
network infrastructure. Its testing center
also offers the latest infrastructure, vendor
software and testing equipment to simplify
the testing and certification process. In total,Global Knowledge offers over 1,500 courses
in Egypt from basic network troubleshooting
to advanced level certifications from leading
vendors in the IT industry.
second (Tb/s), equivalent to the transfer of over
32,000 HD movies in 60 seconds.
TE-NORTHs expanded design capacity
enables Telecom Egypt to meet the
growing demand of their customers and
the region on this important international
telecommunications route. By boosting
connectivity across the Mediterranean basin,
the 40G technology enhances Telecom Egypts
ability to serve global operators whose
international services transit Egypt and rely on
Egypt to hub the services in the Middle East,
Asia and Africa region.
Global Knowledges MD of Egypt and North Africa Maged Thabet
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
9/52
InfraStruxure Management Suite is an integral part
of the APC by Schneider ElectricTM InfraStruxure solution
the industrys one-of-a-kind scalable, adaptable, and
on-demand data centre architecture. InfraStruxure is
the only end-to-end data centre solution thats easy to
deploy. From concept to commissioning, you can scale
your infrastructure quickly to your business strategy and
adapt simply to ever-changing IT technologies.
InfraStruxure Management Suite integrateswith multiple systems, including:
>
PowerLogic
TM
ION-E power management> TACTM building management
> Microsoft System Centre Operations Manager
> Microsoft System Centre Virtual Machine Manager
> IBM/Tivoli
Finally, IT management software thatshows you everything you need to see
How much power andcooling should I planfor next year?
Where should I placethe next server?>
>>
>How many replacementbatteries will I needto budget for?
Does the generator haveenough fuel to power anextended outage?
Only APC InfraStruxure Management Suite connects ITand facilities for higher availability and efficiencyFinally, the power to see what facilities sees
As an IT or data centre manager, you work hard to proactively avoid and manage availability risks
while concurrently working toward greater operational and energy efficiency. Doing your job well
means saving lost money and lost time. Until now, though, youve been seeing only half the picture.
Historically, your view of your data centre architecture has been limited to the IT space. Today,
InfraStruxureTM Management Suite software, which comprises InfraStruxure Central and
InfraStruxure Operations, lets you see across your entire data centre architecture. Now, get the
big picture you need to protect availability and realise greater efficiency. So now you can monitorinterdependent devices that may be outside the data centre but can significantly affect your
availability and efficiency.
Integrated management from rack to row to room to building
The softwares open, standards-based platform gives you this end-to-end view. You can
determine by reading the meter, for example, whether the buildings total power capacity
can handle the addition of more IT equipment. Or you could look at your generator through
Modbus to see if it has enough fuel to power an extended outage. You also could monitor
chillers and breakersall through the IT management system! In short, you gain better
control and management of your data centres availability and efficiency at all times. With
this clear view, you now can better align your IT equipment to your business needs.
A healthy and green data centre
With InfraStruxure Management Suite, you can view your current and historic PUE/DCiE,
enabling you to identify exactly where energy is spent and what the associated costs
are. Using real-time data enables you to predict how changes will affect your day-to-day
operations and energy use and, by extension, your budget and future operations.
Three steps to WIN an iPad!1. Bring this ad and your business card to the APC by Schneider Electric booth at Gitex 2011, Hall 1, Stand E1-40.
2. Take the four-step tour and receive a FREE bag.
3. Enter the lucky draw to win an iPad were giving away one a day for five days!*
For more information on solutions:
Visit www.apc.com/promoand enter Key Code 95144t
Call +9714 7099690 (Arabic) /+9714 7099691 (English) Fax +9714 7099650
2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, InRow, and InfraStruxure are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. All other trademarks are property of theirrespective owners. IBM and the IBM logo are trademarks or registered trademarks of International Business Machines Corporations in the United States, other countries, or both. 998-3822_GBAPC Middle East PO Box 53852 Dubai United Arab Emirates. *Conditions apply. Promotion giveaways are at the discretion of APC. Details and conditions for the lucky draw available at the APC by Schneider Electric booth.
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
10/52www.networkworldme.com10 Network World Middle East September 2011
bits
Enterprises and service providers
spentmore money on storage in the
second quarter, emboldened by growing
IT budgets, according to the research
company IDC. The boost in storage has
come along with investments in cloud
computing and data - centre virtualisation,
IDC analyst Liz Conner said. Companies
are updating their storage systems for the
era of big data, to deal with huge and
growing volumes of information, she said.
The total market for disk storage
systems grew just over 10% from last
years second quarter to reach almost
$7.5 billion in revenue, IDC said in its
Worldwide Quarterly Disk Storage
Systems Tracker. IDC defines disk storage
systems as collections of three or more
drives, either in or outside servers.
External disk storage grew 12.2% year
over year to slightly more than $5.6 billionin factory revenue, IDC said.
The revenue gains came on top of strong
results from last years second quarter,
when the industry was recovering from
the recession of 2008-2009, Conner said.
The total amount of capacity delivered also
continued to rise, with total disk storage
systems shipped in the quarter representing
5,353 petabytes of capacity, up 46.7% from
a year earlier. In the second quarter of 2010,
there were 3,645 petabytes sold, a 54.6%
increase.
Sales increased across all major product
categories, including NAS (network-
attached storage) and all types of SANs
(storage-area networks). The total market
for non-mainframe networked storage
systems, including NAS and iSCSI (Internet
SCSI) SANs, grew 15.0% from a year
earlier to $4.8 billion in revenue, IDC
reported. EMC led that market with 31.9%
of total revenue, followed by NetApp with
a 15.0% share.
HP releases federatedstorage systemAs part of its Converged Storage portfolio,
Hewlett-Packard (HP) has released new
federated storage software, Peer Motion,
which enables admins to transparently
move application workloads between
disk systems in virtualised and cloud
computing environments.
HP also unveiled a new storage array
line, the P10000 3PAR Storage System, which
is aimed at supporting public and private
clouds with twice the capacity and port count
of previous HP products.
The Peer Motion software allows
applications and data to be moved between
any HP-branded storage systems as well
as systems from its subsidiaries: 3Par and
LeftHand, according to Craig Nunes, director
of marketing for HP Storage.
Similar to VMwares vMotion software,
Peer Motion allows live migration of data on
storage systems supporting virtual machines
with no application downtime.Peer Motion is aimed at several data
centre needs, Nunes said, including the
balancing of workloads where an application
outgrows its forecasted requirements and
must be redistributed across storage systems.
The software can also be used in bringing new
storage systems on line when older ones are
retired, and for thin provisioning of storage in
virtual environments.
Legacy storage systems architected
20 years ago were never designed for the
dynamic IT-as-a-Service world, forcing
organisations to use expensive and
inefficient bolt-on virtualisation approaches,
said Walid Gomaa, Storage Business Unit
and Sales Manager, HP Middle East. Thetrue peer-based storage federation in HP
Converged Storage solutions can handle
the inherent unpredictability of always-on,
multitenant environments while reducing
expense, management overhead and risk to
service levels.
Brocade has unveiled an infrastructure
procurement model designed for cloud
computing, along with additions to its
new VDX data centre switch line. Brocade
rolled out a subscription-based acquisition
option that allows customers to acquire
network capacity on demand as required
by fluctuating business demands. Brocade
Network Subscription is optimised to address
cloud-based IT environments, Brocade says.
Brocade Network Subscription is designed
to allow customers to scale capacity up and
down according to actual network utilization
with no capital outlay. Customers pay for
their network infrastructure on a monthly
basis, and can return equipment to Brocade
when capacity demands are not as high.
Network Subscription is not a managed
Infrastructure-as-a-Service offering;
essentially, its an option for customers
who need more flexible procurement,
lease or rental alternatives to control
network capital expenses or who have
tight budget constraints.
Brocade caters to cloud customers
Storageshipments keepsurging: IDC
Walid Gomaa, Storage Business Unit and Sales Manager,
HP Middle East
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
11/52September 2011 Network World Middle Eastwww.networkworldme.com
Data growth remains one o the biggestchallenges or IT. Managing double-digit
growth in data with shrinking IT budgets is a
daunting task acing many CIOs. With storage
capacity exploding at a rate o almost 60%
per year, IT executives are orced to rethink
what type o storage system is best suited or
their data.
What are the keys to handling such colossal
growth in data generation in times like these?
How do we harness virtualisation and cloud
computing strategies to deliver an optimalinormation inrastructure and capacity in a
timely and secure manner?
Sign up today to join this exclusive discussion.
Share your views and concerns with your
peers and industry experts and, in the
process, gain insights into more efectively
securing the uture o your business!
http://www.networkworldme.com/ms/
netapp/roundtable.php
CIO Round TableRethinking storage strategiesNetwork World Middle East and NetApp invite you to participate in anexclusive roundtable discussion on 20th September, 2011. You will join
your C-level peers and industry experts in an open and inormal discussionon enterprise storage strategies
Date: 20th September, 2011
Venue: The Address, Dubai Marina
Time: 10 am to 12 noon
(Lunch will be served)
(Note: This is a closed-door group discussion
of 10-15 people- there is no audience. Open
to pre-selected CIO/Heads of IT/ Networking
and data centre managers only)
Take our short surveyon enterprise storage
By answering just a few
questions, you can help us
guage your storage needs.To thank you, we will send
you a free subscription to
Network World Middle East
and the results once they
are compiled.
Go to:http://www.networkworldme.com/
ms/netapp/survey.php
Brought to you by:
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
12/52www.networkworldme.com12 Network World Middle East September 2011
GOOD BAD
LTE to drive the growth ofmobile broadband
According to Frost & Sullivan, as
the demand for mobile broadbandservices continues to explode,
the service providers have shown
preference for moving towards
faster data networks. With LTE technology
offering lower operating costs for mobile
data transfer, the mobile operators
worldwide are progressively committing
themselves to LTE network deployments
as a path for moving towards Fourth
Generation (4G) services. With recent
LTE launches in Europe and the US,
the device and service ecosystem will
is expected to mature and LTE will gain
further momentum in other markets acrossthe globe, particularly in Asia Pacific and
Middle East.
IE will drop under 50% shareby mid-2012
Microsofts Internet Explorer (IE)
will lose its place as the majority
browser next summer, according
to statistics published today by Web
metrics company Net Applications.
If the pace of IEs decline over the last
12 months continues, IE will drop under
the 50% mark in June 2012. In August, IElost about seven-tenths of a percentage
point in usage share, falling to 55.3%, a
new low for the once-dominant browser. In
the last year, IE has dropped 6.9 points.
But Microsoft continued today to stress
the success of IE9, the edition launched
last March, particularly on Windows 7.
Mobile apps fail big time atsecurity
A study from digital security
company viaForensics paints a
stark picture of the vulnerabilityof smartphone user data. viaForensics
evaluated 100 popular consumer apps
running on Android and iOS, and found
that 76% store usernames, while 10%
store passwords as plain text. Those 10%
included popular sites such as LinkedIn,
Skype, and Hushmail.
And while only 10% of applications store
both username and passwords as plain text,
leaving them vulnerable to hacks, even the
76% who store only usernames that way are
vulnerable.
Bad
Ugly
UGLY
bits
Good
Astaro releases SecurityGateway version 8.2
Astaro, a Sophos company and Unified
Threat Management (UTM) provider, has
released the version 8.2 of the Astaro Security
Gateway (ASG). Chief amongst the over 60
new features or enhancements in version
8.2 are Application Control (Next Generation
Firewall), Interactive Web Reporting and a new
authentication agent. These new features and
enhancements dramatically improve network
performance while providing increased
visibility and control over the network.
As technology changes, so too must
the tools organisations use to control
their networks, said Jan Hichert, senior
vice president, network security, Sophos.
With version 8.2 we once again ensure
our customers can face current and future
network and security challenges by offering
the next generation of firewall technology -
Application Control.
The Astaro Security Gateway version 8.2
includes over 60 other enhancements or
new features. These include, support for 3G/
UMTS USB modems, Form Hardening for Web
Application Security, Web Filtering Safe SearchEnforcement, enhanced virtualisation support,
SNMP v3, weighted balancing for WAN Uplink
and server load balancing, group in-group
support for network groups, SSID to Access
Point assignment, rebootless reconfiguration of
Access points and more.
In addition to the new features available in
version 8.2 of the ASG, the newest edition of the
flagship Unified Threat Management solution
now includes a technical preview of Astaros
upcoming Log Management product that isintegrated into the Astaro Security Gateway
and available for all users to try for free.
Alcatel-Lucent has introduced a setof
services to proactively analyse performance in
fixed networks, identify potential problems and
take action to minimise their impact.
As operators move more services to their
IP-based networks, they also become more
reliant on good network performance. It can
mean the difference between retaining a loyal
subscriber or losing them to a competitor,
according to Alcatel-Lucent.
To help operators stay one step ahead,
Alcatel-Lucent offers the Proactive Services
Suite. So far, the suite has been used to monitor
wireless networks, but Alcatel-Lucent is now
expanding that to include fixed networks based
on IP, IMS (IP Multimedia Subsystem) and
optical networks, as well. The company also
will be introducing support for equipment from
other vendors by the end of this year, it said in
a statement.
Key elements include proactive care and
network analysis. Proactive care monitors fault
data in near real-time and compares it against
a set of health criteria, based on that it provides
reports and recommendations on how to
address an issue before it starts affecting
users. The network analysis uses algorithms
developed by Bell Labs to identify network
trends and outage conditions before they
impact services
Alcatel-Lucent aims to fix networkissues
Mr. Jan Hichert, senior vice president, network security, Sophos
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
13/52
InformationSecurity...
Paramount Computer Systems FZ LLC
Dubai
T: +9714 391 8600
F: +9714 391 8608
Abu Dhabi
T: +9712 672 4288
F: +9712 674 5520
Qatar
T: +974 455 1641
F: +974 455 1827
Kuwait
T: +965 2247 1409
F: +965 545 6303
Bahrain
T: +973 17727 177
F: +973 17728 444
www.paramountassure.com
paramount@ssuring Value
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
14/52www.networkworldme.com14 Network World Middle East September 2011
bits
Africas lack of legacy systems was
expectedto help it lead the world in
adopting IPv6, but as it stands only
Mauritius and Namibia have fully embraced
the latest version of the protocol.
AfriNIC will be allocating IPv4 for the
next two years, meaning people are not in
urgency mode compared to other regions.
Organisations are still in their comfort
zone, said Adiel Akplogan, CEO of AfriNIC,
the regional Internet registrar.
Most hardware shipped to the region
can support both IPv4 and IPv6, which
Akplogan says is helpful to operators
in the region. AfriNIC is working to
raise awareness of the benefits of IPv6
adoption, but is changing its message
about the two protocols to de-emphasize
concerns about the diminishing supply of
IPv4 addresses.
AfriNIC is shifting focus from insisting that
IPv4 resources are depleting to educating
organisations on the beneits of IPv6,
IPv6 adoption slow in Africaespecially in mobile data, Akplogan said.
The new version of the Internet
Protocol is expected to beneit the region
because every gadget can be allocated an
IP address. Currently, not all devices have
IP addresses, so their visibility online is
low.
AfriNIC has been working with
governments and the private sector
to encourage IPv6 adoption, but one
challenge is the lack of African content on
sites that support IPv6. Where available,
content relevant to Africa is largely
hosted abroad, on sites that are still using
IPv4.
The opportunity to grow IPv6 was
deinitely bigger in Africa because of lack
of legacy systems, but Africa is largely a
consumer of online content. If the content
is running on IPv6, then we will be forced
to adopt, if not, we continue running
on IPv4, said Michuki Mwangi, senior
regional development manager at ISOC.
Google to buy Motorola MobilityGoogle has announced that it plans
to buy Motorola Mobility for $12.5bn
(around 7.6bn), subject to regulatory
approval. Motorola Mobility
exclusively ships phones and
its Xoom tablet with Googles
Android operating system. The
deal will mean that Google now
has a hardware manufacturer to
work with closely to develop Android,
said Carolina Milanesi, research vice
president at Gartner.
The acquisition of Motorola Mobility will
enable Google to supercharge the Android
ecosystem and enhance competition in
mobile computing, according to a news
release. The deal will not affect how Android
is developed, and the operating system will
remain open, Google said.
The company will run Motorola Mobility
as a separate business, Google said.
Larry Page, CEO of Google, said, Motorola
Mobilitys total commitment to Android has
created a natural it for our two companies.
Together, we will create amazing user
experiences that supercharge the entire
Android ecosystem for the beneit of
consumers, partners and developers. I look
forward to welcoming Motorolans to our
family of Googlers.
The adoption of server virtualisation
continues to accelerate as organisations
of all sizes consolidate physical
servers in an effort to rein in costs,
improve application management and
streamline IT operations, according
to CommVaults annual virtualisation
survey. With those benefits comes a
myriad of data protection challenges as
users discover that legacy platforms are
incapable of keeping up with the scale,
scope and performance requirements
of the virtual world. In order to keeppace with the data management
needs of the virtualised data centre,
organisations are re-evaluating
protection strategies in search of a
better way to protect, manage and
recover their environments, the
survey reveals. The survey, which
polled Simpana software customers
worldwide, reveal the major factors
driving this continued adoption of
server virtualisation technologies,
as well as the top data protection
challenges associated with protecting
virtualised environments.
Overall, the adoption of server
virtualisation has increased year on year
with 34% of the 388 survey respondents
stating their server environments
were 75% - 100% virtualised. VMware
continues to own the lion s share of
the market vis--vis Microsoft and Citrix
with 85% of those polled listing VMware
as their hypervisor platform of choice.
Virtualisation is
on the rise
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
15/52
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
16/52www.networkworldme.com16 Network World Middle East September 2011
i i: lebanon online
The newly installed platform from
Blue Coat enables Lebanon Online
to substantially reduce operational
expenses by cutting bandwidth spend, manage
sizeable increases in network traffic and
subscriber growth, enhance Web security and
optimize and enhance the delivery of rich Web
2.0 content, large files and video. Lebanon
Online expects the return on its investment
in CacheFlow appliances to be less than six
months, based upon bandwidth savings alone.
With prohibitively high bandwidth costs
in the region and limited capacity to meet our
user demands, the CacheFlow appliance is the
best solution to reduce infrastructure costs
by reducing bandwidth consumption, said
Hussein Turkieh, company engineer and IT
Manager, Lebanon Online. We are extremely
impressed with the results from the CacheFlow
appliance. We found that we could save 50% on
our international bandwidth, which provideda rapid return on investment. In addition, our
users noticed considerable improvement in the
speed and performance of Web applications
and content.
CacheFlow appliances alleviate the bind
that service providers face: scaling to serve
explosive customer demand for rich Web
2.0 media, especially video content, while
containing costs and meeting high end-user
expectations for a fast and interactive Web
experience. Through the use of next-generation
content caching technologies, including the
Blue Coat CachePulse cloud service, CacheFlow
appliances efficiently cache and serve Web
content to provide significant, sustained
bandwidth savings. CacheFlow appliances
allow ISPs, such as Lebanon Online, to
significantly reduce bandwidth consumption,
while improving the Web experience which
results in happier, more loyal subscribers and
greater competitive differentiation.
Lebanon Online is also formulating a value-
added services strategy where it can provide
additional, potentially chargeable services toits customers, including parental controls and
a clean Internet security service to further
leverage the capabilities of Blue Coat solutions.
Speed deliveryThe Internet service provider (ISP) Lebanon Online has deployed a Web cachingsolution to reduce bandwidth costs and enhance end-user experience.
Ajman University of Science and Technology
(AUST), a private institution of higher
education in the United Arab Emirates,
has deployed Blue Coat ProxySG andPacketShaper appliances to accelerate the
delivery of important content and applications
while protecting against Web-based threats.
AUST faces constantly growing Internet
demand from 8,000 students and staff as
well as demands placed by new services,
such as a sophisticated e-learning system
and an online library, that add to the
universitys overall bandwidth requirements.
To operate within the bounds of our
network capacity, it became imperative
for us to have visibility into Web traffic
and then be able to intelligently manage
it, said Mohammed Salman, IT director,
AUST. We found that Blue Coat solutions
provided precise, yet flexible controls, ahigh level of Web security and considerable
Internet bandwidth savings while also
enhancing the Internet experience for our
students and staff.
AUST deployed PacketShaper appliances
to discover and categorize applications on
the network, measure network application
performance, guarantee quality of service
(QoS) for priority applications and mitigate
the network impact of non-business
applications and content. The university also
deployed Blue Coat ProxySG appliances at its
Internet gateway to provide comprehensive,
real-time protection against Web-based
malware and other malicious content without
compromising network performance.Ajman University of Science and
Technology (AUST) Network was founded
in 1988, as a private institution of higher
education. Today it is a multi-campus,
multi-discipline cutting-edge university that
employs the latest technology. It has more
than 600 academic and administrative
staff and an additional 350 support staff.
AUST selected the Blue Coat solution after
an exhaustive vendor evaluation. Systems
integrator GBM Dubai managed the
implementation and training.
AUST deploys app acceleration solution
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
17/52
Simply connectedThe new campus network
The challenge of the new businessnetwork is expectations: Expectations
of solving long-standing challenges,
expectations of greater profitability
and productivity, and expectations that
interactions across the ecosystem of your
business will be digital and accessible from
anywhere on the device of my choice.
Mobility is dramatically changing user
behaviour and expectations of digital
interactions. While business leaders and
cube dwellers alike push for the freedom to
adopt new applications and devices, IT must
control access to applications, corporate
data, and the economics of supporting new
and legacy systems.
From an IT strategy perspective, mobility
could be viewed as yet another layer of
complexity that IT must attempt to handle.
Alternatively, could the onslaught of mobile
devices, multiple user groups, and a network
designed to connect employee PCs present
an opportunity to simplify and future proof
the infrastructure?
At Juniper, we believe users can have the
freedom the business needs
to innovate and survive in the
next-generation workplace,
while technology leaders
can have the control and
economics they demand.
We believe this evolution
is possible because our
customers are already safely
managing personal devices on
their networks, simplifying the
network infrastructure, and
using wireless as their primary
network access method.
Control Users and
Applications, not Devices
and Networks
The proliferation of network connectedend user devices hungry for content-rich
applications is a trend far from hitting the top
of its curve. Attempting to manage and
control security on multiple user devices
running a range of operating systems and
security protocols is a path to increased
complexity, end user noncompliance, more
risks, and higher costs for the enterprise.
The new network requires a omprehensive
security solution managed and delivered
at the connection level, capable of remote
data wiping, access rights management, and
full enforcement of security policies on any
device, anywhere, anytime.
Device-Agnostic, End to End Security
How will you safely enable iPads today?
What about the next hot device? As devices
and services change, the business network
should be able to offer the same, easy
method of secure access. A simple single
client which works on all types of devices
will provide a fast and secure method for
enabling new devices with no extra work. In
advertorial
addition you will need to manage securityand access controls by user, regardless of how
many devices and what network they use to
connect to interact with your company.
Juniper Networks Junos Pulse allows IT to
manage security without having to control
the device, while Juniper Networks Unified
Access Control and SRX Series Services
Gateways deliver end to end security across
the enterprise.
Wireless Access Becomes Primary
On-Ramp
The Wi-Fi networks deployed in buildings
today were meant for casual wireless use, but
they are now becoming the main on-ramp
to the business network. Employees and
guests expect the same experience on
wireless as they have experienced with wired
Ethernet. As more devices and people rely
on this network, the expectations and need
for the wireless network to perform in order
to deliver a solid application experience
continue to rise.
Juniper Wireless LAN Provides NonstopPerformance
Juniper Networks WLA Series Wireless LAN
Access Points provide indoor or outdoor
802.11a/b/g/n connectivity for a variety of
situations and installation sizes. All WLA
Series products provide the bandwidth
controls and performance to service
demanding mobility applications, such as
voice and video over wireless.
EX Series Simplifies the Wired Network
Juniper Networks EX Series Ethernet
Switches with unique Virtual Chassis
technology simplify the network by creating
a single managed entity. At each layer of
the network, Juniper can streamline and
consolidate legacy architecture into a
simpler form.
The Juniper Networks vision for the new
campus network is the only comprehensive
network architecture that provides all of the
accessibility, security, and simplicity required
by the new era of mobility in one open and
scalable package.
September 2011 Network World Middle Eastwww.networkworldme.com
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
18/52
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
19/52September 2011 Network World Middle Eastwww.networkworldme.com
this impenetrable wall of security around
their organisations. This often results in
defining extremely technical rule sets to cover
almost any attack vectors. Due to internal
and external business pressures, companies
are required to become more open,
collaborative and dynamic to allow it to meet
its stakeholders requirements, says Franz
Erasmus, Practice Manager, Information
Security CA Technologies Middle East &
North Africa.
Companies relying on perimeter security
are now faced with a new set of problems;
how to define these new set of technical rules
and expectations in a daily, hourly and more
frequently at the event level? Clearly this type
of security is becoming highly impractical
if not impossible to protect a companys
resources and secrets, he adds.
James Lyne, Director of Technology
Strategy, Sophos, agrees that perimeter
security alone is not going to be sufficient
to deal with todays threat landscape.
SophosLabs now sees on average over
150,000 malware samples every day and anew infected web page every few seconds.
The velocity of content generation and the
prevalence of low volume, targeted attacks
are placing increasing pressure on content
based security technologies. More and
more context is required to make effective
decisions, such as the reputation of a file, its
URL or perhaps the behaviour of the item
when running.
He points out that users also have a
greater tendency to roam today, often
not routing their traffic back to the office
network - they of course continue to require
protection in this scenario demonstrating the
importance of persistent endpoint protection.
Equally, users will enter your network with
consumerised or untrusted devices, such
as smartphones, where you do not have
the option of an endpoint deployment.
These use cases are among the many which
demonstrate the importance of both the
network and endpoint layers.
Changing face of security
Now with the perimeter being permeated
by dozens of connections to the outside
world, and mobile devices and users
regularly crossing the perimeter, companies
are forced to make security ubiquitous
throughout the network. This is a must to
protect the company from both external and
internal threats. What is important to keep
in mind is that the level of security should
be proportionally applied to the resources
protected and threat involved, says Erasmus.
Steven Huang , Director of Solutions and
Marketing, Huawei Enterprise Business,
adds that before applying network security
controls, it is essential that organisations
have a thorough understanding of both their
network and critical assets. Security controls
should not impede business continuity
and the organisations priorities must come
first. Information and resources should be
available freely but securely to all the users.
Increasingly, companies are shifting
their security model from location-centric
to information-centric, which will likely take
a while before becoming the predominant
security model. In the meantime, most
companies end up with a hybrid model
of both location- and information-centric
elements. The perimeter is still important,
but is increasingly just one of the layers of
protection and is supplemented by strong
user authentication, application controls and
user-centric logging and auditing.
Rethinking priorities
The biggest business challenge today, in
the minds of many security experts, is the
stealthy online infiltration by attackers to
steal valuable proprietary information.
The reality, they say, is that these so-called
advanced persistent threats are so rampant
and unrelenting they are forcing IT to rethink
network security. They state bluntly that
focusing on fortifying perimeter is a losing
battle. What kind of defense model do you
need then?
Defense-in-depth, but increasingly
defense-in-width is proving to be a very
effective security model to deploy. Defense-
in-depth traditionally looked at protecting
resources by providing additional security
measure in layers. Should one measure
fail a second measure will be able to still
secure the resource, whilst slowing the
threat, says Erasmus.
Lyne from Sophos echoes a similar
Defense in depth, the use of multiple layers and different
classes of protection technology provide the most
effective strategy. This concept, which is far from new, has
never really been adopted widely due to the high cost of
adopting individual best-of-breed solutions.
Franz Erasmus, Practice Manager, Information Security CA Technologies Middle East & North Africa
IN ASSOCIATION WITH
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
20/52www.networkworldme.com20 Network World Middle East September 2011
opinion: Defense in depth, the use of multiple
layers and different classes of protection
technology provide the most effective
strategy. This concept, which is far from new,
has never really been adopted widely due to
the high cost of adopting individual best-of-
breed solutions. However, it is still the best
way to deal with the unknown, since building
a high net increases the chances of catching a
targeted attacker. Organisations should look
to security vendors to provide a wide array
of security controls spanning the endpoint
and the network. Critically however, these
controls must be sufficiently simple to be
realistically usable.
Cloud Security
Security-as-a-Service or cloud-based
security service is catching on as technology
managers find them to provide more
flexibility than they found when running
their own network and security equipment.
Whether you are an IT manager, or a security
specialist, chances are you are rethinking
assumptions about what security solutions tobuy, how to implement them, and even how
to manage them. Your existing requirement is
to sustain or, better still, enhance protection
against malware, spyware, spam, and the
myriad other intrusions and vulnerabilities
that threaten precious information and
systems. Your new requirement is for more
efficiency and more seamless protection, with
less thought and effort. The definitive solution
to this dilemma is easier and safer than you
think: Security-as-a-Service, says Essam
Ahmed, Regional Presales Manager, McAfee.
He adds that regardless of whether
you have the benefit of extensive security
expertise in-house, this proven managed
service approach can help you maintain and
even increase protection, while minimising
costs. It is a safe bet today for all sizes of
organisations.
Huang from Huawei says these cloud-
based services include protection against web
and email threats, monitoring of inbound
and outbound network traffic, and assessing
Whether you are an IT
manager, or a security
specialist, chances are you
are rethinking assumptions
about what security
solutions to buy, how to
implement them, and even
how to manage them.
Steven Huang, Head of Solutions and Marketing, EnterpriseBusiness ME, Huawei
Essam Ahmed, Regional Presales Manager, McAfee
James Lyne, Sophos
an externally facing website for potential
vulnerabilities.
He cautions that though Security-as-
a-Service is still growing, it still needs a
lot of work to be done to make the model
successful; its a market in transition.
Whither network security?
With new attack methods evolving, network
security strategy should also change rapidly
to keep pace. Now the question is, will
network security remain an importantelement of IT architecture or will the focus
switch to application and data-level security?
Asli Aktas, Regional Director of Enterasys
Networks says network security will
remain a key architectural component of a
defense in depth approach. Yes the focus is
on applications and data but it needs to be
supported by the network infrastructure,
she says.
Erasmus agrees that network security
will remain an element of IT architecture
as long as there are private and public
networks to protect. Most certainly we are
seeing renewed focus on application and
data security, but this should not be seen as
a silver bullet to securing the organisation.
In fact companies are best served with
security initiatives that are collaborative and
complimenting to the overall security posture
of the organisation, he sums it up.
feature |network security
IN ASSOCIATION WITH
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
21/52September 2011 Network World Middle Eastwww.networkworldme.com
The One Choice for PCI Compliance
FORTNETS END TO END PCI SOLUTIONSREDUCE RISKS, OVERALL TCO AND NETWORK
COMPLEXITY.
TALK TO THE PCI EXPERTS.
www.fortinet.com
Fortinet Middle East
Ofce 1208, Al Thuraya Tower 2
Dubai Internet City, U.A.E.
Tel: +971 4 446 1797
Fax: +971 4 426 4698
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
22/52www.networkworldme.com
feature |NGFW
T mart is sloing driting toard alication-aar irall
it intrusion rvntion and iltring
Demystifyingnext-gen firewalls
The traditional port-based enterprise
firewall, now looking less like a guard
and more like a pit stop for Internet
applications racing in through the often open
ports 80 and 443, is slowly losing out to a new
generation of brawny, fast, intelligent firewalls.
The so called next-generation firewall
(NGFW) describes an enterprise firewall/
VPN that has the muscle to efficiently perform
intrusion prevention sweeps of traffic, as well
as have awareness about the applications
moving through it in order to enforce policies
based on allowed identity-based application
usage. Its supposed to have the brains to
use information such as Internet reputation
analysis to help with malware filtering or
integrate with Active Directory.
But how long will it take for the NGFW
transition to truly arrive?
Part of the challenge is nailing down a
clear definition of what NGFW is. Gartner,
which has its own definition of the gear,
acknowledges some vendors have
application control, some are more advanced
in IPS, adding, The majority of the
enterprise firewall vendors are at the early
stages of this.
The terminology issue is made more
confused by the term Unified Threat
Management (UTM), a phrase coined by
IDC, which says UTM has roughly the same
meaning as NGFW. But Gartner argues UTM
should apply to security equipment used by
small-to-midsized businesses, while NGFW
is supposed to be for the enterprise, defined
as 1,000 employees and up.
But despite this clash of idioms and
the existence of only a tiny installed base
using a presumed NGFW, security vendors
22 Network World Middle East September 2011
IN ASSOCIATION WITH
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
23/52September 2011 Network World Middle Eastwww.networkworldme.com
do appear to recognise that demand for
consolidated multi-purpose enterprise
security appliances is likely to rise.
The market trends are moving in that
direction, says Bashar Bashaireh, Regional
Director of Fortinet Middle East, who
explains some of the factors driving the
adoption of NGFWs. One adoption driver is
the opportunity to see network activity and
bandwidth consumption more clearly. The
way how the employees are using network
have an impact on security and productivity,
so it is very important to know which
applications are used by whom. It is possible
to control applications and associated
bandwidth needs and priorities via a NGFW.
Additionally, some NGFWs can act like data-
loss prevention tools to block usage based
on keywords and other definers.
Why do you need a NGFW? Vendors say
legacy firewalls cant keep with the ever-
changing threat landscape and the focus
needs to be on application control as threats
are getting more complex.
For firewalls that rely primarily onIP addresses, ports and protocols for
classification purposes, the result is the
inability to reliably distinguish network
traffic associated with applications being
used for legitimate business activities
from that associated with applications
being used for other reasons. Traditional
network security solutions, such as stateful
firewalls, do not have the sophistication and
the power to closely scrutinize all traffic
and to sort the good from the bad in this
environment. Stateful firewalls can only
perform stateful packet inspection (SPI).
To them, all protocols sent over a port are
created equal. The result: application chaos,
explains Florian Malecki, EMEA Senior
Product Marketing Manager at SonicWALL.
In comparison to a conventional
firewall that mainly looks at IP network
ranges, the NGFW way of doing things in
application control does represent a new
technology for most customers. Another
key benefit of a next-generation firewall is
that it allows IT security to be more business
driven and aligned with the business.
Maybe some applications or functions in
specific applications are acceptable for
some departments in a company, while they
should be disallowed for others. The classical
example is Facebook. Any company which
is adopting new media for marketing will
have users that need to access Facebook,
while the normal employee should not have.
A next generation firewall allows this type
of granular control, which supports the
business, says Nicolai Solling, Director of
Technology Services, help AG Middle East.
What should enterprises expect if they
want to make the transition from a traditional
firewall to a next-generation firewall?
Bashaireh says it starts with a decidedly
different way of thinking about security
goals associated with a firewall, especially
in terms of establishing application-aware
controls over employees as they access the
Internet, the Web and social networking
sites. For a traditional firewall approach the
focus is on IP addresses and ports whereas
for next generation firewall the focus is on
users and applications.
The need to have more business-
oriented features on security gateways
like firewalls is not really new and
industry dynamics force vendors to add
the capabilities of point products to their
offering. So probably evolution from port-
based firewall to smarter products is driven
by the need for a more comprehensive
protection, a simpler configuration and
management, and an improvement of the
users productivity, he adds.
The old way of talking about traditional
port-based firewalls, with system
administrators discussing the language of
protocols, is inadequate. Companies need to
adopt a more business-focused vocabulary,
related to application use, thats common to
the CIO, CFO and CEO. Thats because the
new generation of fast, intelligent firewalls
are application-aware, enabling enterprises
to establish and enforce identity-based
application usage policies for employees.
Most vendors acknowledge migrating
from a traditional firewall to a NGFW is not
trivial, You have to migrate rules and policy,
and staff will require training, says Solling.
One adoption driver is the opportunity to see network
activity and bandwidth consumption more clearly.
The way how the employees are using network have
an impact on security and productivity, so it is very
important to know which applications are used by whom.
Bashar Bashaireh, Regional Director of Fortinet Middle East
IN ASSOCIATION WITH
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
24/52www.networkworldme.com24 Network World Middle East September 2011
Some companies opt to gradually shift toNGFWs by running both traditional and next-
generation firewalls in tandem.
Customers have started to use an
application-aware NGFW to some extent, and
they often maintain their traditional firewall
rules while incorporating application-based
controls over time. But it is generally a
temporary procedure used mainly during
the migration and maturation phase, and
the cohabitation of the two approaches will
probably not exceed the global adhesion to
the complete content security concept, no
matter how security gateways are named or
will be named, says Bashaireh.
Is NGFW superior to UTMs? Malecki
says UTM and NGFW are two different
approaches even though they are very
similar. We can qualify the UTM concept
as the predecessor of NGFW with various
security services being available from
the same platform. While NGFW will be
deployed in data centre to deliver high
performance of deep packet inspection and
application firewalling, UTM is typically
deployed at a small office or branch office
level to include security services such as
anti-spam, content filtering, etc, he says.
Bashaireh adds a different perspective:
Next-Generation Firewall is a subset of the
existing UTM market, or even the evolution
of the firewall market. For a simple high level
view of a rapidly changing industry, namely
speaking gateway security appliances,
next -generation firewalls that are IPS and
application aware are encompassed by UTM.
Next-Generation Firewalls are generally
described as firewalls that tightly integrate
Intrusion Prevention Systems (IPS), as
well as provide Application Control and
Virtual Private Networks (VPN) capabilities.
However, the majority of these next-
generation firewalls are limited in their
capacity, he adds.
While the NGFW wave is at least three
years old, Gartner acknowledges that actual
use is still very low today, even less than
1%. Looking ahead, Gartner optimistically
predicts NGFW adoption will grow to 35%
by 2014.
As vendors continue to evolve their
NGFW offerings, it should ideally become
your primary firewall.
Is there a NGFW in your future?NWME in association with Palo Alto did an editorial survey of 200 IT decision makers to gaugethe adoption levels of NGFW. Key findings:
wic statmnt bst rlcts your oinion o
Nxt-Gnration firalls?
wat do you xct i you ant to ma a
transition rom traditional irall to a Nxt-Gn
firall?
Do you tin a Nxt-Gn firall it
consolidatd scurity unctions suc as IpS or
anti-malar iltring, can b cost ctiv ovr
buying sarat quimnt or sarat scurity
unctions?
Every vendor claims they have one, and now I am
totally confused because they all sound the same
My current firewall is worthless, so I am anxious to
make that transition
The value proposition is clear - visibility and control
of all applications, users and content
What is the Next Generation Firewall?
Application awareness capability
Integrated intrusion prevention system
Opportunity to see network activity and
bandwidth consumption
All of the above
No, I am not comfortable with the idea of wholly
one-vendor, one device-approach
Yes, as it simplifies management and operations
20%
36%
41% 3%
4.5%
3%5%
87.5%
84%
16%
Florian Malecki, EMEA Senior Product Marketing Manager, SonicWALL
Nicolai Solling, Director of Technology Services, help AG Middle East
IN ASSOCIATION WITH
feature |NGFW
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
25/52September 2011 Network World Middle Eastwww.networkworldme.com
We fnd the best solutions globallyto help you locally
FVC delivers the technologies to free your business
Technology overload, marketing hype, business demands. Its hard to balance whats possible
against whats essential. We believe your priority should be implementing transormative
products and technologies that impact your business at once - rom telepresence tonetwork trafc management, security to WAN optimisation. And weve wide experience o
implementation and training across the region. Let us be your partner o choice or tomorrow.
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
26/52
Why SIEM is moreimportant than everIT environments are growing ever more distributed, complex and difficult tomanage, making the role of security information and event management (SIEM)technology more important than ever. Heres why.
Compliance: Almost every
business is bound by some sort
of regulation, such as PCI-DSS,
HIPAA and Sarbanes-Oxley (SOX).
Attaining and maintaining compliance
with these regulations is a daunting
task. SIEM technologies can address
compliance requirements both directlyand indirectly.
Virtually every regulatory mandate
requires some form of log management to
maintain an audit trail of activity. SIEMs
provide a mechanism to rapidly and easily
deploy a log collection infrastructure that
directly supports this requirement, and
allows both instant access to recent log
data, as well as archival and retrieval of
older log data. Alerting and correlation
capabilities also satisfy routine log data
review requirements, an otherwise
tedious and daunting task when done
manually.
In addition, SIEM reporting capabilities
provide audit support to verify that
certain requirements are being met. Most
SIEM vendors supply packaged reports
that directly map to specific compliance
regulations. These can be run with
minimal configuration, and will aggregate
and generate reports from across the
enterprise to meet audit requirements.
Operations support: The size and
complexity of todays enterprises
is growing exponentially, along
with the number of IT personnel to
support them. Operations are often
split among different groups such as
the Network Operations Centre (NOC),
the Security Operations Centre (SOC),
the server team, desktop team, etc.,
each with their own tools to monitor
and respond to events. This makes
information sharing and collaboration
difficult when problems occur. A SIEM
can pull data from disparate systems
into a single pane of glass, allowing for
efficient cross-team collaboration in
extremely large enterprises.
Zero-day threat detection: New
attack vectors and vulnerabilities are
discovered every day. Firewalls, IDS/IPS
and AV solutions all look for malicious
activity at various points within the
IT infrastructure, from the perimeter
to endpoints. However, many of these
solutions are not equipped to detect zero-
day attacks. A SIEM can detect activity
associated with an attack rather than
the attack itself. For instance, a well-
crafted spear-phishing attack using a
zero-day exploit has a high likelihood of
making it through spam filters, firewalls
and antivirus software, and being opened
26 Network World Middle East September 2011
feature |SIEM
www.networkworldme.com
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
27/52
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
28/52www.networkworldme.com28 Network World Middle East September 2011
by a target user.A SIEM can be configured to detect
activity surrounding such an attack.
For example, a PDF exploit generally
causes the Adobe Reader process to
crash. Shortly thereafter, a new process
will launch that either listens for an
incoming network connection or initiates
an outbound connection to the attacker.
Many SIEMs offer enhanced endpoint
monitoring capabilities that keep track
of processes starting and stopping and
network connections opening and closing.
By correlating process activity and
network connections from host machines
a SIEM can detect attacks, without ever
having to inspect packets or payloads.
While IDS/IPS and AV do what they do
well, a SIEM provides a safety net that can
catch malicious activities that slip through
traditional defenses.
Advanced persistent threats: APTs have
been in the news a lot, with many experts
claiming they were responsible for the
high-profile breaches at RSA, LockheedMartin and others. An APT is generally
defined as a sophisticated attack that
targets a specific piece of data or
infrastructure, using a combination of
attack vectors and methods, simple or
advanced, to elude detection. In response,
many organisations have implemented
a defense in depth strategy around
their critical assets using firewalls and
IDS/IPS at the perimeter, two-factor
authentication, internal firewalls, network
segmentation, HIDS, AV, etc.
All of these devices generate a
huge amount of data, which is difficult
to monitor. A security team cannot
realistically have eight dashboards open
and correlate events among several
components fast enough to keep up with
the packets traversing the network. SIEM
technologies bring all of these controls
together into a single engine, capable
of continuous real-time monitoring and
correlation across the breadth and depth
of the enterprise.
But what if an attack is not detected
by the SIEM? After a host is compromised,
the attacker must still locate the target
data and extract it. Some SIEM correlation
engines are able to monitor for a
threshold of unique values. For example,
a rule that looks for a certain number of
unsuccessful access attempts on port 445
(or ports 137, 138 and 139 if NetBIOS is
used) from the same host within a short
time frame would identify a scan for
shared folders. A similar rule looking for
standard database ports would indicate
a scan for databases listening on the
network.Through the integration of whitelisting
with SIEM, it becomes trivial to identify
which hosts and accounts are attempting
to access data that they shouldnt be
accessing. Meanwhile, implementing File
Integrity Monitoring with a SIEM can
correlate data being accessed with
outbound network traffic from the same
host to detect data leakage. If a FIM event
shows that the critical data was accessed
along with a thumb drive being plugged
into the same host that was accessing the
critical data, an alarm can be generated
to notify security personnel of a potential
breach.
Forensics: A forensics investigation can
be a long, drawn-out process. Not only
must a forensics analyst interpret log data
to determine what actually happened, the
analyst must preserve the data in a way
that makes it admissible in a court of law.
By storing and protecting historical logs,
Virtually every regulatory mandate requires some form
of log management to maintain an audit trail of activity.
SIEMs provide a mechanism to rapidly and easily deploy
a log collection infrastructure that directly supports this
requirement, and allows both instant access to recent log
data, as well as archival and retrieval of older log data.
and providing tools to quickly navigate
and correlate the data, SIEM technologies
allow for rapid, thorough and court-
admissible forensics investigations.
Since log data represents the digital
fingerprints of all activity that occurs
across IT infrastructures, it can be
mined to detect security, operations
and regulatory compliance problems.
Consequently, SIEM technology, with
its ability to automate log monitoring,
correlation, pattern recognition, alerting
and forensic investigations, is emerging
as a central nervous system for gathering
and generating IT intelligence.
feature |SIEM
SenSage unlockSSIeM data
SenSage, which makes securityinformation and event management(SIEM) products, is opening up itsplatform to share data it gathers withbusiness intelligence tools so theycan be used to make better decisions.SenSage is upgrading its software tosupport a variety of APIs including OpenDatabase Connectivity and Java Database
Connectivity as well as open APIs likeSNMP. It also supports some proprietaryAPIs including Check Point SoftwaresLEA. The company has also launchedan online community portal calledOpen Security Intelligence for securitypractitioners to share best practices. Thegoal is to help prevent successful exploitsfrom spreading and to block similarexploits that come along later. SenSageis represented in the Middle East throughthe security solutions provider Nanjgel.
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
29/52www.networkworldme.com June 2011 Network World Middle East
in association with
StorageAdvisor
MIDDLE EAST
Automating the data store with tiering technology
STACKING YOUR DATA
-
8/3/2019 Leechmod.biz Network World Middle East 2011-09S370 T
30/52www.networkworldme.com
Fundamentally, the reason we
even consider tiering is simple:
cost - the opportunity for savings
by placing less valuable information
on lower-cost storage. Tiering means
moving data among various types of
storage media as demand for it rises or
falls. Moving older or less frequently
accessed data to slower, less expensive
storage such as SATA drives or even
tape can reduce hardware costs, while
putting the most frequently accessed
or most important data on faster, more
expensive Fibre Channel drives or
even solid-state drives (SSD) boosts
performance.
Matching the performance needs
and lifecycle requirements of data to the
different types of available storage media
has always been a bit of a headache. The
goal is to make sure that data is on the
right media, at the right time, for the right
cost. The reality, however, is that it can be
difficult to know what type of media will
best address a particular need, and it can
be hard to adjust storage allocation and
data placement as those needs change,
says Martin Molnar, Regional Sales Director
of NetApp.
Administrators and end users often
compromise by choosing faster, more
capable storage than they really need.
As a consequence the fasterand
more expensivestorage tends to be
oversubscribed, and that increases storage
costs and potentially robs performance
from applications that need it. Flash-
memory-based, solid-state drives (SSDs)
and other forms of media have brought
this problem to the fore. Flash-based
media can complete 25 to 100 times
more random read operations per second
than even the fastest rotating media, but
that performance comes at a premium of
15 to 20 times higher cost per gigabyte.
This has created a strong need to reserve
the use of Flash-based media for hot
dataactive data in high demandas a
way to maximise the benefits from those
investments.
Molnar says this is exactly where
automated storage tiering fits in.
Automated storage tiering is intended to
identify and promote hot data to higher-
performance storage media automatically,
while leaving cold data in lower cost
media.
Automated data tiering, automates
not just the movement of data, but
also the task of monitoring how data
is being used and determining which
data should be on which type of storage.
Such automated tiering isnt yet in
the mainstream because few vendors
offer the technology and it hasnt
been proved to work in very high-end,
transaction-intensive envir