Cloud Native Computing Foundation Seeks Alignment Among Container Technologies

A new Cloud Native Computing Foundation is being launched to drive the alignment of container technologies.  Founding organizations include AT&T, Box, Cisco, Cloud Foundry Foundation, CoreOS, Cycle Computing, Docker, eBay, Goldman Sachs, Google, Huawei, IBM, Intel, Joyent, Kismatic, Mesosphere, Red Hat, Switch SUPERNAP, Twitter, Univa, VMware and Weaveworks.

The Cloud Native Computing Foundation, which is a project managed by The Linux Foundation, aims to advance the state-of-the-art for building cloud native applications and services, allowing developers to take full advantage of existing and to-be-developed open source technologies. Cloud native refers to applications or services that are container-packaged, dynamically scheduled and micro services-oriented.

Specifically, he Foundation will look at open source at the orchestration level, followed by the integration of hosts and services by defining API's and standards through a code first approach to advance the state-of-art of container-packaged application infrastructure. The organization will also work with the recently announced Open Container Initiative on its container image specification. Beyond orchestration and the image specification, the Cloud Native Computing Foundation aims to assemble components to address a comprehensive set of container application infrastructure needs.

“The Cloud Native Computing Foundation will help facilitate collaboration among developers and operators on common technologies for deploying cloud native applications and services,” said Jim Zemlin, executive director at The Linux Foundation. “By bringing together the open source community’s very best talent and code in a neutral and collaborative forum, the Cloud Native Computing Foundation aims to advance the state of the art of application development at Internet scale.”

https://cncf.io

“AT&T sees tremendous value in these initiatives,” said Toby Ford, assistant vice president of Cloud Technology, Architecture and Planning at AT&T. “We are very interested in helping to shape the container standards and architecture of the next-generation ecosystem that will deliver on the promise of cloud-enabled software. We are fully committed to this technology direction, as demonstrated by our Domain 2.0 initiative to migrate 75% of our targeted network onto a software defined network directed cloud.”

"Cloud native applications are critical for companies that want to scale their business quickly and successfully,” said Dave Ward, CTO and Chief Architect, Cisco. “Efforts designed to simplify and improve the overall developer experience, such as the Cloud Native Computing Foundation, are a great step forward. We’re excited to be a part of this community initiative to enable new technologies and innovation for developers, as well as our continued commitment to enable users by Open Source.”

http://collabprojects.linuxfoundation.org

Read More

Kubernetes V1 Released on Github

Kubernetes, the open source container orchestration system, has reached the v1 milestone (GitHub), indicating that it is now ready for commercial use.

Google noted that Kubernetes was built by over 400 contributors with 14,000 commits. The list of set of features in this release includes:

App Services, Network, Storage 

• Includes core functionality critical for deploying and managing workloads in production, including DNS, load balancing, scaling, application-level health checking, and service accounts
• Stateful application support with a wide variety of local and network based volumes, such as Google Compute Engine persistent disk, AWS Elastic Block Store, and NFS
• Deploy your containers in pods, a grouping of closely related containers, which allow for easy updates and rollback
• Inspect and debug your application with command execution, port forwarding, log collection, and resource monitoring via CLI and UI.   

Cluster Management

• Upgrade and dynamically scale a live cluster
• Partition a cluster via namespaces for deeper control over resources.  For example, you can segment a cluster into different applications, or test and production environments.

Performance and Stability

• Fast API responses, with containers scheduled < 5s on average
• Scale tested to 1000s of containers per cluster, and 100s of nodes
• A stable API with a formal deprecation policy

http://googlecloudplatform.blogspot.com/2015/07/Kubernetes-V1-Released.html

Read More

Gigamon Launches Security Visibility Platform for Advanced Persistent Threats

Gigamon introduced its "GigaSECURE" Security Delivery Platform for providing pervasive visibility of network traffic, users, applications and suspicious activity, and then delivering it to multiple security devices simultaneously without impacting network availability.

The idea is to counter Advanced Persistent Threats (APTs) by leveraging a traffic visibility fabric to extract scalable metadata across a network, including cloud and virtual environments, and thereby empower third party security applications. This enables improved forensics and the isolation of applications for targeted inspection. The company also said its solution is also able to deliver visibility to encrypted traffic for threat detection.  The architecture supports inline and out-of-band security device deployments.

Gigamon's GigaSECURE is comprised of scalable hardware and software elements:

• Infrastructure-wide reach via GigaVUE-VM and GigaVUE nodes;
• High-fidelity, un-sampled Netflow/IPFIX generation;
• Application Session Filtering;
• SSL decryption; and
• Inline bypass capabilities.

Gigamon also highlighted its Application Session Filtering (ASF), a new, patent-pending GigaSMART application that can identifies applications based on signature or patterns that appear within a packet or packets. Once positively identified, ASF extracts the entire session corresponding to the matched application flow from the initial packet to the last packet of the flow, even if the match occurs well after the first packet. This allows an administrator to forward specific “traffic of interest” to security appliances thereby optimizing their operational efficiency and improving overall performance.

The GigaSECURE platform already supports a broad ecosystem of security partners and their respective security functions, including:

Advanced Malware Protection: Check Point, Cisco, Cyphort, FireEye and Lastline;
Behavior Analytics: Damballa, Lancope, LightCyber and Niara;
Forensics/Analytics: ExtraHop, PinDrop, RSA and Savvius;
IPS: Check Point and Cisco;
NGFW: Check Point, Cisco, Fortinet and Palo Alto Networks;
Secure Email Gateways: Cisco;
SIEMs: LogRythm and RSA;
WAFs: Imperva.

https://www.gigamon.com/

Gigamon's Shehzad Merchant: Intersection of Open and Security

Sunday, July 12, 2015  #NFV, #SDN, Gigamon, Open, OpenStack, Packet Broker, Testing, Video  No comments

The open networking movement is here to stay. It's not just about open source software, says Shehzad Merchant, CTO of Gigamon, but really about taking a vertically-integrated networking stack and disaggregating it. With various components of the networking stack supplied by different vendors, maintaining visibility across every layer of that stack becomes critical.

By disaggregating the networking stack, you are, in principle, opening up new attack vectors across multiple surfaces. On the other hand, there will be a much broader ecosystem moving much quicker to address vulnerabilities.

This 9-minute sponsored video covers (1) whether the many open networking projects help or hurt the case for better network security (2) the overlapping trands of virtualization and higher networking speeds (3) security as the use case for SDN (4) redefining security boundaries with SDN

http://open.convergedigest.com/2015/05/gigamon.html

Automating Visibility inside the Cisco Live Network with Gigamon and JDSU

Thursday, June 25, 2015    No comments

The Cisco Live Network and its state-of-the-art network operations center serve all of the attendees of Cisco's big annual event. Equipment must be deployed rapidly. As soon as the show begins, the network supports tens of thousands of clients and pushes terabytes of data to the Internet.

This video takes a look at the Cisco Live Network and the use of Gigamon's new software-defined visibility,  which leverages APIs to make real-times changes in the types of data under analysis. Software-defined visibility allows the NOC to change the nature of the visibility fabric to provide only the type data needed by the testing tools in real-time.  In addition, the video features a live use-case presented by JDSU covering software-defined visibility and their tools.

Presented by Andy Huckridge, Director of Service Provider Solutions at Gigamon; Joe Clarke, Distinguished Engineer at Cisco; and Charles Thompson, Senior Director, Product Line Management, at JDSU.

See video:  https://youtu.be/giYXwy2thlQ

Read More

Cavium's 100G NITROX V Security Processor Packs 288 Cores

Cavium unveiled its new family of NITROX V security processors & adapters aimed at enterprise networking equipment and virtualized cloud data centers, where increasing east-west traffic flows are driving high performance, symmetric encrypted bandwidth requirements. In addition, SaaS providers such as search engines, email services and social networking services are now encrypting customer data they receive over the Internet using SSL and new crypto schemes such as Perfect Forward Secrecy (PFS). Another major trend is the need for high performance data compression with excellent compression ratios for data center traffic, driving the need for better security processors.

The NITROX V security processors integrate up to 288 purpose-built security cores with high performance compression engines and virtualization hardware with PCI-Express Gen 3 and Interlaken interfaces. The company says this delivers 3 to 10 times greater performance than alternative solutions within the same power envelope.

Some highlights

• Up to 288 RISC Security Cores – Support up to 100Gbps of security performance simultaneously with 120K RSA Ops/sec for 2048 bit keys or 300K P256 ECC Multiply Ops/sec.
• Compression Engines - Enhanced Compression/decompression acceleration – 100 Gbps. Support for GZIP, PKZIP, Inflate and Deflate algorithms. Also includes support for LZS Compression that is widely used for Storage applications.
• High bandwidth IO – Supports 100 Gbps of traffic.  PCI-Express Gen3 x8 and Interlaken x8 interfaces.
• Virtualization support – Single Root IO Virtualization (SR-IOV) feature with up to 256 Virtual Function support.
• Latest security features – Supports a wide variety of protocols including IPsec, SSL, TLS 1.x, DTLS and ECC Suite B. Also supports a wide variety of algorithms including several variants of AES, 3DES, SHA-2, SHA-3, RSA 2048, RSA 4096, RSA 8192, ECC p256/p384/p521, Kasumi, ZUC and SNOW 3G.
• SSL performance with 120K RSA Ops/Sec and 300K P256 ECC Ops/sec and bulk encryption performance of 100 Gbps for a variety of different protocols, 
• Flexibility to support emerging algorithms and protocols.
• The single-chip NITROX V processors do not require external memory enabling lower cost, power and real-estate.

http://www.cavium.com/processor_security_NITROX-V.html

Read More

Arbor: DDos Attacks Continue to Grow in Ferocity

The average size of distributed denial-of-service (DDoS) attacks, from both a bits-per-second and packets-per-second perspective, continues to grow, according to new tracking data released by Arbor Networks.

Arbor’s data is gathered through ATLAS, a collaborative partnership with more than 330 service provider customers who share anonymous traffic data with Arbor in order to deliver a comprehensive, aggregated view of global traffic and threats. ATLAS collects 120TB/sec of Internet traffic and is the source of data for the Digital Attack Map, a visualization of global DDoS attacks created in collaboration with Google Ideas.

The largest attack monitored in Q2 was a 196GB/sec UDP flood, a large, but no longer uncommon attack size. Of most concern to enterprise networks is the growth in the average attack size. In Q2, 21 percent of all attacks topped 1GB/sec, while the most growth was seen in the 2-10GB/sec range. However, there was also a significant spike in the number of attacks in the 50-100GB/sec range in June, mainly SYN Floods targeting destinations in the US and Canada.

“Extremely large attacks grab the headlines, but it is the increasing size of the average DDoS attack that is causing headaches for enterprise around the world,” said Arbor Networks Chief Security Technologist Darren Anstee. “Companies need to clearly define their business risk when it comes to DDoS. With average attacks capable of congesting the Internet connectivity of many businesses, it is essential that the risks and costs of an attack are understood, and appropriate plans, services and solutions put in place. ”

http://www.slideshare.net/Arbor_Networks/atlas-q2-2015final

Read More

Microsoft's Commercial Cloud Revenues on $8B Annual Run Rate

Microsoft reported revenues for the quarter ended June 30, 2015 of $22.2 billion.  Gross margin, operating loss, and loss per share for the quarter were $14.7 billion, $(2.1) billion, and $(0.40) per share, respectively.

These results include the impact of a $7.5 billion non-cash impairment charge related to assets associated with the acquisition of the Nokia Devices and Services (NDS) business, in addition to a restructuring charge of $780 million, along with other charges.

Some highlights:

• Devices and Consumer revenue declined 13% (down 10% in constant currency) to $8.7 billion, with the following business highlights:
• Windows OEM revenue decreased 22% as revenue was impacted by PC market declines following the XP end-of-support refresh cycle
• Surface revenue grew 117% to $888 million, driven by Surface Pro 3 and launch of the Surface 3
• Total Xbox revenue grew 27% based on strong growth in consoles, Xbox Live transactions and first party games
• Search advertising revenue grew 21% with Bing U.S. market share at 20.3%, up 110 basis points over the prior year
• Office 365 Consumer subscribers increased to 15.2 million, with nearly 3 million subscribers added in the quarter.
• Officer Consumer revenue declined 42%
• Windows Phone revenue declined 68%

Commercial revenue increased slightly (up 4% in constant currency) to $13.5 billion, with the following business highlights:

• Commercial cloud revenue grew 88% (up 96% in constant currency) driven by Office 365, Azure and Dynamics CRM Online and is now on an annualized revenue run rate of over $8 billion
• Server products and services revenue grew 4% (up 9% in constant currency), with stable annuity performance offsetting declines in transactional revenue
• Dynamics revenue grew 6% (up 15% in constant currency), with the Dynamics CRM Online install base growing almost 2.5x
• Office Commercial products and services revenue declined 4% (up 1% in constant currency), with continued transition to Office 365 and lower transactional revenue due to declining business PCs following the XP end-of-support refresh cycle
• Windows volume licensing revenue declined 8% (down 4% in constant currency), driven primarily by transactional revenue declining following the XP end-of-support refresh cycle with annuity growth on a constant currency basis

“In our commercial business we continue to transform the product mix to annuity cloud solutions and now have 75,000 partners transacting in our cloud,” said Kevin Turner, chief operating officer at Microsoft. “We are also expanding the opportunity for more partners to sell Surface, and in the coming months will go from over 150 to more than 4,500 resellers globally.”

http://www.microsoft.com
http://www.microsoft.com/investor/EarningsAndFinancials/Earnings/PressReleaseAndWebcast/FY15/Q4/default.aspx

Read More

Verizon Reports Steady Trends with LTE and FiOS

Verizon Communications reported Q2 revenue of $32.2 billion, a 2.4 percent increase compared with second-quarter 2014, and EPS of $1.04, compared with $1.01 per share in second-quarter 2014. The company cited top-line revenue growth driven by wireless and FiOS, with emerging revenue streams from the Internet of Things (IoT) and telematics, and continued strong cash flow.

“Verizon has delivered another quarter of strong financial and operational results, based on consistent network reliability and superior value that continues to attract new customers,” said Chairman and CEO Lowell McAdam. “In the second quarter, we again balanced quality Verizon Wireless connections growth with low churn and profitability, and we announced and completed our acquisition of AOL. We’re now poised to offer customers exciting new over-the-top (OTT) mobile video services, and we look forward to a very positive second half of 2015.”

Wireless Highlights

• Total revenues were $22.6 billion in second-quarter 2015, up 5.3 percent year over year. Service revenues totaled $17.7 billion, down 2.2 percent year over year, while equipment revenues increased to $3.9 billion in second-quarter 2015 from $2.4 billion in second-quarter 2014 as more customers chose to buy new devices with installment pricing.
• In second-quarter 2015, wireless operating income margin was 34.0 percent, up from 32.5 percent in second-quarter 2014. Segment EBITDA margin on service revenues was 56.1 percent, compared with 50.3 percent in second-quarter 2014. Segment EBITDA margin on total revenues was 43.9 percent, compared with 42.3 percent in second-quarter 2014.
• Verizon Wireless had 1.1 million retail postpaid net additions in second-quarter 2015, nearly twice the net additions in first-quarter 2015. At the end of second-quarter 2015, the company had 109.5 million retail connections, a 4.7 percent year-over-year increase, and 103.7 million retail postpaid connections, a 5.2 percent year-over-year increase. These totals do not include wholesale or IoT connections.
• Verizon added 842,000 4G smartphones to its postpaid customer base in second-quarter 2015. Postpaid phone net adds totaled 321,000 as net smartphone adds of 588,000 were partially offset by a net decline of 266,000 basic phones. Tablet net adds totaled 852,000 in the quarter, and net prepaid devices declined by 126,000.
• 4G devices now constitute approximately 73 percent of the retail postpaid connections base, with the LTE network handling about 87 percent of total wireless data traffic in second-quarter 2015. Overall traffic on LTE has essentially doubled in the past year.
• About 7.2 percent of Verizon’s retail postpaid base upgraded to a new device in second-quarter 2015. In the past year, the number of 4G smartphones in Verizon’s customer base has increased by 17.8 million, to 61.6 million, an increase of about 40 percent. The company continues to see opportunities to upgrade its base of about 16 million basic phone and 9 million 3G smartphone customers to 4G devices.
• At 0.90 percent in second-quarter 2015, retail postpaid churn improved both sequentially and year over year. Low churn is an indicator of high customer loyalty, and this was Verizon’s lowest churn rate in three years.
• Verizon’s network densification plans are on schedule. These plans include deployment of small cells, DAS (distributed antenna system) nodes and in-building solutions.

Wireline Highlights

• In second-quarter 2015, consumer revenues were $4.0 billion, an increase of 4.5 percent compared with second-quarter 2014. Consumer revenues have now grown by at least 4 percent for 12 consecutive quarters, with FiOS revenues representing 79 percent of the total.
• Total FiOS revenues grew 10.0 percent, to $3.4 billion, comparing second-quarter 2015 with second-quarter 2014.
• Wireline operating income margin was 5.3 percent in second-quarter 2015, up from 2.6 percent in second-quarter 2014. Segment EBITDA margin (non-GAAP) was 23.5 percent in second-quarter 2015, compared with 23.4 percent in second-quarter 2014.
• In second-quarter 2015, Verizon added 72,000 net new FiOS Internet connections and 26,000 net new FiOS Video connections. Verizon had totals of 6.8 million FiOS Internet and 5.8 million FiOS Video connections at the end of the second quarter, representing year-over-year increases of 8.1 percent and 6.4 percent, respectively.
• FiOS Internet penetration (subscribers as a percentage of potential subscribers) was 41.4 percent at the end of second-quarter 2015, compared with 40.1 percent at the end of second-quarter 2014. In the same periods, FiOS Video penetration was 35.7 percent, compared with 35.3 percent.
• Verizon saw higher-than-anticipated demand for its new Custom TV packages, with more than one-third of FiOS Video gross customer additions opting for Custom TV and migration demand from existing customers. While Custom TV adoption has an initial negative impact on revenue growth, it is expected to improve profitability.
• By the end of second-quarter 2015, 64 percent of consumer FiOS Internet customers subscribed to FiOS Quantum, which provides speeds ranging from 50 to 500 megabits per second. The highest rate of growth is in the 75-megabit-per-second tier, to which 23 percent of FiOS customers subscribe.
• In second-quarter 2015, Verizon migrated 51,000 customers who had been using copper connections, toward a full-year goal of 200,000.
• Wireline results include operations being sold to Frontier Communications Corp. in the non-contiguous states of California, Florida and Texas. 

http://www.verizon.com/about/news/verizon-delivers-double-digit-adjusted-earnings-growth-strong-cash-flows-2q-2015

Read More

DOCOMO Expands 5G Collaboration Program

NTT DOCOMO is expanding its industry collaboration program for 5G.  The company announced individual collaborations with five additional vendors: Intel, Keysight Technologies, Panasonic Corporation, Qualcomm Technologies, and Rohde & Schwarz GmbH & Co.

DOCOMO and its vendor-partners expect to begin technical discussions and various indoor trials at the DOCOMO R&D Center in Yokosuka, Kanagawa Prefecture within the current fiscal year ending in March 2016. The trials will expand to outdoor settings thereafter. Key findings and achievements will be shared with global research bodies and at international conferences. Through the collaborations, DOCOMO expects to evaluate and verify its proprietary 5G technologies and thereby accelerate 5G standardization.

Since May 2014, DOCOMO has been working with a number of other vendors, including Alcatel-Lucent, Ericsson, Fujitsu, Huawei, Mitsubishi Electric, NEC, Nokia and Samsung.

DOCOMO said it aims to introduce 5G on a commercial basis in 2020. 5G is being developed for ultra-high-speed data transmissions of over 10Gbps and 1,000 times the capacity of LTE, which will help address the proliferation of connected items in the emerging Internet of Things (IoT), as well as to support the increasingly diverse range of mobile services.

"Global expectations for 5G are growing as we approach the start of the standardization phase," said Seizo Onoe, Executive Vice President and Chief Technology Officer at DOCOMO. "We are delighted to form these new collaborations on 5G experimental trials for wider technical areas to establish the 5G ecosystem with additional world-leading global vendors to promote R&D targeted at 5G deployment in 2020."

https://www.nttdocomo.co.jp/english/info/media_center/pr/2015/0722_00.html

Read More