Wednesday, October 18, 2023

OCP launches Security Appraisal Framework and Enablement program

The Open Compute Project Foundation (OCP) has launched a new Security Appraisal Framework and Enablement (S.A.F.E.) program aimed at improving the trustworthiness of devices across all data center IT infrastructure. 

The OCP S.A.F.E. program is expected to reduce cost overhead and redundancy of device security audits with an OCP Community developed per device security checklist, and advance the security posture of device hardware and firmware components across the supply chain.

The OCP S.A.F.E. Program is designed to reduce cost overhead and redundancy of device security audits:

  1. provide security conformance assurance to device consumers 
  2. increase the number of devices whose firmware and associated updates are reviewed on a continuous basis, rather than only once when the device is 1st manufactured. 
  3. advance the security posture of device hardware and firmware components, through iterative refinement of review areas, testing scopes and reporting requirements.

"The OCP S.A.F.E. Program is designed to be a catalyst for upleveling the effort on security across the OCP Community and the industry. The OCP S.A.F.E. program is an OCP Community led effort to bring standardizations to device firmware security validation to help data center operators maintain a consistent security posture with reduced costs through removing duplication of efforts which can be replicated by other market segments. Security is the underlying foundation which makes OCP core tenets of efficiency, openness, scale, impact and sustainability possible," said Steve Helvie, VP Emerging Markets at the Open Compute Project Foundation.

"Creating a standardized approach for provenance, code quality and software supply chain for firmware releases and firmware patches that run on data center IT devices benefits the broader community; from democratizing the review process to streamlining efforts. Google is pleased to be a founding member of the OCP S.A.F.E. program and together, with the community, we will accomplish our mutual goal of increased security assurance for the industry," said Phil Venables, CISO, Google Cloud.

Independent third-party audits present significant challenges. These results are often available only to a certain set of customers, limiting their market impact. Also, these reviews are often commissioned by device consumers at the time of purchase, with device reviews are only performed once and subsequent security issues introduced by firmware upgrades and patches go undetected. The OCP driving a standardized approach, across all data center operators, will effectively and efficiently address these issues.

"We have partnered with OCP to create SAFE, a framework that promotes systematic security evaluations across the hardware ecosystem. This initiative provides enhanced levels of quality and security assurance to all hardware consumers," said Mark Russinovich, Azure CTO.

OCP targets standard for GPU management

At OCP Summit in San Jose, Microsoft announced a collaborative effort with AMD, Google, Meta, and NVIDIA to create OCP standard requirements for GPU management. 

Standardizing allows suppliers to seamlessly collaborate with hyperscalers and enables them to host various suppliers in their datacenters within an accelerated timeframe. This new OCP initiative focuses on two models of accelerators and GPU cards: Universal Base Board and Discrete. Initial specifications have been driven via different OCP workgroups focused on GPU firmware update requirements, interfaces, and Reliability, Availability and Serviceability (RAS) requirements for hardware.

Orange activates AMITIE transatlantic subsea cable

Orange announced "Ready for Service" (RFS) status on the new "AMITIE" transatlantic submarine telecommunications cable.

With a total length of 6,800 km and 16 fiber pairs, and a maximum capacity of 400 Tbps, AMITIE connects Lynn near Boston (USA), Le Porge near Bordeaux (France) and Bude (England). In France, Orange oversees the French part of the cable, and is in charge of operating and maintaining the system's landing station. It provides all AMITIE cable partners with the terrestrial infrastructure required for its smooth operation, from the limit of French territorial waters to the new Equinix datacenter based in Bordeaux.

Additional partners on the AMITIE cable include Aqua Comms, Meta, Microsoft, and Vodafone. The cable was built by Alcatel Submarine Networks.

In January 2021, Orange announced ready-for-service status on the new Dunant cable system, which is a joint project with Google, and boasts 12 fibre pairs with over 30 Tbps of capacity each.

Juniper intros Connected Security Distributed Services Architecture

Juniper Networks has introduced a new architecture called Connected Security Distributed Services Architecture, which integrates unified security management with routing and AI-Predictive Threat Prevention. This architecture decouples the forwarding and security services layers, allowing customers to use their existing Juniper MX series routers as an intelligent forwarding engine and load balancer.

The new Juniper Networks SRX firewalls (SRX1600, SRX2300, SRX4300, SRX4700) are 1RU in size, scale up to 1.4 Tbps, and include built-in Zero Trust capabilities, delivering the industry's highest firewall throughput performance per rack unit.

The new firewalls feature wire-speed MACsec, natively embedded TPM 2.0 chips, and cryptographically signed device IDs that allow security administrators and network operators to easily verify the trust posture of devices remotely and mitigate the risks of supply chain attacks.

“As new distributed data center architectures create more blind spots and operational complexity, it is vital to have advanced security capabilities that can adapt with the transformation. Leveraging our expertise in both security and data center operations, Juniper is thrilled to deliver our Connected Security Distributed Services Architecture, AI-Predictive Threat Prevention and new high-performance firewalls to enable our customers to enhance their security posture across their evolving data centers.”

Poland’s Hawe Telekom selects Infinera ICE6 800G

Hawe Telekom, a wholesale operator in Poland, selected Infinera’s ICE6 800G coherent solution to deliver high-capacity services to network operators in Poland as well as interconnections to neighboring countries on its Frankfurt-Warsaw-Vilnius route. 

The selection follows a live network trial from Frankfurt to Warsaw conducted with Infinera’s partner, FCA S.A.  The trial delivered 600G and 800G transmissions on Hawe Telekom’s national and international routes over its existing optical line system.  Infinera said its ICE6 800G solution will enable Hawe Telekom to deliver the highest capacity services at the lowest cost per bit and power per bit to its customers enabling them to cost-effectively keep up with relentless bandwidth demand.

The results achieved on our network have confirmed that we meet the highest operator standards and can provide services at the highest speeds. We are always looking for cutting-edge solutions, and our investments are always carefully planned, which is why we have opted for Infinera’s ICE6 800G system, which allows us to use telecommunications services at the highest level of performance. One such service is ‘Super Highspeed Delivery’ which is unique in the market and enables Hawe Telekom to turn-up long-distance services within 48 hours of the order,” said Dominik Drozdowski, Vice President of the Management Board of Hawe Telekom S.A.

Fujikura's AFL to build fiber manufacturing factory in Poland

AFL, a subsidiary of Fujikura Ltd. and global leader in optical fiber network infrastructure, unveiled plans to construct a state-of-the-art, sustainable manufacturing facility in Poland to meet rapidly growing bandwidth needs across the region. The new facility is expected to open mid-2024 and will enable AFL to meet customer delivery expectations and more efficiently serve regional customers.

The Poland facility will become AFL's fourth European production center, joining existing optical cable factories in the UK and Germany and assembly/hardware manufacturing in the UK. The expansion reflects AFL's priority to locate sustainable manufacturing and logistics close to major hubs and enable faster customer deliveries.

"With data usage skyrocketing, fiber networks across EMEA are expanding rapidly," said Steve Polidan, Vice President of Connectivity at AFL. "A new factory in Poland will position us closer than ever to our customers, allowing us to deliver the optical solutions they need quickly."

"Enhancing the customer experience is a key driver for this expansion. By locating production closer to our customers, we can improve delivery speeds and responsiveness. This will allow us to better serve their business needs as demand rapidly scales across the region," Polidan continued. "Sustainability is also central to our expansion strategy. The plant will help AFL reduce its environmental impact through energy efficiency, waste reduction, conservation, and other initiatives."

Tejas supplies optical network for FibreConnect in Italy

FibreConnect, a wholesale telecom infrastructure developer in Italy, has  launched its broadband services using equipment from Tejas Networks, including DWDM/PTN/OTN for Core to xPON and Ethernet for Access.   

As a part of this contract, Tejas Networks has deployed its full-range of products including its versatile TJ1400UCB, integrating GPON/XGS-PON, Fixed LTE and PTN technologies for Access and Aggregation, multi-terabit TJ1600 OTN/DWDM systems for Metro and Backbone, and feature-rich TJ2100 series of ONTs for business and industrial premises. The complete network is being managed using TejNMS, the company's universal, multi-technology network management system coupled with an advanced service orchestration solution to deliver an agile, resilient and future-proof network for FibreConnect.

Renzo Ravaglia, Executive Chairman and CEO of FibreConnect said, "FibreConnect is thrilled to partner with Tejas Networks on this transformative network rollout that seeks to bridge the digital divide for small & m├ędium businesses in Italy and extend the benefits of high-speed connectivity to unserved businesses and industries across the country through its ISP partners. Tejas Networks' innovative solutions such as their business-grade Type-C protection switching on ONTs, 2.5G GPON ONTs, converged "swiss-knife" architecture for multiservice access, and novel interplay of PTN and OTN technologies in the backbone  are enabling us to deliver the highest level of service to our customers in a cost-effective manner. In spite of challenging macro-economic headwinds, Tejas Networks fully met our expectations of timely deliveries, high quality, and prompt customer support to successfully get this network up and running as per committed deadlines."

Mr. Anand Athreya, Chief Executive Officer and Managing Director of Tejas Networks said, "We are delighted that FibreConnect chose to build the complete network in Italy using our carrier-class optical and broadband access products. Besides signaling our emergence as a leading end-to-end supplier of world-class telecom equipment, this win also demonstrates  a  growing confidence among global telcos in our ability to design and execute complex, large-scale networks, all the way from access to core." 

LITEON presents its Liquid Cooling at OCP Global Summit

LITEON Technology introduced new liquid cooling solutions under its new brand, COOLITE. 

The lineup includes intelligent Power Distribution Units (PDUs) equipped with real-time monitoring and control features, enabling data center operators to optimize power usage and ensure reliability. The ultra-efficient Uninterruptible Power Supplies (UPS) provide a resilient power backup system, while the intelligent power management software offers insights into energy consumption patterns for proactive decision-making.

Nile adds Zero-Trust Guest Internet Access

Nile introduced a guest internet access function to its Network-as-a-Service solution. 

Nile Guest Service automatically applies cloud-native, zero-trust principles, isolating visitor traffic from internal network resources by tunneling it to a local point of presence (PoP) and forwarding it directly to the internet.

This service is an extension of the zero-trust networking principles of Nile Access Service and is offered as an optional add-on.

“Today’s IT departments are focused on moving their business forward and do not want to expose their corporate resources while providing guest access. They also don’t want to spend all of their time protecting their infrastructure from every smartphone or tablet that seeks to connect,” said Suresh Katukam, Nile’s Chief Product Officer and co-founder. “Nile Guest Service automatically applies cloud native, zero trust principles to guest access and takes one more worry off of IT’s plate without taking a big bite of their budget.”