Sparkle: Expanding Global Enterprise Services

Sparkle, a global service provider with an extensive fiber optic backbone, is rapidly expanding its reach across five domains: IP&Data, Cloud & Data Center, Enterprise, Mobile, Voice.

Enterprise connectivity services are now being transformed by digitalization and the cloud.

In this video, Antonella Sanguineti, Head of Product Management Secure Cloud & Networking Solutions, Sparkle, discusses how enterprises are changing the way they consume connectivity services.

https://youtu.be/g1zmEIpAmi8

Read More

Understanding enterprise networks' multi-cloud spending

Enterprise networks are continuing to ramp up spend on multi-cloud projects whether at the core or edge. But how to understand the return-on-investment (ROI)? 

Paul Parker-Johnson, Principal Analyst at ACG, discusses the latest trends at ONUG Spring 2022.

https://youtu.be/QLXFNOJvk0s

Read More

Juniper enhances its AI-driven enterprise portfolio

Juniper Networks announced enhancements to the Juniper Mist cloud and AI engine, which include EVPN-VXLAN campus fabric management and additional Marvis Actions for proactive problem remediation. The new features within the AI-driven enterprise portfolio that enable customers to scale and simplify the rollout of their campus wired and wireless networks while bringing greater insight and automation to network operators.

The latest additions to Juniper’s AI-driven enterprise include:

AI-driven campus fabric management via the Juniper Mist Cloud: By enabling EVPN-VXLAN campus fabric management via the Juniper Mist Wired Assurance cloud service, Juniper offers the ability to simplify wired, wireless and WAN via a common cloud and AIOps engine. Juniper EVPN-VXLAN fabric leverages the same Juniper platform used to manage wired access in the campus, Juniper Mist Wired Assurance and the Marvis Virtual Network Assistant (VNA), bringing IT administrators unparalleled automation, insight and troubleshooting. The Juniper Mist Cloud empowers administrators to choose a topology, define networks of interest, identify required physical connections and apply the correct underlying policies in a seamless fashion. In addition, the Juniper Mist solution enables customers to leverage a common operational schema across LAN, WLAN and WAN environments, a key part of the Juniper client-to-cloud differentiation.

New Marvis Actions that provide deeper insight for faster problem remediation: Marvis Actions takes insight derived from the Mist AI engine, such as the root cause of a problem, and delivers actionable recommendations for IT managers via a simple dashboard. Additional actions have been added to the Marvis VNA software subscription to detect and correct even more wired/wireless/WAN issues, such as persistently failing wired/wireless clients, bad cables, access point (AP) coverage holes, bad WAN links and insufficient RF capacity, among others.

“Juniper is committed to Experience-First Networking, where our enterprise solutions leverage proactive automation, assured user experiences, agile cloud services and connected security to deliver the best end-user and operator experiences from client-to-cloud,” said Jeff Aaron, Vice President of Enterprise Marketing at Juniper. “In the campus and branch, this means leveraging AIOps, driven by Mist AI and the cloud to maximize user productivity and efficiency while minimizing IT costs through simplified operations and prescriptive insights. Today, we are excited to accelerate in these areas – and further distance ourselves from the competition – with new enhancements to our Juniper Mist Wired Assurance, Wireless Assurance and Marvis Virtual Network Assistant (VNA) cloud services that make it even easier to deploy, operate and troubleshoot campus networks at scale.”

Read More

Red Hat and Nutanix enter strategic partnership

Red Hat and Nutanix announced a strategic partnership focused on building, scaling and managing cloud-native applications on-premises and in hybrid clouds. The collaboration brings together Red Hat OpenShift and Red Hat Enterprise Linux with Nutanix Cloud Platform, including Nutanix AOS and AHV.

Key elements of the partnership include:

• Red Hat OpenShift as the preferred choice for enterprise full stack Kubernetes on Nutanix Cloud Platform. Customers looking to run Red Hat Enterprise Linux and Red Hat OpenShift on hyperconverged infrastructure (HCI) will be able to use an industry-leading cloud platform from Nutanix, which includes both Nutanix AOS and AHV.
• Nutanix Cloud Platform is now a preferred choice for HCI for Red Hat Enterprise Linux and Red Hat OpenShift. This will enable customers to deploy virtualized and containerized workloads on a hyperconverged infrastructure, building on the combined benefits of Red Hat’s open hybrid cloud technologies and Nutanix’s hyperconverged offerings.

• Nutanix AHV is now a Red Hat certified hypervisor enabling full support for Red Hat Enterprise Linux and OpenShift on Nutanix Cloud Platform. 
• The certification of the Nutanix built-in hypervisor, AHV, for Red Hat Enterprise Linux and OpenShift offers enterprise customers a simplified full stack solution for their containerized and virtualized cloud-native applications. This certification delivers Red Hat customers additional choice in hypervisor deployments, especially as many organizations explore innovative, modern virtualization technologies.
• Joint engineering roadmap providing robust interoperability. Red Hat and Nutanix will focus on delivering continuous testing of Red Hat Enterprise Linux and Red Hat OpenShift with Nutanix AHV to provide robust interoperability. The companies will also collaborate to deliver more timely support by aligning product roadmaps.

https://www.nutanix.com/blog/red-hat-and-nutanix-partner-to-deliver-big-on-hybrid-cloud

Read More

Arista debuts 750 Series campus switches

Arista Networks announced its 750 Series systems within its Cognitive Campus portfolio, the first 100G ready. The introduction includes high-density 1G to 10G modular PoE (Power over Ethernet) switches, built for security, modern IoT and real-time telemetry and the 720 Series 96 port.

The Arista 750 Series and 720 Series 96 port switches are shipping in Q4 2020.

CCS 750 Series Highlights

• First modular campus systems with 100G uplinks for a total of 400G of capacity
• High-density 1G to 10G and 90W PoE
• 5-slot system supports up to 240 ports with 5 line cards in 7 rack units
• 8-slot model allows up to 384 ports with 8 line cards in 10 RU

CCS 720 Series 96 port Highlights

• Delivers higher capacity than fixed 1U systems
• 96 mGig ports with 60W PoE
• 25G and 100G uplinks for simpler deployments in modern campuses

Read More

Dell EMC PowerOne aims for autonomous infrastructure

Dell Technologies introduced "PowerOne: autonomous infrastructure that integrates its PowerEdge compute, PowerMax storage, PowerSwitch networking and VMware virtualization into a single system that features a built-in intelligence engine to automate thousands of manual steps over its lifecycle.

The automation engine takes advantage of a Kubernetes microservices architecture and uses Ansible workflows to assist users by automating the component configuration and provisioning, delivering a customer-managed datacenter-as-a-service.

Dell said a key innovation with its PowerOne infrastructure is a single system-level application programming interface (API) that gives users the control to create business objective-specific pools of resources. This API can be tied into existing tools, such as service portals, to deliver programmable versus manual IT operations. This is known as Infrastructure as Code - virtually eliminating the need to log in to individual component management systems. With PowerOne, organizations can create

“PowerOne autonomous infrastructure automates IT so customers can focus less on managing technology and more on benefiting from it,” said Jeff Boudreau, president, Dell Technologies Infrastructure Solutions Group. “As we look to the future, PowerOne offers a tremendous leap forward. It helps customers focus on unleashing the power of data, allowing IT teams to innovate and achieve business goals faster."

PowerOne components include:

• PowerOne Controller: This onboard appliance is the automation engine. It uses a Kubernetes microservices architecture and Ansible workflows to automate the configuration, provisioning and lifecycle management of the components.
• PowerEdge MX:  This modular server’s no-mid-plane design enables PowerEdge MX to support multiple generations of technology releases, such as microprocessors, new storage types and new connectivity innovation, well into the future. PowerOne automates this kinetic infrastructure, assigning resources as required to deliver a truly dynamic compute experience that scales according to need.
• PowerSwitch: Dell EMC switches power some of the largest web-scale environments in the world and offer users a choice of operating systems to best fit their requirements. PowerOne reduces complexity by abstracting and automating the switch hardware so that the virtual network is automatically provisioned for VMware workloads.
• PowerMax: dubbed the world’s fastest storage array. PowerOne automates storage provisioning and zoning and dynamically expands new cluster groups when it detects new resources.
• PowerProtect: To safeguard the data’s value, PowerOne also can benefit from the full PowerProtect data protection portfolio to address ever-changing growth and governance requirements. This offers cloud-enabled protection storage, integrated appliances and software-defined solutions.

Read More

Arista delivers CloudEOS for enterprises

Arista Networks introduced two offerings for consistent segmentation, telemetry, monitoring, provisioning and troubleshooting from campus to data center to cloud. The new Arista CloudEOS provides two main capabilities:

• CloudEOS Multi Cloud, a high-performance virtual machine that normalizes the network connectivity to and between public clouds simplifying the networking operating model for cloud and network operations while enabling declarative software-based provisioning through popular DevOps tools
• CloudEOS Cloud Native, an instance of EOS deployed as a Kubernetes Container Network Interface or stand-alone Kubernetes container to provide a fully supported, enterprise-class networking stack within Cloud Native environments

CloudEOS has native support for pay-as-you-go acquisition through Amazon Web Services, Google Cloud, and Microsoft Azure. This enables elastic cost models for network connectivity: automatically scaling capacity with changes in real-time application demand. It is completely provisioned in software through a declarative model supporting DevOps tools such as Terraform.

CloudEOS automatically encrypts all traffic traversing public links and automatically exchanges and rotates IPSEC keys to ensure encrypted transport at the highest security levels.

“Watching a client deploy hundreds of networks, across multiple cloud providers, in minutes without ever touching a network CLI is magical,” stated Douglas Gourlay, vice president and general manager of cloud networking software for Arista. “CloudEOS simplifies networking for any cloud environment, securely, declaratively, and elastically.”

https://www.arista.com/en/company/news/press-release/8760-pr-20191105

Read More

Menlo Security Extends its Cloud-based Isolation Platform

Menlo Security has extended its cloud-based isolation platform, which prevents web-based malware from infecting local by running the browser in a cloud-based container, to now also stop email threats including malicious links, credential theft and weaponized attachments. The new solution effectively prevents targeted email phishing attacks, which are a major cybersecurity concern for enterprises.

Menlo Security said its Phishing Isolation solution was developed in close collaboration with Fortune 500 customers, to specifically address prevention shortfalls in existing secure email gateway products. The solution can be integrated with existing email infrastructure including Exchange, Gmail and Office 365. By leveraging patented Adaptive Clientless Rendering (ACR) technologies, the new solution enables enterprise-wide deployment of isolation security without the need to deploy or manage endpoint software, dramatically reducing risks without impacting the user experience.

The Menlo solution is available either on-premises, as-a-service via the cloud, or as part of a managed security service.

JPMorgan Chase is named as lead customer for the Menlo Security Phishing Isolation Platform.

“Email persists as the top malware infection vector for enterprises, resulting in many forms of theft and fraud,” said Poornima DeBolle, co-founder and Chief Product Officer of Menlo Security. “Adding phishing Isolation capabilities to the MSIP creates the only phishing prevention solution that completely eliminates targeted spear-phishing attacks and drive-by exploits by isolating all email links and attachments. By stopping this top infection vector, Menlo enables CISOs to report definitive progress against malware attacks to their boards of directors, while also freeing up precious cyber security incident-response resources within their teams.”

http://www.menlosecurity.com

Read More

Nokia Offers Passive Optical Alternative to Ethernet

Nokia is launching a Passive Optical LAN (POL) solution that is positioned as an alternative to a copper-based Ethernet LANs for operators, enterprises, governments, healthcare and hospitality providers, and higher education institutions.

Nokia said its POL solution, which leverages existing GPON technology, is less costly and requires, on average, 50 percent less space to deploy and power to run than traditional Ethernet based LANs.

To better serve customers around the world, Nokia is collaborating on the launch with global system integrators, resellers and distributors including IBM and KDDI.

Nokia's POL solution includes:

• 7360 ISAM FX high-capacity fiber platform
• 7368 ISAM ONT fiber termination points
• 5571 POL command center (PCC) intuitive management system

Federico Guillen, president of Nokia's Fixed Networks business group, said: "New solutions for enterprise LAN are needed due to growing capacity needs, management complexity, network maintenance and high upgrade costs.  Passive optical LAN provides a viable, simple and cost-effective alternative, and will accommodate the evolving connectivity needs of organizations today and in the future."

http://www.nokia.com

Read More

IBM Signs Vodafone Netherlands for MobileFirst Portfolio

Vodafone Netherlands will offer IBM MobileFirst solutions to enterprise clients.

BM MobileFirst will extend Vodafone Ready Business, which includes communications solutions aimed at helping businesses become more flexible, innovative, collaborative and responsive to their customers and employees. The IBM and Vodafone collaboration will help further drive mobile adoption among enterprise organizations in the Netherlands.

“Vodafone has always been at the forefront of enterprise mobility. In collaborating with IBM, we are drawing on the enterprise expertise of both companies, combining Vodafone’s strengths in enterprise mobility management and 4G connectivity with IBM’s industry, mobile and integration knowledge,” said Alexander Saul, Director Enterprise Business Unit Vodafone Netherlands. “Together, we are empowering our enterprise clients with enhanced mobile capabilities that simplify business processes, increase employee productivity, enable deeper customer engagement and drive overall growth.”

https://www-03.ibm.com/press/us/en/pressrelease/48499.wss

Read More

Video: SDN Shifts Margins from Legacy Vendors to Channel

A market disruption caused by SDN is shifting margins from the legacy networking vendors to the channel, says Steve Garrison, VP of Marketing at Pica8.  By tearing apart the stack and letting customers pick the applications, OS, and bare metal hardware, you end up with a customized solution where the channel has a key role to play.

Many customers might not have that expertise to pull that together, but this is where the margin shifts from the legacy vendors to the channel.

See Video: https://youtu.be/lND0oW2oyAw

Read More

Huawei and Vodafone Alliance Targets Global Enterprise Market

Huawei and Vodafone announced a new strategic alliance focusing on the enterprise market in Europe, Asia Pacific and Africa.

The companies will work together on the development of a variety of enterprise communications and technology services for global enterprise customers, including solutions that use Huawei’s fixed and mobile connectivity bonding technology, in-building coverage solutions, Machine-to-Machine module designs, and solutions for Safe City, Internet of Things, and cloud data centers.

Vodafone Group Enterprise, Chief Executive, Nick Jeffery, said, “We have worked with Huawei across various parts of our business and this agreement to focus on the enterprise market is an important evolution. There is an opportunity for us both to bring our expertise to bear on some of the key challenges in the enterprise market.”

Mr. Yan Lida, President, Enterprise Business Group, Huawei, said, “Now, many enterprises realize that technology-led transformation is necessary for companies to stay competitive, and improve operational efficiency and performance. Huawei is pleased to extend our long-standing relationship with Vodafone to establish a new agreement. We aim to carry out joint innovations, integrate our ICT expertise and global resources, help customers cope with challenges and opportunities brought by the new industrial revolution, and push ICT transformation in the industry.”

http://www.huawei.com

Read More

Fluke Realigns Product Strategy for "Borderless Enterprise"

Fluke Networks is pursuing a new strategy to align its product portfolio around the needs of the "Borderless Enterprise." The goal is to put organizations back in control of the performance of their entire IT landscape -- regardless of whether services are running on premise or in the cloud.  Fluke will provide powerful, easy-to-use tools to accomplish this end.

As part of this strategy, Fluke is introducing TruView Live, a new SaaS offering that extends enterprise-grade, real-time network activity and performance monitoring to also cover cloud applications.

"IT departments have traditionally focused on technology, service delivery and stability, while line-of-business leaders are eager to adopt solutions that enable rapid competitive advantage and winning more customers. These different perspectives can sometimes create tension between IT and business leaders, but they can all agree poor user experience has a cost -- whether it's lost customer relationships, decreased revenues or reduced employee productivity," said Arif Kareem, President of Fluke Networks. "Traditional IT has reached an inflection point where balancing technology and business outcomes is critical. With the growing influence of business units in selecting and bringing cloud-based services into the enterprise, IT leaders have to not only act as business partners, but also ensure Quality of Service for all applications. By taking accountability for improving user experience, IT can demonstrate a critical business benefit."

Fluke Networks' suite of products for identifying performance and user experience issues across devices, applications, locations and cloud providers:

• Visual TruView -- a unified network and application performance monitoring appliance that helps IT quickly identify and solve issues across client, network, service and applications by incorporating five tools in one
• OptiView XG -- a rugged, portable tablet for network engineers that combines wired and wireless network analysis to troubleshoot issues and assess network quality for VoIP/Video/UC deployments
• OneTouch AT 10G Network Assistant -- an automated handheld tester for network technicians that troubleshoots 10-Gigabit data centers and validates connectivity, service availability and path performance
• AirMagnet -- A comprehensive suite of products that address wireless network design, analysis and security, including intrusion prevention, wireless health assessment and remote troubleshooting
• TruView Live (new) -- a SaaS offering that delivers enterprise-grade cloud application monitoring in real time to ensure service availability and performance

http://www.flukenetworks.com/

Read More

Juniper Debuts Accelerated 40GbE Switch with Xeon and FPGA for Programmability

Juniper Networks introduced an application acceleration switch and a new packet flow accelerator module designed to deliver lower latency for financial networks.

The new QFX5100-AA application acceleration switch and QFX-PFA packet flow accelerator module, which build on Juniper's QFX product family, leverage Maxeler Technologies’ customizable software logic to significantly accelerate business-critical applications in latency-sensitive computing environments.

The new QFX5100-AA switch combines the Intel Xeon processor E3-1125C v2 with Broadcom switching silicon, and the QFX-PFA module based on the Altera multi-100G field-programmable gate array (FPGA). It is configured with 24 ports of 40GbE with 2 expansion slots for 4x40, or one double wide slot for the FPGA-based module. Customers can use Java to program the module for compute-intensive applications. Integration with Junos Space Network Director ensures automated and simple data center management from a single point of control.

“The possibilities of compute-integrated networking are transformative across a broad variety of financial services, including equities and commodities exchanges, market data providers, high-frequency trading, and credit processing. We see great potential in other sectors for this technology, including energy, research, education and large enterprises. With the introduction of Juniper Networks QFX5100-AA and QFX-PFA, we are delivering new computing capabilities within the data center network to ensure that our customers can make the most informed split-second investment decisions,” stated Andrew Bach, chief architect for Financial Services Team, Juniper Networks.

“Juniper Networks’ new switch, powered by the Intel Xeon processor E3-1125C v2, provides the performance and added intelligence needed to improve the ease of application integration. This solution, which embeds applications directly into the switch and utilizes the power of distributed computing, allows customers to take advantage of greatly improved performance,” said Sandra Rivera, vice president & general manager, Network Platforms Group, Intel

http://www.juniper.net

Read More

NTT Com Launches Arcstar UCaaS Microsoft Type

NTT Communications is preparing to launch a unified-communication cloud service on April 13 called Arcstar UCaaS Microsoft Type.

Arcstar UCaaS Microsoft® Type leverages Microsoft Lync for unified communication on the NTT Com cloud platform and via Arcstar Universal One, NTT Com’s secure, high-quality, extra-reliable VPN. This will be the first deployment in Japan of Microsoft Lync (Skype for Business).

Going forward, NTT Com plans to offer Arcstar UCaaS Microsoft® Type in markets outside Japan, including North America, the EU and Asia-Pacific. The service will be further integrated with functions for remote conferencing, Arcstar Conferencing and unified communications.

http://www.ntt.com/aboutus_e/news/data/20150330.html

Read More

Avaya Unveils SDN Fabric for Connecting "Anything" to Virtual Network

Avaya introduced its Open SDN Fx architecture for enabling automation and programmability from the core to the edge of enterprise networks.

Avaya said the aim of its SDN Fx architecture is “connect anything, anywhere” simplicity by allowing devices and users at the network edge to be added easily to the network.  The goal is to leverage an automated core that takes advantage of a single, network-wide Ethernet fabric to remove the need for manual configuration at each network hop; thus, reducing the potential for error and accelerating time to service.

Avaya’s SDN implementation is targeting environments such as those found in hospitals, manufacturing floors and casinos, which are blanketed with devices that require a more secure, mobile connection to the network, and may also require that the rest of the network is better protected from potential threats that could be triggered by them.

The Avaya SDN Fx architecture includes the following new products and features for Avaya Fabric Networking Technology:

• Open Networking Adapter (ONA) - provides a plug-n-play network connection for any device with an Ethernet port including medical devices, manufacturing machines, and branch office switches. Targeted for non-IT personnel, this card deck-sized appliance automatically provisions a QoS-customized virtual path across the network that mitigates security risks, allowing simple, powerful management of thousands of devices.  
• Fabric Orchestrator – an SDN controller embedded in a unified management instance. This appliance manages and orchestrates the Ethernet fabric as well as provides SDN Control to north and south bound interfaces. SDN capabilities include OpenFlow, OpenDaylight and OpenStack.
• Fabric Extend – a new capability in Avaya Fabric Connect enables the extensibility of Fabric networking across any IP based network without loss of functionality. Investments in existing networking technologies are preserved while interconnecting strategic deployments of Fabric Connect across data centers, campuses and branches.

“CIOs are unnecessarily overburdened by archaic networks and frustrated by the disparity between the promised results of new technologies and the reality that most vendors deliver.  There’s a better way: Avaya Fabric Connect already relieves 75i percent of the top network issues identified by IT departments, and we’re building on that with SDN Fx. This is the foundation that accelerates deployment and improves performance of customer and team engagement solution and that the industry has been demanding. Avaya can deliver it today,” stated  Marc Randall, SVP and GM, Avaya Networking.

http://www.avaya.com

Read More

Deutsche Bank Awards 5-Year Contract to Vodafone

Deutsche Bank awarded a five and a half year agreement to Vodafone to serve as its global strategic telecommunications partner.

Under the contract, Vodafone will take over the delivery and support of fixed and mobile voice services across 28 countries.  Vodafone will also establish a number of centralised services for the Bank including ordering and billing.

Vodafone Global Enterprise Chief Executive, Jan Geldmacher, said: “This is a great opportunity for Deutsche Bank to bring all its communications needs under one umbrella.  Creating global standards and common practices will make the Bank more efficient and help to support its future plans.”

http://www.vodafone.com

Read More

Pluribus Races Ahead in SDN with $50 Million in New Funding

Pluribus Networks, a start-up based in Palo Alto, California, announced $50 million in a Series D round of funding to advance its vision for unified computer, network, storage and virtualization driven by a single, open and programmable SDN platform.

Pluribus features a distributed network hypervisor operating system that converges compute, network, storage and virtualization with an open, programmable approach. The platform brings full bare-metal control and visibility into the network through Unix-style APIs. The solution is based on a distributed network operating system with hypervisor bare-metal virtualization capabilities of computing resources - CPU, memory, and storage - and merchant silicon switch chip.

Pluribus said this latest round makes it the best-funded SDN company in the industry.

The new funding was led by Temasek Holdings, an investment company based in Singapore with a net portfolio value of US$177 billion. This up-round brought the Pluribus total funding to date to US$95M million. All of the existing investors, including New Enterprise Associates (NEA), Menlo Ventures, Mohr Davidow and AME Cloud Ventures, participated in the round. Furthermore, the company added new global strategic investors, including Ericsson, as well as Newtech, a leading turnkey datacenter infrastructure provider in Asia.

“Fundamentally, the sea has changed and CIOs are turning away from endless hardware upgrade cycles to a software and network-application-centric view,” said Kumar Srikantan, president and CEO of Pluribus Networks. “With our Netvisor, we have a superior, converged SDN platform that not only provides better scale and performance, but also enables virtualization and security while driving down cost and complexity. The funding we are announcing today validates our architecture approach and the breakaway growth potential of the company.”

http://www.pluribusnetworks.com

• Pluribus is headed by Kumar Srikantan (CEO), who was previously VP/GM of HW Engineering for the Enterprise Networking Business at Cisco where he was responsible for the HW engineering execution of Cisco’s Enterprise Networking portfolio.
• Pluribus was founded in 2010 and entered general availability in March 2014.

Read More

F5's State of Application Delivery Survey

Current application environments are huge and growing, with many organizations reporting 200-500 applications currently deployed, according to F5 Networks' newly released 2015 State of Application Delivery survey.  More than 300 F5 customers from a broad range of vertical markets were interviewed for the survey.

Some key takeaways:

• 20 percent of respondents said they have 201-500 applications currently deployed, and 28 percent have 1-200 applications deployed.
• Private cloud and mobile are top-ranked trends - private cloud was ranked highest at 59 percent, and mobile apps a close second with 56 percent.
• Application availability edges security in importance: When asked which services they couldn’t imagine deploying an application without, availability services was the top-ranking category with 40 percent of responses. Security services ranked nearly as high at 30 percent. Respondents reinforced the belief that if an application isn’t available, other services aren’t considered as important.
• API-enabled infrastructure needed to drive business agility: Programmability is a key component for DevOps, SDN, and cloud computing. F5 customers responding to the survey assigned importance to programmatic technologies and capabilities within the network infrastructure, indicating a substantial shift toward the adoption of customizable automation and orchestration of network services.
• SDN must reduce operating expenses: Customers continue to be interested in SDN as a means to operationalize their networks. According to the survey, two-thirds of respondents are considering SDN to reduce operating expenses. In order to progress from today’s early adopter stage to widespread implementation, SDN must address this requirement.

https://f5.com/about-us/news/the-state-of-application-delivery

Read More

Blueprint: Round-Two for Next Generation Firewalls

by Casey Quillin, Director at Dell'Oro Group

As the enterprise sector turns to the cloud to deliver applications to mobile users across widely dispersed networks, Cisco and Juniper must catch up with smaller competitors. But how much does time-to-market matter?

Risk is omnipresent in the enterprise sector. Business applications must be protected. Data must be protected. Users and their information must be protected. Business intelligence must be protected. Networks, servers, and infrastructures must be protected. While the fact of risk doesn’t change, the technologies that mitigate risk continue to evolve alongside the players and vendors bringing new solutions to market. Nowhere is this evolution more evident than in the realm of network firewalls.

The market opportunity today, and for the next several years, will be split between the slow and steady tortoises of vendors like Cisco and Juniper, and the sleek, speedy hares that include Check Point Software Technologies, Fortinet, and Palo Alto Networks. The enterprise-class firewall market is robust. Sales eclipsed $3 billion in 2013 and are projected to increase to the high single-digits over the next five years to almost $5 billion.

There are many layers of security. In this article, we are concerned with firewalls—hardware or software that ensures only approved users and data traffic can enter the business network from the “outside” (usually but not exclusively the public Internet) and mitigates inappropriate use of the internal LAN, including removal of information from the network. Over the past three years, firewalls have evolved from protecting networks at the perimeter to protecting the entire network from both external and internal threats.

The network has expanded from a system which allows users to share common resources, to an application delivery platform. Certainly, many applications continue to serve employees and customers from the data center; however, users may also be served from external service providers or cloud providers. End users may be co-located in the building on the LAN, or at home or in offices halfway around the world. Despite this dispersal, users demand the same experience and level of performance they would receive with local application access.

As application delivery platforms, networks continually face new and evolving security risks, as well as substantial changes in the way security policies are created and enforced.  These changes inspired application-aware security platforms (commonly referred to in the industry as “next generation firewalls”), which use deep-packet inspection to identify application traffic and enable both user- and application-layer policies.  Vendors of all sizes are jumping into the new application-aware next generation firewall space.

The next generation firewalls from Check Point, Fortinet, Palo Alto Networks, and others are a great fit for networks whose perimeters have been eroded due to the cloud, and users who now connect to the corporate network from different locations and with a variety of devices (BYOD). Offering nimble, early-to-market products—and without the risk of cannibalizing existing sales or disrupting publicly announced product roadmaps—these firms grabbed mindshare with their innovative technology and compelling use cases.

Like the hare in Aesop’s fable, these companies had a head start and have continued to innovate. Not unexpectedly, Cisco and Juniper, the slower tortoises, have responded in force. Indeed, they have largely closed the functionality gap. With its acquisition of Sourcefire in 4Q13, Cisco launched its new platform optimized for application delivery and enterprise edge-of-network (named ASA with FirePOWER Services).  Juniper has steadily added application-aware features to its SRX platform and is now fully competitive with the new-generation hares.

But, now, with product functionality fairly evenly matched across all enterprise firewall vendors, how will users choose which products to purchase? Previously, the hares with their first-to-market advantage had the most compelling sales propositions.

It would be premature to conclude that the game’s over. In fact, the race for the next-generation firewall is still in its early stages. As vendors market these products, a bifurcation has evolved between the data center and the network edge. Indeed, protecting the data center is a different matter from protecting the network edge. Each site requires the use of different technologies and for the next few years, we believe vendors will be able to excel at either the data center or the network edge—but unlikely at both.  One firewall cannot be optimized for both data center and network edge without sacrificing performance and simplicity of administration.  The intelligent user will optimize his network by deploying best-in-breed products—one class for the data center and another class for the network edge.

In the data center, the number of applications running and the number of users are limited and known. In addition, only a small number of device types are used and these are always connected with cable. Firewall products for the data center do not need to boast best-in-class support for mobile devices, nor do they need to be optimized to distinguish vast numbers of applications connecting via the Internet.  Data center networks are in the midst of a major transition to Software-Defined Networking (SDN) where the administrator will have a global view of the network across multiple platforms and be able to program the network to act upon real time intelligence such as denial of service and resetting traffic paths.

It is unlikely that a rational user would choose a data center firewall product that will have such a global command of the network from a young, small vendor.  The rational user will choose a vendor with years of experience and vast numbers of trained staff—a vendor with the ability to scale. In this scenario, companies such as Cisco and Juniper will have the advantage because they can integrate next-generation firewall functionalities into their broad product lines.

In contrast, the enterprise campus and network edge are tightly focused on ensuring secure access and use of mobile devices. In these deployment locations, firewalls must be able to distinguish an enormous variety of applications running on the Internet. Once an application is identified, a firewall must be able to implement policy user by user. Firewalls in these locations must also be able to provide secure access and context-based authentication to widely different types of mobile devices. In this realm, a vendor gains advantage based on its speed of innovation and the richness of its database of threats.

Let’s look deeper into vendors’ positions. As shown in Figure 1, since 2011 Cisco has maintained a 30% to 32% revenue share in the Enterprise Class Firewall market. Its next closest competitor, Palo Alto Networks, has grown to about 10%, while Fortinet, Huawei, and Juniper are tied in third place.

Cisco’s strength stems from sales to the data center, which have been a strategic focus and growth engine for the company. We estimate that sales to the data center of Cisco’s Ethernet switch and server businesses represent 20% of the company’s overall revenue. There are massive changes taking place in the data center with virtualization and SDN. Change brings opportunity to new entrants. Cisco’s challenge will be to rapidly innovate at the enterprise edge, while protecting its data center business.

Palo Alto Networks has built its reputation as best-in-breed based on its strength at rapid innovation at the enterprise network edge. In February 2014, the company launched its high-end platform, PA-7050, targeting large enterprise and carrier data centers. In order to grow its data center business, Palo Alto’s challenge will be to convince users it has the scale to fulfill the technical and service level demands of supporting data center class deployments.

Fortinet’s pioneering Unified Threat Management (UTM) product carved a powerful brand with its “single pane of glass” approach to managing network security. The company also spearheaded application-aware, enterprise-class firewalls targeting the network edge. Its FortiGate products with custom ASICs earned a reputation for high performance and ease of management at reasonable prices. Fortinet’s stronghold is at the enterprise network edge, a position the company is strengthening with its expansion into Wireless LAN access points.

Of notable mention is Fortinet’s doubling of market share over the past two years. Although the company offers high-end platforms targeting large enterprise and carrier data centers, we envision the same challenges that Palo Alto faces: securing user interest to test and deploy products and scaling to support the data center’s rapidly changing demands.

The foundation of both Huawei and Juniper’s strength is data center deployment, primarily from carrier purchases of the Eudemon8000E-X series and the SRX, respectively. We believe that Juniper’s sales were also bolstered by large enterprises, albeit to a lesser degree. Looking forward, we expect this trend to continue although both firms have deployed competitive, application-aware firewall products for the enterprise edge. Juniper’s challenge will be to shore up its share loss—and quickly—as time is not on its side. The longer it takes the company to get back on track, the greater the difficulty it will face. Huawei’s challenge will be to sell to large enterprises outside of China and to sustain rapid innovation at both the enterprise edge and the data center.

The bottom line is that customers need next-generation solutions that are more powerful than packet-oriented firewalls and unified threat management. These products must penetrate deep into applications without sacrificing performance. Firewalls must be capable of protecting today’s diversified networks—clouds, virtualization, mobile users, and BYOD. At present, the innovators in this area are the smaller players, whose offerings are more compelling to enterprises that understand the risks inherent in the evolving application delivery market. While small companies have the current advantage, the big players are ready to strike back.

Round two of the next-generation firewall race is about to begin. Things are going to get really, really interesting.

About the Author

Casey Quillin joined Dell’Oro Group in 2011. He is responsible for the Data Center Appliance and Storage Area Network market research programs. While at the firm, Mr. Quillin has significantly expanded Data Center Appliance research, including the build-out of Network Security Appliances. Mr. Quillin has over 20 years of experience as an executive manager and entrepreneur in the technology sector. Prior to joining Dell’Oro Group, he held positions with several startups, including Vice President of Engineering at Snapfish, the world’s largest online photo-sharing site, later acquired by HP. He was also CTO of Oasys Networks, an application service provider in the financial services market; Co-founder and CEO of Logic by Design, an interactive media agency; and Managing Partner of Cornice Networks, a network integration and IT consulting firm in San Francisco.

About Dell'Oro Group

As the trusted source for market information about the networking and telecommunications industries, Dell’Oro Group provides in-depth, objective research and analysis that enables component manufacturers, equipment vendors, and investment firms to make fact-based, strategic decisions. For more information, contact Dell’Oro Group at +1.650.622.9400 or visit www.DellOro.com

Read More