MAKING A CONNECTION
How the aviation sector utilises network technologies to keep fleets flying
Intelligent storage systems can help extract value from data
THE SPAM PROBLEM
Tackling the never-ending problem of unwanted emails AUGUST 2012 VOLUME 18 ISSUE 8
Don’t underesƟmate your aƩacker. They only need to be lucky once.
Secure your business with help AG. help AG is an information security service and solutions provider. Known for its unmatched technical expertise and support services, help AG understands the correlation between technical and strategic information security and brings you the best solutions available on this planet.
Editors Letter: The aviation sector is primed for cloud computing and uptake of other new technologies to help it maintain complex global networks.
12 Making a Connection
IT infrastructure plays a crucial role in keeping air transport networks on time and on track, but managing global operations that reach to remote destinations and ensuring adequate bandwidth and business continuity is a major task for the IT professionals in the Aviation sector. NME looks at how they keep connected, and how they are using new technologies.
Network News: Rounding up the latest news from the global and local IT infrastructure sector.
18 Aviation comment: The aviation sector has some particular concerns when it comes to securing both its commerical networks and its air operations networks, says Booz & Company
36 Smooth Operations: Top tips on how to manage the essentials of IT infrastructure monitoring for maximum impact, by Steve Turner of Intergence.
39 Transmit Beamforming: Arnaud Le Hung of Ruckus Wireless tackles the potential benefits and pitfalls to this new advance in RF technology.
42 Embracing Trends: Dave Tanis 21 Storage Strategies
30 The Spam Problem
Businesses need intelligent storage solutions to help them unlock the value of their data, but some storage options can be too costly and too complex.
Spam email is more than just a nuisance and a drain on resources, it is an ongoing security threat too. But how can businesses best solve the Spam problem?
of CommScope discusses evolving Enterprise LAN technologies and the rise of Intelligent Infrastructure Solutions.
45 Network Security News: All of the latest security news this month.
48 Last Word: Ahead of the Game.
Registered at Dubai Media City
August 2012 Vol.18 No.8
PO Box 500024, Dubai, UAE Tel: +971 4 444 3000 Fax: +971 4 444 3030 Web: www.itp.com Offices in Dubai and London ITP TECHNOLOGY PUBLISHING CEO Walid Akawi Managing Director Neil Davies Managing Director Karam Awad Deputy Managing Director Matthew Southwell General Manager Peter Conmy
he aviation industry is booming in the Middle East, with airlines such as Emirates, adding 90 new A380 aircraft to their fleet in 2010, of which 21 had been delivered by May this year. This massive expansion in both fleets and routes has led to a huge demand on the existing network infrastructure. Add to this the civil unrest that has plagued the Middle East region recently and the unreliable bandwidth in underdeveloped regions and you will find that the airlines are faced with an almost insurmountable problem in delivering their IT services across their entire networks. Companies such as SITA, the aviation network specialists and Cisco are working to develop cloud applications that can prevent network slowdowns and irregular operations, because in the airline industry, just one small breakdown on the network can affect not just one flight or airline, but airlines and passengers across the globe. The first step to embracing cloud is to make sure that you don’t do it alone – you have to involve procurement, legal, business users and an executive sponsor ideally because the way cloud solutions are procured is
extremely different from the way traditional IT services are usually procured and implemented. Some of the airlines have already started adopting cloud solutions, close to 20% based on some market estimates. However, there is still a big gap in terms of expertise in the market, not just in the Middle East, but in North America and Europe as well. Cloud is a relatively new technology and there are still few experts in the field. A number of regional airlines have begun virtualisation projects where they are trying to consolidate some of their existing IT infrastructure. By virtualising they can reduce the number of servers, decrease costs, and simplify management. They discovered that there are tangible benefits in a short period of time – virtualisation is a building block for deploying cloud technology. The next hurdle is actually to move onto the application level, you cannot virtualise applications if their architecture does not allow it. Cut-backs in IT spending are also affecting the airline industry and are driving the adoption of technology as they look to develop their operational efficiency through
EDITORIAL Editor Georgina Enzer Tel: +971 4 444 3316 email: firstname.lastname@example.org Senior Group Editor Mark Sutton
the usage of IT. An example of this operational efficiency is the utilisation of video solutions to give staff remote access to planes for troubleshooting and diagnostics if there is a problem. If a plane from an airline’s fleet has travelled to a remote location and doesn’t have an engineer on hand, for example, a hi-definition video solution could be utilised to expose the problem to an expert back at the main base, or in a partner organisation. So if the door won’t close on the plane, an airline could use a hi-definition camera show the expert in another location and he can make a call on what’s wrong – and you can utilise your workforce at a broader level. By enhancing operational efficiency, it is giving the airlines fast wins from their own employee base. If you are cutting back operationally and are not able to manage your customers when the markets do turn around, and you have not treated that customer well during the tough times, they are not going to be there in the good times. GEORGINA ENZER Editor email@example.com
Do you receive Network Middle East every month? To subscribe, please visit www.itp.com/subscriptions
ADVERTISING Sales Director George Hojeige Tel: +971 4 444 3193 email: firstname.lastname@example.org Advertising Manager Ankit Shukla Tel: +971 4 444 3482 email: email@example.com STUDIO Senior Designer Michel Al Asmar PHOTOGRAPHY Head of Photography Jovana Obradovic Senior Photographers Efraim Evidor, Isidora Bojovic, Staff Photographers Lester Ali, George Dipin, Murrindie Frew, Shruti Jagdesh, Mosh Lafuente, Ruel Pableo, Rajesh Raghav PRODUCTION & DISTRIBUTION Group Production & Distribution Director Kyle Smith Deputy Production Manager Basel Al Kassem Managing Picture Editor Patrick Littlejohn Distribution Executive Nada Al Alami CIRCULATION Head of Circulation and Database Gaurav Gulati MARKETING Head of Marketing Daniel Fewtrell Events Manager, ITP Business Michelle Meyrick Deputy Marketing Manager Shadia Basravi ITP DIGITAL Digital Publishing Director Ahmad Bashour Tel: +971 4 444 3549 email: firstname.lastname@example.org Group Sales Manager ITP.net Vedrana Jovanovic Tel: +971 4 444 3569 email: email@example.com Internet Development Manager Mohammed Affan Web Advertising Manager Meghna Jalnawalla ITP GROUP Chairman Andrew Neil Managing Director Robert Serafin Finance Director Toby Jay Board of Directors Mike Bayman, Neil Davies, Rob Corder, Robert Serafin, Toby Jay, Walid Akawi Customer Service Tel:+971 4 444 3559 Printed by Khaleej Times Controlled Distribution by Blue Truck Subscribe online at www.itp.com/subscriptions The publishers regret that they cannot accept liability for error or omissions contained in this publication, however caused. The opinions and views contained in this publication are not necessarily those of the publishers. Readers are advised to seek specialist advice before acting on information contained in this publication which is provided for general use and may not be appropriate for the reader's particular circumstances. The ownership of trademarks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system or transmitted in any form without the permission of the publishers in writing. An exemption is hereby granted for extracts used for the purpose of fair review.
Published by and © 2012 ITP Technology Publishing, a division of the ITP Publishing Group Ltd. Registered in the B.V.I. under Company Number 1402846.
It starts at www.dlinkmea.com
Wi-Fi Hotspot Mode Repeater Mode Router / Access Point Mode
t t t t t
.VMUJQMF.PEFTGPS"MM:PVS/FFET 3PVUFS"DDFTT 1PJOU.PEF 3FQFBUFS.PEF 8J'J)PUTQPU.PEF
&BTZUP4FU6QBOE6TF $POWFOJFOUMZ"DDFTTBOE4IBSF'JMFT $PNQBDUBOE1PSUBCMF%FTJHO 64#4PDLFU$BO$IBSHF4NBSU1IPOFT
+971 4 880 9022
Sourcefire is a Leader in Gartner Magic Quadrant for IPS
August 2012 Vol.18 No.8
C4AS rolls out new data centre Infrastructure IT and security services provider C4 Advanced Solutions (C4AS) has selected Schneider Electric solutions for its new data centre. The data centre, located in Khalifa City in Abu Dhabi, was designed by C4AS’s chief data centre designer in unison with Schneider Electric. The data centre infrastructure management (DCIM) solution includes sixteen Schneider Electric Racks/Enclosures, two In-Row RP Cooling units, two InRow RD Cooling units, and two UPS Capacity 160KW (N+1) units. The data centre also includes
Schneider Electric InfraStruxure management software for monitoring the data centre environment, Netbotz IP cameras, Smart PDUs and Hot Aisle Containment solution for managing cooling. The facility uses the Data Centre Capital Usage Effectiveness (DCUE) model, which aims to measure the work efficiency of the data centre, with regard to infrastructure efficiency, IT equipment efficiency, and how effectively the capital asset is being utilized. By measuring DCUE, the data centre manager is able to view
and monitor how many millions of actions are performed per watt of energy consumption, for a more accurate measurement of data centre efficiency. The InfraStruxure Management Software also gives C4AS a holistic view of the data centre’s physical infrastructure metrics including traditional monitoring and control of power, cooling, security and environment. The purview extended to functions such as predictive simulation and stranded capacity, equipment age and health, current and historic PUE, energy use and costs.
Companies not controlling bandwidth abuse Connectivity Middle East organisations should pay more attention to regulating non-work use of bandwidth, according to systems integrator help AG. Nicolai Solling, director of Technology Services at help AG, said that although technologies are available to monitor and control bandwidth use, companies have not put enough effort into policies to regulate bandwidth use, resulting in wastage of resources. A recent report by help AG partner Palo Alto networks found that streaming video accounted for 13% of all bandwidth, while
P2P file sharing took up 14%. Both usages are commonly abused, and had increased drastically, (streaming by 300% and P2P by 700%) in the past six months. The report, which assessed raw application data of over 2,000 organisations from November 2011 to May 2012, also showed that while social networking only takes up 1% of available bandwidth, it is growing as more services like Pinterest and Tumblr gain in popularity, it is also pervasive, with an average of 29 different social networking applications found in each organisation, and 97% of respondent organisations had
at least one social networking application present. “Because organizations do not have the right infrastructure and policies in place to control how their employees use the corporate internet, they have exposed themselves not only to the loss of productivity but also to a myriad of online threats,” said Solling. “At a time when we do in fact have the technologies available to grant a very high level of visibility and control over the usage behaviour, organizations cannot choose to simply turn a blind eye. The business impact of such unregulated usage is far too severe to be left unaddressed.”
Recently Gartner issued its latest “Magic Quadrant for Intrusion Prevention Systems”. The leading industry analyst firm has placed Sourcefire in the Leaders Quadrant. 1
Gartner “Magic Quadrant for Intrusion Prevention Systems” by Greg Young and John Pescatore. 5 July 2012 (ID Number: G00222572) To schedule a demo meeting please call us at +971 4 375 7612 or send us an email at firstname.lastname@example.org
ARE WEB APPS
SABOTAGING YOUR NETWORK?
Keep Dangerous Apps Off-Limits Internet and social media applications are full of vulnerabilities and attacks. Your business needs protection. Isnโt it time to ensure that your corporate environment is safe by managing application use on your network?
Take Back Control t*ODSFBTFQSPEVDUJWJUZ QSPรถUBCJMJUZ BOETFDVSJUZ t$POUSPMXIPIBTBDDFTT t%FรถOFQPMJDZVTFCZQVSQPTF EFQBSUNFOU PS JOEJWJEVBM
t&BTJMZEFQMPZ"QQMJDBUJPO$POUSPMPO8BUDI(VBSET award-winning XTM appliances t&OBCMFQPMJDZCBTFENPOJUPSJOH t5SBDLBOECMPDLPWFS1 VOJRVF 8FCCVTJOFTTBQQMJDBUJPOT
Find Out More Today! Visit www.yourdomain.com
Applicati o is only av n Control ailable o n the WatchGu ard Upgrade XTM Series. your curr ent solution today! *
Contact us at x.xxx.xxx.xxxx Authorized Value Added Distributor
Banning social media is no longer an IT strategy. You must secure your business. *
Through the WatchGuard Trade Up Program any comparable hardware - WatchGuard or otherwise - can be traded in for a discount off the latest WatchGuard solutions. Call us today to see if you are eligible.
Partner Logo Here
August 2012 Vol.18 No.8
Hardware Tokens are Hard to Roll Out DIGIPASS SoftToken
Huawei will manage du’s mobile, fixed and broadcasting networks.
Du inks agreement with Huawei Business Du has announced a new five year network managed services agreement with Huawei. The company will manage du’s network operations including mobile, fixed and broadcasting networks. This partnership is designed to allow du to increase its operational and network efficiency through the utilisation of Huawei’s managed services. Du will be able to increasingly focus on its core result areas and streamline its regional operations. “Huawei is one of the leading managed services providers worldwide, and we will use this vast global expertise to provide
du and their customers with an exceptional service experience,” said Xia Chaojie, Middle East Region vice president of Delivery & Service, Huawei. “This multiyear landmark agreement will allow Huawei to assist du with the complex task of managing a converged end-to-end network. It also gives us an opportunity to extend our managed services portfolio to include new and previously untapped solutions.” According to du, customers will now be able to benefit from the combined strength of du’s converged fixed and mobile network, while at a corporate level du will have access to a wide pool of ex-
perts and industry-leading tools, allowing it to further optimise its network potential. “We have worked with Huawei on several key projects in the past, and today marks the evolution of our relationship as we take our partnership to a new high. Our primary focus in all of our actions is to provide the ultimate customer services experience. To achieve this, we seek ways in which we can develop our network and the services that we can offer to our customers, which is precisely what our new agreement with Huawei will achieve,” said Fahad Al Hassawi, chief Human Resources and Shared Services officer, du.
VMware launches Zimbra 8.0 Technology VMware has announced its Zimbra Collaboration Server 8.0, which is designed to offer organisations interested in cloud-based email a clear path for moving messaging and collaboration to the cloud. The new software is designed to be easily deployed in private or public clouds. VMware is making Zimbra 8.0 Beta available for download to organisations worldwide. The newest version of Zimbra is designed to allow all sizes of organisation, the option to deploy a browser-based email solution in a private or public
cloud, while delivering advanced features and enterprise functionality. The software is available as a virtual software appliance that can be deployed in ten minutes and requires minimal ongoing management. “We’re witnessing a fundamental shift in the way people work, and in turn a new set of demands that are put on IT infrastructure and applications like email and integration communications,” said Sam Tayan, regional director, VMware MENA . “Zimbra 8 is designed to make end users more efficient by connecting them with their data
- Two-Factor Authentication Solution - Time based one time password (OTP) - E-signature functionality - Secure connection for roaming users - No Download Server Required - automated provisioning service Static passwords are the weakest link in network security.
while providing IT departments a simple way to manage the transition to a public or private cloud and help deliver the benefits promised by the post-PC era.” Zimbra 8.0 is designed to connect users to their personal cloud with a redesigned interface and a smarter mailbox to help manage the flow of information through their email, calendar, voice and social channels. VMware has partnered with Cisco and Mitel to offer unified communications capabilities embedded within Zimbra 8.0, which are designed to allow users to connect voice and message systems in one inbox.
When to use... » To secure remote access to or SSL/VPN
» To secure intranets, extranets and in-house web applications
To schedule a demo meeting please call us at +971 4 375 7612 or email us at email@example.com
Red Hat launches updated JBoss Enterprise
August 2012 Vol.18 No.8
Peter Reichle, owner and executive board member of R&M inaugurated the new patch cord facility.
R&M open patch cord assembly facility Business Swiss structured cabling specialists Reichle & De-Massari has opened a new patch cord assembly facility in the company’s regional hub at the Dubai Airport Freezone. The new facility is designed to significantly boost the speed of its cabling solutions delivery capabilities in the Middle East and Africa. The assembly plant will also supply patch cords to countries in the Asia Pacific region. The new assembly line,
the first of its kind in the region, was inaugurated by Peter Reichle, owner and executive board member of R&M, the company’s COO, Markus Stieger and Jean-Pierre Labry, R&M’s executive vice president for Middle East & Africa. “Our customers would previously receive patch cords from our headquarters in Switzerland, but as the region now boasts of its own assembly facility, our Middle East and Africa customers as well as those in Asia Pacific can
be assured of much faster delivery,” said Reichle. By setting up the assembly facility, the company aims to be recognised as the region’s leading data centre solutions provider by 2013. Patch cords are vital for office cabling and are most widely used for connecting endpoint devices such as laptops, telephones and desktop computers to wall outlets, or in the interconnection of network equipment such as port switches and servers. These cords re-
quire a high degree of flexibility and customisation of their lengths and types to meet various infrastructure requirements. Due to factors such as cooling, air circulation and power consumption, patch cords have an impact on the overall efficiency of the data centre. R&M is now strongly position to deliver a high degree of customisation including cable colour, casing material and serial number printing in very short turn-around times.
SecureLink partners with Qualys Technology Security services provider SecureLink has partnered with cloud security and compliance solutions provider Qualys, to provide the QualysGuard Cloud Suite of IT security and compliance solutions in the Middle East region. “We are extremely pleased to be working with Qualys to provide our customers in the Middle East region with leading vulnerability management services to help them protect against
the latest cyber-threats,” said Kuber Saraswat, director - Strategic Security Consulting at SecureLink. “In addition to security intelligence reported to our customers through our GRC and SIEM services, we will now have up-todate vulnerability data to provide situational awareness and to validate the success of our clients’ data protection capabilities using a holistic, actionable business-risk approach.” The QualysGuard suite of security and compliance
solutions, which include vulnerability management, policy compliance, PCI compliance, web application scanning, malware detection and a secure seal programme for security testing of web sites, provides organisations of all sizes with a global view of their security and compliance postures, while reducing their total cost of ownership. SecureLink will provide Qualys’ cloud solutions integrated with their GRC and SIEM services
to help customers secure their IT environments and maintain compliance. “We are pleased to partner with SecureLink to deliver best-of-breed security and compliance services to customers in the Middle East,” said Philippe Courtot, chairman and CEO of Qualys. “Our QualysGuard cloud solutions integrated with SecureLink services provide organisations with an up-to-date view of security and compliance postures for their IT assets.”
Open source solutions provider Red Hat has announced the general availability of JBoss Enterprise Application Platform 6, which features a new cloud-ready architecture, new and improved management capabilities and upgraded and enhanced usability. JBoss Enterprise Application Platform 6 is designed to provide developers and enterprises with a high-performance, low-footprint, easyto-manage solution to help enterprises build applications and ease into the cloud.
Ruckus Wireless complete WBA phase 1 trials Infrastructure Ruckus Wireless’ Smart Wi-Fi products have been selected as part of the Wi-Fi Alliance’s Wi-Fi CERTIFIED Passpoint test bed and have completed Phase 1 interoperability trials within the Wireless Broadband Alliance Next Generation Hotspot programme. Ruckus is one of the first Wi-Fi suppliers to receive Passpoint certification from the Wi-Fi Alliance for its products.Historically in the region, to connect to a hotspot, users have had to manually select from a number of Wi-Fi networks and log in with their user credentials. Passpoint-certified devices automatically select a hotspot based on data from certified Wi-Fi access points.
August 2012 Vol.18 No.8
Power Tools to Manage Core Network Services
DNS, DHCP, IPAM and IPv6
Cannon has added Form Aisle Cocooning technology to its T4 range.
Cannon debuts new T4 product Infrastructure Cannon Technologies has revealed its Free Form Aisle Cocooning technology from its T4 range of data centre solutions. This advanced technology is designed to unite cost-effective air cabling containment, along with an air flow containment system, into a single integrated solution with vertical closure panels, support for legacy technologies and a low energy footprint. The technology supports an end-to-end-edge beam infrastructure, underpinning the overhead cocooning panels above the aisle without being individually dedicated to any
one rack, as well as allowing easy deployment and support for legacy systems. Other features include extendable vertical closure panels for cold air flows, as well as support for a wide range of active and passive cocooning features. “A key feature is that both OEM and non-Cannon racks are fully supported - they can be added or removed from the row - maintaining support for legacy investments where appropriate,” said Mark Awdas, Cannon’s engineering manager. “Furthermore, because Free Form Aisle Cocooning enables an installed rack to be removed
from a row of racks - quickly and easily - and within the space of a few minutes - its cost efficiencies extend well beyond the capex arena and firmly into the opex proficiency stakes,” he added. During installation, the system is designed to allow all rack-mounted cable raceways to remain undisturbed and replacement racks can be introduced into the system quickly and easily. Legacy systems support is also designed to allow a cost-effective retrofit aisle cocooning solution that has both short-term and long-term opex advantages, where old rack installations exist.
Virtual servers to hit 18m by 2014 Technology Virtualisation is currently in use on most new servers and in two years the number of virtual servers will reach 18 million, twice the number of physical devices, according to new global market research by IDC and Kaspersky Lab. The forecast, which looks at virtual server implementation to the year 2014, suggests that by 2013 two thirds of all corporate services and applications will work in a virtual environment. Experts believe such rapid evolution is driven primarily by the advantages of the technology - 75% of the companies that already use virtualisation recognise
it as truly valuable and are making virtualisation a priority in the development of their IT infrastructure, Kaspersky says. According to IDC, despite widespread virtualisation, protection for virtual environments is lagging behind. “Virtualisation benefits can overshadow security concerns,” said Timur Faroukshin, IDC Consulting Director in Russia and CIS. “In addition, specialised solutions are new, and many customers aren’t aware that a new approach is available, or what the shortcomings are of their imported legacy security solutions.” “IDC’s analysis has fully confirmed the conclusions Kaspersky
Lab made during its own survey of the GCC virtualisation market,” added Vladimir Udalov, senior Corporate Product Marketing manager at Kaspersky Lab. “Although 61% of the companies surveyed have already implemented or are planning to implement virtualisation, only 7% of IT specialists have extensive and advanced experience to fully understand all the security risks in this area and to choose the right approach to protecting virtual environments. Moreover, 43% of specialists surveyed mistakenly believe that IT security risks are much lower in the virtual environment than in the physical one.”
network control solution with its Trinzic appliances and its unique Grid technology.
» Automated tracking of IP Addresses in the network
» Easy integration of new IP Addresses Provides internal DNS/DHCP - Documenting of Switch Por ts in the network
Common Problems » Tracking IP Devices and users in the network » Complicated process to add a new IP device » Documenting Switch Ports in the Network » Manual IP Address Assignment » Reliability and Continuous Availability of DNS Services To schedule a demo meeting please call us at +971 4 375 7612 or email us at firstname.lastname@example.org
August 2012 Vol.18 No.8
Gulf Bridge International has opened a new operations centre in Doha, Qatar.
GBI opens new NOC in Doha Business The Gulf Bridge International (GBI) Network Operations Centre (NOC) was opened at the Qatar Science and Technology Park in Doha at the start of July. The NOC is the new nerve centre for the region’s highest capacity and most geographically comprehensive cable network, connecting all the nations of the Gulf to the data centres of Europe and Asia. “It is truly remarkable to look through this facility onto the vibrant and growing information exchange taking place across the Gulf and beyond,” said Ahmed Mekky, board member and CEO of
GBI. ”This nerve centre manages a tremendous amount of digital traffic every second. To grasp its enormous capacity, imagine being able to transfer about 7,000 full-length movies every second across the GBI cable system. Such capacity will help provide the ICT backbone meeting the ambitious development plans of the Gulf well into the future.” The centre will monitor GBI’s undersea and terrestrial network operations 24/7 and is taking command from the GBI back-up centre in Fujairah, UAE. The GBI Cable System has a design capacity of 40G with portions upgraded to 100G.
The cable system connects all the countries in the Gulf in a robust ring configuration. Outside the Gulf, the cable connects eastwards to Mumbai, India and westwards to Sicily, Italy, with diverse routing to Milan and onwards to London, Frankfurt, Amsterdam, and Paris and Marseilles in France. “In order to guarantee superior customer service, the Network Operations Centre exists to manage day to day operations on the GBI Cable System so that the service is transparent to GBI’s customers,” said Neil Axford, director of Network Operations at GBI.
Fortinet releases BYOD survey Infrastructure Network security provider Fortinet has conducted a global survey that reveals the extent of the challenge posed to corporate IT systems by first generation Bring Your Own Device (BYOD) users. Over 3,800 active employees in their twenties in 15 territories took part in the survey and their answers confirmed that BYOD is a mainstream activity. Seventy-four percent of respondents across all territories are already bringing their own devices to work, 64% of those respondents were in the UAE. Fifty-five percent of total respondents and 56% in the UAE, view using their device at work
as a right rather than a privilege and more than 1-in-3 employees would contravene a company’s security policy that forbids them to use their personal devices at work or for work purposes. Forty-two per cent of the survey sample believed that potential data loss and exposure to malicious IT threats to be the dominant risk. In the UAE, there is even slightly greater awareness with 44% of respondents acknowledging the risks in potential data loss and exposure to malicious IT threats. This risk awareness does not prevent those workers from bypassing corporate policies, with
36% of respondents admitting they have or would contravene a corporate policy banning the use of personally-owned devices for work purposes. It is 30% for UAE -based respondents. The dependence on personal communications is strong with 35% of respondents admitting they could not go a day without accessing social networks, and 47% are unable to last a day without SMS. In the UAE, however, only 19% of respondents said that they could not last a day without accessing social networks, while 34% admitted they could not endure a day without SMS.
Stop DDoS Attacks Fast with FortiDDoS - Mitigate Quickly - Reduce Financial Loss - Block Numerous Types of Attacks The FortiDDoS platforms are dedicated appliances that are designed to detect and help protect against today’s most damaging and sophisticated DDoS attacks.
The FortiDDoS... 1. Acts as a shield against DDoS attacks on the network 2. Is easy to deploy and manage 3. Blocks DDoS attacks unlike traditional IPS/Firewall solutions which are not capable of detecting or blocking attacks 4. Delivers increased security with a low cost solution
For more information please call us at +971 4 375 7612 or email us at email@example.com
In an industry, where one small mistake can have a knock-on effect disrupting thousands of passengers, we look at how the aviation industry is struggling to maintain bandwidth and business continuity and how network innovations are being utilised to enhance connectivity and data transfer
12 August 2012 Vol.18 No.8
very airline can be considered a large multinational, whether it is a small airline that flies to just a few destinations or a larger one that flies to hundreds. This multi-country, multi-destination network set-up causes a multitude of network problems and hassles for the aviation industry, from bandwidth challenges to a lack of business continuity. One small hiccup can cause a knock-on effect felt by passengers and airlines across the globe. “To be able to provide consistent technology service, IT and telecoms in all those locations is not easy. The aviation industry is very reliant on business continuity; any disruption not only hits the airline and its passengers, but also other partners that code share with them. Even if it is not a code share, passengers will be flying on, so it will impact passengers in the first destination. Any disruption is likely to have significant impact, not only in the country of origin, but in different destinations around the world, whether the same airline or other airlines,” states Mohamad Ali-Wehbe, head of business development, MENA at SITA, a 60-year-old company that specialises in IT and telecommunications dedicated to the air transport industry. Aric Ault, area sales manager UAE Enterprise at Cisco agrees that airlines face challenges providing business continuity across multiple locations. “Because there is high security in outstation locations, being able to actually service and support those networks in those locations is something a bit more challenging than you would find with the typical enterprise. That means they
have specialist integrators that have access behind the gates to where they can actually support those networks in highly secure locations that are on the air side of the airport,” he says. Cisco provides the underlying infrastructure for the entire aviation industry from core routing and switching all the way to the data centre in cloud computing and virtualisation and into collaboration and collaborative services – voice, video and the entire overlaying network. When airlines are planning to procure or deploy an IT or telecoms solution, they look at their existing infrastructure and try to make sure that the service is reliable and can ensure business continuity, minimise disruption and, if there is a problem, automatically switch to another solution with minimal network performance degradation.
NETWORK CONTINUITY One of the ways to ensure network continuity is to purchase all network solutions from a single provider the world over. “Let’s say in Europe, I deal with one provider, and in the Middle East another provider, in the US and Latin America another one - it makes it hard in terms of economies of scale, contract management, making sure the service levels from different providers are consistent – because you are not going to treat your users in your offices here with 99% reliability and those in Latin America or Africa with less reliability,” said Ali-Wehbe. Having real time information at hand all the time across the entire network is essential for airlines and Cisco says that while everything works well in day-to-day opera-
tions, when you have a situation such as the ash cloud in Iceland, the airlines go into what they call irregular operations. “Irregular operations is where a typical person taking a flight will look for an alternative way to get home, book a flight or find accommodation and what happens to the network is utilisation spikes to
like to have to be able to deliver your services,” says Ault. To help protect against bandwidth issues, Emirates Airlines is implementing new technologies. “On the business front, traditionally we had relatively low bandwidth connections between our branch offices and data centres, to deliver this in a cost effective
“The aviation industry is very reliant on business continuity; any disruption not only hits the airline and its passengers, but also other partners that code share with them.” MOHAMAD ALI-WEHBE, HEAD OF BUSINESS DEVELOPMENT, MENA AT SITA extremely high levels, so they need to be prepared ultimately to have a network that is resilient to these irregular operations. Airlines are going into irregular operations more and more for whatever reason and they are preparing themselves to be able to run in those types of events,” explains Ault.
BANDWIDTH CHALLENGES Another major challenge faced by the airline industry is reliable bandwidth. When operating across multiple countries and multiple service providers it can be almost impossible to obtain equal bandwidth across the entire networkthat is able to support the airline’s applications. “Bandwidth challenges are one of the factors that both of our major airlines in the Middle East are actually addressing right now because they are in an expansionary phase and are looking into regions where you don’t actually have the bandwidth you would
manner we are implementing new data compression and application acceleration technologies,” explains Fayyas Alam, vice-president IT production, Emirates Airlines. “In the coming years we would also look at the convergence of Local Area Networks (LAN) and Storage Area Networks (SAN) to potentially save costs and reduce power consumption in our data centres,” he adds. SITA is also currently working on overcoming bandwidth issues for airline networks by developing a parallel solution based on the internet. “Right now bandwidth is ubiquitous and affordable, the only thing is that the quality of service sometimes can differ from one country to another and this is where we try to bridge the gap by developing a parallel solution, not just this dedicated network that we operate for the air travel industry – we also try and build a parallel network based on the August 2012 Vol.18 No.8 13
internet and keeping in mind that the service level is more than just acceptable,” states Ali-Wehbe. With the recent unrest in the Middle East, airlines and airline network providers have had the fact hammered home that in certain locations and in certain circumstances, it is very difficult to maintain bandwidth. In these conflict zones, airlines and service providers must rely on VSAT networks. “It’s a bit more expensive, but you should not just think of it in terms of cost, you also need to think of it in terms of what could be the business impact if I don’t provide this alternative as a backup solution, just in case things degrade or the physical infrastructure in the country is cut. Without network, you cannot do anything,” says Ali-Wehbe. SITA is also working on identifying patterns of data traffic and based on that they are trying to optimise the usage of critical airline applications. “We try to identify and solve bottlenecks in a way that reduces bandwidth consumption, because you don’t need more bandwidth every time you add a user or application. So we try and reduce bandwidth usage by using technologies from third parties, we are also trying to identify what applications can be upgraded or are not needed any more, what are the things that can be offloaded to the internet and don’t need a private
Aric Ault of Cisco says the new Airbus A380 is shipped with a Cisco wireless access point.
dedicated line. Based on that we do application profiling and based on that we try to optimise the usage of the network bandwidth so that whatever can be moved to a cheaper network is moved.”
NETWORKING INNOVATIONS Networking companies involved in the aviation industry and the airlines themselves are constantly looking at ways to improve connectivity, data transmission and communications. “The airline industry is focusing on connecting solutions between its customers and stations, airports, handling agents around the globe by using private IP/VPN based
Aviation Cloud Benefits: Cost savings Agility Scalability Business oriented solution whereby you pay as you go Simplification of administration Self-service portal – easy to add and configure programmes and reports You can release your IT people to focus on strategic IT projects that touch more on the business operations and infrastructures
14 August 2012 Vol.18 No.8
Emirates Airlines is implementing cloud solutions, says Fayyas Alam VP of IT Production.
links such as MPLS/internet. This includes data transmission optimisation solutions [encryption/ compression/protocol optimisation/redundancy]. Given the global network of destinations that airlines fly to, connectivity, data transmission, and communications are critical where networking technologies play a major role,” states Dr Jassim Haji, director of IT, at regional airline operator Gulf Air. Companies such as Cisco and SITA are currently developing specific software and hardware for data transmission between ground and aircraft, and airlinespecific messaging networks for communications with different Global Distribution Systems. Now broadband internet, mobile connectivity and live television programmes on aircraft are provided by specialised solutions through VSAT communication. In addition, there are dedicated solutions available for airlines to communicate/ coordinate across their network destinations. In terms of data transfer, Cisco has developed a wireless access point that helps to share data between airport-side staff and services and on-board staff, which can be found on the new Airbus A380s. “Each Airbus A380 is shipped with a Cisco wireless access point in the plane so that they can utilise what they call the gate-link access
so that the avionics and flight information data is shared between the airline and the operations at the gate. It is already on board and is very specific to the airline industry,” explains Ault. Emirates Airlines says that aviation companies are either currently maintaining legacy network hardware or software or developing solutions for niche areas. However, the trend is for airlines to move away from legacy and specialist networks to open and commodity networks; this includes use of internet and cloud for staff remote access and branch office connectivity.
THE ROLE OF CLOUD Flight disruptions due to, for example, unrest, war or natural disasters, are driving the development and uptake of cloud computing and virtualisation solutions for the entire airline industry. Both cloud and virtualisation can allow the airline companies to dynamically allocate resources and be able to deliver their services to their changing and fluid environment. “I think that everyone is looking to move to a cloud in one form or another and whether you are going to utilise and use cloud from a service provider point of view, have a private cloud, hybrid cloud or public cloud, the airlines look at this and are actively moving
towards this and I think we will see something that will be shared in the market in the near future. The reason is you are driving operational efficiencies and reducing your OPEX and being able to provide that dynamic environment that you want through virtualisation and cloud services,” says Ault.
CLOUD OPTIONS SITA is currently developing a cloud portfolio and have the ATI (Air Transport Industry) cloud portfolio, based on the community cloud model. “By community cloud we mean it is shared, it is provided seamlessly on a per usage basis and is agile, flexible and scalable. If for example if you have 100 users, but for the busy Summer season you want extra users you don’t need to buy more equipment, buy more licenses and hire people, you just need to procure those services for that three to four month period and as such this can scale up or down on your needs,” says AliWehbe. “If an airline wants to close down a destination or shift operations, for example from a capital city to the economic capital of the country – that shift could take months in terms of planning and working with different IT and telecoms providers in the existing dominant environment. With this cloud technology we can shift the IT in a number of days.” SITA is also able to virtualise applications, although they say that could take a little more time. The benefits of this cloud model for the industry is that it is flexible, lowers costs and has a high return on investment as airlines do not have to build their own cloud services or virtualised environment. Cisco has developed a unified compute system (UCS) which is a data centre server offering that was designed specifically for cloud services, featuring a high RAM and a stateless compute environment. This is designed to allow airlines to maintain a very secure, resilient and agile network that they can expand and will fit in with their very stringent OPEX requirements.
16 August 2012 Vol.18 No.8
Gulf Air is implementing cloud solutions that provide crucial customer-end services, says Jassim Haji.
Disruption of airline networks can have significant impact in different destinations globally, says SITA’s Mohamad Ali-Wehbe.
GBM states that the prime reason for replacing legacy systems with the new cloud and virtualisation offerings are the increased cost savings in capital expenditure, lower operational costs, ease of management and quick provisioning. Round-the-clock business operations demand an increased amount of application availability with minimum downtime for maintenance. In this context, virtualisation and cloud computing are helping the cause with rapid provisioning and minimised downtimes, says GBM. Public cloud offers airlines interoperability, integration and data sharing with alliances and customers. Public clouds leverage the benefits of economy of scale and provide services based on utilisation and no initial infrastructure investment. This lowers the cost for budget startups and provides world-class services at the push of a button. “Bandwidth starved remote offices can be serviced via the internet by private or public cloud infrastructure. Cost savings can be realised in doing away with expensive dedicated links for companies adopting the Softwareas-a-Service [SaaS] model of cloud computing,” states Pappu R Rao, director, Technology Services, Gulf Business Machines.
AIRLINES IMPLEMENTING CLOUD Emirates Airlines has implemented cloud solutions where they are
economical and appropriate for the company’s wide technology needs. “For example, we have been using Google’s email filtering service for many years now. More recently we have started using Facebook and YouTube to communicate and interact with travellers. We also use what could be called ‘community-based cloud services for air travel industry’. These are business services that are hosted by vendors and provided to the air travel industry. Examples of these are cloud services for baggage
menting cloud solutions, which provide crucial customer-end services such as contact centre, internet booking, online-payment, online check-in, and extending IT services to new destinations much quicker with much less cost and manpower involved, which in turn enables Gulf Air to respond to customers needs much faster. According to Gulf Business Machines, the improved bandwidth, enhanced networking technologies and an ever increasing server computing power has accelerated the adoption of cloud comput-
“On the business front, traditionally we had relatively low bandwidth connections between our branch oﬃces and data centres, to deliver this in a cost eﬀective manner we are implementing new data compression and application acceleration technologies.” FAYYAS ALAM, VICE-PRESIDENT IT PRODUCTION, EMIRATES AIRLINES. tracking, visa rules for travellers, fare quotes from other airlines and reservations,” explains Alam. Emirates says that it is expecting more adoption of internet, vitualisation and cloud-based network services for a variety of business uses. The trend in the data centre environment is more virtualisation at all layers of the infrastructure and dynamic infrastructure provisioning for a private service to enterprise use,” says Alam. Gulf Air has also begun imple-
ing, and virtualisation is now the preferred technology that most airlines are adopting when looking at legacy hardware replacement. In spite of the restricted budgets, virtualisation and cloud computing are being widely adopted by the aviation industry as a means of helping realise Return on Investment (ROI) and Total Cost of Ownership (TCO) benefits, while at the same time allowing access to newer technologies vital for the aviation industry’s growth.
HP recommends Windows® 7 Professional.
All-in-one, all inside
Introducing the new HP Z1 Workstation. Power without the tower. Bring your imagination to life with the all-in-one HP Z1 Workstation – featuring the powerful Intel® Xeon® processor E3-1200 series, genuine Windows® 7 Professional and a stunning 68.6 cm (27") high-resolution LED-backlit display.1 Get professional-grade graphics and performance in a sleek, space-saving design that makes customisation a snap – literally.
The HP Z1 Workstation snaps open for simple, tool-free customisation2
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Intel, the Intel logo, Intel Inside, the Intel Inside logo, Xeon and Xeon Inside are trademarks of Intel Corporation in the U.S. and other countries. Microsoft and Windows are trademarks of the Microsoft group of companies. 1 Refers to diagonal measurement of display. 2 $OOVSHFLƭFDWLRQVUHSUHVHQWWKHW\SLFDOVSHFLƭFDWLRQVSURYLGHGE\+3oVFRPSRQHQWPDQXIDFWXUHUVDFWXDOSHUIRUPDQFHPD\YDU\HLWKHUKLJKHURUORZHU
August 2012 Vol.18 No.8
Securing the Skies
Alessandro Borgogna, principal at Booz & Company
Alessandro Borgogna, principal at Booz & Company, and Leonardo Monti and Tansel Kilicarslan, senior associates at Booz & Company talk us through the security challenges faced by the aviation industry.
he airline industry is certainly one of the most exposed industries to network security risks, and airlines face several challenges which span across every aspect of the business. In particular, recent technology trends like aircraft digitisation, increased use of COTS (Commercial Off-The-Shelf) components, and airline direct online booking and sales have increased the number of available “outside-in access points” and hence the risk for potential IT-Security attacks. We can broadly describe the modern airline IT network landscape as an extended system composed of the commercial side (e.g. reservation & ticketing systems or the check-in system) and the air operations side (e.g. the fleet and aircraft management systems, the crew rostering system, as well as various airborne IT systems installed on the aircraft). COMMERCIAL NETWORKS On the commercial side, the
most relevant challenges faced by an airline relate to its business, operational and corporate processes. In this domain airlines face the entire spectrum of IT network-security threats that any relevant business would typically face. Different types of potential attackers can be predicted, ranging from financially-motivated offenders (e.g. aiming at fraud, identity theft or commercial account information theft), hackers/ activists, ill-motivated employees, or it can derive from uncontrolled malicious software self-propagating through the internet. However credit-card cyberfraud is airlines’ most recurrent pain point in this domain according to the 2011 Cybersource Airline Fraud Survey commissioned by IATA. The study determined that in 2010 airlines lost a total of $1.4 billion due to online credit card fraud perpetrated through their websites, representing 0.9% of total worldwide online ticket sales. In this context, airlines should ensure that 100% of their transactions are compliant with
the Payment Card Industry Data Security Standards (PCI-DSS), a security standard developed in 2006 by the major international payment circuits. Another tool available to airlines to reduce the incidence of credit card fraud is the IATA’s Perseuss programme, which offers a secure platform where airlines can legally share information about known fraudulent activity. It is a no-profit subscrip-
automated internal processes, or alternatively outsourced to specialised providers. AIR OPERATIONS NETWORKS: On the air operations side, a totally different set of challenges arises from the key role airlines play in the air transport system, which has historically made them primary targets of terrorism activity. The cyber-terrorism threat is a particularly significant challenge
“The cyber-terrorism threat is a particularly signiﬁcant challenge for airlines that are starting to incorporate the latest-generation aircraft in their ﬂeet.” tion service, and according to IATA most airlines are able to recoup the annual subscription costs after few months of operations. Finally airlines should continuously monitor and detect fraud risks, through manual or
for airlines that are starting to incorporate the latest-generation aircraft in their fleet. In fact, latest-generation aircraft have a totally new level of digitisation of several core aircraft systems, which heavily rely on
external information sources to efficiently and accurately conduct the flight. As a result, new aircraft have become â€œopen systemsâ€? much more dependent on multiple outside data exchange links than before. Each of these external links represent a possible access point that could be exploited to cause harm to the aircraft and hence expose the airline to potential life-loss catastrophic consequences. A two-year study commissioned to Boeing by the FAA in 2008 concluded that new onboard LAN certification and data-exchange-protocol standards would be required. Additionally, since 2010 the International Civil Aviation Organisation (ICAO) has identified cyber terrorism as a distinct security threat to the civil aviation system, and issued a new ICAO Recommended Practice which entered into effect on 1 July 2011. The standard requires each Contracting State to develop measures to protect civil aviation information and communication technology systems from any interference that could jeopardise the safety of civil aviation. All key players in the civil aviation system are recommended to conduct vulnerability assessments relating to cyber security and develop effective mitigation measures and response plans. Aircraft manufacturers have responded by significantly increasing the level of onboard security measures, and consequently the airlineâ€™s responsibility has dramatically increased, as
airlines are now required to maintain a consistent security level for all the critical systems after the aircraft enters into operations. In this context, airlines need to understand the critical function and potential vulnerability of these technology systems and put in place dedicated measures to guarantee the cyber-security of the aircraft at all times, in flight and on the ground. In order to accomplish this objective, airlines will need to ensure they have the right capabilities and resources in place, which may require radically changing their traditional way of doing IT business and often may result in a total restructuring of the IT function and processes. Overall, airlines are required to holistically look at all the multiple IT-network security challenges they are facing and ensure that all information sources and relevant information-management and information-exchange processes are thoroughly assessed from a cyber-security standpoint, in order to determine the associated level of risk and identify all potential vulnerabilities. An effective mitigation and response plan needs to be developed and, more importantly, updated on a regular basis to cope with the fast-changing nature of the cyber-threat. Airlines need to realise that this may result in high costs and investments in terms of corporate resources and in particular for the sourcing of the required human talent capabilities, but these are overall justified by the magnitude of the possible consequences deriving from not addressing them.
Leonardo Monti, senior associate at Booz & Company
Tansel Kilicarslan, senior associate at Booz & Company
August 2012 Vol.18 No.8
Are you managing side-to-side airﬂow properly in the data centre? The N-Series TeraFrame is the solution.
The N-Series TeraFrame™ Network Cabinet from Chatsworth Products (CPI) is precisely engineered to combat thermal management challenges associated with network switches using side-to-side airflow. By employing CPI Passive Cooling™ Solutions, the N-Series TeraFrame can manage high-density switches while maximising the energy efficiency of your data centre. Thermal Management Features • Supports network switches and directors from Cisco and Juniper Networks • Preserves critical equipment by isolating and re-directing hot exhaust air out of the cabinet and into the hot aisle with the Network Switch Exhaust Duct • Allows network and server cabinets to be situated next to one another without overheating Tested and approved by Cisco for use with Cisco Catalyst 6500E series, MDS 9500 series and Nexus 7018 series switches and directors.
This CFD model demonstrates how the N-Series TeraFrame™ Network Cabinet, which is engineered to control side-to-side airflow for network switches, guides hot exhaust air out of the cabinet using the Network Switch Exhaust Duct.
Ideal storage solution for the Juniper Networks EX8208 and EX8216 Ethernet switches.
Optimise. Store. Secure. www.chatsworth.com
Middle East Sales Office +971-4-2602125
Vendors have their work cut out for them keeping up with the growing storage demands of enterprises writes Piers Ford. August 2012 Vol.18 No.8 21
ore capacity for a lower cost, reliable access from a greater variety of mobile and fixed media, and virtualised infrastructures that reflect an increasing appetite for cloud services. These are just a few of the trends that are having a significant impact on the way enterprises are approaching their storage strategies in 2012. With the emphasis on the value of information rather than the more traditional focus on investing in expensive technology to store it – and the resources to manage it - organisations today want more versatile network storage systems in which security and reliability are a given, integration is standard and customisable access expected. And given the accelerating proliferation of information on every front – the phenomenon known as ‘big data’ – vendors have their work cut out keeping pace with the demands of their customers. Zaher Haydar, pre-sales manager for Turkey, emerging Africa and the Middle East, at storage giant EMC. says: “Increasingly, busi-
Basil Ayass from Dell Middle East says that the company has managed to slash customer’s storage costs by up to 80%
as they better leverage big data to deliver greater insight and uncover new opportunities. And the new threat environment is transforming the way customers think about trust. Storage providers must likewise transform their portfolios and operations to take advantage of these major shifts. Storage is not static, and must instead act as an asset to enable enterprises to
“Installing and provisioning new storage when building a data centre can be costly and overwhelming. And if it’s not done right, it can dramatically disrupt an organisation’s day-to-day operations.” BASIL AYASS, ENTERPRISE PRODUCT MANAGER FOR DELL MIDDLE EAST’S COMMERCIAL BUSINESS nesses are being transformed by their ability to unlock the value of data stored within their organisation, and in the outside world. The challenge that comes with this opportunity is to ensure that storage technology supports this change. “Businesses are transforming,
22 August 2012 Vol.18 No.8
execute on strategies , to address the major trends in cloud and big data, and to adapt to the changing IT and business landscapes.”
STORAGE AS AN ASSET The shift in the enterprise to seeing storage as an asset, with its
delivery tailored to the individual business, is making its influence felt in several ways – not least in the need for networks that support faster storage and distributed infrastructures. “The rise of faster storage has implications for the latency of the network infrastructure,” states Ian Harris, leader, systems integrators, at network integration specialist Ciena. “The network infrastructure in place needs to be able to support the capacity and speed requirements of the latest storage solutions. “We also see the advent of storage pools that are distributed over the wide area. These deployments will require the support of the very best networking technologies.” But the combination of big data and cloud computing is seen by many key players as the game changer for network storage strategies. EMC’s Haydar said that after 42 years in the industry, this new wave of change will be the most transformative and disruptive of them all, changing the way organisations build data centres
and applications, and the way they connect to information through user devices.
NEW OPPORTUNITIES Virtualisation and cloud computing are creating new opportunities for vendors to offer fully integrated systems in which storage resources are a strategic element rather than an add-on commodity. Dell, for example, has responded by moving away from reselling EMC storage to acquiring smaller vendors to boost its own storage business. “Our virtualisation services and solutions have helped customers to speed up development cycles, deploy new resources faster and implement easier-to-manage, more cost-effective high availability and disaster recovery strategies,” explains Basil Ayass, enterprise product manager for Dell Middle East’s commercial business. “We have worked with customers that were able to slash storage costs by up to 80% after a Dell storage consolidation and virtualisation project.” This trend is clearly driving what
â€œThe unstructured nature of big data means that RAID technology solutions, which combine multiple components into a logical unit, are unable to manage big data in an eďŹƒcient and cost-eďŹ€ective manner.â€? ARNDT MUELLER, EMEA STORAGE BUSINESS DEVELOPMENT MANAGER AT ORACLE.
some vendors call the â€˜serverisationâ€™ of storage, particularly for organisations coming to terms with big data. â€œIn contrast to traditional data analytics, big data uses different computing models,â€? says Arndt Mueller, EMEA storage business
development manager at Oracle. â€œThe unstructured nature of big data means that RAID technology solutions, which combine multiple components into a logical unit, are unable to manage big data in an efficient and cost-effective manner. To overcome this challenge,
Storage Tips: t4QFDJGZBOFBTZUPVTF UBTLCBTFEJOUFSGBDFUIBU provides a high level of automation to implement policies (set-it-and-forget-it) t-PPLBUSFQMJDBUJPOGPSMPDBMBOESFNPUFEBUBSFDPWFSZ with application protection specified by service levels t'PDVTPOUIFQPUFOUJBMGPSJNQSPWFEFĂłDJFODZUIPVHI simplified management, reduced power consumption and reduced footprint t$POTJEFSJOUFHSBUJOHUIFJSJOGSBTUSVDUVSFXJUI virtualisation platforms to offload storage t%FQMPZTFSWFSFOWJSPONFOUTUIBUEFMJWFSJODSFBTFE utilisation without affecting performance levels
24 August 2012 Vol.18 No.8
Arndt Mueller from Oracle says that big data uses different computing models to traditional data analytics.
big data computing environments are being built on Hadoop and MapReduce technology, creating a shared nothing (SN) storage model where each component is independent and self-sufficient. â€œStorage resources and data must also be positioned close together in the IT stack to optimise the business benefits delivered by big data. By having the components close together, businesses can maximise the potential business capabilities, helping increase profit and growth.â€?
BIG DATA According to Mueller, big data is driving the â€˜serverisationâ€™ of storage as businesses work to interoperate and integrate business intelligence
and analytics systems with application servers. Oracleâ€™s Big Data Appliance enables businesses to load unstructured data onto databases. â€œThis is a critical trend, as big data will always be an additional source of business intelligence and will not replace traditional warehouse systems,â€? he states. In other words, as enterprises strive to build more streamlined, integrated storage models, the reality behind the scenes is more complex than ever. â€œAs enterprises consolidate their virtual data centre environments, federation and automated tiering of storage helps data centres consolidate applications and deliver new levels of efficiency through higher utilisation rates, improved
“The rise of faster storage has implications for the latency of the network infrastructure.”
The combination of big data and cloud computing is seen by many key players as the game changer for network storage strategies.
mobility and simplified storage management,” explains Haydar. “It is important that the information has the highest levels of availability as it is powering the mission critical operations of the enterprise. Also, that storage solutions provide the highest levels of availability. Budgets are being cut for IT; couple this with the information growth and the result is that enterprises are looking for solutions that can increase efficiency across the data centre with minimal management.” The complexity and volume of the data will drive many organisations to outsource physical storage to the cloud, particularly as service providers respond by providing secure and reliable enterprise-class cloud solutions. “Customers’ cloud computing and big data objectives are best served by having the right information storage infrastructure,” said Haydar. “Intelligent, automated storage is a critical component, as is the ability to give customers options because the nature and use
IAN HARRIS, LEADER, SYSTEMS INTEGRATORS, CIENA
of these expanding data sets are almost as varied as the data itself.”
RISING TO THE CHALLENGE Mashreq Bank is a typical example of a Middle Eastern business rising to this challenge. Struggling to maintain an infrastructure that could cope with an annual data growth of 30%, the rapidly expanding bank invested in EMC’s automated storage management platform, Symmetrix VMAX. Head of infrastructure Richard Hughes says the bank is committed to the use of cloud-based technologies to improve its processes and enhance customer experience. “At Mashreq, we are proud to be at the forefront of technological innovation in the financial services sector, simplifying the way IT is adopted, managed and consumed and enabling us to provide better services – faster – to our customers,” he says. This demand for more compact and energy-efficient storage is acute across the region. Dell’s
Ian Harris from Ciena says that the network infrastructure in place needs to be able to support the capacity and speed requirements of the latest storage solutions.
August 2012 Vol.18 No.8 25
Zaher Haydar says that after 42 years in the industry, the new wave of change will be the most transformative and disruptive of them all.
Ayass says many enterprises in the Middle East are wasting their storage resources and failing to allocate capacity effectively. Again, the trend towards converged offerings from vendors is seeking to address this. “A converged infrastructure can provide a single, tightly integrated system that reduces the complexity of running IT
especially the larger ones in the financial, government, telecoms, oil and gas sectors,” says Oracle’s Mueller. “With data volumes increasing and many organisations required to retain data for a minimum of 10 years, energyefficient storage will remain a key challenge not only for Middle Eastern business but for businesses across the world.”
“Increasingly, businesses are being transformed by their ability to unlock the value of data stored within their organisation, and in the outside world.” ZAHER HAYDAR, PRE-SALES MANAGER FOR TURKEY, EMERGING AFRICA AND MIDDLE EAST, EMC
systems and enables a shared service model of computing that maximises hardware utilisation, improves availability, contains management costs and reduces time to deployment,” he explains. “Energy-efficient storage is becoming a priority to most organisations in the Middle East,
26 August 2012 Vol.18 No.8
According to Mueller, the answer is to deploy server environments that deliver increased utilisation without affecting performance levels. Automated tiered storage architectures that permit data placement on tiers in real time will also become increasingly attractive, as they
require less administration and maintenance at the bottom of the storage pyramid, helping to reduce costs and increase efficiency. “Tired storage allows the matching of application performance requirements to the most cost effective storage,” agreed Zaher Haydar. “As data ages and becomes less active over time, automated storage tiering moves the data from high-performance to high-capacity drives, resulting in lower costs, regardless of application type or data age.” Haydar also recommends that enterprises consider integrating their infrastructure with virtualisation platforms to offload storage-related functions from the server to the storage system, making the management experience seamless from both perspectives. “Depending on the plans for cloud – private, hybrid or public – you should also look for converged infrastructure offerings and federated data centres,” he says.
STORAGE TIPS Other tips include: specifying an easy-to-use, task-based interface that provides a high level of automation to implement policies (set-it-and-forget-it), while offering high availability of information and data for running mission-critical operations; looking at replication for local and remote data recovery, with application protection specified by service levels; and focusing on the potential for improved efficiency through simplified management, reduced power consumption and reduced footprint. “Installing and provisioning new storage when building a data centre can be costly and overwhelming,” states Basil Ayass at Dell. “And if it’s not done right, it can dramatically disrupt an organisation’s day-to-day operations. It is important to choose from a wide range of storage implementation services, as well as customised services for highly complex or unusual storage deployments.”
Connecting the world
IT networks are no longer the preserve of future forward sectors, agriculture and utilities are now also getting connected, says Hayashi Satoru, Fujitsu.
Hayashi Satoru, executive vice chairman of the board, Fujitsu says even previously non-IT sectors such as farming are getting connected.
he world is becoming connected at a breakneck speed, technology is rapidly evolving, and, with it more and more data is being generated. According to Hayashi Satoru, executive vice chairman of the board of Fujitsu Technology Solutions, this accelerated growth of data is driving network and storage innovations, and the adoption of cloud solutions in previously neglected areas such as smart metering and agriculture. “In Japan after Fukushima, people started worrying about the supply of electricity, because there used to be 54 nuclear plants generating lots of electricity, but now all of those will probably be stopped by July. People now have to deal with the decreased supply of electricity. The utility companies are working hard to start monitoring the usage of electricity in real time. They are putting in smart metering into
28 August 2012 Vol.18 N.8
their networks and this sensor device is something that Fujitsu is providing. By having this solution, the utility company can monitor the electricity being consumed and based on this data, the company can adjust the supply,” he said. Agriculture, an area not usually associated with IT and networking, is also becoming IT connected. “We have started working closely with the farmers and we put sensors on their fields, which capture the status of the soil and the air and take pictures of how the plants are growing,” Satoru explains. “We are applying this IT technology into the new market, which is old industries like farming and we are helping the farmers to improve their products. All of these new initiatives of ICT are helping the people, society.” The new surge of IT in previously unexplored fields has driven a massive demand for storage
equipment and servers, because all the big data collected by the networks must be captured. Fujitsu recently launched its Primequest server in the Middle East, this server is utilised for mission-critical applications, according to Fujitsu. “One of the most prestigious customers we have for Primequest
business day, but the system kept running because it was designed to accommodate peak demand, which is four times the normal demand size,” Satoru says. By 2015, Satoru says that he sees three big trends becoming reality; big data; mobility; and cloud. “There are more and more mobility devices, such as
“We have started working closely with the farmers and we put sensors on their ﬁelds, which capture the status of the soil and the air and also take pictures of how the plants are growing and so forth.” is the Tokyo stock exchange and when Japan had the big earthquake last March, people wanted to sell their stock immediately because they know the share prices will slump. Demand more than doubled the trade volume of a normal
smartphones, tablet PCs and mobile PCs. I think each individual will have at least three or four by 2015, so I think more and more devices will be used by people and will collect more and more information off each individual,” he states.
A premium execuƟve search company started in 2011, youbook is a new business venture of Mr M.M. Banerji, founder and CEO of youbook who earlier founded/owned/managed a renowned execuƟve search Įrm in the region since 1995. He started his career from PCL (Pertech Computers Ltd) India in 1986 and over the years has worked with renowned IT companies like ICIM and SIMA Advanced technology where he spearheaded the DELL division across GCC in 1993. Mr. MM Banerji lives and breathes talent aƩracƟon, engagement and acquisiƟon, and more speciĮcally leveraging processes and technology to idenƟfy and hire more of the right talent. Over the last 18 years, he has worked closely with several leading IT Įrms globally and placed over 3000 IT professionals in areas like SoŌware development, ApplicaƟon, ERP, Network, Security, Web portal, tesƟng, Storage Admin, Systems Admin, Data Warehousing, Mainframe etc. The company believes in entrepreneurship and every team member in the organizaƟon is an entrepreneur. It’s a company of diverse talent and skills. The team comprises of experienced, ambiƟous, vibrant, young professionals having ability to update with latest trends & requirements of our client.
youbook is a premium execuƟve search Įrm specializing in middle to senior level posiƟons globally.
UAE – SINGAPORE - INDIA
Problem Over 90% of email traffic is spam and enterprises are facing an ever increasing threat from spam attacks, writes Piers Ford.
30 August 2012 Vol.18 No.8
August 2012 Vol.18 No.8 31
est estimates from monitoring services suggest that around 100 billion spam emails are transmitted daily. And spam accounts for 90% of all global email traffic. In any case, Rustock is reportedly now up and running again, meaning that such statistics are only likely to become more staggering.
THE ENEMY WITHIN Walid Kamal from du says that cybercriminals are sending spam emails that look like they came from a co-worker within an enterprise.
he trouble with spam is that it is so prevalent that most of us treat it as simply part of the online landscape. We check our filters occasionally in search of an important genuine email that has gone astray, but otherwise we shrug our shoulders and trust the software to protect us from the worst excesses of unsolicited communication. In taking it for granted, we ignore the sheer scale of the problem, its cost to the enterprise, and the growing ingenuity of cybercriminals who , remarkably, still find spam a simple and effective way of breaching network defences. “Earlier this year, Blue Coat found that email was the second most popular threat vector, representing 11.6% of all malware attacks,” says Dave Ewart, director product marketing at the specialist security vendor.
“Email is easily exploitable and represents a path of least resistance for cybercriminals by simply requiring them to send an email with a malicious link. The barrier to entry is so low here that our security labs team is actually seeing cybercriminals return to email as a favourite method for luring unsuspecting users to malware.” Ewart said these email attacks often come in the form of spam. “Being able to identify and effectively block suspicious email is critical for protecting the enterprise from malware and other malicious threats,” he adds. The scale of the problem – and the task facing network security professionals – is daunting. While the takedown of the Rustock botnet in Russia, which was behind a great deal of spam distribution, initially led to a decrease in volume during the last two years, even the most mod-
Spam Facts Email represents 11.6% of all malware attacks Around 100 billion spam emails are transmitted daily Spam accounts for 90% of all global email traffic Spammers are data mining on social media sites to access a target email address As of July 2012, 83% of spam mails offer internet or computing goods or services
32 August 2012 Vol.18 No.8
The picture in the Middle East is further complicated by the fact that spam is becoming the enemy within, as much as an external threat. “The latest method used to bypass the anti-spam solution is to fashion email as though is sent from an internal user,” states Walid Kamal, senior vice president for technology, risk and fraud management at UAE telecoms company du. “The spammers are data mining on social media sites to ac-
solutions at IT security vendor Fortinet. “They expect a featurerich email gateway providing a broad scale of services to ease their email communications, including archive, encryption and authentication services, mail rate limits and queuing capabilities. “In parallel we see that organisations increasingly look at simplifying deployment, controlling CAPEX/OPEX and reducing network complexity. Anti-spam solutions and related email services are thus expected to be delivered within one single appliance: the corporate frontend email gateway. In short, we see that same trend happening as in firewalling, with increasing concentration of services inside one platform.” Turnbull says the need for greater control is another key trend. The focus on incoming emails has shifted, and enterprises are now looking for advanced
“Being able to identify and eﬀectively block suspicious email is critical for protecting the enterprise from malware and other malicious threats.” DAVE EWART, DIRECTOR PRODUCT MARKETING AT BLUE COAT cess a target email address with its known list of contacts from sites such as Facebook or Linkedin. The spam is then sent with the spoofed contact information as though it is coming from one of the known contacts.” Even if spam doesn’t contain malware, it consumes time and resources simply to manage it and prevent enterprise networks from being overwhelmed. Traditional anti-spam tools have performed on a per-IP address basis, but vendors are looking increasingly at endpoint reputation monitoring as the key to identifying malicious activity, regardless of allocated IP addresses. “Nowadays, enterprises expect more than filtering services from their anti-spam hardware and software,” explains Darren Turnbull, vice president of strategic
ways to control their outgoing mail flow in order to preserve their IP reputation or comply with regulation. “An effective anti-spam solution should be able to identify spam in both directions, preventing an enterprise from not only receiving spam but also from sending spam to their customers due to compromised endpoints or otherwise well-meaning employees.”
THE SOLUTION In response to this, anti-spam technology vendors are developing increasingly intuitive and sophisticated products to help enterprises shore up their security strategies. These have particular appeal to service and telecoms providers who have a vested interest in not allowing
Dave Ewart from Blue Coat says that email is the easiest way for cybercriminals to attack enterprises.
their networks to become spam conduits. Solutions such as Fortinet’s FortiGuard network, which provides an anti-spam service consisting of two databases that contain IP reputation data and spam signatures, help service providers to preserve their online reputation and avoid the disastrous situation of having their IP address space being blacklisted and customers being prevented from sending emails. While many enterprises in the region favour cloud-based anti-spam solutions with their low-cost, quick-deployment potential, some are turning to appliance-based tools that suit their specific business models, according to du’s Kamal. “The primary innovation that attracts a lot of interest is the feature to allow end-point reputation-based filtering,” he says. “The end-user is assigned a reputation score and the [antispam] policies may be tailored based on the traffic generated by individual endpoints in a shared infrastructure environment.” While vendors continue to add processing and inspection capabilities to appliances, Nicolai Solling, director of technology services at IT security systems integrator help AG, said that much
34 August 2012 Vol.18 No.8
of the innovation in the antispam arena has focused on the evolution of policy frameworks. “For example, there are standards such as the Sender Policy Framework (SPF), which is a framework for email systems to communicate with authorised sender devices for a domain name – thereby eliminating a lot of the spam that is out there in the while,” he states. “Another good example of an open framework is Domain Key Identified Mails, which offers the capability of signing email headers with your organisation’s certificate, which clients can then use to identify the data integrity of the email.” Solling says that while spam volume is theoretically decreasing, enterprises still need to have some form of anti-spam solution in place – managed or in-house – and it is important that end-users understand the advanced threats that apparently harmless spam can contain. “Phishing continues to be very difficult to detect and remove because given its sophistication, it can be hard to identify,” he says. “Emails which appear to come from banks are in fact phishing for information. And many of the organisations that have to tackle phishing are using exactly the
same form of communication with their users. “For example, banks here in the Middle East gladly send out promotions via email, and this lowers users’ suspicion levels. Furthermore, we have to keep in mind that geographically and historically, we have been a target for cyber-attacks, which of course affects how we should protect ourselves against spam.” Like Fortinet, security vendor Dell SonicWALL supplies a range of appliances and software tools that allow businesses of all sizes to have complete inbound and outbound email protection on one system, including virtual and hosted models. EMEA senior product marketing manager Florian Malecki says that whatever the preferred platform or mode, the least an organisation should do is to deploy a next-generation inbound and outbound email security solution. “Spam has been a major threat for more than a decade now and indeed, the more users there are, the higher the risks,” he explains. “But with the rise of web 2.0 applications and especially instant
over the protocol as service providers, products and resources adopt it. “Organisations and vendors have to upgrade their anti-spam solutions to make them compatible with IPv6, and we’re already ahead of this move,” he states. “Intelligence previously available on IPv4 is now available on IPv6, from IP reputation to SMTP protocol analysis and mail content inspection.” At du, Walid Kamal states that while the Middle East is as much a target for spam as any other region, it is actually a major hub for spam origination, “because the anti-spam measures are not very widely mandated, leaving a lot of easy targets for spammers to infect and redirect spam from the region to other targets.” In other words, education and training staff in how to recognise spam is as important in implementing a policy as the technology used to contain the problem. This could mean highlighting high-level categories of spam rather than the usual suspects of Viagra and pay-pay-purchase, according to Fortinet’s Turnbull. “It goes from scams to
“Phishing continues to be very diﬃcult to detect and remove because given its sophistication, it can be hard to identify.” NICOLAI SOLLING, DIRECTOR OF TECHNOLOGY SERVICES AT HELP AG messaging applications and social media, hackers are targeting these new types of communication. “And with the exponential growth of smartphones and tablets in the region, enterprises need to put in place strict security policies when it comes to bring your own device [BYOD], for example, as these mobile devices could represent a gap in the security policy.”
IPV6 AND SPAM The arrival of IPv6 is a further complication, and as Turnbull says, spam will start circulating
phishing and spear-phishing to malicious spam bot campaigns,” he said. “Training programs showing these examples would be the best way, in my view. The network manager should also be trained to be aware of the same techniques, and handle refresher training courses. “I’d also recommend some practice sessions – like unexpected fire drills – to see how users are responding, and grade the general state of spam awareness in the enterprise. If it is not up to par, then of course enhancement and more aggressive training would be required.”
NAS Hard Drives
The world’s ﬁrst.
Introducing WD Red.™ The world’s first hard drive specifically designed for home and small office NAS systems. Made with exclusive NASware™ technology for seamless integration, it’s also optimized for efficient, robust performance. WD Red is the perfect fit for your 1-5 bay NAS system. Western Digital, WD and the WD logo are registered trademarks in the U.S. and other countries; NASWare and WD Red are trademarks of Western Digital Technologies, Inc. Other marks may be mentioned herein that belong to other companies. Product specifications subject to change without notice. Picture shown may vary from actual product. ©2012 Western Digital Technologies, Inc. All rights reserved. 2078-771179
August 2012 Vol.18 No.8
Dr Steve Turner from Intergence says that enterprises must be sure that their IT infrastructure is up to date.
Are you struggling to monitor your IT infrastructure? Dr Steve Turner, Vice President of IT Optimisation at Intergence, reveals five ways to make sure you remain on top
s the IT estate continues to grow in both scale and sophistication, IT managers are being asked to do more and more to keep things running smoothly with fewer resources. Monitoring the infrastructure requires many skilled employees with specialist knowledge in networking, applications, storage and virtualisation to name but a few areas. There is a pressing need to meet bandwidth demand, optimise efficiency, simplify management and improve visibility throughout the business; all this needs to be done as quickly and costeffectively as possible. Evaluating what metrics to monitor and what systems are
critical to the day to day running of the business is key. You need to be confident that your IT Infrastructure documentation is accurate and up to date with all relevant information and assets detailed. These will include what applications are running on what servers, including server interdependencies, physical and logical topology information and resource utilisation. All this data can lead to information overload, hence you need an intelligent way of managing all the data. Here are five ways to make sure monitoring your IT infrastructure is not a major enterprise headache:
FILTER YOUR DATA TO ONLY SHOW INFORMATION WHICH IS RELEVANT ďšş MINIMISE THE NOISE.
When you need to understand the health of a critical business service and the systems which it relies upon, it is essential to filter out data from systems which are not related to current area of interest. For example, when evaluating the impact of a current attempt to attack multiple systems, you need to prioritise where to deploy your resources. This can be achieved by filtering out all non-critical systems which are under attack so you can focus on protecting the key business critical systems first.
CORRELATE YOUR MONITORING DATA TO IDENTIFY WHERE YOU NEED TO FOCUS RESOURCES
When there are multiple monitoring systems in place, it can often be difficult to know where to focus activity, especially if the team is small. An intelligent way in which to manage the estate, would be to correlate data from all your monitoring tools to identify what key systems and services require attention first. A server check may display some devices with high response times, however data from the network shows several interfaces to the server farm have high error count on them. Hence events need to be correlated from your different monitoring tools to understand the root cause of performance problems.
TRACK END USER EXPERIENCE TO IDENTIFY CHANGES IN PERFOR MANCE BEFORE THE USERS NOTICE
Rather than fighting performance problems when they are reported by end users, it would be better if you could identify service degradation before it has become an issue for your users and prevents them from carrying out their duties. If you can understand how somebody uses and experiences an application and how that experience varies over time, you can anticipate performance problems and identify the root causes of these issues before they affect the service.
INSTALL MODELLING SOFTWARE
Predicting the behaviour and growth of the infrastructure is vital for the business to remain competitive. By taking this proactive approach you can ensure that business critical services remain available and continue to achieve the level of performance the users have come to expect. Modelling software can achieve this by analysing current trends and then predicting future demands on the infrastructure, allowing you to plan for upgrades rather than fire fighting when the current capacity is exceeded.
“In order to deliver value to our customers, HP has used Intergence as our provider of Optimisation Services for the last two years to compliment our solution portfolio. During this period, Intergence have performed a number of very valuable APM and Voice over IP (VoIP) assessment studies for our key clients. Our experience of working with Intergence to date has been excellent both in terms of their professionalism and the consistent quality of their work. The consultants Intergence provide for HP engagements are always of very high calibre and knowledge experts in their ﬁeld. I would recommend their services to other organisations.” PETER FRIAR, PROJECT MANAGER AT HP, WHICH HAS BENEFITTED FROM INTERGENCE’S OPTIMISATION SERVICES.
OUTSOURCE YOUR INFRASTRUCTURE MONITORING TO A DEDICATED MANAGED SERVICE PROVIDER MSP
If you lack the resources to fully monitor your IT estate as it grows with the business, then it can be highly effective to outsource the activity to a dedicated MSP who can ensure that the infrastructure is being monitored 24 hours a day, 7 days a week. False positives can be reduced and key support staff can be notified immediately when an event of significance occurs.
August 2012 Vol.18 No.8 37
Distributing Emerging Technologies, Region-Wide
Dubai, UAE. Tel: +971 4 4294900 | Riyadh, Saudi Arabia. Tel: +966 1 2175530 | Beirut, Lebanon. Tel: +961 1 699033 | Cairo, Egypt. Tel: +20 2 26435280 Casablanca, Morrocco. Tel: +212 522 787154 | UK (Management Office). Tel: +44 207 228 9600 | Enquiries: firstname.lastname@example.org | www.fvc.com
The Devil is in the Details Arnaud Le Hung, EMEA marketing director for Ruckus Wireless explains how to get the best Wi-Fi performance from recent RF advances
August 2012 Vol.18 No.8
apidly rising performance requirements on enterprise and carrier Wi-Fi networks dictate squeezing every available megabit per second out of infrastructure gear — naturally driving increased interest in using any and all advances in radio frequency (RF) technology. One in particular, so-called transmit beamforming (commonly abbreviated as TxBF), is getting much more attention these days. While this is a potentially useful tool, be careful not to be fooled by vendor claims. As always, the devil is in the details.
RF BUILDING BLOCKS Many of the technologies available to help improve radio performance come from the broad category known as ‘smart antennas’. There are many variations on the theme, but the idea common to them all is using more than one antenna on one or both ends of the link to send and/or receive radio signals in a more controlled manner, to increase signal quality and throughput. There is now a whole family of multi-antenna techniques that can be employed to achieve radio frequency performance gains in Wi-Fi. In a properly designed Wi-Fi system, all of these tools can be used in combination to maximise results. Note that both aperture array and transmit beamforming are often referred to loosely as ‘beamforming’, since many in the industry consider the term to mean generically ‘shaping radio energy in space to focus on the target recipient’. There are fundamental differences in how these two technologies operate; however, yielding very significant differences in the performance improvements they can deliver in the real world ASSESSING TRANSMIT BEAMFORMING Transmit beamforming allows an access point to concentrate
40 August 2012 Vol.18 No 8
energy in the direction of a particular client using signal processing techniques (phasing or timing the signals differently) at the baseband chipset. Explicit client feedback is required for APs to determine the correct phasing for each client. While a promising potential addition to the radio frequency toolkit, in reality, transmit beamforming is subject to a number of constraints and disadvantages to be aware of: t No Client Support - There’s simply no way around it. Today this is a complete show-stopper. To achieve any real performance gains with transmit beamforming in WiFi, clients must support the optional feature in the 802.11n standard that provides explicit feedback to the AP about how to do beamforming effectively for each client. This feature has zero support in the market today and none on the way in the foreseeable future. t Incompatibility with Spatial Multiplexing - The explanation for this one is definitely best left to our beefy whitepaper, since it requires looking under the hood of how spatial multiplexing in 802.11n really works. The bottom line is that with any commercially practical number of radio chains, it’s impossible to achieve the higher data rates in 802.11n and use transmit beamforming at the same time. t Lots of Self-Interference With only three or even four radio chains to work with, transmit beamformingmakes very symmetric beam patterns, generally sending as much energy away from the client of interest as it does toward it. This increases selfinterference in the multi-AP networks that are critical to success in today’s highdemand-density venues, reducing spectrum re-use and overall system capacity. t Incompatibility with Polarisation Diversity - There’s
a technical subtlety at work here, too. The net-net is that transmit beamforming will fail frequently when used with today’s mobile clients with arbitrary orientation. t Modest Gains at Best - Even when it works, the Wi-Fi chipset engineering community predicts that performance gains in practice will be modest, on the order of 2–3 dB. ASSESSING ADAPTIVE ANTENNAS Adaptive antennas — the basis for Ruckus BeamFlex technology — involve manipulating the inherent directionality and polarisation of the physical antenna structure itself. This is achieved by electronically switching a subset of a large number of small antenna ele-
leverage of multipath and statistical optimisation techniques. WHAT’S IT ALL MEAN? In short, while vendors are now marketing transmit beamforming as the solution to the radio frequency performance problem all by itself, it’s not going to do much, if any good any time soon. There are circumstances when transmit beamforming will be useful when client support emerges and in combination to adaptive antenna switching. Since it’s available in the next generation of Wi-Fi chipsets transmit beamforming in combination with BeamFlex adaptive antennas, in a form of BeamFlex 2.0, offers a best-of-both-worlds solution that yields higher signal to interference plus noise ratio gain with less interference
“Note that both AA and TxBF are often referred to loosely as ‘beamforming’, since many in the industry consider the term to mean generically ‘shaping radio energy in space to focus on the target recipient’.” ARNAUD LE HUNG, EMEA MARKETING DIRECTOR FOR RUCKUS WIRELESS. ments into use with each radio chain for each packet sent. Element selection is optimised client by client, based on achieved throughput, relying on the ACK packet that all clients send as a 100% standard part of the Wi-Fi protocol. As a result of this unique layer zero role in the system, adaptive antennas have none of the operational limitations of transmit beamforming. Specifically, adaptive antennas require no special client behaviour beyond mandatory elements in the 802.11 standards (for b, g, or n) and can be used simultaneously with spatial multiplexing and polarisation diversity, mitigate interference through highly asymmetric beam patterns, and deliver two to three times the performance improvement of transmit beamforming, through
than transmit beamforming alone. So don’t return to the old omni-antenna reference-design implementations that continue to pollute both the enterprise and carrier network landscape with such mediocre Wi-Fi performance. Ultimately combining transmit beamforming with adaptive antenna technology will simply deliver the best of both worlds yielding what no other Wi-Fi supplier can provide and every customer wants - pervasive performance. Ruckus Wireless is a pioneer in the wireless infrastructure market, enabling carriers and enterprises to stay ahead of the exploding demand for highbandwidth applications and services. The Ruckus Smart Wi-Fi technology features flexibility, reliability, and affordability.
Monday 15th October, 2012 Jumeirah Beach Hotel, Dubai
RECOGNISING EXCELLENCE IN ENTERPRISE COMPUTING Have your achievements acknowledged at the 8th annual ACN Arab Technology Awards 2012
SPONSORSHIP OPPORTUNITIES NOW AVAILABLE
NOMINATION DEADLINE WEDNESDAY 15TH AUGUST, 2012
For sponsorship opportunities, please contact:
For nomination enquiries, please contact:
For table bookings and other information, please contact:
George Hojeige Sales Director, ITP Technology T: +971 4 444 3203 E: email@example.com
Mark Sutton Senior Group Editor, Technology T: +971 4 444 3225 E: firstname.lastname@example.org
Michelle Meyrick Events Manager T: +971 4 444 3328 E: email@example.com
To submit your nominations, or for more information, please visit:
Embracing Trends Dave Tanis, Technical Director EMEA at CommScope provides an overview of the new trends and technologies in the Enterprise LAN, along with their impact on the design of the cabling infrastructure
ver the past five years, a huge amount of attention has been given to the vast changes that have occurred in the data centre. New technologies have been introduced which have significantly changed the network architectures and, in turn the cabling designs within data centres. Although often overlooked, an equally significant transformation is occurring within the enterprise LAN. A poorly designed cabling infrastructure can dramatically impact the ability of the enterprise IT manager to implement new technologies.
LAN TRENDS The three major trends we see today are desktop virtualisation, increased mobility and the convergence of the green and intelligent building concept. Desktop virtualisation is
basically the virtualisation of the user’s applications onto a VM platform back at the data centre. This can be done on traditional desktops or PCs, as thin client or even on a mobile device. In the extreme case of thin client, all applications and data are stored at the data centre and the user’s terminal is effectively a dumb device used only for input, output and display. In these cases, bandwidth requirements are quite low. Surveys have shown that many are either using or evaluating virtual desktop infrastructure (VDI) however they are not doing so across all users. It may be impossible to virtualise every enterprise desktop. Like any new technology, there are advantages and disadvantages. VDI advantages include a potentially lower cost (although this is debatable, as
“Surveys have shown that many are either using or evaluating VDI, however they are not doing so across all users. It may be impossible to virtualise all desktops.” 42 August 2012 Vol.18 No 8
CommScope says that intelligent infrastructure systems play an increasingly important role in the Enterprise LAN.
a recent Microsoft study shows VDI is more expensive), more secure, and easier to provision new users. Disadvantages include difficulty and complexity of implementation, difficulty of running all applications in a virtualised state, difficulty of supporting peripherals, reliance on WAN for operation and additional requirements in the data centre. The second trend, bring your own device (BYOD) came out almost in parallel with VDI, as users began bringing in their favourite mobile devices, such as the iPad or smartphone. The trends all indicate that this will continue, and that it is inevitable. The pros of BYOD include reduced IT expense as the employee pays for their device and improved user morale and productivity through using their own favourite device. The cons include security breaches, configuration costs and increased wireless coverage requirement. The third trend, green or intelligent buildings, is reflected
in the significant movement to build green buildings in the Middle East, and most countries in the Gulf region have their own chapter of the Green building council. Similarly, the move to intelligent, all-IP buildings has been going on for a few years in the Middle East. This has lead to an overlap or convergence where the technology provides both a green and intelligent platform that achieves both objectives. Examples include Cisco Energywise, which utilises data regarding energy consumption of powered devices, and enables the setting of energy policies based on time of day for specific devices. CABLE DESIGN IMPLICATIONS Each of these trends has an implication on cabling design. We have traditionally seen an increase in the speed to the desktop every seven to eight years. In 1998 speeds were typically Fast Ethernet 100 Mb/s. In 2005, and still today, we are at 1 Gigabit to the desk, running on Category 6 cable. We anticipate, based on advances in high speed
transceiver technology, that this speed will increase to 10G Ethernet in the next two-three years, and that Category 6A cabling will be required to enable this increase. Some may argue that a lower grade cabling system will be sufficient, based on trends towards VDI. This is not the case, as VDI is not enjoying the huge success that server virtualisation enjoys in the data centre, and it is impossible to conclude that this will be the technology that will be deployed on 100% of clients for the foreseeable future. For this reason, we advocate use of Cat6A as a form of future proofing for the next speed of Ethernet to the desk; namely 10GBASE-T. BYOD definitely needs to be accounted for, and the wireless standards bodies continue to issue new standards for higher speed Wi-Fi. We are currently seeing 802.11n systems being deployed, with maximum throughputs in the hundreds of megabits/ second. As with all WiFi technologies, this bandwidth is shared amongst all users served by the access point. Standards in ISO/IEC, CENELEC and TIA are all given guidelines for cabling to support placement of access points for wireless networks, as well as cabling for intelligent buildings. For Wi-Fi, the standards recommend placement of outlets in 12 metre grids, to allow placement of access points for current and future enterprise network growth. In building wireless systems should also be considered if mobile coverage is poor. The best time to plan for an in building wireless network is when the building is under construction, and the cabling can be costeffectively deployed at the same time the IT cabling is installed. For several reasons, it is not recommended to try to integrate the Wi-Fi and mobile services on the same cabling network. Although technically feasible, the costs and effects on network performance far outweigh any savings achieved in cabling. Power Over Ethernet standards
continue to evolve, supporting higher power levels to end devices. Standards currently are finished for delivering 25 watts to end devices (POE Plus) and Cisco have introduced their Universal POE (UPOE) scheme which delivers over 50 watts to the device, utilising all four pairs. Higher powers mean that a broader range of devices can be powered, including VoIP phones, IP cameras and sensors, VDI terminals and even IP turrets. The cabling standards have also addressed POE and its impact on cabling. In particular, heat dissipation versus bundle size has been extensively studied, and it has been shown that Cat6A cabling can support larger bundle sizes compared with ca5e or Cat6. Other desktop technologies, such as fibre-to-the-desk, are also being deployed. These are typically limited to special applications, such as government networks, where the perceived security of fibre-based networks is seen as more advantageous than copper based networks in spite of the additional maintenance point of the media converter. THE ROLE OF INTELLIGENCE IN THE ENTERPRISE LAN Intelligent infrastructure systems (IIS) play an increasingly important role in the Enterprise
Intelligent Infrastructure can provide: t t t t t t t
Auto documentation of moves, adds, and changes Location awareness for connected devices Instant notification of connectivity events Closed loop incident and change management Improved asset and capacity management Lower maintenance and support costs Enhanced security and network uptime
LAN. The ability to provide realtime information on the end-toend passive layer becomes more important, as the number and types of devices increase. IIS can provide; auto documentation of moves, adds, and changes; location awareness for connected devices; instant notification of connectivity events; closed loop incident and change management; improved asset and capacity management; lower maintenance and support costs; and enhanced security and network uptime. The ability to provide endto-end trace and location also becomes important for energy
management schemes such as Energywise. With device location, energy policies can be applied to a specific location or room, rather than on a switch port basis, which must be manually tracked. IIS can also assist in identifying and locating rogue devices that may not meet a company’s BYOD policy. IIS systems can track these devices to the room they are located in, or at least to the access point that they are getting connectivity from. The upgrading and obsolescing of desktop machines is inevitable, but the obsolescence of cabling is avoidable provided a proper design has been put into place.
“The best time to plan for an in building wireless network is when the building is under construction, and the cabling can be cost-eﬀectively deployed at the same time the IT cabling is installed.”
Dave Tanis from CommScope says Cat6A is the best cable to use as a form of future proofing for the next speed of Ethernet to the desk.
August 2012 Vol.18 No.8 43
Prolexic says Layer 7 attacks declined in Q2 2012 DDoS attack prevention expert Prolexic Technologies has released its Quarterly Global DDoS Attack Report, which shows that the number of application layer (Layer 7) attacks against its global client base declined in Q2 2012. The total number of DDoS denial of service attacks increased 10% this quarter, however the Prolexic Security Engineering & Response Team (PLXsert) logged an 8% decline in application layer DDoS attacks, which accounted for 19% of all attacks. Infrastructure attacks (Layer 3 and 4) against bandwidth capacity and routing infrastructures totaled 81%. “Q2 data showed a return to traditional infrastructure attacks and is likely a reflection
of changing tools for launching DDoS attacks,”said Stuart Scholly, president of Prolexic. “With Layer 7 attacks, the risk of detection and eventual take down by law enforcement increases because these attacks disclose the IP address of the attacking botnet and this may be another reason for their decline this quarter.” According to Prolexic, GET Floods, the most popular Layer 7 attack type, continues to decline in popularity. In Q2 2011, GET Flood attacks accounted for 22% of all DDoS attack campaigns mitigated by Prolexic. In Q2 2012, GET Flood attacks account for just 14%. PLXsert also identified a rise in popularity for certain types of infrastructure-directed DDoS
attacks: ICMP, SYN, and UDP floods. In Q2 2011, these attack types accounted for 55% of attacks mitigated by Prolexic. In Q1 2012, they accounted for 59% and this quarter, the total percentage has increased to 67%. In Q2 2012, average attack duration for Prolexic clients continued to decline, dropping to 17 hours from 28.5 hours the previous quarter. China maintained its position as the top source country for distributed denial of service attacks, accounting for 33% of DDoS attacks. When compared to Q2 2011, 2012 has so far seen a 50% increase in the total number of DDoS attacks, an 11% increase in
August 2012 Vol.18 No.8
Prolexic Technologies says that infrastructure attacks against bandwidth capacity and routing infrastructures accounted for 81% of all DDoS attacks in Q2 2012.
infrastructure (Layer 3 & 4) attacks and a 63% higher packet-persecond (pps) volume. In Q2 2012, DDoS attacks against Prolexic’s global client base were evenly spread across all vertical industries - financial services, e-Commerce, SaaS, payment processing, travel/hospitality, and gaming. No industry was spared this quarter, illustrating that denial of service is a global, mainstream problem that all online organisations must face,” Scholly commented. Despite a low number of DDoS attacks in April and May, Q2 2012 was active overall, with the total number of denial of service attacks increasing by 10% compared to Q1 2012.
Kaspersky Lab extends D-Link agreement Kaspersky Lab has extended its partnership agreement with D-Link, combining D-Link’s NetDefend series of UTM Firewalls with Kaspersky’s endpoint security suite to provide enterprise customers with multi-layered protection. “I am very pleased with our expanding partnership with D-Link, which will provide customers with the best possible endpoint protection to complement its world-
class gateway-based security solutions,” said Stephane Le Hir, vice-president of Business Development at Kaspersky Lab. D-Link’s NetDefend UTM Firewall customers will now receive free licenses for Kaspersky Business Space Security as well as an option to buy additional licenses at a special D-Link programme rate. The combination of these two compelling products will enable D-Link and Kaspersky
Lab customers to deploy a multi-layered defense strategy designed to fight today’s evolving security threats. D-Link’s UTM Firewalls have been relying on Kaspersky Lab’s signature analysis for several years to power the anti-malware solution on their gateway products to secure the entry point to corporate networks. The addition of Kaspersky Business Space Security is designed to enhance the level
of protection even further by providing multiple layers of security defence. This adds another level of protection to networks where D-Link NetDefend UTM Firewall is deployed. The first level of protection is the D-Link NetDefend UTM Firewall gateway itself, which is designed to intercept and weed out the most prevalent and dangerous malware, spyware, or hacking attempts.
August 2012 Vol.18 No.8
Dave Ewart from Blue Coat says that the growth of BYOD initiatives has created a situation where IT security managers are facing a deluge of untrusted, unmanaged devices and applications on the corporate network.
Web security and WAN optimisation expert Blue Coat Systems, has introduced mobile application controls designed to close the security gap created by unsanctioned mobile applications on the corporate network. According to Blue Coat, the growth in bring your own device initiatives has driven an increase in mobile devices and unmanaged, untrusted applications on the corporate network. Figures from Forrester Research show that 57% of
employees chose and purchased their own smartphone without any direction or guidance from their company. To prevent unauthorised or undesired use of the corporate network, the Blue Coat mobile application is designed to extend to mobile applications the same granular operational controls the company provides for web-based applications. These operational controls are designed to allow businesses to set policies for employees around specific
Blue Coat introduces mobile app controls functions within both web-based and mobile-based applications. “The growth of bring your own device initiatives has created a situation where IT security managers are facing a deluge of untrusted, unmanaged devices and applications on the corporate network,” said Dave Ewart, director of product marketing, EMEA at Blue Coat Systems. “Blue Coat mobile application controls give administrators the ability, for the first time, to not only determine which applications
are allowed on the network but also to what extent mobile device users are able to interact with those applications.” The new mobile application controls are integrated into the Blue Coat ProxySG appliances and the Blue Coat Cloud Service. The mobile application controls are automatically updated through the Blue Coat WebPulse collaborative defense and immediately available to customers that currently have support contracts.
Sophos launches UTM 9 for gateway and endpoints Sophos has launched its Sophos UTM 9, designed to integrate gateway security and endpoint security in a single hardware or virtual box. The solution is designed to provide complete security protection, regardless of location and combines the company’s endpoint protection and unified threat management solutions into a single management console. “When I first identified the UTM market, my vision was it would eventually encompass everything that a company would need to protect against threats,” said Charles Kolodgy, research vice president, IDC.
“Endpoint security management was neglected and/or relegated to separate products. Recognising that mobile devices severely complicate endpoint management, Sophos is incorporating policy management for all endpoint devices, regardless of type and network, into their UTM solutions,” Kolodgy added. According to IDC Worldwide Quarterly Security Appliance Tracker, in the first quarter of 2012 (1Q12), the UTM market represented 28.5% of security appliance revenues due to 12.2% year-over-year growth. This trajectory presents tremendous
opportunities for VARs that partner with vendors offering these kinds of solutions. “With the new Sophos UTM solution, time-strapped IT managers can keep their organisation’s endpoints, network and data safe from threats, wherever their people work, whatever devices they use,” said Todd O’Bert, president, Productive Corporation. Sophos UTM 9 is designed to protect everywhere, using the cloud to secure and monitor staff wherever they are, and extend security gateways to deploy and manage endpoint protection as well as device control. Sophos’ innovative approach endpoint
protection uses its LiveConnect cloud service to allow users to manage all of their endpoints, no matter where they are or how they’re connected. The solution is also designed to enable secure remote application access without installing any software on the desktop. HTML5 VPN portal lets users connect to internal resources with any device from any location. The solution also manages internet access for guests and visitors with customisable wireless hotspots and scans email and web traffic with Sophos’ antivirus technology as well as a second commercial engine (from Avira).
August 2012 Vol.18 No.8
Ahead of the Game
Graham Owen, Regional Sales Director MEA, Cambium Networks says the Middle East lacks trained IT professionals
Can you tell us how you began working in the IT industry in the UAE? Back in 1999 I was working as the sales manager for a local travel agent who was managing the travel arrangements for Lucent Technologies. At this time Lucent spun off the voice and data platforms and formed a company called Avaya Communication. I was asked to meet with the MD at that time, we talked and he offered me the role of channel manager for the GCC. The rest is history.
in the UAE as this really has helped the city improve traffic flows. For Africa I would have to say running a PTP wireless link in Kenya over 1,200KM from Nairobi to Eldoret, when everyone said it could not be done. As a long term resident of the Middle East and having lived in the UAE for over 30+ years now I can safely say I am extremely proud to have been able to assist many different types of customers achieve their goals and help to improve the life of others in the region.
What is the best and worst thing about the networking industry in the UAE? The best thing about the industry is the diversity of people and solutions on offer today. The worst is the lack of reliability we still face throughout the region.
What IT product or innovation should the IT industry watch out for this year? Cambium Networks new PMP450 product is very exciting! It is our new platform that comes to the market in 2012 which will give our customers double the throughput (over 90Mbps), AES encryption, on-board GPS and built in surge suppression, all for a lower price than our existing PMP430 platform.
Talk us through what you do on a dayto-day basis. My role is to manage the Middle East and Africa region for Cambium Networks, which is a large geographical area that has many different time zones. My typical day starts off with me talking to customers in the morning in the Middle East followed by the customers in Africa in the afternoon and to finish the day working with my colleagues in the US and Europe in the early evening. What has been your proudest achievement in your career so far? Wow what a question! There have been some many great achievements but I think for the Middle East I would go for the traffic monitoring systems
Comparing the IT industry in the UAE to other countries, do you think it measures up or is lacking and why? There are many different sides to the IT industry, in some areas I believe the market here is well ahead of the game however in other areas I think it is severely lacking. To give a reason why, I think I would have to say that the lack of affordable training would account for the lack technical expertise in the region. What IT company, other than your own do you admire and why?
Ruckus Wireless as they are leading the way in the WiFi space and I believe is at this point one of the best WiFi products in the market today and I hope they will achieve their goal to become the number one WiFi manufacturer. Who do you look up to in your career and why? I think I would have to say one of my old bosses at Motorola Henrik Asbjorn, he gave us the freedom to make the right decision for the company and if we made mistakes, and there have been a few, we addressed them and moved on. I do not believe I have met many people in my career like him. What do you do for fun? I am an avid sports fisherman. I love to chase big game fish all over the world when ever I can. What is one unusual thing about you? After spending all of my life in the Middle East I still have not mastered the Arabic language and I am ashamed to admit that but it is true.
Enterprise grade, reliable IP Telephony solution for up to users per server. The only IPT solution that can seamlessly integrate with HP Networking E-series (former ProCurve) switches. Enjoy highest quality and a variety of IP & open-standards SIP phones and unified communication applications from the Number One vendor in Europe. Ask for a free trial today.