Driven by ONUG and the IT Community, the Future of SD-WAN Depends on Responsible Service Provider Delivery

by Kevin O’Toole

Software-defined wide area networking (SD-WAN) has come a long way since ONUG ignited the conversation about the market and practical use cases for this promising new technology just four years ago. Eighty-seven percent of 800 network management executives use or plan to use SD-WAN within the next two years, according to a March 2017 IDC survey of mid-size and large companies with at least 10 locations and representing a variety of industries. SD-WAN sales are predicted to grow at a 69 percent compound annual growth rate, reaching $8.05 billion in 2021, notes IDC’s Worldwide SD-WAN Forecast for 2017–2021. Continue reading

How AI will transform your Wi-Fi

by Bob Friday

I’ve always had a lot of respect for veterinarians, because they are masters at solving problems based purely on fuzzy symptoms that their patients cannot explain: where it hurts, how long it’s been hurting, and what events led up to the problem. Many times the patients don’t even know they are sick. Yet a vet is able to make educated guesses with the data they do have, which often results in successful diagnoses and treatments. Continue reading

How do we Define What is and is Not Actionable Intelligence in Cybersecurity Defense?

by Smit Kadakia

In the study of Machine Learning, the focus is on supervised and unsupervised learning. (We will not be considering deep learning in this article.) Supervised learning, and many aspects of unsupervised learning, require the known anomalies to be available to learn from and then predict anomalies in test data using the trained models and then fine tune them through techniques such as cross-validation. In cybersecurity, one is usually looking for an anomaly in the midst of a huge amount of normal traffic or behavior.  Such a characteristic makes the anomaly detection a very difficult problem—like finding a needle in a haystack. Furthermore, it is unrealistic to expect that training with anomalous data points in one industry, say  eCommerce, is applicable to another one such as a healthcare datacenter. Additionally, modern attacks are more sophisticated and they hide themselves among many false attacks to defeat threat detection systems.  Such complexity makes identifying anomalous training data points for all target industries a huge uphill battle. Lack of or difficulties in obtaining training data points make unsupervised learning a necessity in the world of cyber defense. Continue reading

SD-WAN Turns the Traditional Network and Its Legacy “Rules” on Its Head

by Tim Van Herck

This scenario should sound familiar to you: You’ve been running IT organizations for what seems like forever and while you work tirelessly to make sure the network is working right, that everyone can access the network at all times, and that network traffic goes where it needs to when it needs to be there, the fact that you can’t control every nuance can be frustrating and impeding to your service level objectives. There’s a certain lack of control when it comes to managing WAN links that are responsible for connecting your workforce to mission critical cloud applications and data, and you wish that more of that control was in your own hands. Continue reading

Evaluating Architectural Approaches to Micro-Segmentation

by Mukesh Gupta

The concept of segmentation has existed ever since we started connecting data centers to each other. In the early days, firewalls controlled what was able to get in from the outside. Perimeter firewalls are still a critical part of protecting the data center and that will never go away, despite the dissolving perimeter. As networks became more complex, we saw the concept of segmentation move inside with VLANs creating segments for the right size broadcast zones to ensure network performance. For more granular control, we’ve seen ACLs used to control what can communicate across networks. As application traffic and communication increases behind the perimeter, we’ve even seen the concept of the firewall move deeper into the data center to try to provide more granular control of East-West communications. Continue reading

Dynamically Securing Applications in a Multi-Cloud World

by Dilip Sundarraj

Security threats continue to increase exponentially in volume and in risk. According to a recent CBR article, cybercrime is expected to cost the world more than $2 trillion by 2019. Developers are creating applications more frequently and many are migrating them between different clouds for business agility. The greater volume and dynamic nature of applications make businesses more vulnerable. In fact, Microsoft predicts that we will be writing 111 billion lines of new code every year that will generate 50 times more data volume by 2020. This should give you an idea of the increased threat surface in a multi-cloud world.   Continue reading

The Multi-Cloud World is Here to Stay: Be Sure You Are Ready…

by Calvin Rowland

The whole tech industry is abuzz with talk of multi-cloud environments. Survey after survey shows definitively that the race is on to a multi-cloud world. In fact, according to IDC, 30%[1] or more of organizations have already migrated or have plans to migrate literally every workload to the cloud. Further, 85%[2] of large businesses will be committed by 2018 to multi-cloud strategies as IT continues to transform. Continue reading

The Blueprint for Micro-Segmentation 2.0

by Manuel Nedbal 

“Micro-segmentation” has rapidly become the de facto term invoked when cloud and virtualization teams start talking risk, compliance and security policy for highly virtualized or Cloud infrastructure environments.  Yet while this important concept provides a foundation upon which security may be applied, by itself, it does not constitute enterprise-class security. It is simply a foundation, a first step. Continue reading

Enabling Hybrid WAN for Cloud and IoT Applications

by Atchison Frazer

Back in 2015, we offered some popular advice on “how to create a virtual WAN” (VWAN), a concept that was widely covered in the media at the time as a game-changing alternative to MPLS. However, the name quickly became outdated, as discussions about the future of networking shifted to software-defined WANs (SD-WANs) and hybrid WANs that actually complement MPLS. Today, the VWAN descriptor is rarely used, except as an occasional synonym for SD-WAN. Continue reading

Service Assurance in Hybrid Cloud at an Affordable TCO

by Babak Roushanaee

During the spring 2017 ONUG general meeting, at the conclusion of the Monitoring and Analytics (M&A) panel, a member of the audience commented, “We are already collecting a lot of data; and, you are telling us to collect even more?” His point was well understood by the panel members and the audience:  there is a total cost of ownership associate with all that collection that is spiraling out of control.   Continue reading