PUBLICATION LICENSED BY THE INTERNATIONAL MEDIA PRODUCTION ZONE, DUBAI TECHNOLOGY AND MEDIA FREE ZONE AUTHORITY
www.networkworldme.com | Issue 153 | December 2011
VIRTUALISATION
SECURITY A battle looms over securing virtualised systems
PLUS:
HIGH-SPEED ETHERNET | LTE | MOBILE VIDEO | VIRTUALISATION
| THIN PROVISIONING
A BIG LITTLE GUY
WORLD Let’s hear it for the one man multinational. The information and communications technology we create is making the global business landscape more democratic. Because making the little guy’s voice as loud as the big guy begins with giving him the same tools to work with.
inside COMMENTS 04
ISSUE 153 | DECEMBER 2011
COVER STORY
Turning a new leaf
BITS 06
NetApp targets midsize market
08
Ericsson to manage Zain network
10
3M partners with Tamdeed Projects
12
Huawei buys out Symantec in joint venture
14
Alcatel promises better clouds for carriers
16
Cairo ranked region’s most networked city
EVENT REPORT 22
Marching towards the future: Citrix intros new apps and products
28
Virtualisation security A battle looms over securing virtualised systems
IN ACTION 24
Abu Dhabi Motors is wired for success
FEATURE 30
Planning for high-speed Ethernet
36
Thin provisioning
40
LTE vs. WiMAX
INTERVIEW
TEST
48
52
Oracle President Mark Hurd talks about the company’s strategy
Cisco WAAS shows pizzazz
NEW PRODUCTS 56
A guide to some of the new products in the market
LAYER 8 Corrigendum
58
All the news that’s fit for nothing
In the feature article on Web application firewalls that appeared in our CIO survival guide, Ramon Krikken was mentioned as the research analyst with Burton Group, which was acquired by Gartner. We regret the inadvertent error.
Stay Connected
Follow us on
twitter.com/networkworldme
facebook.com/NetworkWorldMiddleEast
FROM THE EDITOR
Publisher Dominic De Sousa
Turning a new leaf
W
COO Nadeem Hood
e are in the middle of a perfect storm, the like of which we have never experienced before. The confluence of rapidly evolving business models, fundamental shifts
Managing Director Richard Judd richard@cpidubai.com +971 4 440 9126 EDITORIAL
in technology and changing workforce is transforming how work
Senior Editor Jeevan Thankappan jeevan@cpidubai.com +971 4 440 9109
are now looking to reinvent technology use to embed innovation
Commercial Director Rajashree R Kumar raj@cpidubai.com +971 4 440 9131
gets done in enterprises. Faced with increasing competition and a
turbulent economic climate, organisations, regardless of their size,
at every point in the value chain. Be it services, mobile devices that provide access or data centres required to power an always-on
environment, technology is being used as a key differentiator and
to fuel business growth. And as applications grow and warrant more performance, it has become
imperative to fine-tune the underlying IT infrastructure for operational efficiency, performance and more importantly agility. This evolution from standalone to consolidated systems is reflected in the
network industry in general. The common theme in the networking industry today is consolidation
– the lines are blurring between computing, networking and virtualisation; storage, data and server
networks are being collapsed into a single layer. We have seen this consolidation trend impacting not just technology but the industry as well. In the last couple of years, there has been a frenetic M&A
activity in the industry with Brocade buying Foundry, HP grabbing 3Com and Juniper snapping up
Trapeze. Industry experts expect other big ticket deals to take place in 2012. Alcatel-Lucent is already scouting for a potential buyer for its enterprise business. Brocade is reportedly putting itself up for sale. In short, both network vendors and end-users should brace themselves for innovation, M&A activity and cutthroat competition in the next year.
In tune with zeitgeist, Network World Middle East, after 10 odd years of publication, is going to
be part of our flagship title Computer News Middle East, starting next January. Having said that, I
must hasten to add that this doesn’t mean the end of Network World ME, and we will continue to
ADVERTISING
Commercial Director Karl Hougaard karl@cpidubai.com +971 4 440 9136 Advertising Executive Merle Carrasco merle@cpidubai.com +971 4 440 9147 CIRCULATION Database and Circulation Manager Rajeesh M rajeesh@cpidubai.com +971 4 440 9147 PRODUCTION AND DESIGN Production Manager James P Tharian james@cpidubai.com +971 4 440 9146 Art Director Kamil Roxas kamil@cpidubai.com +971 4 440 9112 Designer Froilan A. Cosgafa IV froilan@cpidubai.com +971 4 440 9107 Photographer Cris Mejorada cris@cpidubai.com +971 4 440 9108
leverage the strength of the brand to offer new and unique opportunities around Web and events
DIGITAL www.networkworldme.com
region, in addition to a whole series of conferences that will provide the best environment for idea
Web Developers Jerus King Bation Erik Briones Jefferson de Joya Louie Alma
focused on technologies and solutions. The consolidated magazine, with a completely new look
and feel, will be the leading source of technology news and information for IT influencers in the
exchange opportunities among IT executives and IT solutions providers. We look forward to your continued support and here is wishing you a happy new year.
Jeevan Thankappan Senior Editor jeevan@cpidubai.com
Digital Services Manager Tristan Troy Maagma
online@cpidubai.com +971 4 440 9100
Published by
www.networkworldme.com | Issue 153 | December 2011
1013 Centre Road, New Castle County, Wilmington, Delaware, USA
Branch Office PO Box 13700 Dubai, UAE
If you’d like to receive your own copy of NWME every month. Just log on and request a subscription: www.networkworldme.com
Tel: +971 4 440 9100 Fax: +971 4 447 2409
PUBLICATION LICENSED BY THE INTERNATIONAL MEDIA PRODUCTION ZONE, DUBAI TECHNOLOGY AND MEDIA FREE ZONE AUTHORITY
NOT YOUR COPY?
Printed by Printwell Printing Press LLC
VIRTUALISATION
Regional partner of
SECURITY A battle looms over securing virtualised systems
PLUS:
4 Network World Middle East December 2011
HIGH-SPEED ETHERNET | LTE | MOBILE VIDEO | VIRTUALISATION
www.networkworldme.com
| THIN PROVISIONING
© Copyright 2011 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.
The strategic bridge between your data centre and your business? You. Only StruxureWare for Data Centres enables a healthy, business-driven data centre Tap into the health of your data centre
As an IT or data centre manager, you know that doing your job well means saving your company both time and money. Today, there finally is a way for you to be completely tapped into the overall health of your data centre. StruxureWare™ for Data Centres gives you visibility across your entire data centre infrastructure so you can make informed decisions — not arbitrary ones — about your infrastructure. For example, you can plan proactively for needed capacity and streamline workflow management to improve your business agility and availability. In fact, now more than ever, infrastructure decisions are business decisions.
Now, make informed decisions about your infrastructure:
>
Plan proactively for needed capacity.
An always available, efficient data centre
>
Blueprint data centre expansions and consolidations.
>
Streamline workflow management of your IT physical infrastructure to improve your business agility and availability.
>
Make changes knowing how they will affect your business.
>
Visualize change/capacity scenarios to improve your bottom line.
>
View your current and historic PUE/DCiE and energy costs of subsystems to make intelligent energy management decisions.
What’s more, StruxureWare for Data Centres communicates in real time with the leading virtualization platforms: VMware vSphere™ and Microsoft® System Centre Virtual Machine Manager. The software’s built-in automated response capabilities ensure that virtual loads always have healthy host environments. With your VMs on healthy hosts, you can focus on running your data centre more efficiently. The software also gives insight into PUE/DCiE trending over time, enabling you to make intelligent energy management decisions. With StruxureWare for Data Centres planning and reporting capabilities, who’s the company hero now? You are! APC by Schneider Electric™ is the pioneer of modular data centre infrastructure and innovative cooling technology. Its products and solutions, including InfraStruxure™, are an integral part of the Schneider Electric™ IT portfolio.
How Data Centre Infrastructure Management Software Improves Planning and Cuts Operational Costs White Paper 107
> Executive summary
Tap the business value of your data centre! Learn how in our management software white paper. Visit www.SEreply.com Key Code 12214p Afghanistan, Egypt, Iraq, Jordan, Kuwait, Lebanon, Pakistan, UAE, Yemen: + 971 4 7099333 Bahrain: 17557939 Oman: 80073666 or 800SEOMN Qatar: 4553010 Saudi Arabia: 920011101, +971 4 7099333 Turkey: 08002612135
©2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, StruxureWare, and InfraStruxure are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. All other trademarks are the property of their respective owners. APC Middle East, PO Box - 53852, Dubai, United Arab Emirates • 998-4108_ME-GB
bits NetApp targets midsize market NetApp has announced an addition to its Fabric-Attached Storage (FAS) 2000 family of arrays, an entry-level model with up to 432TB of capacity. Previously, NetApp’s mid-entry level product, the FAS2040, came with up to 136TB of capacity. The new FAS2240 comes in two rackmountable versions, a 2U (3.5-in high, FAS2240-2) or a 4U (7-in high, FAS2240-4) model. NetApp added 50% more memory in this array compared to its predecessor for a total of 12GB of NVRAM. The array can now also use 2.5-in solid-state drives (SSDs), along with traditional SAS, SATA and Fibre Channel drives. The FAS2240 array now also includes 10Gbit Ethernet connectivity. Previous versions of the FAS2000 series arrays required an expansion card to host the higher-bandwidth port. Martyn Molnar, Regional Sales Director of NetAPP, said the FAS2240 array line is
targeted at the small- to medium-sized business market, with workforces of 100 to 200 people. The FAS2000 series runs the latest version of NetApp’s Data ONTAP operating system to provide customers with a unified, scalable platform that supports multiple workloads at the same time. Data ONTAP v8.1 is the same OS now used for all of NetApp’s FAS/V-Series storage arrays, giving users the same view for file or block data. The FAS2000 lineup uses Web-based tools that work with either Windows or Linux servers, and the arrays can manage storage for VMware. NetApp’s SMB offerings now include the FAS3210, FAS2240 and the FAS2040. Along that same SMB theme, the FAS2240 also uses the most recent version of OnCommand System Manager 2.0. It offers a redesigned browser-based GUI
Software AG updates cloud road map Software AG’s WebMethods middleware and ARIS process modeling tools are now certified for deployment on Amazon’s Elastic Compute Cloud and VMware, the company announced as part of an update on its overall cloud strategy. The company signaled its intentions for the products earlier this year, but it’s just an initial step in a longer-term plan, said Matt Durham, senior vice president of business development. Now work is ongoing to fully re-architect Software AG’s products for the cloud, which is “a huge undertaking,” Durham said. “It’s 6 Network World Middle East December 2011
going to take us a long time. In the meantime, this is a pragmatic step to take.” Customers can at least get the benefits of utility-like infrastructure through EC2, he said. In addition, while some customers were already using VMware, the certification should provide them with additional assurances, he said. To use EC2, customers will have
96%
is the mobile penetration rate in the middle east
www.networkworldme.com
with easy-to-use Wizards for common tasks such as volume configuration and management. The array is mainly aimed at serving Microsoft Exchange and SQL Server environments.
Martyn Molnar, Regional Sales Director of NetAPP
to contract separately with Amazon, while purchasing CPU licenses from Software AG, Durham said. Software AG’s processor-license policy lines up with Amazon’s virtual core model, he said. Customers will be able to move existing CPU licenses they have to Amazon, according to a spokeswoman. Companies can use Amazon for development, test and production, but Software AG expects most activity to fall in the first two categories, he said. Software AG’s ultimate goal is to build out a full PaaS (platform as a service), according to Durham. It has some pieces in place already, with WebMethods serving as a Java application server and Terracotta providing an in-memory cache, he said. “We need a persistence layer,” he said. “We could use any number of available options and we’re looking at a lot of those.”
www.networkworldme.com
December 2011 Network World Middle East 7
bits Ericsson to manage Zain network In one of the largest deals of its kind in the Middle East, Zain, one of Iraq’s mobile telecommunications providers has signed a $650 million five-year network outsourcing agreement with Ericsson, a provider of telecommunications technology and services and its local partner SIM (Service in Motion). Under this agreement, Ericsson will optimise, modernse and manage IT operations and Zain’s mobile network in Iraq that currently includes more than 3,700 sites across the country, the company said. This is a significant deal for Zain as the agreement is expected to enhance the company’s competitiveness in the Iraqi market. According to Zain, it served over 12.4 million active customers in Iraq as of 30 September 2011. The deal with Ericsson will enable Zain to increase its focus on its core customer facing business activities such as managing its customer relationships
and to offer a shorter time-to-market for offering new services and technologies, representatives of the agreement said. In addition to which, experts said that the arrangement with Ericsson has the objective of improving network efficiency, reducing operating costs and optimising Zain’s investment in Iraq. Nabeel Bin Salamah, Zain Group CEO said that “Through this agreement, Zain in Iraq will be better positioned to support the evolution and growth of the Iraqi telecommunication industry. Zain Group’s investment in Iraq since the launch of commercial services in 2003 and the subsequent development of the country’s largest mobile network has exceeded $4.5 billion and we will do our utmost in ensuring that all Iraqis receive the urgently-needed quality mobile telecommunication services they deserve.” Anders Lindblad, president of Ericsson Region Middle East, said, “This agreement will allow Zain to strengthen its competitiveness in this growing
Nokia Siemens cuts 17,000 jobs Nokia Siemens Networks is set to cut 17,000 staff around the world. The news comes as the company announced a strategy to cut operating and production expenses by 1 billion Euros (£860 million), and to refocus on mobile broadband and services. It will also cut costs of IT, property, procurement, general and administrative expenses, and reduce the number of its suppliers.Nokia Siemens Networks will consolidate sites, transfer activities to global delivery centres, reduce some central functions, integrate Motorola’s wireless 8 Network World Middle East December 2011
www.networkworldme.com
market and allow them to focus on providing an improved experience to its mobile services subscribers. Ericsson has more than 45,000 service professionals and over 15,000 sourced resources, working with the same tools, methods and processes globally. We are now welcoming additions to that through the knowledge and expertise of the Zain employees in Iraq.” Following its recent expansion to northern Kurdistan, Zain plans to invest in its network infrastructure in the coming years to increase its network coverage in the country. The company’s Corporate Social Responsibility support programs have stretched across many needy areas over the years, with Zain Iraq’s total contributions exceeding US$25 million to date. The company employs over 2,500 Iraqi nationals who regularly undergo professional training and advancement programs.
assets, and simplify processes. Rajeev Suri, chief executive officer of Nokia Siemens Networks, said the company needed to “take the necessary steps to maintain long term competitiveness and improve profitability in a challenging telecommunications market”. “We believe that the future of our industry is in mobile broadband and services - and we aim to be an undisputed leader in these areas,” he added. The company will target end-to-end mobile network infrastructure and services, with the emphasis on mobile broadband.
bits 3M partners with Tamdeed Projects
3M Gulf has partnered with Etisalat – Tamdeed Projects to offer unique solutions for structured cabling systems and FTTH (fibre to the home) networks across key industry sectors in the UAE. The scope of the newly formed alliance will witness 3M, a manufacturer of specialised telecom products and Tamdeed Projects, a provider of integrated network solutions to offer a complete package of unique end-to-end solutions to customers. Ali Alomari, General Manager of Tamdeed Projects, said, “In addition to offering turnkey solutions for indoor and outdoor telecom networks, Tamdeed Projects, a specialised business unit
part of Etisalat Services Holding, has established itself as a leader in the UAE for service delivery of fibre optic solutions. We are currently expanding our existing portfolio in the telecom networks environment and have launched IT based products and services catering to the active networks domain; hence establishing presence in the UAE, as a turn-key software, solutions, services, system integration and consulting entity”. With in-house capabilities in FTTH and telecom infrastructure, Tamdeed offers surveying, planning, designing, implementation, maintenance & support, monitoring, auditing & c onsulting services to the UAE market and neighbouring countries. Prior to forging this alliance, 3M and Tamdeed had jointly executed a specialised project for the Abu Dhabi Education Center Schools (ADEC), wherein the two entities experienced the innovative, technical, logistical, geographical and financial synergies of collaborating on key projects.
Dell has upgraded its PowerEdge servers with the just-released 16-core Opteron processors from AMD.The company has upgraded the four-socket PowerEdge M915 blade server, which will be able to include up to 64 Opteron 6200 chip cores. The new servers will be faster than the M915 with the older 12-core Opteron 6100 chips. AMD last month announced the availability of its first Opteron 6200 server processors, which carry the most cores available on x86 chips today. The chips, code-named Interlagos, are 25 percent to 30 percent faster than
their 12-core predecessors. The new chips are based on the new Bulldozer processor architecture, which is also more power efficient. The PowerEdge M915 with Opteron 6200 processors offers a 30 percent gain in memory bandwidth, and a 25 percent gain in server-side Java performance compared to the same servers with the 12-core Opteron 6100 processors, said Jim Hahn, a Dell spokesman. Dell introduced the M915 last year as a virtualisation and highperformance computing server.
Dell PowerEdge servers get AMD's new 16-core chips
10 Network World Middle East December 2011
www.networkworldme.com
WatchGuard launches iOSfriendly appliance WatchGuard’s latest security appliance, the XTM 330, allows business travelers from small enterprises to use their iPads or iPhones to communicate securely with the office. WatchGuard has implemented the IPSec functionality already present on the Apple devices, allowing users of Apple’s iOS-based products to securely access corporate resources irrespective of where they are using encrypted tunnels. The iOS functionality comes courtesy of the latest version of the XTM OS, which was announced on Tuesday, as well. WatchGuard has also added IP version 6 functionality and improved reporting features, it said. The XTM (Extensible Threat Management) family combines firewall, VPN, and security services to protect networks from spam, malware and intrusions. Companies that want more than firewall and VPN functionality can choose between a number of different add-ons, including Gateway Anti-virus and Application Control. The latter allows enterprises to IT administrators to monitor and control access to business and Web applications, by name or by function. The rack mountable XTM 330 is a good fit for companies with between 30 to 50 users. It has seven Gigabit Ethernet ports, and can handle up to 850Mbps firewall throughput and 150Mbps when using VPNs, according to a WatchGuard’s specifications.
bits Huawei buys out Symantec in joint venture Huawei Technologies will buy out the rest of a joint venture with Symantec for $530 million. The venture, based in Hong Kong, was formed in 2008 to integrate Symantec storage and security software into appliances built with Huawei’s telecommunications equipment expertise. Symantec owns 49 percent of Huawei Symantec Technologies, while Huawei holds 51 percent. After the sale, which is expected to close in the first quarter of 2012, Symantec will receive royalties from Huawei for seven years for the technologies it contributes to the appliances. Symantec will still maintain its own business in China, which includes
Enrique Salem, Symantec’s CEO
two research and development centres, and its own appliance business, said Enrique Salem, Symantec’s CEO. The few Symantec employees who worked for the joint venture itself will move to other parts of Symantec, he said. Huawei Symantec Technologies entered the U.S. market late last year with the Oceanspace S2600 and N8300 storage platforms and the Secospace USG2000, a network gateway including switching, routing and security features. “If we were going to continue to grow that business and be more competitive in the global market, it would have required us to continue to increase our investments and Huawei to increase their investments,” Salem said. Instead, it was in Symantec’s best interest to invest in other areas of its business, such as mobile and cloud computing, he said. There also were issues on which the partners saw differently, he added.
RISC, Itanium lose out to x86 in Q3 server market The worldwide server market grew by unit shipments and revenue in the third quarter this year, but the downward spiral of RISC and Itanium servers continued on the gains of x86 servers, Gartner said. Worldwide server unit shipments totaled 2.4 million during the third quarter this year, growing by 7.2 percent compared to the same quarter last year, Gartner said in a statement. The shipment of high-end servers and mainframes based on RISC and Intel’s Itanium architecture declined by 6.8 percent during the quarter, while shipments of servers based on x86 chips grew by 7.6 percent. Overall server shipments increased due to strength in Asia-Pacific, where shipments grew by 23.9 percent, Gartner 12 Network World Middle East December 2011
said. X86 server shipments grew despite weakness in U.S. and Western Europe. Worldwide server revenue was $13 billion during the quarter, growing by 5.2 percent year-over-year. Despite a drop in shipments, revenue from servers based on RISC and Itanium shipments grew by 3.5 percent year-over-year to $2.4 billion. The revenue trend was driven by IBM, which recorded revenue growth of 27 percent for the category. Revenue declined for second-place Oracle, which sells servers based on the SPARC architecture, and third-place HewlettPackard, which sells Itanium servers. Despite struggles, HP remained the top server maker worldwide by unit shipments, but IBM took over the top spot in worldwide server sales. IBM’s total server revenue was $3.85 billion, www.networkworldme.com
growing by 3.5 percent with a 29.7 percent revenue share. HP’s revenue was $3.8 billion, a decline of 3.6 percent and a 29.3 percent revenue share. HP’s server shipments declined by 3.1 percent, giving the company a 32.3 percent market share. Shipments of second-ranked Dell went up by 3.2 percent for a market share of 21.8 percent, while IBM’s server shipment market share dropped to 12.1 percent on flat shipments.
bits Alcatel promises better clouds for carriers
Alcatel-Lucent is developing a cloud computing platform for carriers that aims to take full advantage of their networks to deliver guaranteed performance. Carriers can use the platform, called CloudBand, both to run their own software and to offer cloud computing services to enterprises. For internal purposes, the cloud can make it faster and cheaper to launch and operate services, and for subscribers it will offer more predictable performance than current clouds, according to Alcatel. Carriers will be able to
sell cloud computing services with guaranteed availability and response times, the company says. Service providers already can build their own cloud data centres and link them to their infrastructure, which can provide an edge in performance over using the open Internet, said Dor Skuler, vice president of cloud solutions at Alcatel. But CloudBand goes beyond this with software that examines a wide range of conditions and user requirements to find the best settings for a given application at a certain time. Meeting a customer’s service-level agreement might require giving certain packets a higher priority, setting a higher quality of service, setting aside a portion of network bandwidth or using a server in a particular location. “There are so many choices, and you have limited resources,” Skuler said. CloudBand can determine how those resources can best be used. At the heart of CloudBand is the CloudBand Management System, based
on algorithms developed by Bell Labs, the former Lucent and AT&T research center. It takes into consideration factors such as server load, network congestion and latency to make sure service-level agreements are met, Skuler said. The other component of CloudBand is the CloudBand Node, the set of computing, storage, virtualisation and cloud management components at each cloud facility on the network. Alcatel will work with HP, under a 10-year global partnership, to build sets of gear optimised for use with CloudBand. But carriers can implement CloudBand without buying that particular data centre gear, Skuler said. Alcatel envisions carriers taking advantage of their networks to set up CloudBand Nodes in locations near the edges of their networks. These would work in the same way as local content caches, in this case giving enterprises in that area quicker access to cloud resources, Skuler said.
HP powers move to cloud HP has announced new Cloud Solutions that advance deployment of private, public and hybrid clouds, enabling enterprises, service providers and governments to capitalise on emerging market opportunities. HP Cloud Solutions, based on HP Converged Infrastructure, provide the hardware, software, services and programs that enable service providers, enterprises and governments to rapidly and securely deliver IT as a service. “Clients want to understand, plan, build and source for cloud computing in a way that allows them to gain agility, reduce risk, maintain control and ensure 14 Network World Middle East December 2011
Eyad Shihabi, Managing Director, HP Middle East
www.networkworldme.com
security,” said Eyad Shihabi, Managing Director, HP Middle East. “The new offerings are the culmination of HP’s experience in delivering innovative technology solutions, as well as providing the services and skills needed to drive this evolution.” HP’s new offerings address the key areas of client needs – building differentiated cloud offerings, consuming cloud services from the public domain, and managing, governing and securing the entire environment.
Affordable
Easy to use
Powerful
Network Performance Management Software Trusted by over a million administrators worldwide
w w w . m a n a g e e n g i n e . c o m / n p m Customer speaks: “…Before ManageEngine, we were using a number of different monitoring systems depending on the type and brand of equipment being Monitored.... Now we have a single application that monitors nearly any piece of equipment we have on our network...”
Have you ever wondered if it’s possible to gain 100% visibility in to your network performance even as the IT budget is shrinking?
Try ManageEngine! Download the free 30 days trial now www.manageengine.com/npm
Andrew Harkins, Network Operations Team, Avera McKennan Hospital
Awards:
Our Network Performance Management includes: Automatic L2/ L3 Network Mapping | Network devices health and performance monitoring | WAN and VoIP performance monitoring | Network Traffic Analysis | Network Quality of Service (QoS) monitoring | Network Change and Configuration Management | EventLog, Syslog and SNMP Trap monitoring | Server Virtualization monitoring – VMware/ Hyper-V | Indepth Application Performance Monitoring
ManageEngine Powering IT ahead
90:10 Promise 90% of the features of the Big 4 at 10% of the price
sales@manageengine.com
bits Cairo ranked region’s most networked city The second edition of Ericsson’s Networked Society City Index ranked Cairo and Istanbul amongst the world’s 25 largest cities according to their ability to transform Information and Communications Technology (ICT) to social, economic and environmental benefits. Istanbul and Cairo were the only two Middle Eastern cities that made the list and are ranked 14th and 19th respectively. The Index aims to identify which markets successfully met social, economic and environmental targets by making extensive investments in ICT. Through the Networked Society City Index study, Ericsson aims to contribute and inspire the development of Networked cities around the world. The study shows that Istanbul and Cairo are amongst the medium ICT maturity cities. The connecting entrepreneurial businesses and citizens in these rapidly growing economies can both further citizens’ benefits and help maintain economic growth by improving
Anders Lindblad, President and Head of Region Middle East and North Africa, Ericsson
citizen health, education and productivity whilst lessening the adverse impact on the environment from the rapidly expanding economic activity. “The inclusion of Istanbul and Cairo in the Network Society Index demonstrates the growing importance of ICT in the Middle East. It also reflects the vision of countries like Turkey and Egypt, which are making a concerted effort to ensure
that the national infrastructure enables not only connectivity but, importantly, competitiveness,” said Anders Lindblad, President and Head of Region Middle East and North Africa, Ericsson. “Istanbul and Cairo are wonderful examples of cities that are proactively investing in their future. While they are only two cities from the Middle East mentioned in the Index, we recognise that there are several more around the region that are putting a tremendous amount of effort into evolving their own Network Societies.” “It is crucial to analyse the perspective of individual citizens,” says Patrik Regårdh, from Ericsson’s Networked Society Lab. “Successful cities excel at attracting ideas, capital and skilled people. Such positive attraction requires constant progress in economic terms, as well as within a social and environmental context.” The new study also looks at the benefits ICT has enabled in various cities in areas such as health, education, economy, the environment and efficiency, as well as its citizens’ exposure to ICT.
Mobile subscription set to soar in Middle East The number of mobile subscriptions in the Middle East will cross the 250-million mark during 2012, reaching 271.27 million at end2012 and rising to 352 million at end-2016, according to forecasts by Informa Telecoms & Media. Additionally, the average mobile penetration rate for the Middle East will cross the 100% mark in 2012: It will rise from 97.72% at end-2011 to 107.09% at end-2012, exceeding the mobile penetration rate in North America (US/ Canada) for the first time. (The mobile penetration rate in North America at end2012 will be 102.77%.) 16 Network World Middle East December 2011
Iran will continue to be the biggest mobile market in the Middle East by subscriptions with 82.91 million subscriptions forecast for end-2011, rising to 122.13 million at end-2016. Saudi Arabia has the next biggest mobile market in the region by subscriptions, with a 50.8 million active mobile subscriptions forecast for end2011, rising to 71.32 million at end-2016. “The impact of competition, the availability of new data-based services, increasing affordability and population growth will all contribute to the continued rise in mobile subscription www.networkworldme.com
numbers in the Middle East in the coming few years,” said Matthew Reed, Dubai-based head of mobile research for the Middle East and Africa at Informa Telecoms & Media. “However, the rate of growth in mobile subscriptions in the Middle East will slow over the coming years,” said Reed. “The markets have become tougher as they have become more competitive and mature, and operators have been seeking to cut costs where possible; put more effort into customer retention; and focus more on the main clear growth area, which is data services.”
www.networkworldme.com
September December 2011 Network World Middle East 17
bits GOOD
BAD
UGLY
Broadband impact A new report, conducted jointly by Ericsson, Arthur D. Little and Chalmers University of Technology quantifies the isolated impact of broadband speed, showing that doubling the broadband speed for an economy increases Gross Domestic Product (GDP) by 0.3%. A 0.3 percent GDP growth in the Gulf Cooperation Council (GCC) region is equivalent to approximately USD 2.6 billion. The study also shows that additional doublings of speed can yield growth in excess of 0.3 percent (e.g. quadrupling of speed equals 0.6 percent GDP growth stimulus). Both broadband availability and speed are strong drivers in an economy. Last year Ericsson and Arthur D. Little concluded that for every 10 percentage point increase in broadband penetration GDP increases by 1 percent.
Good
Intel’s HDCP system cracked Intel's High-bandwidth Digital Content Protection (HDCP), which is its copy protection system for audio and video, has been cracked by a German research team using off-the-shelf products, to prove that there are flaws in its encryption. HDCP sits inside nearly every HDMI or DVIcompatible TV or computer flat screen. It serves to pass digital content from a protected source, such as a Blu-ray, to the screen via an encrypted channel. The entertainment industry has used the protocol for nearly a decade to prevent users from copying and pirating movies and games. However, researchers at the Secure Hardware Group of Germany's Ruhr University of Bochum (RUB) have cracked Intel's encryption protocol with a "man-inthe-middle" attack, using a 200 ATLYS board from the company Digilent and a Xilinx Spartan-6 FPGA.
Bad
Avaya beefs up switch architecture Avaya has rolled out extensions to its 4000 series switches and said its year-old virtualised networking architecture is taking hold in campuses and data centres. The new Ethernet Routing Switch (ERS) 4000 series switches are designed to help enterprises optimise networks for collaboration, and simplify the convergence of voice, video and data. One of the key new features of the line is a boost in stacking bandwidth from 320G to 384Gbps. Along with the switches, Avaya rolled out new software that includes support for Power over Ethernet (PoE) and PoE+, among other features. The switches are compatible with Avaya’s Virtual Enterprise Network Architecture (VENA), a blueprint unveiled a year ago to allow users to optimise the network for business applications and services through virtualisation. VENA is a software enhancement that supports the emerging IEEE 802.1AQ Shortest Path Bridging (SPB) standard for deploying multiple active paths in a data centre switch fabric. While SPB may not be going gangbusters, Avaya says components
Iran battling Duqu malware The Duqu malware, linked by some experts to last year's notoriousStuxnet attacks, has struck Iran, an official in the country has told local news sources. The scale of the attack is unclear, but looks to be on a much smaller scale than Stuxnet in 2010, which many experts have convinced themselves was part of a concerted targeted attack on Iran's nuclear programme. "We are in the initial phase of fighting the Duqu virus," Brigadier General Gholamreza Jalali told an Iranian news agency. "The final report which says which organisations the virus has spread to and what its impacts are has not been completed yet." "All the organisations and centres that could be susceptible to being contaminated are being controlled," he said. Iran was countering Duqu using security unspecified home-grown software, Jalali added without blaming any outside agency for the attack.
Ugly
18 Network World Middle East December 2011
www.networkworldme.com
of VENA - such as switch clustering, “enhanced” Shortest Path Bridging, wireless networking, network access control, and network management are being picked up by customers. “Our long-term strategy is successful, and momentum continues to build up” for the architecture, says Jean Turgeon, global general manager for Avaya Networking. “Many customers have bought (Avaya switches) based on VENA. Customers like where we’re going and we have real deployments.” VENA is competing with other network virtualization and fabric architectures from Cisco, Brocade, HP, Dell, IBM, Extreme, Enterasys, AlcatelLucent, and others. Though there’s less of a footprint for SPB specifically, Turgeon says the VENA message is resonating with customers. “It’s our most successful strategy launch,” Turgeon says of VENA. “Today’s biggest pain point is around the data centre and VM mobility. Done and delivered. And now we’re extending new services across the campus with the need for per-box provisioning.”
We find the best solutions globally to help you locally
FVC delivers the technologies to free your business Technology overload, marketing hype, business demands. It’s hard to balance what’s possible against what’s essential. We believe your priority should be implementing transformative products and technologies that impact your business at once - from telepresence to network traffic management, security to WAN optimisation. And we’ve wide experience of implementation and training across the region. Let us be your partner of choice for tomorrow.
www.networkworldme.com
December 2011 Network World Middle East 19
event report
Marching towards the future At its Synergy conference held in Barcelona, Citrix has taken the wraps off a whole new array of products and applications. Aparna Shivpuri Arya has the details.
T
he IT industry is besieged with consumerisation and there is a demand for more mobility and an integrated platform, which allows users to access the same information from different devices, according to Citrix. The company’s CEO Mark Templeton, during his keynote, assured the audience that Citrix was working on this by announcing the launch of CloudGateway, a new product which the company says will radically simplify the delivery and management of apps and IT services. This is said to be the industry’s first unified service broker that aggregated, controls and delivers Windows, web, SaaS and mobile apps to any user on any device. The CloudGateway product line empowers end users with self-service access to all of their business apps, and gives IT unmatched control over apps and data from public cloud environments, accelerating enterprise adoption of cloud and mobility. At the show, Citrix unveiled its HDX ready System-on-Chip (SoC) initiative, designed to enable an entirely new generation of devices to deliver highdefinition virtual apps and desktops. Citrix
20 Network World Middle East December 2011
is working with NComputing as well as Texas Instruments, Wyse, LG and a variety of monitor makers to create low-cost thin clients based on the new technology. Citrix expects that the new chip could cut the price of thin clients by a third. Citrix also introduced ShareFile, gained from a recent acquisition, which allows users to “share any file instantly with anyone” from handheld devices, tablets and laptops, along with an updated GoToMeeting product that adds a Workspace feature that can integrate workgroups into the Web collaboration application. Citrix said the Workspace feature will be available in the first half of 2012. Also, the company said the Citrix Receiver software client will be enhanced with Follow-Me Data technology preview by year’s end. The updated software will be integrated with the Citrix ShareFile service to allow a user to access any data from any source while using any device. Users will be able to open, view, edit, share and save any document. The fact that many users now have a multitude of different devices puts new demands on how data is stored and shared, giving rise to the personal cloud, according to Citrix. It has acquired ShareFile because it has high hopes for www.networkworldme.com
Mark Templeton, CEO, Citrix
this burgeoning sector, which Citrix expects will be “a multi-billion dollar opportunity by 2015.” Other major announcements included the acquisition of UK-based App-DNA, a maker of tools for speeding the migration of applications to new platforms, including from physical to virtual OSs. At the show, Templeton coined a new term - VUCA ( Volatility, Uncertainty, Complexity and Ambiguity) – to define consumerisation. With the current world scenario being volatile and full of uncertainties and complexities, which create ambiguity, he said companies such as Citrix have to build solutions assuming there is VUCA. Answering the basic question- why do we build clouds, he said that clouds are built to deliver apps. He emphasised that it is all about going ‘mobile’ and connecting every kind of device and every kind of apps. “Future is about these clouds providing such productivity, agility and flexibility that people, business and IT needs to deal with this world of uncertainty, this VUCA world.”
www.networkworldme.com
December 2011 Network World Middle East 21
in action: abu dhabi motors
Going all IP
Wired for success Abu Dhabi Motors has deployed latest cabling solutions to future proof its network.
A
bu Dhabi Motors, the exclusive importer for BMW, RollsRoyce and Mini Cooper, has recently implemented a network cabling solution, provided by R&M. Abu Dhabi Motors, the largest dealership in the region and part of the United Al Saqer Group, one of the largest conglomerates in the UAE is known for its sophisticated design and high tech standards. Recognising the importance of using high quality cabling, Abu Dhabi Motors sought out tier one vendors, such as R&M for its network infrastructure project. The company also required maximised performance and solutions compliant to the latest industry standards and beyond. Osama Abushaban, head of the ICT Department for United Al Saqer Group, said, “Given Abu Dhabi Motors’ high tech standards, it was imperative we obtain the highest levels of performance from our new network. R&M went the extra mile to recommend the optimised solution of its modular and customisable copper and fiber range, giving us not only maximum performance now but going forward in planning future network requirements.” R&M was tapped to provide the network
22 Network World Middle East December 2011
cabling infrastructure for their renovation as well as construction of new Abu Dhabi Motors building premises. The project was also crucial as Abu Dhabi Motors connected more than 15 branches to the United Al Saqer Group’s headquarters building. “For United Al-Saqer Group’s Head Office, it is critical and essential to have reliable networking infrastructure of both passive and active components in order to successfully execute our business initiatives and enable any current or future data requirements,” added Abushaban. The three phase project scope comprised connecting the Abu Dhabi Motors’ administration building, the BMW showroom, and the automotive workshop. Three different certified R&M installers including Emirates Computers, Aesthetix and Wavetech worked on this multi-phase multiyear project. The project started December 2009 and ended June 2011. R&M recommended their advanced Cat. 6 copper cabling for connecting the network. Cat. 6 unshielded (Cat.6 U/UTP) cabling was used for horizontal cabling as it is the best option for better connectivity, delivering excellent headroom beyond 500 Mz. Cat. 6 unshielded also supports future bandwidth needs and 10 GB performance. In terms of network speed, R&M advised Abu Dhabi Motors to deploy Fiber Optics OM3 (FO OM3) allowing users to operate on faster data transmission speeds. Security level 1 color coding was used for sensitive points for easier reach and use. This ensures Abu Dhabi Motors not only a robust and high performance network for current needs but the requisite scalability for future data growth without www.networkworldme.com
Etisalat has announced the completion of the project that links all branches of the Sharjah Cooperative Society in Sharjah, through IP. This service enables the branches to communicate internally and transfer data safely and privately through a reliable infrastructure. Through this project, Sharjah Cooperative Society will develop the process of utilising its resources, which makes management of the branches easier and improves the quality of its performances while achieving maximum benefits for both customers and staff. Commenting on the success of the project, Abdulaziz Hamad Al Taryam, General Manager - Northern Emirates, Etisalat, said: “Etisalat has one of the best infrastructures in the region, supported by the latest Fibre- Optics technology in the World, which enables us to provide high quality services to our partners in the business sector. We highly value the trust and confidence of the Sharjah Cooperative Society, as we strongly believe that this project will improve the standards of performance and productivity within the Cooperative.” HE Majid Al Junaid, General Manager of Sharjah Cooperative Society, commented: “We are always striving to develop and update the process of linking our branches together by the latest technologies. This has been in line with our strategies since our inception in 1977, which is reflected through the high quality of services that we provide to our consumers. The project will allow us to link the Cooperative’s 23 branches through Internet Protocol (IP), enabling us to distribute unified data among the branches efficiently, which will contribute to the development and level of performances within all the branches.”
any drop in network performance or speed. Additionally, FLEXkanals and multifunctional DESKboxes were deployed for maximum user connectivity of various applications. With R&M solutions, the project is now fully equipped in terms of data transmission speed and optimised network performance. “The process of building and renovating was challenging as we had to gut certain walls to implement a cabling solution to meet client’s current and future requirements. With our enterprise range, Abu Dhabi Motors now have in place a faultless state of the art network to last for years to come,” said Alaa Darwish, R&M Sales Manager.
Real security in a digital world
ESET SMART SECURITY 5
ANTIVIRUS | ANTISPYWARE | FIREWALL | ANTISPAM | PARENTAL CONTROL
Call: +971 4 375 4052 www.networkworldme.com
December 2011 Network World Middle East 23 www.eset.com/me
opinion
Eliminating audit blind spots How to improve your security audit coverage.
T
he various Log Management and SIEM tools available today have matured to a point that they can provide effective reports and correlation analysis for just about any activity that appears in the system logs we get via Applications, Databases, OS and Configuration Management. But still, as was highlighted in the “2011 Data Breach Investigations Report”(prepared jointly by Verizon, the U.S. Secret Service and the Dutch High-Tech Crime Unit), less than 1% of all known data breaches are identified via log analysis. That’s an incredibly low number! It’s important that we understand why this number remains so low. The problem does not come from any inherent problem within the Log Management or SIEM tools themselves. They do a great job on reporting whatever log input they consume. The real problem lies in what log data we are feeding them. The fact remains that existing system-oriented logs have blind spots. There are hundreds of actions which users perform daily that have major security implications, but unfortunately do not show up on the debug-style logs that we have access to today. It boils down to one simple truth: If your apps don’t log it, your audit report won’t show it. The best way to overcome these blind spots is by adding User Activity Monitoring, such as that provided by ObserveIT. User Activity Monitoring generates additional
24 Network World Middle East December 2011
Jude Pereira, General Manager, Nanjgel Solutions
logs, which detail the exact actions that a user performs (as opposed to the technical results of what s/he did, which is what most system logs tell us.) Examples of security blind spots are surprisingly common: Adding an IP address on a Windows server: Consider a situation where a user adds a new IP address on a Windows server, allowing hackers to bypass firewall settings. With full security auditing enabled, a total over 11,000 log events are triggered during the 30 seconds it takes to do this action. But within all that ‘noise’ there is nothing that states what actually took place. Even searching for “IP” or the actual IP address doesn’t find it. In contrast to this, an audit log that focuses on actual user actions would show that “john” logged on as “administrator”, and then opened the TCP/IP Address dialog box for editing. What’s more, a video replay of www.networkworldme.com
the user session would show exactly what John did. • Editing a critical configuration file: An admin user might modify a sensitive config file such as ‘hosts’. This could be done using Notepad, vi or any other text editor. In this situation, the text editor would not produce any application logs, thus allowing the change to go undetected. User Activity logs would show precisely that the ‘hosts’ file was edited, and video replay would show the actual changes occurring within the file. • Running a script on a Linux server: If a user runs a script – let’s call it innocentScript –on a Linux server, existing system audits will come back with debug data such as process ID and return value. But they wouldn’t show what commands or system calls are spawned by this script. Using a User Activity log instead would show the actual screen I/O, and would also show all those underlying system calls, allowing an auditor to know any improper actions that this ‘innocent’ script actually performed. • Cloud apps and Desktop software: The issue is not just on network servers. Consider cloud-based applications such as Salesforce, desktop software such as Excel, or even bespoke legacy software. None of these applications provide logs that truly show what the user has done. Some might provide debugrelated details, but nothing that would satisfy a security auditor. As shown above, security audits that rely on existing system logs have blind spots in them due to the fact that system logs simply do not capture the relevant information needed. It might be possible for a highly-trained security expert to piece together the log entries and determine what actions took place. But it would involve a time-intensive forensic analysis by a scarce and expensive resource. About the author: Jude Pereira is the General Manager of Nanjgel Solutions
www.networkworldme.com
September 2011 Network World Middle East 25
feature | virtual security
Virtualisation security
As enterprises move towards virtualising more of their servers and data centre infrastructure, the security technologies that are plentiful and commonplace in the physical world have become few and far between.
W
hile mobile and smartphone security is the hot topic of the moment among security gurus, plenty of virtualisation security topics demand IT’s attention right now. The interest in
26 Network World Middle East December 2011
virtualisation security is running high in technology seminars with good reason. Different IT departments are at different points on their virtualisation journeys, of course, and some are still thinking about security in the
www.networkworldme.com
old physical world terms, analysts say. The rush toward virtualisation of internal enterprise computing resources and cloud computing can have many advantages, such as server consolidation, but it’s largely
Nemertes Research says less than 20 percent of organisations using virtualisation technology are adopting security tools to work in tandem with the software.
Chris Moore, Regional Director of Trend Micro
outracing traditional security and identity management practices. That’s leaving huge gaps, a sense of chaos and questions about where security products and services should be applied in the world of multi-vendor virtual-machine (VM) hypervisors, according to Gartner. Nemertes Research says less than 20 percent of organisations using virtualisation technology are adopting security tools to work in tandem with the software in order to decrease the risks that are inherent in a virtualised environment. The research firm points out that a woefully unprepared landscape of IT managers who have not yet confronted the serious risks that exist today. While 68 percent of workloads are virtualised, only a fraction of those using virtualisation are adopting those environments in a secure way. “Virtualised environments inherit the same security challenges seen in traditional computing models and introduce some additional areas that need to be addressed through specific
virtualisation security solutions. In simple terms the perimeter security that is traditionally used in a physical environment cannot protect the inter-VM communications and shoehorning traditional security agents into virtualised environments can kill performance. This is often overlooked when organisations adopt virtual computing models. There is a risk that unless a comprehensive virtualisation aware security solution is planned that additional vulnerabilities will be available for exploitation,” warns Chris Moore, Regional Director of Trend Micro. Anthony Harrison, Senior Principal Solution Architect, Symantec EMEA, says virtualised environments – whether Red Hat, VMware, Microsoft or any of the main UNIX vendors – have many similarities with their physical counterparts when it comes to security; the main security challenges happen at the operating system level rather than at the virtualisation level. “All customers need a comprehensive security strategy that covers both physical and virtual worlds. Just because a VM is running in a DMZ behind a firewall does not mean that only the VM itself needs to be protected, but its hypervisor or control domain needs to be equally protected in terms of OS hardening or lock down of unnecessary services,” he adds. Do traditional approaches to network security -- the firewall and www.networkworldme.com
intrusion prevention appliances, the host-based antivirus software – work well in virtualised environments? Joakim Sundberg, Security Engineer, Sourcefire, says it is important to remember that the virtualisation platform is not your firewall or intrusion prevention system. “It has the same needs as other devices in your network. You still need to restrict access on IP, protocol, application and service level to guest systems within a virtualised environment and you also want to make sure that the data targeting or leaving the guest systems is not targeting vulnerabilities or in any other way could be harmful. The blind spot that the virtualisation infrastructure creates for your traditional intrusion prevention system causes you to use virtual IPS appliances to monitor the traffic within the virtual infrastructure.” Jason Brown, Enterprise Solutions Architect EMEA, adds that network protection afforded by firewalls and IP appliances are just as effective in the virtual environment, assuming they can be placed appropriately. “For example, a perimeter firewall is going to offer the same protection to systems, regardless of their type. However, if you wish to use a network device to segregate systems on the same hypervisor it can add a level of complexity to the implementation that is not there with physical systems. Depending on the exact requirements, December 2011 Network World Middle East 27
feature | virtual security
Virtualising servers means more than just being able to cram several operating systems into one box. it may not even be possible to offer the equivalent segregation or filtering, due to physical limitations,” he says. Virtualising servers means more than just being able to cram several operating systems into one box; it means creating a network inside that box across which the VMs have to communicate with each other, applications running on other servers, and the Internet. Much of the drive toward encryption in virtual environments comes from organisations that need to be able to demonstrate a good chain of custody for data under privacy regulations. That same encryption can help lock the doors on malware that can infect a hypervisor or OS on which a VM runs in a data centre, however, keeping the rest of the VMs safe even if one is compromised. Sundberg says there are different ways to encrypt the data in the virtual world. Some companies and organisations have the need to encrypt the entire disk, which in the virtual infrastructure would translate to Virtual Disk Encryption. Other customer and organisations may have less need for encryption and therefore choose to apply encryption on specific data and gain the performance and data processing speed. To battle the threats in virtual environments, it is also essential to extend patch and vulnerability management processes to cover VMs as well as physical machines. “I would say 28 Network World Middle East December 2011
Anthony Harrison, Senior Principal Solution Architect, Symantec EMEA
this is essential, perhaps more so in a virtualised environment. It is important to realise that a security breach in a virtual environment potentially has a higher impact that on an end point due to the location of the VMs in the data centre. Adopting a “virtual patching” solution for the virtual environment is an effective way to buy time and ensure that vulnerabilities are closed while the real patch management administrators can effectively test and deploy the patches. This results in enhanced stability and effective protection from zero day attacks even if the real patches are yet to be deployed,” says Moore. With virtualisation becoming the foundation for corporate users and cloud service providers, many security vendors, including Check Point, www.networkworldme.com
McAfee, Trend Micro and Symantec, are adapting their products to maximise performance for the main virtualisation platforms from VMware, Microsoft and Citrix. Moore says Trend Micro has been co-developing its Deep Security product with VMware for several years now. Trend Micro solutions integrate fully with VMware Vshield in order to provide agent less security and all of the performance and security benefits that this technology offers. “Trend Micro provides security solutions for all virtualisation platforms including Microsoft and Citrix Systems which enables VDI solutions to be secure with a negligible performance impact,” he says. Harrison from Symantec says we are now seeing a new generation of security products that have learnt from the lessons of early adopters about the overhead of running things like host-based AV in multiple guest VMs at the same time and the effect that has had on CPU and I/O performance “The new generation of Symantec Endpoint Protection works with the VM platform to minimise that impact and reduce the overhead so that the VMs have the same level of protection as their physical equivalents.” With these specialised security products for virtualised environments finally coming to market, security professionals need to figure out if any of them should be used, while also keeping up with evolving security plans from vendors such as VMware, Microsoft and Citrix. Though it may have pulled the rug out from everyone’s security footing, virtualisation holds tremendous promise in eventually improving security, especially disaster recovery.
Dell blade servers Because business is complicated, you need a server that isn’t
Introducing the Dell PowerEdge M710 server solution with Intel ® Xeon ® processor one button to configure, one screen to manage, one choice to make
range of options with easy configuration, powerful open-standards systems management, scalable storage and flexible services. Request for white papers, presentation material, consultant on Dell blades.
For purchase or more information contact
Dell Authorized Sales, Services and Solution Providers Dubai: (04) 398 9999 Ext. 777, (04) 314 1484
Also available: Dell Latitude Notebooks Dell OptiPlex PCs Dell PowerEdge Servers Dell EqualLogic Storage Dell Compellent Storage Dell Power Conntect
TM
TM
TM
TM
TM
TM
TM
TM
December Network World Middle East 29 Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom,www.networkworldme.com Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, 2011 Intel vPro, Itanium, Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, and Xeon Inside are trademarks of Intel Corporation in the U.S. and/or other countries.
feature | ethernet
Planning for highspeed Ethernet Here is what you need to know if you are considering the move to 40/100G Ethernet.
S
tandards-based 40- and 100-gigabit Ethernet switches and routers are starting to show up in enterprise networks, following ratification of the IEEE 802.3ba specification in mid-2010. It’s easy to understand the motivation: Fast downlinks require even faster uplinks. The current solution, link aggregation of multiple 10-gigabit pipes, works well but only scales up to a point. At the same time, servers for some high-performance applications now use 10-gigabit network interface cards, again requiring a faster uplink at the switch. It won’t be long before 10-gigabit interfaces will be a standard part of server
30 Network World Middle East December 2011
motherboards, just as gigabit Ethernet comes standard today. For network managers, migrating to “higher-speed Ethernet” (HSE), as it’s been dubbed by the Ethernet Alliance, will definitely require some changes. Most of these are at the physical layer (new cabling is required, for starters). Also, some monitoring and management gear may not be able to keep up with HSE rates. On the plus side, HSE will help reduce prices for 10G Ethernet devices. “The real leverage [with HSE] is with pushing down the price point of 10-gigabit Ethernet, rather than the first-order effects of 100-gigabit deployment,” says an industry expert. “If bigger pipes are good, then www.networkworldme.com
bigger pipes that are affordable and create greater commoditisation of 10-gigabit Ethernet are better.” Also, HSE is far more evolutionary than revolutionary. Network professionals who’ve worked with Ethernet will feel right at home with the 40G- and 100Gbps versions. Still, an understanding of what’s new is essential. For starters, it is important to understand the driving applications and business needs for 40G/100G Ethernet. “There are clear drivers of the advent of HSE today. As cloud-based applications such as server virtualisation and Software as a Service (SaaS) go mainstream over the next few years, business users will require significantly more bandwidth at the access point to be able to support them. Ethernet is the most natural service to support these applications, and with the emergence of the 100GE standard, will be absolutely key in enabling them and, consequently, making the realisation of cloud possible,” says Mervyn Kelly, EMEA Marketing Director, Ciena. Samer Ismair, MENA-Systems Engineer, Brocade, echoes a similar opinion: “Innovative data centre technologies including virtualisation, converged data centre networks and cloud computing are changing traditional data centre network designs. Modern data centre networks now require much higher bandwidth capacities to meet the performance and flexibility requirements demanded by new applications.” Initially 40 Gigabit Ethernet applications are targeted data centre core and aggregation layers or Top-of-Rack (ToR) server aggregation with copper cable or Multi-Mode Fibre (MMF) up to 125 m. Longer-reach interfaces for inter-data center, metro, and campus core networks with distances up to 10 km over SingleMode Fibre (SMF) are also defined in the standard. 40 Gigabit Ethernet is considered the next logical speed for blade server access and server Network Interface Cards
Your Wireless Home Network
By using D-Link’s unique Smart Antenna design, the Whole Home Router 1000 automatically adjusts its coverage to provide an optimized connection for each authorized wireless client. This extends coverage, minimizes interference, provides higher wireless speeds, and even helps save energy by adjusting the amount of power used for wireless connections. Experience fast, reliable wireless access to the Internet throughout your home or office, even in corners where wireless access was difficult before.
At D-Link, we are committed to being environmentally responsible in our business operations, products, lives and work.
DIR-645 Home Whole Router 1000
6 Element beam forming antenna
Exceptional Speed
LAN Ports with Port-based QoS
ShareportTM Plus Technology
The Power to Stay Connected Anywhere With SmartBeam, Amplifi Whole Home Routers deliver consistent, uninterrupted coverage to multiple wireless devices to build a complete home network and deliver the connectivity to meet any digital demand. SmartBeam’s 6 multi-directional antennas find and track individual devices, then focus beams of bandwidth to those devices, ensuring a seamless connection anywhere in the home. With SmartBeam, you are now free to roam around your home or office without dropping your Skype connection, or interrupting a large media file download to your iPad. When it comes to comprehensive whole home coverage, Amplifi has got you covered.
www.dlink-me.com facebook.com/dlinkmea
+971 4 880 9022 www.networkworldme.com
info.me@dlink-me.com
December 2011 Network World Middle East 31
feature | ethernet
Ciaran Forde, VP of Enterprise, Middle East & Africa, CommScope
(NICs). it is expected that servers will require 40 Gigabit Ethernet interfaces in the next few years, he adds.
No design changes Migration to 40- and 100-gigabit Ethernet requires no modification to upper-layer network design, networking protocols, or applications, say experts. “It all looks the same to the upper layers,” says Brandon Ross, Eastern U.S. director of network engineering at Torrey Point Group, a network design consultancy. “There aren’t any changes needed.” That means, for example, that a network using the rapid spanning tree protocol (RSTP) between switches and open shortest path first (OSPF) between routers can continue to run these protocols across HSE interfaces, without configuration changes. Applications, databases, and server farms similarly won’t be affected by the addition of HSE interfaces to enterprise networks. Lower latency and improved response time should be the only noticeable effects, although Ross cautions that adoption of faster networking technologies inevitably exposes bottlenecks that weren’t previously visible. If, for instance, network latency previously masked a disk I/O bottleneck and HSE is now faster than the bottleneck, application performance won’t improve as much as expected. That raises a critical question when it 32 Network World Middle East December 2011
comes to HSE adoption: Even if the protocols are ready, is the network infrastructure ready for higher speeds? For most network infrastructure vendors, migration to 40G/100G will require a complete rip and replace, says Ahmed H Youssef, Business Development Manager, Network Infrastructure for MEA, Alcatel-Lucent Enterprise. “But our solution provides a simple and long term sustainable design such as a two-tier non-blocking and highly scalable architecture, as the equipment shipped today already supports an open standards based, carrier-friendly protocol and is ready to support 40GigE, 100GigE without any hardware change out,” he adds.
Werner Heeren, Regional Sales and Marketing Manager, Fluke Networks
Keeping up As with previous speed bumps, capturing and monitoring traffic at higher rates will impose higher horsepower requirements on network management and security systems. The old adage “you can’t manage what you can’t see” still holds true. In other words, the requirement to see all traffic doesn’t go away just because the network got faster. A migration to HSE may require upgrades to network management systems and security devices such as firewalls and intrusion detection/prevention systems. Network managers are well advised to check with vendors as to the maximum frame rates their devices can support with zero frame loss. www.networkworldme.com
Faster versions of Ethernet pose special challenges for security devices that use Secure Sockets Layer (SSL). Dedicated hardware already is needed to encrypt and decrypt SSL traffic at gigabit and 10-gigabit rates. Even with the hardware assist, next-generation firewall testing done by Network World suggests that security devices move traffic far more slowly when handling SSL traffic. Performance penalties for SSL traffic at HSE rates are, if anything, likely to be even steeper. Network managers may want to consider deploying dedicated SSL decryption/encryption systems alongside existing security devices to mitigate SSL performance bottlenecks. Another key observation point is the “span” or monitor port capability in many Ethernet switches. This feature allows traffic entering or leaving a switch port (or both) to be copied to another port, where it can be redirected to an external analyser. Some switches support multiple monitoring instances. In an HSE context, the key question is whether the switch can copy monitored traffic at 40- or 100-gigabit Ethernet line rates with no frame loss. Even if the switch can support such a capability, there is then the question of whether the analyser will be able to capture frames in real time. “Software-based protocol analysers are woefully underpowered for this task. What’s needed here is a hardware-based analyser capable of lossless traffic capture at 40Gor 100Gbps rates,” says Werner Heeren, Regional Sales and Marketing Manager, Fluke Networks. The analyser also will need much larger storage capacity. At 100Gbps rates, an analyser capturing 1,518-byte frames at line rate will need to store 750GB of data per minute. At 40Gbps rates, the storage requirement is “only” 296GB per minute, but keep in mind both numbers are only for a single port. Hardware-based monitoring tools often are used to capture multiple simultaneous feeds, each with very significant storage requirements. A final item in the monitoring checklist is network taps - line splitters capable of HSE rates. Not all network devices have
www.networkworldme.com
December 2011 Network World Middle East 33
feature | ethernet
While HSE won’t require changes in upper-layer protocols, it is different at the physical layer. embedded monitoring capabilities, and there are situations in which monitoring can’t be enabled for administrative or technical reasons. In these cases, an external network tap is needed. These are available in copper and fibre versions with anywhere from two to dozens of ports. The key question with these devices, as with all gear monitoring HSE traffic, is whether they can keep up with 40G- and 100Gbps rates without dropping frames.
Getting physical While HSE won’t require changes in upper-layer protocols, it is different at the physical layer. Both 40G- and 100Gbps technologies will require not only new transceiver types on switches and routers, but also new cabling and new connectors and interfaces. Rolling out HSE isn’t simply a matter of buying faster blades for switches and routers; network architects will need to upgrade cabling plants and test distance limits as well. The concept of lanes drives many of the new requirements. In current gigabit and 10-gigabit Ethernet products, traffic uses a single path in each direction. That works well at 10Gbps rates, but modulating signals in high-speed optics proved difficult at higher speeds. Engineers instead adopted a paralleloptics approach in current versions of HSE products that splits traffic across multiple channels called lanes, each running at 10Gbps, and each using a dedicated fibre. Thus, 40G Ethernet is today a four-lane technology, while current 100G Ethernet interfaces use 10 lanes in each direction. Evolution toward single-lane HSE interfaces is likely to occur over time. The IEEE 802.3ba specification describes electrical interfaces that could be 34 Network World Middle East December 2011
implemented with a single lane in each direction, but products that implement these aren’t yet shipping. For the time being, both 40G- and 100-gigabit are multi-lane technologies - and that, in turn, introduces new cabling requirements, both for fibre and copper. “It is very unlikely that copper twisted pair will be the transmission medium for 40/100G. CommScope recommends advance multimode called LazrSPEED 550 which meets the OM4 multimode standard, this together with advanced modular pre-terminated fibre array accessories allows for effective migration from 1G to 40 to 100G and all for superior distances. Another alternative is singlemode fibre but here the cost of the active networking equipment is still prohibitive when compared to electronics designed for multimode fibre,” says Ciaran Forde, VP of Enterprise, Middle East & Africa, CommScope Bulking up with fibre Unlike 10G Ethernet, where fibre-optic cables use only two fibre strands, optical cabling for 40G Ethernet currently uses 12 fibres: Two groups of four fibres send traffic in each direction, and four fibres between the two groups are left dark. Multi-lane 100G Ethernet requires even denser optical cabling. Here, cables use 24 fibres: Two arrays of 10 fibres for traffic in each direction, with two fibres on each side of each array left dark. Both 40G- and 100G flavors of HSE require “laser-optimised” fibre cables. For multimode fibre, this means using OM3-type cables for distances of up to 100 meters. For longer spans, OM4-type cables support runs of up to 125 meters. OM3 and OM4 cables (which usually have aqua-colored jackets, to distinguish them from older OM1 and OM2 cables www.networkworldme.com
Samer Ismair, MENA-Systems Engineer, Brocade
with orange jackets) are already recommended for 10-gigabit Ethernet, but that doesn’t mean OM3 and OM4 cables can be used interchangeably between 10G- and 40G interfaces. HSE will require new cabling, but Torrey Point’s Ross notes that a migration could end up reducing the numbers of interfaces and cables needed. “People today use multiple, aggregated 10-gigabit connections” for network uplinks, Ross says. “When they move to 100-gigabit Ethernet, they actually reduce fibre demand.” There are two significant differences when it comes to HSE optical cabling: Fibre count and transceiver types. As noted, fibre optic cabling for multilane HSE uses either 12 or 24 fibres, compared with two fibres with 10G Ethernet. Thus, network planners will need to specify whether 10G-, 40G-, or 100G versions of OM3 or OM4 cabling are needed. Migrating to HSE will certainly require changes. The good news is that the changes are evolutionary in nature, and can be rolled out incrementally. Ethernet has undergone many changes over the years, but the traffic on HSE networks retains the same basic characteristics as previous generations. In the end, it really is “just Ethernet.”
StorageAdvisor
MIDDLE EAST
All about more with less Thin provisioning optimises storage utilisation and reduces costs
in association with www.networkworldme.com
June 2011 NetworkWorld WorldMiddle Middle East 35 December 2011 Network
feature | thin provisioning
All about more with less Thin provisioning optimises storage utilisation and reduces costs
W
hile provisioning all the capacity of an external disk to a given application, known as full provisioning, ensures the app has plenty of growth potential, it results in poor utilisation rates, a costly problem that can be addressed with thin provisioning technology. Research shows that storage utilisation rates achieved by most companies is 40% or lower. That means buyers are acquiring more capacity than they really need and the very existence of that extra capacity requires more space and cooling. Furthermore, the traditional method of provisioning leads to increased management workloads due to the fact
36 Network World Middle East December 2011
that the extra but unused capacity still needs to be monitored and managed. If applications reach their capacity limits and IT managers have to re-provision capacity, complex management tasks can be involved. More management requires more human resources, further driving up costs associated with storage management. Additionally, if an application is taken offline to re-provision capacity, it is then unable to serve business needs and can lead to revenue loss. Thin provisioning provides a way to address these limitations. By automatically allocating system capacity to applications as needed, thin provisioning technology can help achieve up to 90% storage www.networkworldme.com
utilisation, while at the same time significantly reducing power consumption. “Industry analysts estimate that as much as 75 percent of storage allocated to enterprise applications remains unused. This surplus is a result of routine overallocation and underutilisation of storage capacity, and it is imposing an enormous burden on the IT infrastructure. Stranded capacity not only wastes capital resources but also massively inflates the cost of managing storage, as administrators host, provision, manage, back up, mirror, and replicate unused space,� says Zaher Haydar, Regional Pre-Sales Manager, EMC. He adds that thin provisioning addresses the problem of over-
IS YOUR BACKUP WINDOW TOO LONG? ARE YOU FINDING IT DIFFICULT TO RETRIEVE YOUR DATA? ARE YOU FED UP OF DEALING WITH FILE CORRUPTIONS AFTER YOUR RETRIEVE?
“If you answered YES to any of the above, it’s time to replace your tape with a disk based backup”
• Minimize back up window to 99.99%! • Easy to retrieve your backup! • Absolutely ZERO file corruptions! In order to know more about the solution, please contact niranjan.zalte@pcsuae.com or call 055- 6038951
Paramount Computer Systems FZ LLC Dubai Tel: +971 43918600 • Abu Dhabi Tel : +971 26724288 Qatar Tel : +974 44551641 • Kuwait Tel : +965 22471409 Bahrain Tel : +973 17727177 • Email puja@pcsuae.com www.paramountassure.com www.networkworldme.com
December 2011 Network World Middle East 37
feature | thin provisioning
allocated and under-utilised capacity by improving storage allocation efficiency and dramatically simplifying storage provisioning. Using virtual storage volumes, applications are given access to as much storage capacity as they can usefully use, without requiring matching physical resources. Behind the scenes, the storage infrastructure provides just enough physical capacity to satisfy today’s data requirements. As demand grows, the application is assigned more capacity from a common pool of physical resources. The provisioning of new capacity takes place automatically, without requiring application downtime or operator intervention. Thin provisioning allows users to allocate a large amount of virtual capacity for an application, regardless of the physical capacity actually available. At initial setup, thin provisioning does not physically allocate capacity to the prescribed data volume, and the actual space is used only when data writes occur. This on-demand method for capacity allocation not only optimises storage utilisation, but also greatly simplifies capacity planning and management. In order to help users easily monitor capacity utilisation, storage systems automatically issue notifications when the total capacity utilisation is reaching the threshold set by the user. If users wish to expand capacity, they can do so non-disruptively. With traditional provisioning, it is difficult to move data across logical partitions in a storage architecture. If thin provisioning is applied, storage capacity from different logical partitions can be consolidated, enabling it to be dynamically allocated. From the opposite perspective, this means that the storage controller can move data dynamically across logical partitions based on how resources are designed to function. Furthermore, thin provisioning opens the door for other advances in storage 38 Network World Middle East December 2011
The benefits of thin provisioning are numerous and can generate considerable cost savings.
Zaher Haydar, Regional Pre-Sales Manager, EMC
design, including automated storage tiering. Storage tiering involves grouping data into different categories and assigning these categories to different types of storage media in order to optimise storage utilisation. “Thin provisioning can be combined with a policy-based hierarchy of servicelevel priorities to ensure that storage space is optimised for your business. NetApp Data ONTAP software combines the JIT storage advantages of thin provisioning with policy-based control for optimal application and servicelevel flexibility. By setting thresholds or policies under which storage space can be reclaimed from deleted Snapshot copies that are no longer needed, the storage administrator can effectively leverage storage capacity without jeopardising application performance www.networkworldme.com
or the availability of storage to critical programs. Because policy-enabled space reclamation and volume resizing can be set in advance, the risk of running out of space is greatly reduced. This alleviates the concern that thin provisioning could result in a shortage of physical space for mission-critical applications, because policy based space reservations can be established on the basis of service-level requirements,” says Martyn Molnar, Regional Sales Director of NetApp. If you end up turning to thin provisioning for the benefits outlined, here are a few tips to help you get the most out of the technology: • Claim as much virtual capacity for applications as possible: This reduces management tasks and ensures applications have access to sufficient capacity as long as physical resources are available. • Monitor physical storage capacity utilisation: Even though large virtual capacities can be allocated, each storage pool still has physical limits. Monitoring physical capacity utilisation is thus extremely important. • Set physical capacity utilisation thresholds based on pace of data generation: By creating notification mechanisms for when these thresholds are reached, sufficient time will be available to properly plan storage expansion. Setting a correct threshold is most important. For example, if an application fills 10% of capacity within only a few days, setting the utilisation threshold at 90% could lead to major problems, as the user will not have enough time to plan capacity expansion in order to ensure that an application can continue to operate normally. The benefits of thin provisioning are numerous and can generate considerable cost savings. With thin provisioning technology now widely available in the storage market, it should be a key consideration for companies planning to acquire new storage solutions.
TelecomWorld MIDDLE EAST
LTE vs. WiMAX
Why are we still arguing this one?
IN ASSOCIATION WITH
feature | infrastructure
LTE vs. Wimax Why are we still arguing this one?
T
he chief reason for WiMAX’s downfall is a simple one: The tech industry likes uniformity and WiMAX wasn’t adopted by enough carriers to make it the de facto standard for 4G mobile data globally. It is also pretty fair to say that WiMax is dead as a technology for consumer handsets. Think of it in terms of economies of scale: It’s much more profitable for device manufacturers to sell devices to multiple carriers by just slapping LTE radios and chipsets into devices instead of having to make separate devices for different carriers or having to insert dual radios into their devices.
40 Network World Middle East December 2011
WiMAX has suffered significantly in the past two years as LTE has been adopted by more and more commercial operators around the world, writes wireless analyst Andy Seybold. “It should be clear to everyone by now that LTE will be the 4G technology of choice for worldwide deployment and that for the first time in many years we are on the verge of moving toward a worldwide standard for data (first) and later voice services. Support for WiMAX has faltered since Intel pulled the plug on its program to make WiMAX a world standard 4G technology and it stopped investing millions of dollars in www.networkworldme.com
supporting WiMAX around the world.” The other reason that WiMAX never caught on is that the existing quantity of 3GPP installed bases that can evolve into LTE is large and can grow from here, says Dirk Busse, Mobile Broadband Solution Architect, Nokia Siemens Networks. “Major WiMax players such as Clearwire and Mobily in KSA are departing from WiMax technology around the world and this sends a strong signal to the market that Wimax’s time is over. We expect this will result in a shrinking ecosystem for suppliers of WiMax terminals, which will speed its decline rapidly.”
In the Middle East, there are still numerous WiMax networks offering wireless broadband services, especially in areas where the wire line deployment is lagging behind.
Dirk Busse, Mobile Broadband Solution Architect, Nokia Siemens Networks
In the US, Sprint, one of the biggest backers of WiMax, has announced plans to build and operate its own LTE network. Sprint bet big on WiMAX in 2006, as it earmarked $5 billion to build a nationwide network with the assumption that having 4G services up and running before Verizon and AT&T got around to launching their own LTE networks would give Sprint a major competitive advantage in the wireless data marketplace. But with Verizon getting its LTE network fired up in 38 markets last year, Sprint’s time-tomarket advantage expired before the company had made significant progress in upping its customer base relative to Verizon and AT&T. What’s more, Verizon’s LTE network bested Sprint’s WiMAX network in a speed test run by PC World earlier this year that showed Verizon’s LTE laptop air cards provided average download speeds of 6.5Mbps while Sprint’s WiMAX services delivered download speeds of between 3M and 6Mbps. While this difference doesn’t seem all that drastic, PC World found that Sprint’s WiMAX network was not available on
a consistent basis, meaning that users who subscribed for 4G services weren’t guaranteed to have access to those services wherever they went. So does this mean WiMAX is toast all together? Well, no. In the Middle East, there are still numerous WiMax networks offering wireless broadband services, especially in areas where the wire line deployment is lagging behind. “Also, the earlier availability of this wireless broadband technology technology compared to HSPA + and LTE gave it a head start in establishing a footprint,” says Busse. While WiMAX isn’t likely to be used for your smartphone, it does have several other uses besides downloading Angry www.networkworldme.com
Birds. WiMAX Forum Vice President Mohammad Shakouri says that although major wireless carriers have chosen to deploy LTE over 700MHz spectrum, WiMAX will still find a home delivering data for a wide variety of industries including airports, oil and gas companies and the burgeoning smart grid industry. Shakouri says we should expect to see WiMax pop up in a wide range of different devices in the near future that go beyond flashy consumer handsets. “The difference between the WiMAX industry and LTE is that WiMAX is also going more after complementary solutions,” he explains. “You will see WiMAX providing communications needs in terms of building things such as the smart grid.” December 2011 Network World Middle East 41
feature | mobile video
M
The challenges of mobile video As mobile video finally starts to take off, making money from it remains a challenge, and content providers and carriers may clash over economics before they find a way to share the costs and benefits.
42 Network World Middle East December 2011
www.networkworldme.com
obile video initiatives led by carriers, network builders and local broadcasters in the past few years have stumbled or been slow to take off. In the U.S., Qualcomm shut down its dedicated FLO TV network earlier this year, and the commercial launch of Dyle Mobile TV, a national service offering local digital TV to phones and other devices, has been pushed back from late this year to early 2012. But as an extension of Web-based programming, mobile video is beginning to explode, executives of media companies said earlier last month at the Open Mobile Summit in San Francisco . Consumers play YouTube videos 400 million times a day on mobile devices, said Francisco Varela, YouTube’s global head of platform. The flow goes the other way, too: YouTube’s customers upload as much as two hours of their own video content every minute. Executives from ABC, CBS, Hulu and the BBC also said the mobile Internet looks poised to change their businesses. About 20 percent of people in Britain watch BBC iPlayer, an online service of the national broadcasting agency, and tablets are among the hottest platforms for it, said Daniel Danker, the BBC’s general manager of Programmes and On-Demand. He hopes to see 80 percent watching iPlayer in five years. However, the content providers said it’s less clear how they will make a lot of money from mobile viewing. Carriers face the same challenge, which could lead to a fight for revenue between the two parties. Carriers have occasionally hinted at charging third-party content providers for priority on their networks, which video channels depend on to reach consumers. But popular videos can also help to make lucrative mobile services popular, and in other businesses, such as cable TV, the
www.networkworldme.com
December 2011 Network World Middle East 43
feature | mobile xxx video
providers of video charge the networks for the privilege of using it. Exactly how things will balance out in mobile is not yet clear. In 2006, former AT&T CEO Ed Whitacre raised the spectre of the carrier, asking OTT (over-the-top) service providers to help cover the cost of building out its wireline broadband network. This raised strong objections on the grounds of net neutrality. But in the mobile arena, U.S. net neutrality rules are considered less strict. Meanwhile, mobile network management tools now exist that could prioritise traffic from specific providers. Video providers say they already spend a lot of money bringing their content to Web and mobile users, a distribution channel with a far less certain return than traditional broadcasting. “As content providers today, the most expensive way for us to reach our audience is over IP,” BBC’s Danker said. “Those sticks on the hill have been there for a long time. They work really well. They reach tens of millions of people for the cost that we spend to reach one person with a program today over IP.” “It’s not like content providers just put something up there for free and it’s viewed and we’re reaping the benefit,” said Albert Cheng, executive vice president of digital media at Disney/ABC. If additional charges for delivery over mobile carrier networks were tacked on, it might not be possible to keep distributing video over mobile, Cheng said. Cheng pointed out that some of his company’s distribution partners, such as broadcasters, cable operators and Apple’s iTunes store, pay ABC/Disney for its content. But he didn’t go so far as to say the company wants to charge mobile operators for its videos. “We all have to collaborate to figure out how to monetize it,” Cheng said. Mobile video could become a flashpoint of the debate over net neutrality, said 44 Network World Middle East December 2011
Video providers say they already spend a lot of money bringing their content to Web and mobile users.
Art Brodsky, communications director for Public Knowledge, a public-interest law firm involved in Internet issues. He is not aware of any mobile operators trying to charge a premium for certain video services, but the idea has major implications for the content providers, he said. “They have a lot to lose with a network that is not open and nondiscriminatory,” Brodsky said. The net neutrality rules proposed last year by the U.S. Federal Communications Commission, which Congress is now considering whether to block, are more lenient for mobile than for wireline networks. But if a carrier tried to charge a video provider extra for priority, it might lead to an interesting legal challenge, he said. The two types of players naturally see things differently because their responsibilities are different, said Tolaga Research analyst Phil Marshall. “The carriers place more value on their networks than the content providers believe that it’s worth,” Marshall said. “It’s a mismatch.” But CDNs (content delivery networks) may eventually bring them together, Marshall believes. Most of the companies distributing video on the Internet already use CDNs, such as the network run by Akamai, to cache their content in data centers closer to viewers. Caching can reduce latency and everyday demands on network links. Mobile operators may start to bring that practice closer to subscribers, Marshall said. He pointed to a www.networkworldme.com
partnership announced in February between Akamai and Ericsson, one of the biggest cellular base-station builders, under which they plan to integrate Akamai’s caching capability into the mobile network. Akamai said the companies have ongoing trials showing promising results and expect the technology to be commercialized in the second half of next year. Eventually, caching may go all the way to the phone itself, Marshall said. Content providers are skeptical of that idea, mostly because of copy-protection concerns. But within the next two years or so, they might be willing to make deals with service providers to cache their content closer to viewers, he said. The two sides may see eye to eye then. “I see the CDN activity as ... a catalyst,” Marshall said. Content caching wouldn’t violate net neutrality principles because it doesn’t involve bandwidth throttling or other network-management practices, Marshall said. Still, it might not be worth the risk of a backlash, said analyst Roger Entner of Recon Analytics. He thinks content providers might sue carriers who asked for payment, and that would shine a spotlight on the request. “A couple of million here or there isn’t worth the pain of having the FCC or state regulators looking over your shoulder,” Entner said. The major benefit of caching content in the mobile network would be conserving the operator’s own wired backhaul capacity, which could be achieved without discriminating among content sources, Entner believes. The mix of places where mobile users can get video and ways they can consume it, plus the various business models involving advertising and subscriptions, will complicate the problem for some time, said analyst Avi Greengart of Current Analysis. “In the short term, I don’t see anything that’s going to slice through all this.”
Cloud-Scale Networking
Extreme Networks® Open Fabric Data Center solution with its “cloud– scale” architecture enables managed hosting and cloud service providers to deploy best-of-breed network solutions. Extreme Networks can help you: • • • • •
Migrate from physical to virtual to cloud. Automate the network environment. Integrate with virtualization, management and provisioning platforms. Scale your data center infrastructure. Support emerging cloud solutions including OpenStack™ and OpenFlow.
To learn how Extreme Networks can help you evolve your data center, go to: http://www.extremenetworks.com/solutions/datacenter.aspx
© 2011 Extreme Networks, Inc. All rights reserved. Extreme Networks and the Extreme Networks logo are either registered trademarks or trademarks of Extreme Networks, Inc. in the United States and/or other countries. All other names and marks are the property of their www.networkworldme.com repsective owners.
extremenetworks.com December 2011 Network World Middle East 45
techupdate
Gigabit wireless LANs
One-gigabit wireless LAN products should enter the retail channel in 2012 thanks to the fact that the 802.11 working group concluded balloting on the proposed 802.11ac standard last summer, meaning enterprise-focused products should follow in 2013.
46 Network World Middle East December 2011
www.networkworldme.com
I
nterest in 802.11ac is explained simply by the desire for speed. In homes, the complexity and challenges of A/V or other multimedia distribution and streaming is a catalyst for higherspeed networking, as is anything that improves gaming performance. Enterprise networks may not have as glamorous a need for higher speed, but depend on increasing bit rates to improve user experiences in high-density areas such as conference rooms and auditoriums, improve data service to mobile Internet devices, background synchronisation between devices, and support more lifelike video systems. 802.11ac is an evolutionary step in the development of wireless. Previous 802.11 technologies have operated in the now-familiar 2.4GHz and 5GHz bands, and the 802.11ac project began with a project authorisation at the IEEE that focuses the effort at less than 6GHz. Even with a wide project authorisation that covers both the 2.4GHz and 5GHz frequency bands, the task group developing 802.11ac has decided to focus the new standard on only the existing 5GHz band because much of the benefit from 802.11ac’s underlying technologies is derived from wider channels. We don’t expect that dual-band APs will go away any time soon because there are so many devices that are 2.4GHz-only. To continue to build dual-band APs, the industry will build dual-technology APs with 802.11n remaining the capstone technology at 2.4GHz, and 802.11ac offering higher speeds in the 5GHz band. Like 802.11n, 802.11ac is a complex standard with many features. For
example, 802.11ac specifies more than 300 data rates, though not all will be available in early products. As a result, the industry will follow a similar pattern of adoption. Early implementations will offer a basic set of high-value features and as hardware engineers refine and perfect designs more advanced features will follow. In the initial wave of products, devices will offer speed improvements over existing 802.11n devices by increasing channel width. 802.11ac includes both the familiar 20MHz and 40MHz channels, and adds new options for 80MHz and 160MHz channels. As the channel width increases, the challenge of clearing the entire band for transmission becomes more difficult. Part of the challenge is technical, due to the need of radio devices to perform more computationally intensive Fourier transforms to cover the wider band, and part of the problem is that the load on the spectrum is much higher. With many new devices supporting 5GHz channels, it becomes comparatively more difficult to identify wide swaths of spectrum for wideband transmissions. Nevertheless, a move to 80MHz channels is assured, and it offers readily accessible speeds that are faster than any 802.11n device will ever achieve. A second protocol feature used to increase speed is the use of more aggressive modulation techniques. Development of higher data rates in 802.11 has used a technique called Quadrature Amplitude Modulation (QAM). QAM works by packing multiple bits into a single time slice through the clever use of phase shifts and amplitude changes. For each transmission interval,
802.11ac is increasing the maximum constellation size to 256 points. a set of bits is plucked out from a “constellation� of symbols. To increase the bit rate, the constellation needs to get more data points. After being pioneered by 802.11a more than 10 years ago, the size of the constellation has remained at 64 points. 802.11ac is increasing the maximum constellation size to 256 points. Moving from 64-QAM to 256-QAM provides a speed boost of 20%. However, nothing is free. With more targets in the constellation, the hardware must work significantly harder to control a parameter called Error Vector Magnitude (EVM). 802.11ac also has taken the opportunity to simplify one promising 802.11n feature: Most access points use omni-directional antennas that direct radio energy equally in all directions no matter where the intended receiver of a transmission may be located. With the multipleantenna arrays required for 802.11n, access points gained the capability of selectively focusing radio energy in a particular direction using a technology called explicit beamforming. By taking a measurement of the radio channel between two devices, it was possible for an AP to determine how to transmit a signal to focus the energy. 802.11n had multiple ways of performing the explicit measurement, with the unfortunate side effect that none was ever widely adopted. 802.11ac has simplified beamforming www.networkworldme.com
by settling on one protocol for explicit measurement. Even as preparations are underway for the first wave of 802.11ac devices, momentum is building for a second wave following closely behind. An additional bump in channel width to 160MHz is possible, though the availability of such wide channels is subject to regulatory developments. 160MHz channels offer multi-gigabit throughput, but at significant costs in terms of battery life and limited spectral availability. Beamforming is a key to increasing the efficiency of the radio channels used by 802.11ac. The 802.11ac standard includes up to eight spatial streams (compared to just four in 802.11n today). However, 802.11ac specifies that a maximum of four streams are available to a single client device. In the first wave of 802.11ac devices, this restriction does not come into play, but it offers interesting possibilities for the future. In MultiUser MIMO (MU-MIMO), the AP can divide its transmit streams between multiple devices. As an example, say that an AP allocates four of six transmit streams to a laptop performing a high-speed file transfer, and each of its two remaining streams to two tablet devices. All three streams are active simultaneously, and can have different beamforming steering information applied. With the rise of smartphones and tablets, the existence of pervasive wireless LANs is just assumed to exist by most users. The continued development of robust, high-speed technologies such as 802.11ac will meet the needs of users for the next several years. December 2011 Network World Middle East 47
interview | oracle
Striking a balance Oracle President Mark Hurd talks about Oracle’s strategy and why the company is uniquely positioned to help IT leaders deal with the difficult challenges they’re facing today.
T
alk about the unifying strategy at Oracle today. We hear a lot about Oracle wanting to be the ‘one-stop shop’ or owing the entire computing stack. But put it in your own words: What’s Oracle’s strategy? Right now we’re working on four things. We’re trying to be best-of-breed at every layer of the stack, whether that’s at the hardware layer, silicon or
48 Network World Middle East December 2011
storage. We’re trying to be best-of-breed in OS’s, in databases, in middleware and applications. We want to work in heterogeneous environments and have a high level of enterprise fit – to be the best at everything we do. And we line up – engineering to sales – to do that. Secondly, we then vertically integrate those pieces. We will take those very same piece-part capabilities that I described and bring them together www.networkworldme.com
into a vertically integrated system, like what you see in Exadata, Exalogic and Exalytics, that can provide extreme performance and extreme benefits from a total cost of ownership perspective. For example, the Exadata solution can deliver 70-times improvement in performance – a report that took 70 minutes now takes one minute. So we’re vertically integrating for extreme improvement in performance and TCO for our customers.
The Quickest and Easiest
Way to Set Up a Wireless Router!
1
Plug the Cables Set up in 3 easy
iQ Setup* detects your Internet connection type automatically.
steps Just P LU G
& SU RF!
2
Open Browser . Also works with iPhone, iPad, iPod.** . No need for the router’s interface with an IP address!
3
Enjoy!
. No installation CD is required!
. Establishes secure Wi-Fi network easily!
. Allows even the most inexperienced to set up effortlessly!
* Available for select Edimax Router models ** iPhone, iPad and iPod are trademarks of Apple Inc.
Toll Free Technical Support
800-EDIMAX 334629
www.networkworldme.com
Visit our website:
www.edimax-me.com or email: sales@edimax-me.com
December 2011 Network World Middle East 49
50 Network World Middle East December 2011
www.networkworldme.com
interview | oracle
Thirdly, we are building out our industry capabilities. We’re building out our ability to solve our customers’ problems that are unique by industry. We have a group focused exclusively on building out solutions in industries like retail, banking, health care, utilities, areas like these. That supplements the other two pieces I described. Fourth, we want the ability to deliver all the capabilities I just described any way the customer wants to get them, through whatever delivery architectures are appropriate for them. We’ve announced the Oracle Public Cloud – and I want to make sure I’m clear in differentiating the Oracle Public Cloud. This is an open public cloud. If you want to move data from our cloud to Amazon and then move it back to our cloud, our cloud is open. It won’t be like a proprietary cloud from another company, where once you’re in their cloud you can’t get out. Ours is standards based. At the same time, we can help you architect a private cloud or you can take our applications and our capability onsite and – just as important – you can mix and match. You can have a division that’s on HCM [human capital management] applications in Asia in the cloud and you could have a division in HCM onsite. You can have your CRM the opposite way, if you so choose and you can change your mind. For us, it’s all four: best-of-breed; vertically integrate for extreme differentiation; build out our industries; and deliver with whatever architecture is best suited for the customer. That’s our strategy. Staying at a high level, compare or contrast that strategy with three of the big names in the industry who also provide a lot of
We continue to stay focused on making acquisitions that make strategic sense for the company. the pieces of the stack. Let’s start with IBM. Well, they’d be better to tell you what their strategy is. I will say that IBM is a partner of ours. They are a services partner of ours and we cooperate/team with them in the marketplace on Oracle implementations, and I think from a services perspective they do a good job. In some of the pieces of the technology stack that I referred to earlier, we compete with IBM. We believe that we have better technology in those parts of the stack, as I described earlier, and that’s how I would size us up with IBM. HP? I think we’re very different companies, and I’d probably leave it at that.
What about Dell? Dell is also a partner of ours. We do some work with Dell on the services side. Dell is a partner of ours on the technology side, and I think Dell is a company we can do more with over time. Obviously, they’ve got very strong distribution channels in some emerging markets, they have very strong access to the U.S. SMB market, if I can use that term. In the U.S. those are attractive areas for us to partner together. Dell is also a very, very good customer of ours. So we have a good, cooperative relationship with Dell. How’s Oracle’s acquisition strategy evolving? We continue to stay focused on making acquisitions that make strategic sense www.networkworldme.com
Mark Hurd, President, Oracle
for the company. If it doesn’t make strategic sense for us, we’re not doing it. [In a recent analyst meeting] I got peppered with questions about [Oracle] having a lot of cash. ‘Don’t you feel pressured to use it?’ The answer is no. Now, on the flip side, if there are acquisitions that make sense, we’ll obviously pursue those. But they have to make strategic sense for us, they have to make financial sense for us. We’re not going to go out and do things that don’t make financial sense for our shareholders. And then they have to be things that we can run, we can actually operate them, we can integrate them. Because it’s not just important that we have technology, it’s also that we have to make that technology work together, and it’s got to be something that we can operate. That’s what we’re focused on. December 2011 Network World Middle East 51
test
Cisco WAAS shows pizzazz
The latest release of Cisco’s WAN optimisation product line – Wide Area Application Services (WAAS) 4.4 – proves that the company famous for routing packets can also shape, optimise and accelerate them.
W
AAS provides TCP optimisation, data compression, application specific optimisation and intelligent caching, all controlled from a single browser-based management console. WAAS comes in a variety of form factors and deployment methods – a data centre appliance, branch office box, virtual WAAS for cloud-ready installations, and a mobile client for Windows operating systems. For this exclusive Clear Choice test, we deployed a pair of WAVE-294 (Wide
52 Network World Middle East December 2011
Area Virtualisation Engine) branch office appliances and a pair of WAVE-8541 data center appliances. We used Cisco’s default optimisation settings, which include more than 190 predefined acceleration rules. Our first goal was to verify Cisco’s claim that the WAVE-8541 can handle up to 150,000 concurrent connections and not drop any packets or sessions. We created a high-speed network in the lab and cranked up the traffic with a pair of Spirent 3100B Avalanche load generators. A pair of WAVE-8541s was directly connected via 10Gigabit Ethernet through www.networkworldme.com
two Cisco Catalyst 6500 routers on the WAN side. The LAN side was also 10G Ethernet to the Spirent device with a 1 Gigabit backbone for the Central Manager and other devices. We monitored the connection levels both from the Spirent console and via command line from each 8541 appliance. During the 30-minute test run, the connection count stayed solid at 150,000 connections. CPU utilisation on the data centre-side WAAS-8541 peaked at approximately 51%, while the branch unit never exceeded 31%. The 8541 scaled to 150,000 without any issues even while the default set of WAN optimisation policies were enabled. Next, we tested Cisco’s claim that the WAVE-8541 appliance can handle 2Gbps of optimised WAN throughput. Using the same network setup, we created traffic from four Ubuntu clients running iperf connected to our Gigabit LAN. The traffic generated by iperf was a mix of 50/50 compressible and uncompressible data. With all four clients active, the LAN side reported approximately 3.96Gbps of traffic and the WAN side peaked at 1.97Gbps. That represents some of the best performance we’ve seen based on previous testing of WAN optimisation gear. New cache features In the past, Cisco’s cache engine on the data center device was segmented - each branch was assigned a specific portion of the data center appliance’s cache and it could not be shared with other WAAS appliances. This meant that even though a particular block of data had already gone through the data center to one location, other offices couldn’t take advantage of this information. Cisco’s new context-aware DRE (Data Reduction Engine) does away with the segmented cache, opting for a single large unified cache that all appliances can participate in.
The new Cisco WAAS appliances, a game changer? Cisco’s DRE adapts to changing conditions in traffic and applications. For most everyday
traffic, HTTP, CIFS, NFS, MAPI, etc., the cache operates in a bi-directional mode. Signatures and byte segments are located at both ends of the connection and help reduce overall WAN traffic regardless of direction. What’s interesting is that DRE can also function in a uni-directional mode for specific traffic types, like streaming audio and video, and VDI. Because the traffic is one-way from the data center to the remote end, there is no need to cache any of this data at the data center. Instead, only indexes are created at the data centre and stored at the remote site, so that any subsequent streaming traffic can take advantage of any cached byte segments in the branch appliance without filling up the data centre cache. To test the bi- and uni-direction functionality, we added a pair of WAVE-294s as our branch office appliances simulating two locations. We connected to a SharePoint server and file share located in the data center through a WAVE-8541, and downloaded and uploaded files into each system. We were able to monitor the amount of data stored in DRE on both sides of the connection and because of the duplicate nature of the files, there was about 90% reduction in WAN traffic. Caching and compression are common features in WAN optimisation devices, and it is always nice when the systems work as advertised. No habla UDP WAAS does not optimise or cache UDP traffic. For some customers, this could be a critical factor when choosing a WAN optimisation solution. While most day to day traffic is TCP, there is a growing amount of UDP traffic that will be ignored by WAAS. For example, Cisco will optimise and accelerate Citrix’s HDX and Microsoft’s RDP remote access protocols for VDI, but VMware’s PCoIP protocol is UDP and will simply pass through the appliance. Also, some backup solutions stream data to storage devices using UDP. Of Cisco, VMware and WAAS The software engine for WAAS is the same
In order to manage your WAAS deployment, you will have to install at least one Central Manager Cisco’s WAAS management platform.
regardless of platform. Not all features are available on all formats, but overall, Cisco has designed a consistent user interface and feature set across platforms. In order to manage your WAAS deployment, you will have to install at least one Central Manager - Cisco’s WAAS management platform. Available in both virtual and physical versions, it is required for all WAAS installations, and is an additional cost. The virtual installation is only available for VMware ESXi or Cisco Unified Computing System appliances and one Central Manager console can manage up to 2,000 WAAS devices. We found the browserbased management UI is well laid out and very intuitive to use. Admins assign the various WAAS installations into logical groups and apply optimisation policies at that level. If the situation requires, admins can drill down and override group policy at the single device level, too. An optimisation policy is made up of an application classifier and an action. The application classifier is the component that tells the policy what type of traffic to intercept, for example TCP port 139 and 445 for CIFS. IT can create custom classifiers for specific traffic types. The action is what determines how the traffic is manipulated, and there are nine different actions available. From passthrough to TFO (TCP Flow Optimisation) to TFO with DRE and LZ data compression, WAAS covers just about all possible scenarios. We were able to create custom policies quickly in just minutes and easily deploy them to specific device groups. All hands report A big benefit of managing all of your devices in a single location is the ability to view www.networkworldme.com
the status of all locations at a glance and create consolidated usage reports. There are a number of reports included in Central Manager, such as traffic and optimisation summary, HTTP, HTTPS, video, SSL, MAPI and NFS acceleration reports, and also an overall acceleration summary. You can generate reports on a specific device, if needed. Unfortunately, IT cannot create any additional types of reports, such as charts and statistics on a customised policy for one specific traffic type. We like that Cisco includes Cisco Prime, its Network Analysis Module, as part of Central Manager. Where Central Manager’s reporting is unique to WAAS devices, Cisco Prime will collect network statistics from all across the network, including non-WAAS appliances. This allows IT to get a complete picture of network traffic from end to end and not be limited to WAAS-only information. Cisco’s latest release of WAAS is a very mature and highly scalable platform for speeding up TCP traffic in the enterprise. Its lack of UDP support is a bit disappointing, but the TCP support covers just about every conceivable situation. We like the Central Manager console, but since it is required to manage a WAAS deployment - and is an additional cost - we’d also like to see a free, if scaled down, version. The reporting and monitoring engine is top notch and overall, we found the system easy to navigate and use. Most of all, the top-end WAVE-8541 is an absolute speed demon and its ability to handle 150,000 connections and pass 2Gbps optimised traffic over the WAN is impressive. For more product reviews, log on to:
www.networkworldme.com
December 2011 Network World Middle East 53
toolshed tools & gadgets
Network cameras with storage
Axis Communications has rolled out small and affordable AXIS M1043-W and AXIS M1044-W Network Cameras, with local recording of video and audio, wireless capability and smart video surveillance features. They are suitable for securing locations such as small businesses, boutiques, restaurants, hotels and residences. These latest models of the AXIS M10 Series provide excellent video quality at 30 frames per second in both SVGA (AXIS M1043-W) and HDTV 720p (AXIS M1044-W) resolutions. They feature wireless capabilities with Wi-Fi Protected Setup protocol, which simplify the process of configuring security on wireless networks. The combination of the wireless 802.11n standard and the WPS protocol guarantees user-friendliness and high network security. Edge storage includes support for local storage on micro-SDHC cards as well as recording to network shares such as NetworkAttached Storage (NAS). Edge storage creates the possibility to build cost-efficient and reliable recording solutions, and can for example be used to achieve redundancy in a system. The cameras further feature a passive infrared (PIR) sensor for detecting movement even in the dark, and a white LED light for illuminating the scene automatically when motion is detected or when requested by the user. They support two-way audio with an integrated microphone and speaker, allowing remote users to listen in on an area as well as communicate with visitors or intruders. In addition to these features, they include I/O ports (1 input and 1 output) for connecting devices such as sensors and external relays to activate lights or open/close doors.
Brocade rolls out new switches Brocade has launched Brocade ICX 6610 Switch, a high-performance Ethernet access switch that combines chassis-like reliability and performance with the flexibility and affordability of a stackable switch. Optimized for today’s demanding applications and mobile workforce, the company says it delivers five times the stacking bandwidth of the leading competitor. In addition, the Brocade ICX 6610 provides 8×10 Gigabit Ethernet (GbE) uplink ports and the highest aggregation bandwidth in its class. As a result, the Brocade ICX 6610 offers a 35 percent improvement in total cost of ownership (TCO) compared to competitive offerings as well as a longer functional product life for an improved return on investment (ROI). Brocade also announced new blades and significant performance and scalability enhancements for the Brocade FastIron SX Series of chassis-based
54 Network World Middle East December 2011
aggregation and core switches. The new high-density 8×10 GbE blades set a new standard for price-performance value, enabling the Brocade FastIron SX to scale up to 128 ports of 10 GbE. Featuring hitless failover to provide the highest levels of availability, the Brocade FastIron SX is ideal for today’s business-critical campus LAN environments. Additional new features include Multi-Chassis Trunking (MCT) for active-active resiliency that delivers twice the bandwidth of traditional active-passive redundant designs, plus MACsec and Energy Efficient Ethernet (EEE)-ready hardware for investment protection.
www.networkworldme.com
Keynote speaker: General (Retired) Michael Hayden, former Director of the Central Intelligence Agency (CIA) and Deputy Director of the National Security Agency (NSA) presents “cyber security and cyber threats in a changing world”.
EMIRATES PALACE UNITED ARAB EMIRATES
For full details of training and briefings and to register to attend visit www.blackhat.com today
[dates] TRAINING: DECEMBER 12 – 13
BRIEFINGS: DECEMBER 14 – 15 EXPO: DECEMBER 14 – 15
Gold sponsor
ICT Partner
Silver sponsors
Official news wire
Official media partners
Organised by
Register now at www.blackhat.com Join us on Facebook: Blackhat // LinkedIn: Black Hat // Twitter: @BlackHatEvents or BlackHatHQ // Flickr: BlackHatEvents www.networkworldme.com
November 2011 Network World Middle East 55
56 Network World Middle East December 2011
www.networkworldme.com
Juniper debuts APs for high-density wireless
Next-gen firewall for SMBs
Juniper Networks has rolled out the Juniper Networks WLA532, a new 3-stream 802.11n wireless access point designed to increase network capacity for high-density Wi-Fi environments, such as educational institutions and medical facilities where handling large, time-sensitive traffic flows from multi-media applications is critical. The Juniper Networks WLA532, a member of the WLA Series and an addition to Juniper’s Simply Connected Portfolio, ensures predictable, uninterrupted connectivity through periods of intense wireless activity caused when high volumes of users need simultaneous access to bandwidthintensive applications via mobile devices like iPads, smart phones and laptops. The WLA532 comes complete with a range of advanced bandwidth and interference management, power savings and security features required for seamless, efficient and secure access in these demanding and critical environments. Juniper says the WLA532 offers 50 percent more capacity and delivers a 40 percent improvement in performance over previous generation 11n Access Points (APs), requiring fewer APs per floor and improved overall WLAN reliability. It also reduces power consumption by up to 10 percent via the auto power-off feature integrated into Power over Ethernet (PoE) delivery.
SonicWALL has introduced two high-performance, application-aware next-generation firewalls for branch offices and small- medium-sized businesses (SMBs). The NSA 220 Series and NSA 250M Series deliver an unmatched combination of security, performance and price in this class of nextgeneration firewalls. The NSA 220 and 250M Series offer firewall protection with tightly integrated intrusion prevention, comprehensive gateway anti-malware services and granular application intelligence and control. Both appliances are also available as dual-band wireless models. The NSA 250M Series also supports a variety of modules such as T1/E1, ADSL (Annex A & B), 2GbE SFP and LAN Bypass to further expand its deployment flexibility and reduce maintenance costs through equipment consolidation. As well as providing extensive security for branch offices without degrading performance, the new appliances allow administrators to manage the unproductive use of network resources such as social media applications that eat away at precious network bandwidth and company resources if left unchecked.
www.networkworldme.com
December 2011 Network World Middle East 57
layer 8 NASA confirms first planet in habitable zone N
ASA said it has confirmed finding the first planet in what’s known as the “habitable zone,” located 600 light-years away from Earth. Spotted by the Kepler space telescope, the planet is the smallest yet found to orbit in the middle of the habitable zone – the region in space where liquid water could exist on a planet’s surface of a star similar to our sun. The planet, dubbed Kepler-22b is about 2.4 times the radius of Earth and an orbit of 290 days around a sun-like star resembles that of our world. The planet is orbiting the same class of star as our sun, called G-type, although it is slightly smaller and cooler, NASA stated. “This is a major milestone on the road to finding Earth’s twin,” said Douglas Hudgins, Kepler program scientist in a statement. There are 48 planet candidates in their star’s habitable zone.
10 petaflop Japanese supercomputer world’s fastest
A
s perhaps expected, the Japanese supercomputer ranked #1 on the Top 500 fastest supercomputers defended its title and was listed again the world’s fastest machine, this time hitting 10 quadrillion calculations per second (10.51 petaflops). The TOP500 list was previously announced in June 2011. Run by Fujitsu and Riken, the supercomputer “K” consists of 864 racks, comprising a total of 88,128 interconnected CPUs and has a theoretical calculation speed of 11.28 petaflops, the companies said. The K speed was four times the speed of its nearest competitor, China’s Tianhe-1A system, which achieved 2.57 petaflops, powered by Intel Xeon and Nvidia graphics chips. The fastest US machine, a Cray XT5-HE computer at the Oak Ridge National Laboratory, was in third place at 1.75 petaflops. It uses Advanced Micro Devices’ Opteron processors, according to an IDG News Service report.
Machine Learning breakthroughs M
achine Learning technology is found in everything from spam detection programs to intelligent thermostats, but can the technology make a huge leap to handle the exponentially larger amounts of information and advanced applications of the future? Researchers from the government’s cutting edge research group, the Intelligence Advanced Research Projects Activity (IARPA), certainly hope so and this week announced that they are looking to the industry for new ideas that may become the basis for cutting edge Machine Learning projects. From IARPA: The focus of our request for information is on recent advances toward automatic machine learning, including automation of architecture and algorithm selection and combination, feature engineering, and training data scheduling for usability by non-experts, as well as scalability for handling large volumes of data. Machine Learning is used extensively in application areas of interest including speech, language, vision, sensor processing and the ability to meld that data into a single, what IARPA calls multi-modal system. “In many application areas, the amount of data to be analyzed has been increasing exponentially (sensors, audio and video, social network data, web information) stressing even the most efficient procedures and most powerful processors. Most of these data are unorganized and unlabeled and human effort is needed for annotation and to focus attention on those data that are significant,” IARPA stated.
58 Network World Middle East December 2011
IBM illuminates solar power system
I
BM is rolling out a solar-power array system designed to run high-voltage data centres. IBM has installed the first iteration of the system on the 6,000 square-feet of rooftop of its India Software Lab in Bangalore. The solar array is capable of providing a 50-kilowatt supply of electricity for up to 330 days a year, for an average of five hours a day. IBM plans for the Bangalore solar-power system to connect directly into the data center’s water-cooling and high-voltage DC systems. The integrated array can provide a compute power of 25 to 30 teraflops using an IBM Power Systems server on a 50kW solar power supply. IBM said it will make the solar-power technology available to customers, particularly those where the power grid is iffy, in the future.
www.networkworldme.com
Scan this code now to know more about Fast Lane
Train with the GCC Market Leader * Fast Lane prepares you today for the technological challenges of tomorrow.
The Fast Lane Group ranks amongst the world’s leading independent Cisco training providers and is the only worldwide Learning Partner for NetApp. As an experienced Cisco Learning Partner of long standing, Fast Lane is there for you in 41 countries across all continents. More than 300 Fast Lane employees train and advise major companies in all industries, leading service providers, and government agencies in twelve languages. Fast Lane‌ keeps you moving.
Fast Lane Computer Consultancy
Knowledge Village, Block 17, PO Box 53941, Dubai, United Arab Emirates t: +971 (4) 42 89 440 f: +971 (4) 42 89 441 e: training@flane.com www.flane.ae
*Source: Cisco Internal Data
Huawei Enterprise
A Better Way
At Huawei Enterprise we believe in a better way. In every situation we see opportunities to innovate, to grow and to prosper, which is why 45 of the world’s top 50 telecom operators choose us as their trusted partner. As a leader in ICT we are dedicated to providing comprehensive solutions and services to enterprise customers across industries like government, public utilities, finance, transportation, power, energy and the Internet.
www. huawei.com/enterprise
Imagine what advantages extra growth could give it.
60 Network World Middle East December 2011
www.networkworldme.com