The Link Issue 01 by Reseller Middle East

THE

LINK

Issue 01 | March 2013

A special publication from computerlinks

Protect and serve Computerlinks offers the industryâ&#x20AC;&#x2122;s best protection to its customers Published by

Transform IT, Transform Business Transform IT, Transform Business Transform IT, Transform Business

THE

LINK from the MANAGEMENT

Lee Reynolds and Tim Martin (Managing Directors), Gareth Morgan (Director of Sales), and John Andrews (Marketing Director) Computerlinks Middle East, India and APAC

Hello, and welcome to our inaugural edition of The Link. We want to start by thanking all our partners for their support in making 2012 such a successful year and also for continuing that into the first quarter of 2013. As always, we are striving to stay ahead of the market and your demands in order to provide you with the levels of service, support and commitment that has been the benchmark of our operations for so many years. In order to do that, we’ve looked at new opportunities in the technology space

and brought on board nextgeneration players, such as Skybox, and complimented that with technologies that, whilst not necessarily new to the market, are offering a road map which really excites us and, hopefully, will do the same for you. These include Trend Micro and Sophos, and we hope to have some more announcements in the coming weeks. As we turn our attention to the end of the first quarter and look ahead to the rest of 2013, we have seen the demand for true value-added services increase dramatically, going far beyond the traditional requirements of legacy distribution, finance and logistics. In order to match that demand, we in turn have grown our presence not only at our Dubai head office but also by placing or adding to our in-country resources in Saudi Arabia, Qatar, Kuwait, Iraq and Pakistan. We are also proud to announce the opening of our fifth location in India to service that market, and have a team of more than 18 sales and pre-sales staff now based in country. In addition, we’ve realised the need to add technical

resources to support both our pre-sales activity for our product lines and our professional services capabilities to further support our channel partners in the delivery and implementation of our technologies. Our recent move within the Dubai Silicon Oasis HQ allowed us to expand our training operations to now incorporate two state-of-the-art training facilities, each with a 20-person capacity as well as demo lab and equipment on site to support both sales and technical training. Our investment in this region, now approaching 75 people, is simply a reflection of the Computerlinks mantra, “Make it happen”. And we believe that this is how you all look at the role we play in growing your business. We sincerely hope that in the pages and content of The Link, you’re going to see some of the reasons that we are so excited about the months ahead and also get a better understanding of where Computerlinks is ready and able to work with you, support you and be a true valueadded distribution partner. Wishing you all a successful quarter until we meet again in the next edition!

www.computerlinks.com

March 2013 | The Link

JOHN’s BLOG

contents 06 50,000 midmarket end user IT Managers? Roughly 18 months ago, various analysts were predicting the largest area of growth in the world to be in this space. Some even drew comparisons of single-digit enterprise growth against almost 30% in SMB and mid-market. Funnily enough, this is exactly what we’ve seen in Computerlinks and the focus on this space for us began almost at the same time, when we set about establishing a database of IT manager end users in this segment, which now totals more than 50,000 contacts. So, having that information is great, I guess, unless of course it’s just sitting in a nice folder somewhere on your desktop collecting virtual dust. That’s why, over the past 12 months, our marketing team has expanded to more than 10 people with half of these resources focused on telemarketing.

The Link | March 2013

Now that’s another area where we get a lot of grey. Telemarketing… telesales? For us, the line is clear. Our number-one goal is to service our customers, and our customers are the channel and vendors. So the role we play as a marketing organisation is one of door opener and opportunity creator. Telemarketing, for us, is just the first step, but it’s such a critical step and our priority is to leverage on this information pool in order to bring you, our channel and vendors, more opportunities to position your solutions and skills into this rapidly expanding market space. For more information on how we can do that for you, reach out and give me or my team a call. John Andrews Marketing Director, Computerlinks

www.computerlinks.com

02 John’s Blog 03 Insight: EMC on Xtrem, cloud and partners 05 Interview: Check Point’s Serhat Candan 06 Profile: A closer look at RSA’s Security Analytics 09 In Depth: McAfee’s Security Connected framework 12 Interview: Extreme Networks’ Eddie Curran 15 Interview: Sophos’ Andre Scheffknecht 18 Interview: Diego Arrabel from F5 Networks 19 News: Computerlinks updates

EMC | Insight

Into the future EMC Middle East offers us insight on its new Flash-optimised Xtrem products, the vendor’s move toward cloud computing, and a revamped partner portal, among other topics. EMC recently released its first all-SSD array, based on its XtremIO acquisition last year. What are the benefits behind the new product? The EMC Xtrem family of Flash-optimised server and storage products are all about

performance. We recently released XtremIO to select customers, and it’s purposebuilt to leverage Flash and deliver new levels of real-world performance, administrative ease, and advanced data services. Its scale-out architecture delivers

higher levels of ‘functional IOPS’ – which are measured under the real-world operating conditions found in today’s demanding production environments with all data services enabled and operating while filled nearly to capacity - to applications that

require high levels of random I/O performance, such as OLTP databases, server virtualisation and virtual desktop infrastructure. In real-world conditions, then, the XtremIO system exceeds 150K functional 4K mixed read/ write IOPS, and 250K functional 4K read IOPS for each ‘X-Brick’ (the scale-out building blocks for the XtremIO array), and over 1.2 million functional 4K mixed read/ write IOPS and 2 million functional 4K read IOPS when scaled out to a cluster of eight X-Bricks. The system delivers this level of performance with consistent submillisecond response times while running the industry’s richest set of integrated and Flash-optimised

www.computerlinks.com

March 2013 | The Link

EMC | insight

data services including Flashspecific data protection, thin provisioning, global inline data reduction, accelerated VMware provisioning through VAAI, and writeable snapshots. Is this the first in a long line of all-SSD arrays for EMC? In 2012, EMC unveiled the XtremSW Cache, which was formerly known as VFCache. It was the first step in EMC’s longterm server Flash strategy – to deliver a server-side storage product featuring a combination of software running on SLC-based PCle Flash devices. In the future, we will deliver a broad, deviceindependent Flash software suite – the EMC XtremSW Suite. What’s more, while the XtremSF 550 GB and 2.2 TB eMLC capacities are currently available globally, we intend to make 700 GB and 1.4 TB capacities available in the second quarter of 2013. We’ll also extend the XtremSF family with even higher-capacity offerings in the future. What kinds of customers will go after this product? Our Flash solutions portfolio can be geared towards a variety of customer use cases and requirements. Because the line is so comprehensive, we think that everyone should be able to see the benefits of Flash technology, which is enabling new levels of application performance. Moving onto EMC’s VMAX Cloud Edition box of storage servers, what are the differences between Cloud Edition and the VMAX SP that was released last year? VMAX Cloud Edition is the first self-service, enterpriseclass storage delivery platform that accelerates time-to-value for enterprises’ and server providers’ private, hybrid and

public clouds. Put simply, the SP edition is an older version of the new Cloud Edition, which has a host of new features packed into it. It provides lower operational cost - with quick and easy tenant provisioning and control, up to six times faster automation speeds provisioning and automated tenant-level metering and chargeback reporting – and enterprise-class service levels. Essentially, it allows businesses to transform their service delivery - the Cloud Edition allows enterprises to acquire and manage storage the way customers view it, allowing them to worry about managing their business, rather than their storage. After all, that’s what improving technology is about. EMC has also taken steps in the big data market with Greenplum’s latest product. What was the thinking behind this release? Greenplum is a division of EMC, and it recently unveiled the Greenplum Unified Analytics Platform (UAP). It’s no secret that big data has become big news over the years, and organisations need now, more than ever, to start using big data analytics to generate meaningful insights from their ever-growing mountains of data. Big data analytics represents both challenges and massive opportunities for organisations, and that was the thinking behind the Greenplum UAP. It’s a single, unified data analytics platform that combines the co-processing of structured and unstructured data with a productivity engine that empowers collaboration among data science teams. Uniquely, UAP can facilitate the discovery and sharing of insights that lead to greater business value. Made

up of three key components – Greenplum Database for structured data analysis, Greenplum HD for unstructured data analysis, and Greenplum Chorus to increase the productivity of the data science team – UAP can be delivered over your favourite commodity hardware, cloud infrastructure, or on the Greenplum Data Computing Appliance. It was recently reported that EMC is going to digitise the Vatican’s priceless library. Can you explain a little about the project? We agreed to provide 2.8 petabytes of storage to help the Vatican Apostolic Library digitise its entire catalogue of historic manuscripts and works printed before 1501. One of the oldest libraries in the world, it holds many of the rarest and most valuable documents in existence, including the first book printed with moveable type. Working with a number of organisations and partners, including Oxford University’s Bodleian Library, the Polonsky Foundation and the University of Heidelberg, we’ll be digitising over 80,000 manuscripts and 8,900 incunabula. The move is part of EMC’s Information Heritage Initiative, which also includes supporting the JFK Library in Boston, USA, creating a high-resolution reconstruction of Leonardo da Vinci’s ‘Codex of Flight’, and supporting the Herzogin Anna Amalia Library, among other things. What kind of Middle Eastern growth does EMC anticipate for the rest of 2013, and how do you expect to drive this growth? We don’t have any regionalspecific information yet, but at the end of January, we released

our financial results for Q4 2012 and Full-Year 2012, showing record revenue and profit. The Q4 revenue growth accelerated to 8 percent year-on-year and full-year revenue growth was 9 percent year-on-year. We had a record full-year operating cash flow of $6.3 billion and free cash flow of $5.0 billion. In terms of the future, we believe that EMC is well positioned to expand our leadership in the market segments we serve. We’d like to deliver again on the triple play of taking market share, reinvesting for growth and delivering improved earnings in 2013, and we feel we’re up to the task. We’ll be leveraging our strong balance sheet to invest heavily in cutting-edge technology for cloud computing, big data and trusted IT. What is EMC’s channel strategy for the region? EMC recently transformed its Velocity Solution Provider partner programme, with the main focus being that EMC’s industry-leading cloud computing and big data technologies will be available to more customers – particularly in the mid-market segment. We also implemented a number of changes that are effectively immediately. For example, we’ve provided a new target products rebate for Premier and Signature partners, which provides Velocity partners with a predictable income stream via rebates paid on sales of targeted EMC technologies that align to the company’s mid-market initiatives. We’ve also made changes to Velocity Speciality Requirements to focus on fortifying selling capabilities. And we’ve invested in tools, offerings and resources to accelerate services enablement with partners on Velocity Services.

To find out more about EMC’s solutions, contact Hisham Noon, EMC Sales Manager for South Gulf, Computerlinks - hn@computerlinks.ae

The Link | March 2013

www.computerlinks.com

CHECK POINT | INTERVIEW

Check Point Threat Emulation Blade provides immediate protection against new, unknown, and targeted attacks before they infect the network. Basedon advanced behavioural analysis, Check Point Threat Emulation delivers flexible standalone, integrated, or unified threat emulation as part of a comprehensive threat prevention platform.

Serhat Candan, Channel Manager, Check Point

Checking in Having won a host of awards for its solutions, Check Point is now one of the world’s definitive security vendors. Serhat Candan, the firm’s Channel Manager, tells us more. Check Point R75.40 and Check Point IPS Software Blade both recently received awards. Can you explain what set these solutions apart from the competition? Since 1993, our vision is to secure the internet. It is not an easy target but I think our robust and evolving firewall technology differentiates our solutions in the market. Our technology is designed to secure every in and out communication of our customer’s network. Check Point R75.40 allows companies to consolidate security protections with an integrated solution that can be tailored to meet the specific security and performance needs of the customer. The Check Point IPS Software Blade provides complete and industry-leading intrusion prevention capabilities. Our IPS customers benefit from real-

time updates and configuration advisories for defences and security policies, including the company’s number-one-ranking for Microsoft and Adobe threat coverage. Tell us about the new Threat Emulation Software Blade. Our IPS Blades provides 99 percent protection according to latest NSS Labs IPS Report. Unfortunately, evolving threat landscape requires more advanced techniques to cover that remaining 1 percent protection. Our New Threat Emulation Software Blade is developed to stop undiscovered attacks. Our solution is not only detecting the threat also preventing its possible damage on our customer’s assets. It is the key feature of Check Point Threat Emulation approach.

Which is Check Point’s most popular solution in the Middle East market, and why do you think this is? We have been providing our security solutions to Middle East market more than a decade now. Our firewall technology is the “de facto” standard network security solution for all enterprise customers in the region. Secondly, our IPS Blade is also the most used integrated IPS solution and new blades such as antibot and threat emulation blades, are also becoming more and more requested solutions in the market. I think stability, robustness, ease of use of our security solutions are mostly liked by our customers in the region. IDC named Check Point as the number-one vendor in worldwide Firewall and UTM appliance revenue for Q3 2012. How did this news bolster the firm’s standing among customers? Check Point has been the leader in the firewall market for 18 years and only recently entered the security appliance business in 2006. After a key acquisition, Nokia security appliance business in 2009, Check Point has aggressively grown in the enterprise hardware market. The IDC report reflects our leadership, and our highquality security appliance solutions dominate the UTM-based security

market. Our innovative protections help us to deliver the best platform for security consolidation and it makes us the leader. How channel-driven is your Middle Eastern business? Check Point is an exceptional vendor that prioritises channel partners for marketing cycles. We work 100 percent through channels and we keep this fact for planning and executing our marketing cycles as well. So in most cases, our channel partners are leading where the Check Point team is supporting. Having said that, Check Point is the worldwide leader in securing the Internet since 1993 - customers include all Fortune and Global 100 companies. So, yes, we have a very strong brand to support our partners’ sales and marketing cycles. We’re always working with selected value-added partners, bringing the best security technology to our customers through our strategic partnerships. What is your channel strategy for the region? Our partner programme is transparent and presented on the Web. We developed the optimum ecosystem of marketleading technology and channel partners where our partnership is not on a commercial basis only. The security business by nature requires significant technical competence to be combined with commercial plans. The good news is that we have a local office based in Dubai since 2008. Our technical consultants, who are on the field every day, present our localised latest technology update to our partners. From a commercial perspective, our channel managers are working partner by partner, project by project, to provide the optimum solutions.

To find out more about Check Point’s solutions, contact Jayendra Raman, Product Manager, Computerlinks - jar@computerlinks.ae

www.computerlinks.com

March 2013 | The Link

RSA | Profile

Next-gen protection Discovering and investigating advanced threats with RSA Security Analytics. To raise their game, security teams need more effective threat detection and significantly faster security investigations. Security teams need a system that can collect and manage a huge volume and wider scope of security data, which will lead them to the most pressing security risks for their enterprise in the shortest amount of time. In the same vein, security teams need automated access to the best threat intelligence about the latest tools, techniques, and procedures in use by the attacker community and have this intelligence be immediately actionable through automated delivery directly into the system. And they need this in one integrated security system, not multiple ones. When prevention

The Link | March 2013

fails, all that is left is fast detection and remediation. Visibility drives detection RSA Security Analytics is a security solution that helps security analysts detect and investigate threats that are often missed by other security tools. By combining big data security data collection, management, and analytics capabilities with full network and log-based visibility and automated threat intelligence, security analysts can better detect, investigate, and understand threats they could often not easily see or understand before. Ultimately this improved visibility and speed helps organisations reduce an attackers’ free time in their computing environment from weeks to hours,

www.computerlinks.com

thus dramatically reducing the likely impact of an attack. RSA Security Analytics is a solution from RSA which leverages the proven technology of RSA NetWitness to provide converged network security monitoring and centralised security information and event management (SIEM). Unlike perimeter or signature based security solutions, which struggle to keep up with current risks, especially targeted attacks, RSA Security Analytics helps analysts discover “interesting” or “anomalous” behaviour without being dependent on having foreknowledge of the attackers specific tools or techniques. RSA’s security approach is akin to removing the “hay” (known good) until only “needles” (likely

bad issues) remain, as opposed to traditional security approaches, which attempt to search for needles in a giant haystack of data. Furthermore RSA Security Analytics helps analysts quickly understand alerts and unusual activity by correlating them with with network and log data as well as the most up-to-date threat intelligence. The highly visual interface of RSA Security Analytics unifies security analysis, such as detection, investigation, reporting, and content and system administration into a single browser-based interface, which puts enterprise-level visibility directly into the hands of the security analysts. This significantly increases the efficiency and effectiveness of the analysts as they don’t have to flip from security tool to security tool to do their jobs. In short, RSA Security Analytics takes traditional logcentric SIEM and re-conceives it and brings it forward to address the realities of today’s threat landscape. High -owered analytics for analysts RSA Security Analytics enables comprehensive security monitoring, incident investigation, long term archiving and analytics, malware analytics, and compliance reporting via a unified, browser-based interface. It enables security analysts, whether part of a Security Operations Center (SOC) or not, to be more effective and efficient in their job of protecting the organisation’s digital assets and IT systems. Deployment flexibility RSA Security Analytics provides large deployment flexibility as it can be architected using as many as multiple dozens of physical appliances down to a single physical appliance,

www.computerlinks.com

March 2013 | The Link

RSA | profile based on the particulars of the customer’s performance and security-related requirements. In addition, the entire RSA Security Analytics system has been optimised to run on virtualised infrastructure. Monitoring and analytics - Provides a single platform for capturing and analysing large amounts of network, log, and other data. - Automatically alerts to suspicious behavior by applying analytics and by leveraging external threat intelligence (delivered via RSA Live) fused with internally collected security data. - RSA Live provides security reports, open-source community intelligence, command and control reports, exploit kit identification, blacklists, APT tagged domains, suspicious proxies, and others. - Applies business context to security investigations helping analysts better prioritise their work. Incident investigation - Accelerates security investigations by enabling analysts to pivot through terabytes of meta-data, log data and recreated network sessions with just a few clicks. - Uses the industry’s most comprehensive and easily understandable analytical workbench. - Leverages the best third-party research and research created by RSA FirstWatch, RSA’s elite, highly trained global threat and intelligence research team. Long-term warehouse - Provides a distributed computing architecture for archiving and analysis of long term security data, delivering high performance and scalability.

- Scales linearly through the addition of high-performance or high-capacity compute nodes. - Enables compliance and detective-oriented reporting and alerting through its data management infrastructure, incorporating both data parsing and full text search. - Provides an open interface for programmatic data access, transformation and analysis. Compliance reporting - Built-in compliance reports, covering a multitude of regulatory regimes (GLBA, HIPAA, NERC, SOX…) and industry requirements (PCI, BASEL II, ISO 27002…). - Automates regulatory or governance focused reporting. Also allows security teams to take advantage of business context gathered as part of their compliance program. - Ties into the wider compliance reporting system through two-way integration with RSA Archer GRC. Supplies data and reports for compliance related control reports and consumes business context information about the value and purpose of individual IT systems and assets. Malware analytics - Combines four distinct malware investigation techniques, including sandboxing, community intelligence, file content, and network behavior analysis to help the malware analyst discern if a file is malware or not. - Identifies executable content wherever it exists, answers questions about the behavior of files, taking into consideration where the malware was found and how it arrived into the IT environment. - Incorporates anti-virus signatures only as one of

multiple factors in determining the nature of the prospective malware. Unified browser-based dashboard - HTML5-based user interface which enables customisable analysis and monitoring user interfaces. - Monitoring, detection, investigation, and administration in a single integrated and customisable interface, driving analyst efficiency. - Customised views based on the particular roles of the security analysts. Real time collection, analysis and investigations - Distributed collection infrastructure for simultaneous log and full network packet capture. - Metadata parsing and management enables the blending of log, network, and other data for automated analytics, reporting, and analystdriven investigations. - Distributed data management optimised for near real-time analysis, reporting, and investigations. Long-term collection archiving, forensics, analysis and reporting - Distributed warehouse and analytic engine for long-term archiving, analysis, and reporting on security and compliance data, including logs, log meta data, network packet meta data, and select other content. - Industry-leading data compression to maximise archive capacity. - Linearly scalable by adding warehouse nodes as analytic performance and capacity needs increase. - Built-in resiliency and highavailability features inherent in the Hadoop-based architecture.

Key architectural components RSA Security Analytics is a distributed and modular system that enables highly flexible deployment architectures that scale with the needs of the organisation. Key components of the architecture are: - DECODER - Captures, parses, and reconstructs, all network traffic from Layers 2-7 or log and event data from hundreds of devices. - CONCENTRATOR - Indexes metadata extracted from network or log data and makes it available for enterprise-wide querying and real-time analytics while also facilitating reporting and alerting. - WAREHOUSE - Hadoop based distributed computing system which collects, manages, and enables analytics and reporting on longer term (months/years) sets of security data. The Warehouse can be made up of three or more nodes depending on the organisation’s analytic, archiving, and resiliency requirements. - ANALYTIC SERVER/BROKER - Hosts the web server for reporting, investigation, administration, and other aspects of the analyst’s interface. Bridges the multiple real-time data stores held in the various decoder/ concentrator pairs throughout the infrastructure. Also enables reporting on data held in the Warehouse. - CAPACITY - RSA Security Analytics has a modularcapacity architecture, enabled with direct-attached capacity (DACs) or storage area networks (SANs), that adapt to the organisation’s short-term investigation and longer-term analytic and data-retention needs.

To find out more about RSA’s solutions, contact Ashraf Abdelazim, RSA Regional Sales Manager, Computerlinks - aaea@computerlinks.ae

The Link | March 2013

www.computerlinks.com

McAfee | In depth

The Security Connected framework from McAfee Hamed Diab, Regional Director, McAfee, takes us through the vendor’s Security Connected Framework, focusing on SIEM, threat intelligence, network information and endpoint security.

Managing a vast infrastructure, with a multitude of different systems and hundreds of different security challenges has been a major headache for IT professionals. The Security Connected framework from McAfee enables integration of multiple products, services, and partnerships for centralised, efficient, and effective risk mitigation. Built on more than two decades of proven security practices, the Security Connected approach helps organisations of all sizes and segments—across all

geographies—improve security postures, optimise security for greater cost effectiveness, and align security strategically with business initiatives. Security information and event management Why security data has become a big data problem is obvious for anyone who has tried to manage a legacy SIEM, particularly when you look at the definition of big data. Big data consists of data sets that grow so large that they become awkward to work with using existing database management tools. Challenges include capture,

storage, search, sharing, analytics, and visualisation. McAfee’s security risk management solution provides key IT event collection, correlation, and analysis capabilities that deliver situational awareness to our customers, enabling a more comprehensive analysis of where security events and threats occur. McAfee’s next-generation SIEM solution, McAfee Enterprise Security Manager (ESM), integrates with McAfee ePolicy Orchestrator (McAfee ePO) software, McAfee Network Security Platform, McAfee information security platform, McAfee Endpoint Security Solution and McAfee Global Threat

Intelligence (GTI) to provide an integrated situation awareness platform that no other security solution can offer. McAfee ESM scales easily to collect all relevant data, unlike legacy SIEMs that are “tuned” to collect only selected subsets of data due to performance limitations. A unique “single pane of glass” user interface provides easy access to McAfee ESM’s extensive capabilities, ad-hoc drilldown and functionality for multiple levels of users. And McAfee ESM is the industry’s only contentaware SIEM — its database activity monitoring and application data monitoring capabilities enable effective data loss detection, fraud monitoring, advanced persistent threat tracking, and automated compliance reporting. McAfee Enterprise Security Manager provides the speed and rich context required to identify critical threats, respond quickly, and easily address compliance requirements. Continuous global threat and enterprise risk feeds deliver adaptive and autonomous risk management, allowing remediation of threats and compliance reporting in minutes instead of hours. McAfee Global Threat Intelligence (GTI) for ESM Built for big security data, McAfee Global Threat Intelligence for Enterprise Security Manager

www.computerlinks.com

March 2013 | The Link

McAfee | In depth

Intelligence protects your organisation instantly and often predictively, before a threat even reaches your organisation. This means better detection, fewer security incidents, and less cost remediating and repairing systems.

Hamed Diab, Regional Director, McAfee

(ESM) puts the power of McAfee Labs directly into the security monitoring flow using McAfee’s high-speed, highly intelligent Security Information and Event Management (SIEM). McAfee Global Threat Intelligence is a comprehensive, real-time, cloudbased threat intelligence service that enables McAfee products to protect customers against cyberthreats across all vectors—file, web, message, and network. Already integrated into your McAfee security products, McAfee Global Threat Intelligence has the broadest threat data, most robust data correlation, and most complete product integration in the market. This gives McAfee unique visibility into online dangers such as botnets, worms, DNS attacks, and even advanced persistent threats. McAfee Global Threat Intelligence is based on more than 100 million McAfee nodes deployed around the globe, more than 100 billion queries each month from all threat vectors—file, web, message and network – and the most comprehensive set of threat intelligence services in the market—file reputation, web reputation, web categorisation, message reputation, and network connection reputation McAfee Global Threat

Network Security Continuous threats and unauthorised access to resources are constant risks. McAfee Network Security Platform combines realtime threat awareness, award winning intrusion prevention technologies and an optimised management platform. If a threat is going to happen, you’re going to know about it. Safeguard your network with the 24/7 global threat protection of McAfee Labs, plus a complete range of enterprise-wide security functions, which leverage rich contextual information and deep content analysis to provide industry-leading network protection. McAfee Network Security Platform, the indusry’s leading network IPS solution according to Gartner and Infonetics, offers the highest levels of security effectiveness and performance while meeting the requirements for next generation network intrusion prevention. Key characteristics of the product are: • Industry best out-of-the-box threat protection. • Industries fastest 80 Gbps realworld throughput. • Fall stack application visibility and control. • Comprehensive integration with the McAfee ePolicy Orchestrator (McAfee Epo) software. Today’s targeted threats require next-generation intrusion prevention controls that can deliver proactive threat prevention and in-depth visibility across the

network and endpoint. McAfee Network Security Platform is the only intrusion prevention solution to offer all of the required controls for effective next generation network security. Information Security Your organisation’s most precious asset? Information. It’s critical to know exactly where that information is and exactly where it’s going - at every point in its lifecycle. McAfee information Security gives you that insight, so you can understand, classify and protect data both within, as it leaves your organisation. All while defending against inbound advanced persistent threats. With McAfee information Security, you will prevent data loss while moving information into the cloud. You’ll also secure the primary channels of cloud traffic – email, web and identity authentication. By coupling the industry’s number-one rated, behavioral-based gateway antimalware engine with global threat intelligence, McAfee protects your users, data and networks against all forms of web-based malware. McAfee is positioned in the Leaders Quadrant in the Gartner Magic Quadrant for both secure Email gateways and Secure Web Gateway and is the Forrester Wave Leader for both Web and Mail. McAfee Data Loss Prevention is positioned in the leaders Quadrant in the Gartner Magic Quadrant for Content-Aware Data Loss Prevention. It is the Industry’s number-one rated gateway antimalware engine. McAfee is rated as a Value Leader in Hosted Message Security Services by Enterprise Management Associates, and McAfee is recognised as a leader in Data Leak Prevention Suites market in the Forrester Wave Research Report.

Endpoint Security At any given moment, your most valuable targeted data is as likely to sit in the data centre as it is in the hands of your mobile or remote workforce. The next generation McAfee Endpoint Security Platform utilises advanced technologies to protect it all – from desktops and laptops server databases and applications, to virtual systems as well as mobile and fixed-function devices. Gain unprecedented security with the world’s only management system that unifies all aspects of endpoint security. The next-generation McAfee Endpoint Security platform reduces risk and complexity and minimises the effort and operational overhead required to manage security across a host of disparate access points. This is the number-one in market share, and IDC ranks McAfee first in enterprise endpoint market share. We meet or beat all competitors in 14 out of 14 threat categories, have more products under a single management than any other vendor. 22 times faster than the competition McAfee integrates real-time threat protection with automation features to streamline policy processes, event responses, management, audits, and reporting. With powerful solutions that keep you compliant, manage risk, and protect your critical infrastructure, McAfee enables you to focus on business priorities beyond security. From providing a comprehensive and actionable look at the biggest risks facing your business, to helping your enterprise meet industry and government regulations in Middle East, McAfee simplifies security, saving you time, effort, and expense.

To find out more about McAfee’s solutions, contact John Hathaway, Regional Manager for McAfee, Computerlinks - jha@computerlinks.ae

The Link | March 2013

www.computerlinks.com

Safe is advantage. Safe is profit. Safe is outright liberating. But safe doesn’t come easy. Especially when the dark forces are plotting night and day. It requires that delicate combination of brains and obsession. A brutally effective, global team that can snuff out danger before it gets dangerous. That’s McAfee, the world’s largest dedicated security company. We live and breathe digital security. Our job is to stay one step ahead. We know that today real security isn’t about “where,” it’s about everywhere. Every device, every connection, every location, every second. It’s because we never sleep, that you can sleep better.

www.computerlinks.com

www.mcafee.com/safe March 2013 | The Link

EXTREME networks | Interview

Extreme ambition Eddie Curran, Regional Director for the Middle East, Extreme Networks, highlights the vendor’s ambitions for 2013, as well as the market segments in which he sees the most promise. Extreme recently announced that it wants to extend its Open Fabric architecture with new SDN switches. The first switch will be the Slalom. What are the highlights of the switch, and when can we expect it to be available in the Middle East? Well, we’ve heavily invested in software-defined networking (SDN) over the past 12 to 18 months. All of our portfolio of

The Link | March 2013

switches run on the ExtremeXOS platform, and many models are now OpenFlow and OpenStack ready. They’re able to support multiple OpenFlow controllers such as Big Switch and NEC. The newly announced Slalom switch complements our existing switching portfolio that already supports OpenFlow and will make use of the Switch Light OpenFlow software.

www.computerlinks.com

What kinds of customers are you targeting with this new breed of SDN switches? We’re looking at cloud, data centre, mobile service providers and large enterprise customers. With the advent of cloud services and mobility in the enterprise arena, we see a lot of potential for organisations to be looking for reliable SDN solutions that complement converged networks.

With the way the world’s going, with the move to the cloud and mobility, we are offering solutions that deal with data centre automation, BYOD security, virtualisation and application acceleration. What’s your take on SDN adoption throughout the region so far? We know that several service

Summit X670V-48t

+971-55-471 8787 www.computerlinks.com

March 2013 | The Link

EXTREME networks | Interview Can you explain a little about Extreme’s partner programme? As I’m sure you know, Extreme is a channel-driven company. We definitely depend on the channel to be successful in our business, and CRN recently gave our partner programme five-stars, their highest rating. We recently held a global channel partner conference so that our partners can provide their input on the market and it’s designed to enable to grow their business more successfully and profitably.

Eddie Curran, Regional Director for the Middle East, Extreme Networks

providers and enterprises are looking at SDN adoption. In general, SDN is still at the trial stage and we may see a slight lag in the region as compared to the United States and Europe. As stated earlier, our switches ship with OpenFlow,

so customers are ready and can migrate without additional costs. Extreme Networks are in fact one of the first companies to productise OpenFlow in a generally available and supported release for both data centre and campus switches.

Extreme recently announced revenue of $75.6 million for 2012 – a 9% decrease compared to last year. Is there anything to worry about at Extreme? The IT equipment market will have its ups and downs from year to year and I can’t comment on specific points regarding future financial revenue, but what I do want to say is that our 10GbE port shipments grew by 133 percent last year – which is twice the global growth rate. We really see a lot of growth

in 10GbE and 40GbE ports aimed at data centre, HPC and cloud, and it makes a lot of sense for us to pursue that technology. The company has a strategy on driving revenue and growth through a consistent market vision, making the network experience easier for operators and providing a better application experience for users. What kind of growth do you anticipate for 2013 in the Middle East? Again, I’m not in a position to comment on specific financial forecast numbers, but we certainly see a lot of growth potential in the cloud, data centre and HPC markets, where we sell 10GbE and 40GbE solutions such as the BlackDiamond X8. We’ve identified Saudi Arabia as a big growth region that we’d like to target. What’s more, we’re investing heavily with our distribution partners, so that we can grow the number of channel partners we have in the region and really get ourselves out there.

The new Reference Design architecture Extreme Networks recently announced that it will expand its Open Fabric architecture and SDN vision with a commitment to the new Reference Design architecture for SDN switches. Extreme said that it will later this year introduce the first switch, the Slalom, which will be an optimised SDN switch supporting lightweight software and network services based on the OpenFlow protocol. The Reference Design architecture is based on merchant silicon and the Big Switch Networks Switch Light, an open source, OpenFlow thin switching platform. This platform is based on the Indigo open-source project, designed to communicate with the Big Network Controller as part of cost-optimised SDN deployments. Extreme Networks is taking the next step, combining this open platform with global service, support, and deployment capabilities for success in mission-critical networks. Extreme Networks Slalom will provide an evolutionary progression of Extreme Networks Open Fabric portfolio, complementing the rich ExtremeXOS-based, SDN-capable stackable and chassis-based switches. The combination offers customers maximum flexibility, by permitting deployment of Extreme Networks existing switch portfolio for ‘hybrid’ deployments combining SDN and existing architectures, while paving the way for optimised SDN-centric ‘leaf’ switches.

“Extreme Networks Open Fabric is designed to offer customers an open and broad portfolio of next-generation data centre networking solutions that support emerging SDN solutions in hardware and software,” said Oscar Rodriguez, President and CEO for Extreme Networks. “Providing customers with the widest amount of choice and performance for their networks is what reduces their costs and helps them scale.” “As a key partner, Extreme Networks continually innovates and delivers industry leading performance and a truly open architecture that fits very well with the SDN movement,” said Guido Appenzeller, CEO and co-founder, Big Switch Networks. “We are working with Extreme Networks to develop market-leading SDN applications and OpenFlow infrastructure to in order to deliver our joint customers integrated solutions in this emerging SDN product category.” In February, Extreme Networks began shipments of OpenFlow with the release of ExtremeXOS 15.3 and SDN applications from Big Switch Networks. These applications include Big Tap, providing traffic monitoring and dynamic network visibility with flow filtering, and Big Virtual Switch (BVS), an application for virtualised data centre networks which provisions the physical network into multiple logical networks across the stack, from Layer 2 to 7.

To find out more about Extreme’s solutions, contact Sandeep Gehi, Channel Sales Manager, Networking Technologies, Computerlinks - sge@computerlinks.ae

The Link | March 2013

www.computerlinks.com

SOPHOS | Interview

Last line of defence We speak to Andre Scheffknecht, Regional Vice President of NEEMEA, Sophos, about the biggest security threats facing the Middle East, and how to defend against them.

How does the threat landscape in the Middle East differ from other parts of the world? The threat landscape for Middle East businesses is much the same as the threats faced by businesses everywhere else. They are the same types of threats seen by companies worldwide and these are constantly changing and evolving. As we have seen, attackers do not respect conventional geographical boundaries. How aware are Middle Eastern IT managers about the cyber threats that could affect their businesses? We can say that Middle Eastern

IT managers are aware about the cyber threats but not all sectors are interested to invest in securing their businesses. Also, sometimes they donâ&#x20AC;&#x2122;t have a full solution to secure their entire environment. What kinds of scams and cyber threats are most likely to affect Middle Eastern businesses? In common with threats facing businesses everywhere, we are seeing more websites being infected all the time. Typically, users get infected by visiting legitimate websites that have been hacked. Upon visiting the site, code injected by hackers runs silently on your computer exploiting vulnerabilities in

software like Java or your PDF reader, causing malware to be installed on your computer. SophosLabs sees tens of thousands of new infected webpages every single day. What should Middle Eastern CIOs be considering when selecting their security products and solutions? The most significant change we are seeing in IT security has been the increase in the amount of malware being created, and what appears to be a rise in targeted attacks against organisations. We appear to be entering an age of cybercrime designed to steal information and spy on

Andre Scheffknecht, Regional VP of NEEMEA, Sophos

organisations rather than just steal money from as many computer users as possible. So organisations need to ensure that their business is adequately protected.

www.computerlinks.com

March 2013 | The Link

SOPHOS | Interview

Sophos also recently unveiled the top spamming nations in the world. The US came out on top, but how did Middle Eastern countries fare? As mentioned in the blog article, the most prolific spam relaying country in the Middle East is Iran, at 12th on the list. The next few countries in the region were Saudi Arabia at 29th, Israel at

36th and the UAE at 39th, each with less than 1% of global spam relayed from them. How does spam affect the Middle East in general? The report measures the sources of spam, not the recipients. Often these are completely innocent victims whose computers have been hacked. For them, the

effect of spam can be finding that their email is blacklisted because they are a known source of spam. The effect of spam on everyone else is pretty much the same wherever you live - an inbox full of messages you didn’t ask for and have no interest in. The contents of those messages will vary depending on where you live, so

in the U.S., for instance, it may be from shadowy businesses selling cheap pharmaceuticals or miracle diets. In the Middle East, it is more likely to be from legitimate businesses that are using spam as a cheap and unsophisticated form of advertising for such things as real estate offerings or management skills workshops.

Sophos Security Threat Report 2013 – the highlights What to expect in 2013 At Sophos, we pride ourselves in rapidly identifying, managing and responding to threats. While cybercriminals are often opportunistic, we believe that, in 2013, the ready availability of testing platforms— some with money-back guarantees from their sponsors—make it all the more likely malware will continue to slip through single-tier traditional security systems. As a result, we believe we will see more attacks where attackers hold long-term, high-impact access to businesses. In response, a renewed focus on layered security and detection across the entire threat lifecycle, not just the point of initial entry, is likely to be a significant theme in the coming year. We also think the following five trends will factor into the IT security landscape in 2013. Basic web server mistakes In 2012, we saw an increase in SQL injection hacks of web servers and databases to steal large volumes of user names and passwords. Targets have ranged from small to large enterprises with motives both political and financial. With the uptick in these kinds of credentialbased extractions, IT professionals will need to pay equal attention to protecting both their computers as well as their web server environment. More ‘irreversible’ malware In 2012 we saw a surge in popularity and quality of ransomware malware, which encrypts your data and holds it for ransom. The availability of public key cryptography and clever command and control mechanisms has made it exceptionally hard, if not impossible to reverse the damage. Over the coming year, we expect to see more attacks which, for IT professionals, will place a greater focus on behavioural protection mechanisms as well as system hardening and backup/restore procedures. Attack toolkits with premium features Over the past 12 months, we have observed significant investment by cybercriminals in toolkits like the Blackhole exploit kit. They’ve built

in features such as scriptable web services, APIs, malware quality assurance platforms, anti-forensics, slick reporting interfaces, and self protection mechanisms. In the coming year, we will likely see a continued evolution in the maturation of these kits replete with premium features that appear to make access to high-quality malicious code even simpler and comprehensive. Better exploit mitigation Even as the number of vulnerabilities appeared to increase in 2012—including every Java plugin released for the past eight years—exploiting them became more difficult as operating systems modernised and hardened. The ready availability of DEP, ASLR, sandboxing, more restricted mobile platforms and new trusted boot mechanisms (among others) made exploitation more challenging. While we’re not expecting exploits to simply disappear, we could see this decrease in vulnerability exploits offset by a sharp rise in social engineering attacks across a wide array of platforms. Integration, privacy and security challenges In the past year, mobile devices and applications like social media became more integrated. New technologies—like near field communication (NFC) being integrated in to these platforms—and increasingly creative use of GPS to connect our digital and physical lives means that there are new opportunities for cybercriminals to compromise our security or privacy. This trend is identifiable not just for mobile devices, but computing in general. In the coming year, watch for new examples of attacks built on these technologies. The last word Security really is about more than Microsoft. The PC remains the biggest target for malicious code today, yet criminals have created effective fake antivirus attacks for the Mac. Malware creators are also targeting mobile devices as we experience a whole new set of operating systems with different security models and attack vectors. Our efforts must focus on protecting and empowering end users—no matter what platform, device, or operating system they choose.

To find out more about Sophos’ solutions, contact Jamal Dean Tuzgani, Middle East Channel Sales Manager, Computerlinks - jde@computerlinks.ae

The Link | March 2013

www.computerlinks.com

UTM appliances and RED

Access Points

Complete Security

Simplify your IT Security with Sophos UTM

Unified

Web

You can choose the security software subscriptions you want and build a UTM solution that meets your needs.

Endpoint

Network

Manage all your IT security from a single console:        

Firewall and IPS Web appliance firewall Security for branch offices Wireless management and security Secure VPN access for mobile workers Endpoint protection Mail security Web security and filtering

WebServer

Network Firewall

March 2013 | The Link

F5 NETWORKS | interview

All fired up The Link speaks to Diego Arrabal, Regional Director for the Middle East, F5 Networks, about the firm’s recent acquisitions and how it intends to drive growth in the region.

network stack, toward the application layers. LineRate brings a programmable, scalable platform to the Application Layer SDN table. As networks continue to become commoditised, it is the application layer services in an SDN that will provide organisations with the competitive advantage they need.

It was recently reported that F5 is to acquire LineRate Systems. What is the thinking behind this acquisition? SDN is hot. But right now it’s hot at the lower end of the OS stack. As you move up the network stack, there’s a natural evolution that occurs. You move from directing packets to managing flows, and managing flows requires a completely different set

Isn’t the acquisition a little bit of a gamble, seeing as it was sealed just 11 months after LineRate released its first product? We’re confident in the benefits LineRate will bring to F5. LineRate’s software-defined solution is an early-stage product, which will become an important part of F5’s broad range of development initiatives focused on software-defined data centres.

The Link | March 2013

of features. That’s because the closer to layer 7 you get, the more stateful the network necessarily must become. It can no longer act on individual packets; it must aggregate those packets and it must do it often - far more often than is presupposed when working at layer 2 and 3 of the network stack. As SDN matures, its focus will continue to move up the

www.computerlinks.com

F5 has also looked to BYOD with its new Mobile App Manager. What are the highlights of the solution? The benefits of letting employees bring their own devices to work are clear and well documented – and about 60% of us do already. But that doesn’t stop it from being a personal and IT headache. Outside of the fact that the device is owned by the employee rather than the business, limiting what IT can do to ensure security policies are adhered to and that sensitive, business-related data is protected, often overlooked is the effect on our personal lives. People are mixing personal and business work on one device, with no separation between the two. If something

ARE YOUR APPS SAFE? Visit interact.f5.com/freescan.html to assess your apps today

Take advantage of F5’s joint solutions with Cenzic and WhiteHat Security to find application vulnerabilities and patch them immediately.

• Improve enterprise security with Dynamic Application Security Testing.

• Reduce your organization’s risk exposure with an easy, and cost‑ effective combined solution.

• Quickly mitigate risks via integration with F5® BIG‑IP® Application Security Manager™ (ASM).

• Protect your apps from the OWASP Top Ten vulnerabilities while achieving compliance.

©2012 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5. CS00-00083 1212 www.computerlinks.com

March 2013 | The Link

F5 NETWORKS | interview

malware. Websense has realtime security capabilities that can detect and defend against these. The partnership, then, is aimed at protecting both web application servers and employees from cyberattacks. The solutions enable organisations to secure their entire enterprise footprint by protecting sensitive data from both inbound attacks and outbound exfiltration. IT administrators have access to a consistent set of security services deployed across both gateways: the web application firewall and the secure web gateway.

goes wrong with the device and it has to be wiped then all data is gone. What F5 are offering is separation between the corporate and the personal on a mobile device, whether it is a smartphone, a tablet or a laptop. This means the device is still fully managed, with IT controlling which apps are downloaded and even restricting certain functions of the device that may not necessarily be conducive to productivity. What kinds of customers will go after this solution? Any company that allows employees to use their smart devices for business purposes faces a command and control problem, just as employees may sometimes be wary of letting their personal data effectively be outside of their sole purview. Mobile App Manager is for these companies. We’d expect the demand to be pretty broad. Given that F5 is best known for high-end network management hardware, particularly its BIG-IP line of load balancers, how much does this signal a change in direction for the company? It’s true that F5 were widely known as a load balancing company some years ago – this is the technology area the firm began in after all. A lot has changed over the years, though. Load balancing is now a component part of what the industry terms ‘application delivery’. F5’s strength as a company is now built on the BIGIP application delivery platform, which also includes global traffic management, single signon security and access policy management and a great deal more. Customers invest in F5 to deliver applications securely and quickly and to make sure

Diego Arrabal, Regional Director for the Middle East, F5 Networks

that they are highly available. So mobile application management is simply another step in the road for F5 really. It has been reported that F5 is planning a large-scale partnership with Web-filtering company Websense. What is the thinking behind this? Not only planning, but announced – at the RSA Conference in the US in February. The thinking behind the tie-up reflects the facts that the two primary threat targets are an organisation’s web application servers and its employees accessing the web. Web application servers are targeted because they are publicfacing and often have access to sensitive information in backend databases. Positioned in front of these web applications, F5’s

Application Delivery Controller is ideally positioned to thwart these types of web application server attacks. When Websense’s advanced threat detection and data loss prevention (DLP) capabilities are added to this web application firewall platform, the joint solution becomes “contentaware.” This provides a much higher degree of security against evolving threats. Employees are also targeted due to their privileged access to information and their susceptibility to spear-phishing and other social engineering techniques. These attacks often lure users to web destinations that redirect to servers hosting exploit kits used to detect open vulnerabilities or open doors into the user’s system resulting in silently downloaded and installed

How does F5 plan to achieve growth in the Middle East? We see significant opportunity in the Middle East in F5’s security solutions especially. With DDoS attacks on the rise and with the advent of the BYOD phenomenon, F5 is well placed to protect our customers in the Middle East, building on the opportunities we are already involved in with cloud and virtualisation initiatives. We are a solid team with solid, relevant technology that directly benefits what the Middle East as a region is looking at right now in IT terms. What is F5’s channel strategy for the region? F5 operates a global two-tier channel programme – the UNITY programme. The big benefit for partners is the ownership and protection of deals that the UNITY programme confers. As a partner, if you bring a deal to F5, you own it; we offer increased discount in this situation. For our part, we aim to work with partners that work with us in sales and technical accreditation and in marketing investment. The ultimate goal is first-class customer care.

To find out more about F5’s solutions, contact Eslam Mahmoud, F5 Channel Sales Manager, Computerlinks - esma@computerlinks.ae

The Link | March 2013