NC1809
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
NETWORKcomputing<br />
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk<br />
MINE YOUR OWN BUSINESS?<br />
Digging into the cryptojacker threat<br />
GIVING WAN AN EDGE<br />
The evolution of SD-WAN<br />
SERVER-SPECIFIC SECURITY THREATS<br />
Out of sight, out of mind?<br />
BLOCKCHAIN TAKES OFF<br />
How blockchain can radically improve<br />
the aerospace and defence supply chain<br />
SEPTEMBER/OCTOBER 2018 VOL 27 NO 05
17 & 18 OCTOBER 2018, LONDON<br />
UNITING THE BUYERS AND SUPPLIERS OF ENTERPRISE NETWORK SERVICES<br />
CONFERENCE<br />
PROGRAMME CREATED<br />
IN COOPERATION WITH<br />
INDUSTRY EXPERTS<br />
EXHIBITION<br />
DISPLAYING THE<br />
LATEST INNOVATIONS<br />
IN WAN TECHNOLOGY<br />
& SERVICES<br />
ENTERPRISE ONLY<br />
NETWORKING AT THE<br />
WAN ENTERPRISE<br />
FORUM BREAKFAST<br />
EXCLUSIVE<br />
ENTERPRISE CASE<br />
STUDIES<br />
LINE-UP OF INTERNATIONAL<br />
EXPERT SPEAKERS FROM<br />
END-USERS, TELECOMS<br />
SERVICE PROVIDERS & IT<br />
SOLUTION VENDORS<br />
INFORMAL NETWORKING<br />
OPPORTUNITIES OVER<br />
EVENING DRINKS<br />
ALLOWING YOU TO CHAT TO DELEGATES PRE EVENT,<br />
PLAN YOUR AGENDA, LIVE VOTE AND ASK THE<br />
SPEAKERS QUESTIONS<br />
SERVICE PROVIDERS<br />
60%<br />
40%<br />
ENTERPRISE<br />
300+ 40+ 25+<br />
DELEGATES SPEAKERS EXHIBITORS<br />
GET 15% OFF WAN SUMMIT LONDON,<br />
QUOTE NETWORKCOMPUTING WHEN REGISTERING<br />
www.wansummit.com<br />
Organised by
COMMENT<br />
COMMENT<br />
BLOCKHEADS AND BLOCKCHAIN<br />
BY RAY SMYTH, EDITOR<br />
Blockchain, which is not necessarily anything to do with cryptocurrency (well at<br />
least not exclusively) is starting to get some recognition for the way that it could<br />
potentially provide an efficient, reliable, and secure infrastructure for the digital<br />
transformation of transaction orientated processing and applications.<br />
On the face of it, some IT and many networking disciplines may sideline this, thinking<br />
that it is not core to their role or contribution, but nothing could be further from<br />
the truth, and such thinking on the part of IT and networking professionals is a grave<br />
error. You see, this is an example of head-in-the-sand tech thinking. In fact, it is comparable<br />
with the thinking that ultimately unleashed the irreversible BYOD phenomenon<br />
on organisations across the world.<br />
Blockchain is evolving into an enterprise scale application enabler, as testified by the<br />
feature articles in this edition of the magazine. Blockchain deployments are going to<br />
require all the facilities that IT and networking can offer - and guess who will be asked<br />
to implement, manage and secure them? While you're at it, who do you think will be<br />
blamed when it doesn't work, or compromises the business?<br />
Apart from digesting our new blockchain coverage in this and future editions, synthesise<br />
your understanding so that you can see if it has a role in your organisation. If it<br />
hasn't then at least you will be able to articulate a view, and if it does, you never<br />
know, you might want to make a proposal to the CEO and marketing team so that this<br />
time you get the credit, and not the headache.<br />
EDITOR: Ray Smyth<br />
(ray.smyth@btc.co.uk)<br />
REVIEWS:<br />
Dave Mitchell<br />
Ray Smyth<br />
SUB EDITOR: Mark Lyward<br />
(netcomputing@btc.co.uk)<br />
PRODUCTION: Abby Penn<br />
(abby.penn@btc.co.uk)<br />
DESIGN: Ian Collis<br />
(ian.collis@btc.co.uk<br />
SALES:<br />
David Bonner<br />
(david.bonner@btc.co.uk)<br />
SUBSCRIPTIONS: Christina Willis<br />
(christina.willis@btc.co.uk)<br />
PUBLISHER: John Jageurs<br />
(john.jageurs@btc.co.uk)<br />
Published by Barrow & Thompkins<br />
Connexion Ltd (BTC)<br />
35 Station Square,<br />
Petts Wood, Kent, BR5 1LZ<br />
Tel: +44 (0)1689 616 000<br />
Fax: +44 (0)1689 82 66 22<br />
SUBSCRIPTIONS:<br />
UK £35/year, £60/two years,<br />
£80/three years;<br />
Europe:<br />
£48/year, £85/two years £127/three years;<br />
ROW:<br />
£62/year, £115/two years, £168/three years;<br />
Subscribers get SPECIAL OFFERS — see subscriptions<br />
advertisement; Single copies of<br />
Network Computing can be bought for £8;<br />
(including postage & packing).<br />
© 2018 Barrow & Thompkins<br />
Connexion Ltd.<br />
All rights reserved.<br />
No part of the magazine may be<br />
reproduced without prior consent, in<br />
writing, from the publisher.<br />
As I will not refrain from saying, in any way I can, until I am proven right or disavowed,<br />
organisations do not need propeller head techies to deliver their IT and networking.<br />
What they need is creative business experts who are also IT and networking<br />
experts, who are also skilled strategists and articulate communicators.<br />
This role, you might be tempted to think, does not exist. However, if you start performing<br />
it and it delivers a small part of its potential, then you may well be seen as<br />
the candidate of choice.<br />
Ray Smyth - Editor, Network Computing.<br />
Ray.Smyth@BTC.CO.UK | https://twitter.com/ItsRay?<br />
GET FUTURE COPIES FREE<br />
BY REGISTERING ONLINE AT<br />
WWW.NETWORKCOMPUTING.CO.UK/REGISTER<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 3
CONTENTS<br />
CONTENTS<br />
S E P T E M B E R / O C T O B E R 2 0 1 8<br />
BLOCKCHAIN......................11<br />
From enabling greater collaboration in<br />
scientific research to automating a range of<br />
business processes, blockchain has<br />
potential far beyond its bitcoin association<br />
MINE YOUR BUSINESS?........21<br />
Organisations of all types are now under<br />
threat from cryptojackers. Karl Sigler at<br />
Trustwave explains the threat<br />
PREPARING FOR LIFT-OFF...10<br />
IP EXPO Europe 2018 takes place at<br />
ExCel London in October, and welcomes<br />
former Astronaut Colonel Chris Hadfield<br />
as its keynote speaker<br />
SD-WAN EVOLVES...............18<br />
In our feature on SD-WAN this issue Allan<br />
Paton at Silver Peak explains its evolution,<br />
while Nick Johnson at Evolving Networks<br />
examines how UK businesses can make SD-<br />
WAN work for them<br />
THE SERVER THREAT.............27<br />
Due to their location the protection of<br />
servers has not received adequate<br />
attention. Paul Murray at Sophos considers<br />
the threat, and possible responses<br />
EDITOR’S COMMENT......................3<br />
Blockheads and blockchain<br />
COMPANY NEWS............................6<br />
Market Dynamics: making sense of the market<br />
NETWORK NEWS............................7<br />
Moves, adds and changes<br />
VERSION X......................................8<br />
The latest networking news<br />
ARTICLES<br />
THE CURRENCY OF BLOCKCHAIN...11<br />
By Jonathan Wilkins at EU Automation<br />
FUELING THE CHAIN OF<br />
DISCOVERY........................................13<br />
By Eitan Katchka at MaterialsZone<br />
BLOCKCHAIN TAKES OFF...............14<br />
By Thane Hall at Thales UK<br />
THE BLACK MARKET BLOCK............15<br />
By Steve Kuh at Bonafi<br />
ENGINEERING BLOCKCHAIN..........16<br />
By Travis Biehn at Synopsys<br />
DIGITAL WISDOM...........................17<br />
By Eric Yu at GTCOM<br />
IoT IN THE SHADOWS.....................20<br />
By Gary Cox at Infoblox<br />
DIGITAL VISIBILITY............................22<br />
By Richard Piasentin at Accedian<br />
NETWORKING FAST........................25<br />
By Karim Taga and Glen Peres at Arthur D. Little<br />
MOVING RECOVERY TO THE<br />
CLOUD............................................26<br />
By Dave Packer at Druva<br />
TAKE IT ON THE CHIN?...................28<br />
By Ian Osborne at Shred-IT<br />
OMINOUS CLOUDS........................30<br />
By Steve Brown at VIAVI<br />
THE CURRENCY THREAT..................31<br />
By Fabian Lineau at RiskIQ<br />
THE INTELLIGENCE NETWORK........32<br />
By James Hatch at BAE Systems<br />
IP CCTV: THE NETWORK<br />
CHALLENGE.....................................33<br />
By Dan Barrera at Ideal Networks<br />
STITCHING UP THE CLOUD............34<br />
By Matthew Parker at InterCloud<br />
PRODUCT REVIEW<br />
ALLIED TELESIS HYBRID WIRELESS<br />
SOLUTION...................................24<br />
4 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
COMPANYNEWS<br />
MARKET DYNAMICS: MAKING SENSE OF THE MARKET<br />
IN A REGULAR LOOK AT RESULTS AND KEY BUSINESS ANNOUNCEMENTS FOR SUPPLIERS INTO THE<br />
NETWORKING AND IT MARKET, NETWORK COMPUTING SUMMARISES THE EDITORS SELECTIONS<br />
We are currently in the centre of<br />
an IT spending maelstrom, one<br />
that is driven by an increasing<br />
fascination for cloud based computing.<br />
This view is given shape by Gartner, who<br />
say that "28 per cent of spending in key<br />
IT segments will shift to the cloud by<br />
2022." This figure is up from the 2018<br />
figure (19 per cent) and Gartner says that<br />
spending on cloud-based offerings will<br />
grow faster than that in traditional, noncloud<br />
IT offerings.<br />
Michael Warrilow, Research Vice<br />
President at Gartner notes, "The shift of<br />
enterprise IT spending to new, cloud-based<br />
alternatives is relentless, although it's<br />
occurring over the course of many years<br />
due to the nature of traditional enterprise<br />
IT. Cloud shift highlights the appeal of<br />
greater flexibility and agility, is perceived<br />
as a benefit of on-demand capacity and<br />
pay-as-you-go pricing in cloud." The<br />
largest cloud shift prior to 2018 occurred<br />
in application software, driven by CRM,<br />
which Gartner says has already reached a<br />
tipping point where a higher proportion of<br />
spend occurs in cloud compared to<br />
traditional software.<br />
Privileged Access Management (PAM)<br />
solutions provider Bomgar has signed a<br />
definitive agreement to acquire<br />
BeyondTrust, who offer Privilege-Centric<br />
Security, from an affiliate of Veritas Capital.<br />
A spokesman for the combined company,<br />
to be called BeyondTrust, said "This brings<br />
together proven innovators with a shared<br />
mission of securing privileged access and<br />
helps customers to defend themselves from<br />
cyber-attacks while increasing productivity."<br />
Matt Dircks, CEO of Bomgar, who will<br />
lead the combined company as CEO said,<br />
"We are extremely excited to build upon<br />
BeyondTrust's Privileged Access<br />
Management leadership. The greater scale<br />
and resources of the combined company<br />
allows us to accelerate innovation and<br />
deliver technology that protects customers<br />
from constantly evolving threats." Earlier<br />
this year Bomgar was acquired by<br />
Francisco Partners, a technology-focused<br />
private equity firm.<br />
Cloud-based messaging, voice and video<br />
collaboration solutions company StarLeaf,<br />
has been named in The Sunday Times Tech<br />
Track, a listing for rapidly growing UK<br />
technology companies. It was ranked 48th<br />
in the 100-strong list. The StarLeaf Cloud,<br />
a global communications network, offers<br />
businesses an end-to-end solution<br />
combining an app, meeting room systems,<br />
conferencing, cloud interop, and<br />
management platforms that don't rely on<br />
third-party products.<br />
Ribbon Communications has closed its<br />
acquisition of Edgewater Networks, who<br />
specialise in Network Edge Orchestration<br />
for the distributed enterprise and Unified<br />
Communications (UC) market. The<br />
company sees the acquisition as significant<br />
and projects that Ribbon will become the<br />
market share leader for enterprise Session<br />
Border Controllers (SBCs) and Network<br />
Edge Orchestration. Ribbon will be able to<br />
offer its customer base a complete core-toedge<br />
product portfolio, unrivaled end-to-end<br />
service assurance and analytics solutions,<br />
and a fully integrated SD-WAN service.<br />
Fritz Hobbs, President and Chief Executive<br />
Officer of Ribbon Communications said,<br />
"The acquisition aligns perfectly with our<br />
strategic initiatives [and] allows us to<br />
immediately extend Edgewater solutions<br />
internationally, expand our cloud offerings,<br />
and enter the SD-WAN market."<br />
Zero-risk enterprise cloud storage<br />
company Zadara has signed a $25 million<br />
funding round led by IGP Capital with<br />
participation from existing investors subject<br />
to the approval of a general meeting. This<br />
brings the total equity raised to over $60<br />
million, and Zadara plans to use the<br />
investment to accelerate growth, including<br />
expanding worldwide sales, dev-ops and<br />
engineering teams, as well as its service<br />
provider partner channel.<br />
Zadara uses a combination of industrystandard<br />
hardware and patented Zadara<br />
software to deliver powerful enterpriseclass<br />
data storage and management via<br />
the convenience of the cloud. Their CEO<br />
and co-founder, Nelson Nahum, said,<br />
"Zadara is dedicated to delivering zerorisk<br />
enterprise cloud storage. The new<br />
funding supports our mission by helping<br />
us to provide customers with industryleading<br />
enterprise data storage<br />
solutions… as a fully-managed service,<br />
with a 100 per cent uptime guarantee and<br />
consumption-based pricing." NC<br />
Disclaimer - all information published in this article is based upon fuller submissions provided under general release. Any interested party is urged to verify<br />
any information printed here, prior to using it in any way. Neither Network Computing nor it publishers accepts any responsibility for the accuracy of the<br />
information contained in this article.<br />
6 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
NETWORKNEWS<br />
NETWORK NEWS - MOVES, ADDS AND CHANGES<br />
A REGULAR LOOK AT THE STORIES INVOLVING PEOPLE, COMPANIES AND SOLUTIONS<br />
It would be difficult to ignore the<br />
upsurge of interest in IoT that has<br />
taken hold and is continuing to<br />
advance. One of the key reasons for<br />
deploying IoT is to gather data, frequently<br />
and sometimes in real-time, to<br />
enable better understanding and control<br />
of business processes, and to be able to<br />
better serve customers, in a more profitable<br />
way. For commercial organisations,<br />
improvement at the bottom line<br />
will be an important investment objective.<br />
IoT deployed at scale is likely to<br />
generate a lot of raw data that needs to<br />
be processed, analysed and enacted.<br />
Recent research from Inmarsat reveals<br />
that, "The vast majority of mining companies<br />
are struggling to access, analyse<br />
and extract full value from the data gathered<br />
by Industrial IoT (IIoT) solutions." Of<br />
the 125 mining organisations surveyed,<br />
half reported that a lag between data<br />
collection and availability for analysis<br />
was preventing them from generating full<br />
value from their IIoT data.<br />
Commenting, Joe Carr, Director of<br />
Mining at Inmarsat Enterprise, said,<br />
"Mining businesses rely on IIoT technology<br />
to extract, haul and process raw<br />
materials. The data produced often has<br />
a shelf life… To secure the significant<br />
benefits that IIoT offers, businesses must<br />
ensure that they can view and analyse<br />
mission critical data in real-time, which<br />
requires a robust and reliable communications<br />
network."<br />
The 2008 banking crisis frequently justifies<br />
ongoing austerity, and this includes<br />
IT spend. According to a study by<br />
Spiceworks, 90 per cent of European<br />
organisations expect IT budgets to grow<br />
or stay steady during 2019, with 65 per<br />
cent planning to increase budgets to<br />
upgrade outdated IT infrastructure. This<br />
research, the first part of the Spiceworks'<br />
annual State of IT Report, examines<br />
international IT budgets and tech trends<br />
in organisations across North America<br />
and Europe. In Europe, organisations<br />
plan to spend 36 per cent of their budgets<br />
on hardware purchases, up by 5 per<br />
cent from last year. Cloud services have<br />
also grown from last year, whilst software<br />
budget allocations have decreased.<br />
While it seems that IT decision makers<br />
will have their say, Business Managers<br />
are more likely to either sign off on final<br />
approval or veto proposals.<br />
If hardware, infrastructure and software<br />
replacement has been on the back burner<br />
then succession planning, in all areas<br />
of IT, has hardly surfaced. It seems that<br />
this tech oversight is not limited to IT<br />
professionals, and the IT industry itself<br />
could be setting a bad example.<br />
Aldermore says that a recent survey indicates<br />
that over half of small and medium-sized<br />
IT sector businesses do not<br />
have a succession plan. Over half of UK<br />
SME decision makers in the IT sector<br />
believe the biggest threat to their business<br />
is the departure of senior executives<br />
and yet, over half have no plan for leaving<br />
their business. Handing the business<br />
to a family member is the most common<br />
way out for bosses who have already<br />
planned their departure.<br />
Aldermore's Future Attitudes report<br />
found the younger generation of UK<br />
SME owners across all industry sectors<br />
seem to be more organised when thinking<br />
about their eventual departure. The<br />
research also revealed that 56 per cent<br />
of those aged 18 to 34 have a succession<br />
plan in place.<br />
Carl D'Ammassa, Group Managing<br />
Director, Business Finance, at Aldermore,<br />
said: "For UK SME leaders in the IT sector<br />
who have planned their departure,<br />
they aim to leave their company within<br />
the next two years… there are fewer senior<br />
executives with a formal business<br />
succession plan compared to a year<br />
ago. Running a business can be very<br />
time consuming. These challenges exert<br />
substantial pressure on leaders, so it is<br />
vital that a succession strategy is<br />
planned out to ensure businesses do not<br />
suffer when change occurs." NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 7
PRODUCTNEWS<br />
VERSION X<br />
VERSION X<br />
VERSION X<br />
VERSION X<br />
VER<br />
WITH PRODUCT ANNOUNCEMENTS RANGING FROM THE TRIVIAL TO THE BIZARRE, THE EDITOR<br />
DISTILS THE ESSENCE OF THOSE THAT ARE OF INTEREST TO THE NETWORKING COMMUNITY<br />
Discussing its new managed detection<br />
and response service in the<br />
UK, Fidelis Cybersecurity cites<br />
increasing cybercrime rates and nationstate<br />
threats that SOCs often do not have<br />
the staff or skills in-house to effectively<br />
monitor and respond to, as a primary<br />
driver. The company said that, "This is<br />
especially pertinent in the UK, where the<br />
chasm between employer demand and a<br />
ready supply of cybersecurity expertise is<br />
the second largest in the world, and especially<br />
acute for smaller enterprises."<br />
Nick Lantuh, President and CEO at<br />
Fidelis Cybersecurity said, "With the risk<br />
enterprises face each day, organisations<br />
need more than just an MSSP partner.<br />
Our experts are true threat hunters, not<br />
just alert watchers. Most come from US<br />
Government Department of Defence<br />
Cyber Security Units and Intelligence<br />
Community backgrounds with deep hunting<br />
and incident response experience.<br />
They are empowered by our advanced<br />
analysis engine which provides rich metadata<br />
and content to expose and understand<br />
the context behind an alert, to gain<br />
full life-cycle visibility during an attack<br />
and to rapidly and accurately find, contain<br />
and eradicate threats."<br />
Vodafone says that it will double the<br />
number of European cell sites in its 5G<br />
Narrowband Internet of Things (NB-IoT)<br />
network footprint by the end of 2019. The<br />
firm says that this major prioritisation of<br />
NB-IoT within their existing capital expenditure<br />
plans reflects the demand it has<br />
seen from enterprise customers. The<br />
world's biggest, international NB-IoT network<br />
will be available in 10 European<br />
countries, including planned launches in<br />
the UK, Romania and Hungary.<br />
NB-IoT is the industrial grade Low Power<br />
Wide Area technology that will provide<br />
connectivity to many smart city applications<br />
such as streetlights, connected<br />
healthcare monitors and wearable devices<br />
at low cost and with equivalent security to<br />
4G. It will also significantly benefit the<br />
agriculture industry in rural areas, giving<br />
rise to new crop monitoring systems,<br />
automated feeding for crops and herds,<br />
and even support for animals giving birth,<br />
all helping to shape the connected farm<br />
of the future.<br />
NB-IoT operates in licenced spectrum to<br />
guarantee customers quality of service,<br />
and provides strong coverage over large<br />
areas - even when devices are underground<br />
or deep within buildings (+20<br />
decibels coverage versus GSM) - along<br />
greater power efficiency, so devices can<br />
run on batteries for 10 years or more on<br />
a single charge. It also provides Vodafone<br />
with the ability to support upwards of<br />
50,000 devices in a single cell without<br />
congestion, for the first time.<br />
Edge cloud services provider Limelight<br />
Networks has been explaining what it<br />
claims is the industry's first globally scalable,<br />
sub-second live video streaming solution:<br />
Limelight Realtime Streaming.<br />
Natively supported by major browsers and<br />
devices, the new service supports integrated<br />
real-time data, making it possible to<br />
create interactive live online experiences.<br />
Streams of live events are typically delayed<br />
from the broadcast feed by 30 seconds or<br />
more which can cause poor viewing experiences,<br />
loss of reputation when viewers publicly<br />
express displeasure, and ultimately loss<br />
of revenue. Limelight Realtime Streaming<br />
eliminates these challenges, enabling<br />
organisations to stream live video from anywhere<br />
in the world to anywhere in the<br />
world, in less than a second.<br />
Claiming it to be the industry's first<br />
cloud-scale programmable router,<br />
Huawei says that the NE40E-F1A provides<br />
a capacity of 2Tbit/s and ultrahigh-density<br />
interfaces and supports SRv6<br />
flexible programming. The NE40E-F1A,<br />
one of the key components of Huawei's<br />
CloudMetro, helps telecom operators<br />
embrace advanced telco cloud bearer<br />
networks and DC-centric simplified metro<br />
networks to accelerate telco cloud service<br />
innovation. To deliver a better user experience<br />
of 5G, 4K, and VR services, operators<br />
are gradually moving towards a<br />
distributed telco cloud, however, this is<br />
bringing uncertainties in the connections<br />
and traffic between data centres.<br />
Through its modular design, flexible programming<br />
and plug-and-play capability,<br />
the cloud-scale programmable router<br />
NE40E-F1A will help operators develop<br />
scalable, flexible, and highly automated<br />
telecom networks to rapidly build new<br />
telco cloud services.<br />
8 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
PRODUCTNEWS<br />
SION X<br />
Zyxel Communications has unveiled a<br />
new access point that they claim makes<br />
it more practical for hotels, dorms, and<br />
offices to deliver reliable, high-speed<br />
wired and wireless internet. The<br />
NWA1302-AC integrates cutting-edge<br />
AP technology and a Gigabit switch with<br />
PoE and is installed one per room.<br />
There is no need for a network switch<br />
which simplifies deployment. Using a<br />
unique RF-first approach it optimises the<br />
radio frequency design for every hardware<br />
element in order to deliver maximum<br />
coverage and increase data transfer<br />
rates. Its smart antenna and beamforming<br />
technology dynamically customise<br />
signal direction for each device<br />
to create the best path to deliver Wi-Fi<br />
signals while mitigating interference<br />
from neighbouring APs.<br />
Uninterruptible Power Supplies Limited<br />
(UPSL) has launched the PowerWAVE<br />
9250DPA, positioned as "The latest addition<br />
to its range of premium, highly efficient<br />
modular UPS products." It is<br />
designed specifically for medium-sized<br />
critical power applications, the lowest<br />
cost of ownership in its class, delivering<br />
module and system efficiency above 97<br />
per cent and significantly reducing power<br />
loss when compared with similar products.<br />
It also supports Xtra VFI, which further<br />
minimises power consumption by<br />
intelligently configuring the number of<br />
modules required to support the current<br />
critical load requirements.<br />
UPSL Operations Director Alex Emms,<br />
said, "It sets a new benchmark for midrange<br />
power protection in the UK. With<br />
its modular design and low TCO, it<br />
offers the best scalability and flexibility in<br />
its class."<br />
Announcing "groundbreaking solutions<br />
and enhancements" to its analytics platform,<br />
Sumo Logic says that it will<br />
"empower enterprises to win in the analytics<br />
economy." The demand for machine<br />
data across the enterprise is accelerating<br />
at a faster pace than expected. According<br />
to a 451 Research study, more than 54<br />
per cent of survey respondents say their<br />
companies are already using machine<br />
data tools for business insight, and 50<br />
per cent use these tools to support the<br />
end-user experience. Legacy analytics<br />
tools have failed organisations because<br />
they cannot deliver the visibility needed<br />
to support the investment being made in<br />
modern architectures, at cloud scale.<br />
Ramin Sayar, President and CEO at<br />
Sumo Logic said, "By operating one of<br />
the most sophisticated pure-cloud services<br />
in the world over the past eight years,<br />
and now serving 50,000 plus users,<br />
Sumo Logic is quickly becoming the data<br />
steward for modern businesses and we<br />
are just getting started."<br />
Security certification is an important<br />
indicator. When it comes to safe storage<br />
of data, how do you choose between the<br />
options? iStorage has recently passed the<br />
prestigious FIPS 140-2 Level 3 certification,<br />
which is in addition to the NCSC<br />
CPA, NLNCSA BSPA & NATO Restricted<br />
Level. iStorage claims that they are the<br />
world's first and only company to have all<br />
these security certifications.<br />
It is becoming clear to all that Artificial<br />
Intelligence (AI) and Machine Learning<br />
(ML) are technologies that have the<br />
potential to differentiate businesses in a<br />
congested and competitive market. Cisco<br />
has launched its first server built from the<br />
ground up to manage and power these<br />
AI and ML workloads. The new Cisco<br />
UCS server speeds up deep learning, a<br />
compute-intensive form of machine<br />
learning that uses neural networks and<br />
large data sets to train computers for<br />
complex tasks. Businesses will require an<br />
IT architecture that is capable of taking<br />
in vast sets of data and using it to learn,<br />
so this technology is required to power<br />
these initiatives.<br />
Roland Acra, SVP and GM for Cisco's<br />
Data Center Business Group says, "Over<br />
the next few years, apps powered by AI<br />
and ML will become mainstream. While<br />
this solves many complex business issues,<br />
it also creates new IT challenges. This<br />
addition to the Cisco UCS line up will<br />
power AI initiatives across a wide range<br />
of industries: our early-access customers<br />
in the financial sector are exploring ways<br />
to improve fraud detection and enhance<br />
algorithmic trading. Meanwhile in healthcare,<br />
they're interested in better insights<br />
and diagnostics, improving medical<br />
image classification, and speeding drug<br />
discovery and research." NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 9
SHOWPREVIEW<br />
PREPARING FOR<br />
LIFT-OFF…<br />
IP EXPO EUROPE 2018 TAKES<br />
PLACE AT EXCEL LONDON IN<br />
OCTOBER, AND WELCOMES<br />
FORMER ASTRONAUT COLONEL<br />
CHRIS HADFIELD AS ITS<br />
KEYNOTE SPEAKER<br />
IP EXPO Europe, which is colocated with<br />
Digital Transformation EXPO 2018, returns<br />
to London on the 3rd and 4th of October.<br />
The two day event will be opened by<br />
Astronaut Chris Hadfield with a keynote that<br />
will share his truly unique perspectives,<br />
experiences and lessons concerning the next<br />
steps for mankind.<br />
Alongside IP EXPO Europe, the full spectrum<br />
of the technology industry will be present at<br />
Digital Transformation EXPO, offering expert<br />
speakers in the following areas:<br />
IP EXPO<br />
Many organisations exclusively depend on<br />
cloud-based ecosystems. Speakers at IP EXPO<br />
will share their knowledge and strategies to<br />
expose the full potential of the cloud.<br />
Speaker Mayank Prakash, Chief Digital and<br />
Information Officer at DWP will offer advice<br />
concerning the critical ingredients required to<br />
drive digital transformation at pace - from<br />
embedding a digital mindset to empowering<br />
multidisciplinary teams, whilst investing in an<br />
innovative ecosystem. Other speakers<br />
include Margarida Correia, Architect at<br />
Juniper Networks and Alexandra Gates,<br />
Principal Product Marketing Manager at<br />
Aerohive Networks.<br />
CYBER SECURITY X<br />
With GDPR firmly in place, it's time to hear the<br />
discussions around the impact it's having. At<br />
the show, expert speakers will offer a fully<br />
rounded look at cyber security, from<br />
protection to mitigation and detection.<br />
Attendees will also have the opportunity to<br />
explore the world of hacking, with the Cyber<br />
Hack showcase offering a glimpse of how the<br />
bad actors can attack.<br />
Eye-opening talks will be delivered by key<br />
cyber security leaders, including Dave Lewis,<br />
Global Security Advocate at Duo Security,<br />
Doug Howard, Vice President of Global<br />
Services at RSA, Lisa Forte, Partner at Red<br />
Goat Cyber Security LLP and Security Analyst,<br />
Graham Cluley.<br />
DEVELOPER X<br />
The role of the developer has never before<br />
been so crucial in this digitally transforming<br />
world. Speakers at Developer X will include<br />
Paul Fletcher, Enterprise Architect at<br />
Sainsbury's, Marcus Robinson, Technical<br />
Evangelist at Microsoft, and James Allen,<br />
Cloud and DevOps Solution Architect at<br />
Red Hat. Together they will take stock of the<br />
rapid speed of change as disruptive new<br />
technologies and practices become<br />
established.<br />
AI-ANALYTICS X<br />
AI has been the hottest topic for years and<br />
2018 is no different. IP EXPO Europe will<br />
explore new innovations in AI and machine<br />
learning, driven by data. The insights gained<br />
through analytics are incredibly powerful, and<br />
can be used to grow an organisation.<br />
Speakers, including Dr Hannah Fry, Lecturer in<br />
the Mathematics of Cities at UCL, Areiel<br />
Wolanow, Managing Director at Finserv<br />
Experts and Oliver Gindele, Data Scientist at<br />
Datatonic, will together deliver insight and<br />
solutions to help visitors to store, manage and<br />
analyse data on a massive scale.<br />
INTERNET OF THINGS X<br />
With over 23 billion connected devices in use<br />
worldwide, with that figure set to more than<br />
double over the next few years, enterprises in<br />
all verticals are seeing the huge opportunities<br />
for their organisation from harnessing IoT<br />
technology. Internet of Things X will explore<br />
the very latest capabilities offered by IoT<br />
solutions with input from IoT experts including<br />
Yodit Stanton, CEO of OpenSensors and John<br />
David, CEO and Founder of Amnick.<br />
BLOCKCHAIN X<br />
Blockchain is no longer tomorrow's future<br />
megatrend: it is here, today, and has the<br />
potential to change technology forever.<br />
Covering subjects such as performance,<br />
resilience, integration and platforms,<br />
Blockchain X will provide attendees with the<br />
information that they need to help them<br />
understand the opportunities and applications<br />
for business operations.<br />
Carrie Osman, CEO & Founder at Cruxy &<br />
Company will be speaking at Blockchain X<br />
and educate attendees on how best to tackle<br />
Blockchain and gain business benefits. NC<br />
IP Expo Europe is poised to challenge,<br />
inform and lead todays IT professionals. For<br />
further information and to register for IP EXPO<br />
Europe 2018, visit: www.ipexpoeurope.com<br />
10 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
FEATUREBLOCKCHAIN<br />
THE CURRENCY OF BLOCKCHAIN<br />
BLOCKCHAIN IS MORE - MUCH MORE - THAN BITCOIN.<br />
JONATHAN WILKINS, MARKETING DIRECTOR AT EU AUTOMATION<br />
EXPLAINS HOW BLOCKCHAIN CAN AUTOMATE A RANGE OF<br />
BUSINESS PROCESSES<br />
Blockchain was invented in 2008 by<br />
Satoshi Nakamato. He is thought to<br />
be a man living in Japan, born in<br />
1975, but there remains speculation about<br />
the inventor's true identity.<br />
The technology was intended as a digital<br />
ledger for the cryptocurrency Bitcoin. Its<br />
success led to the use of the technology to<br />
automate a range of processes, from asset<br />
traceability to accountancy. But, according<br />
to IDG Connect, only 13 per cent of IT<br />
leaders have a plan to use blockchain.<br />
TAKING AUTOMATION TO THE<br />
NEXT LEVEL<br />
Blockchain adds to the automation<br />
capabilities that Industry 4.0 has already<br />
provided. For example, most manufacturers<br />
have started to integrate components such<br />
as smart sensors and programmable logic<br />
controllers (PLCs), which allow them to<br />
automate equipment maintenance. Plants<br />
can now add blockchain between the<br />
Enterprise Resource Planning (ERP) software<br />
and the parts supplier, so that machines<br />
can autonomously place orders for their<br />
own replacement, before they break.<br />
Businesses still using paper-based records<br />
should transfer them directly to blockchain<br />
to reduce the risk of data being lost or<br />
damaged. Many companies still use paperbased<br />
legal contracts, but with blockchain,<br />
they can produce smart contracts that<br />
automatically execute when certain<br />
conditions are met. Ethereum is an<br />
example of a platform that runs smart<br />
contracts using blockchain. It manages the<br />
release of assets to the owner using<br />
predetermined conditions to prove their<br />
ownership.<br />
As well as automating individual business<br />
processes, blockchain dramatically<br />
improves the ability of companies to safely<br />
share information.<br />
THE CHAIN<br />
When a document is shared on a<br />
blockchain, a block is created that attaches<br />
to previous blocks, forming a visible chain.<br />
This allows for advanced supply chain<br />
traceability and means businesses can<br />
rapidly detect and address problems. For<br />
example, if a manufacturer that uses<br />
blockchain needs to initiate a product<br />
recall, every product can be identified,<br />
located and quickly recalled. It's efficient<br />
and secure.<br />
Blockchain could also help to reduce the<br />
amount of greenhouse gases that<br />
organisations emit. Approximately 1,000<br />
industrial plants and power stations in the<br />
UK are covered by the Emissions Trading<br />
System (ETS). They are issued a limited<br />
number of carbon credits by government. If<br />
they do not use all their carbon credits,<br />
they can trade them to other companies.<br />
IBM and Energy Blockchain Labs are<br />
developing a blockchain marketplace to<br />
increase the visibility and traceability of<br />
carbon credit trading.<br />
Despite the increased clarity and visibility<br />
of records that blockchain allows, it is also<br />
seen as a safer means of digital<br />
information transmission than the<br />
alternatives.<br />
SAFETY MOMENT<br />
An April 2018 Cyber Security Breaches<br />
Survey found that over four in ten UK<br />
businesses suffered a cyber breach or<br />
attack in the previous twelve months. As<br />
more devices become connected across the<br />
Industrial Internet of Things (IIoT), cyber<br />
security will become a bigger concern.<br />
Blockchain is extremely tamper-resistant:<br />
by the time a hacker has hacked into a<br />
block, multiple new blocks have been<br />
created. Alex Tapscott, CEO and founder<br />
of Northwest Passage Ventures, explained,<br />
"You wouldn't just have to hack one system,<br />
you'd have to hack every single computer<br />
on that network."<br />
Blockchain uses a powerful cryptography<br />
that gives individuals ownership of their<br />
own data, reducing the risk of identity<br />
fraud. In addition, the technology uses long<br />
cryptographic keys that work in a similar<br />
way to long, complex passwords, making<br />
accounts challenging for hackers to access.<br />
While he keeps his identity private, the socalled<br />
Satoshi Nakamato is probably<br />
astonished by the vast benefits that his<br />
invention can bring to organisations across<br />
all industries. In coming years, we can<br />
expect to see many more applications for<br />
blockchain, including some that may not<br />
have been considered yet. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 11
FEATUREBLOCKCHAIN<br />
FUELLING THE CHAIN<br />
OF DISCOVERY<br />
SCIENTIFIC RESEARCH IS OFTEN<br />
IMPEDED BY FEAR. EITAN<br />
KATCHKA, CHIEF OPERATING<br />
OFFICER OF MATERIALSZONE<br />
EXPLAINS WHY BLOCKCHAIN<br />
WILL UNLOCK COLLABORATIVE<br />
SCIENCE AND ACCELERATE<br />
DISCOVERY<br />
Science has always been a race. The<br />
scientist or researcher who has the<br />
most published works or finds a<br />
potentially world-changing discovery will<br />
take home the funding and the fame. This<br />
race, however, has been slowly smothering<br />
innovation and discovery.<br />
It is estimated that 95 per cent of scientific<br />
research is inaccessible or lost. This is due to<br />
fears surrounding intellectual property, a lack<br />
of incentive for researchers to publish their<br />
data, and very few platforms where they can<br />
do so. Therefore, under the current publishing<br />
and academic models, most researchers are<br />
reluctant to share their data out of fear that<br />
their findings will get scooped by other<br />
researchers. This creates an insurmountable<br />
barrier for science to shift into an open science<br />
approach, resulting in billions of data entries,<br />
studies and experiments from all research<br />
fields not being shared, which obstructs<br />
innovation and scientific breakthroughs.<br />
In an ideal world, international scientists and<br />
researchers would work together toward the<br />
common goal of discovery. Unfortunately, the<br />
current model of research demonstrates that<br />
this isn't feasible. Even though there have been<br />
many efforts by the EU and US regulators and<br />
other large organisations to shift to an open<br />
science approach, published work is still the<br />
measure of a researcher's success. In the<br />
meantime, the world is falling apart faster than<br />
we can stick it back together. For example,<br />
global warming is an issue that entire<br />
continents are trying and failing to combat.<br />
Technological innovation may yet untie the<br />
hands of science so it can get to work<br />
unhindered. Blockchain technology opens up<br />
a great deal of possibility for the science<br />
community.<br />
For example, MaterialsZone utilises Sample<br />
Protocol to allow researchers in materials<br />
science to share and monetise their data on<br />
the blockchain - whilst securing the creators'<br />
intellectual property by means of immutable<br />
timestamping. Blockchain can also provide a<br />
decentralised place to publish data, so no<br />
single entity will have ultimate control of the<br />
data which is being recorded.<br />
Building an environment like this will<br />
incentivise researchers to upload their data<br />
onto a marketplace and sell it for use, and in<br />
turn build an open science economy. The<br />
benefits aren't confined to the researchers.<br />
Research organisations can then make the<br />
most of their funding and time as it wouldn't<br />
be spent on research already conducted,<br />
which will free up research time for other work.<br />
Research and measurements aren't the only<br />
items to be dealt with. 'Failed' result data can<br />
also be incredibly valuable. If one laboratory<br />
has tried an experiment a number of times<br />
and failed then why should every laboratory in<br />
the world repeat it? Also, the outcome of that<br />
experiment may be a failure for one<br />
researcher but an interesting lead for another.<br />
The failed result data could be freely and<br />
easily shared, or even sold - once more giving<br />
value to the work and saving the time and<br />
money of others. There are estimations that<br />
eliminating the failed results from research can<br />
free up 30 to 50 per cent of research time.<br />
In an economy such as this, smart contracts<br />
on the blockchain guarantee every party<br />
speed and efficiency. What's more, some<br />
parameters can be set to ensure that<br />
everybody gets a fair reward for their work.<br />
For example, if a laboratory purchases a<br />
year's worth of research data from an<br />
organisation, it can be set up to ensure that<br />
the researchers, assistants, the laboratory<br />
and funders of the research etc. all receive<br />
their share.<br />
Those research findings on a USB stick,<br />
buried in a draw, could be the data that leads<br />
a researcher to discovery. Blockchain is key to<br />
unlocking data and creating a truly<br />
collaborative scientific ecosystem, so that<br />
researchers are properly incentivised to share<br />
their data and fuel the fire of discovery. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 13
FEATUREBLOCKCHAIN<br />
BLOCKCHAIN TAKES OFF<br />
BLOCKCHAIN'S SINGULAR ASSOCIATION WITH<br />
BITCOIN IS BEING SLOWLY DISMANTLED. THANE<br />
HALL, DIGITAL TRUST ACCOUNT MANAGER AT<br />
THALES UK EXPLAINS HOW BLOCKCHAIN CAN<br />
RADICALLY IMPROVE THE AEROSPACE AND<br />
DEFENCE SUPPLY CHAIN<br />
According to a recent Accenture report<br />
entitled 'Launchpad to Relevance:<br />
Aerospace & Defense Technology<br />
Vision 2018', 86 per cent of aerospace and<br />
defence (A&D) firms say that they expect to<br />
integrate blockchain technology into<br />
corporate systems by 2021. But why are<br />
they thinking blockchain?<br />
Essentially, blockchain offers a permanent<br />
(immutable) data store even when publically<br />
accessible and without the need for a thirdparty.<br />
Bitcoin has proven that blockchain<br />
technology is secure enough to hold<br />
£100Bn of value in the public domain. It<br />
uses a combination of mechanisms which<br />
including cryptographically locking blocks of<br />
transactions into a chain (hence blockchain)<br />
and then replicating that data in multiple<br />
instances globally, bound with a mechanism<br />
to ensure that they all agree on the true<br />
state of the ledger (hence distributed ledger<br />
technology). The immutability of this data is<br />
ensured through the cryptographic locks<br />
and the many distributed instances that<br />
maintain consensus.<br />
Blockchain is evolving rapidly, although<br />
many still associate this technology with<br />
Bitcoin and other cryptocurrencies. This is a<br />
distraction that inhibits understanding of its<br />
potential value in multiple application areas.<br />
COMPLEX SUPPLY CHAINS: VISIBILITY<br />
Blockchain technology was originally<br />
devised to help businesses improve their<br />
transparency and accountability. This is<br />
particularly relevant in the A&D industries<br />
especially concerning the securing and<br />
simplifying of a transparent and reliable<br />
supply chain for parts.<br />
A blockchain can store any transaction or<br />
data you wish to immutably store, and not<br />
just financial transactions. The advantage of<br />
being immutable with no need for a third<br />
party means that organisations can trust that<br />
the data is correct and that no participating<br />
stakeholder has changed it. In essence, it is<br />
a 'trustable database' and therefore the<br />
parties using it can better trust each other;<br />
an essential principal for good business.<br />
There are hundreds of different suppliers<br />
involved in the manufacture of a single<br />
aircraft and each one must maintain<br />
impeccable and trustworthy visibility<br />
concerning the manufacture and supply of<br />
their components. This requirement makes it<br />
easy to understand the role that blockchain<br />
technology can play.<br />
FUTURE APPLICATIONS, TODAY<br />
Research is currently underway to better<br />
understand the potential applications of<br />
blockchain technology in this area, including<br />
a new blockchain-based system that could<br />
help secure and streamline the complex<br />
global supply chains that support the A&D<br />
industry. Driving this innovative research is the<br />
clear need for manufacturers, especially in<br />
A&D, to establish accountability and eliminate<br />
both counterfeit or grey-market components<br />
and suppliers from its supply chain.<br />
One such project is based on<br />
Hyperledger, an open source blockchain<br />
project managed by The Linux Foundation.<br />
The prototype combines blockchain, the<br />
internet of things and other innovative<br />
technologies, including a Physically<br />
Unclonable Function (PUF) solution for<br />
FPGA silicon chips and tamper-proof<br />
cryptoseals.<br />
This gives aircraft manufacturers,<br />
suppliers, maintenance firms, as well as<br />
airlines, an unparalleled ability to<br />
accurately track and secure trustworthy data<br />
throughout their supply chain. They can all<br />
know the exact configuration of any aircraft<br />
that is in service, at any point in time. This<br />
helps to avoid unnecessary time delays (in<br />
sourcing and delivering required parts, for<br />
example), increased costs, and the potential<br />
risks arising from faulty or counterfeit parts.<br />
This is just one very good example of how<br />
blockchain can be used to increase and<br />
maintain supply chain standards and<br />
improve mission assurance. It will ensure<br />
authentic parts and materials enter the<br />
supply chain, provide a unique identity and<br />
then use this identity for supply chain<br />
transactions in a blockchain to establish<br />
their authenticity.<br />
Blockchain has incredible potential to<br />
increase efficiency and trust in an entire<br />
market. Theories will soon be turned into<br />
practice and a whole new use case for<br />
blockchain will have been born. NC<br />
14 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
FEATUREBLOCKCHAIN<br />
THE BLACK MARKET BLOCK<br />
IF LEFT UNCHECKED, COUNTERFEIT<br />
AUTOMOTIVE PARTS CAN CAUSE DEATH.<br />
STEVE KUH, CEO AT BONAFI EXPLAINS<br />
HOW A BLOCKCHAIN-BASED SOLUTION<br />
CAN ARREST THE GROWTH IN THIS BLACK<br />
MARKET FOR CAR PARTS<br />
It is shocking how counterfeiters will go<br />
to any length to make money, even if it<br />
can potentially result in someone's<br />
death. The pharmaceutical industry is no<br />
stranger to the world of counterfeiting.<br />
However, an equally profitable domain for<br />
counterfeiters is in the aftermarket<br />
automotive parts industry, where they are<br />
using every possible method to persuade<br />
people to buy inferior, low-quality and<br />
possibly dangerous replacement car parts.<br />
They will either sell the car part for a few<br />
dollars less than the manufacturer's<br />
suggested retail price or charge the cost of<br />
the original car part and deceive buyers by<br />
placing a brand name label on the<br />
counterfeit component. In either case,<br />
both the consumer and authentic brand<br />
owner suffer.<br />
Consumers need to realise the<br />
importance of purchasing authentic car<br />
parts. BMW recently conducted a test with<br />
aftermarket counterfeit parts for their<br />
reliability, and the results were shocking.<br />
The international car brand found that a<br />
car with fake braking components could<br />
travel up to 25 meters more after applying<br />
their brakes than a vehicle with authentic<br />
parts. That added distance can be deadly<br />
when moving at high speeds.<br />
The use of blockchain technology can<br />
help to deter the issue of counterfeiting<br />
worldwide. Blockchain is an immutable<br />
public ledger system. It is immutable and<br />
public since records are shared and<br />
agreed upon among the many computers<br />
connected by the network. For example, it<br />
is virtually impossible to make a false entry<br />
on the blockchain without the knowledge<br />
of the other computers on the network. If<br />
the computers connected to the network<br />
are 100, then it would be necessary to<br />
access each one of those computers to<br />
falsify a record. But, if the number of<br />
computers on the network is in the<br />
millions, then it is virtually impossible to<br />
falsify in that way. That is why data<br />
recorded on the blockchain is considered<br />
to be immutable.<br />
While blockchain technology is based in<br />
software, it still requires a hardware<br />
component to interface with goods when<br />
it is used as an anti-counterfeiting<br />
solution. It has to be able to identify<br />
every single item as a unique and<br />
individual component.<br />
For example, imagine having a small<br />
NFC tag attached to an item that users<br />
can scan. Scanning the tag with a<br />
smartphone application is the most<br />
practical way to offer this. As soon as the<br />
user scans the product, the consumer can<br />
see the details of that product on their<br />
screen. The details may include the<br />
manufacturer's name, product ID, and<br />
other supply chain details to help establish<br />
authenticity.<br />
The tag is crucial to the system for the<br />
following reasons:<br />
The end user receives verification when<br />
they scan the item using the phone app<br />
It becomes an identified as an<br />
authentic item<br />
The tag, as it moves through the<br />
supply chain is used to store required<br />
information by recording and updating<br />
data held on the blockchain<br />
It is also beneficial to include an owner<br />
registration for the aftermarket auto parts<br />
using the phone app and the tag. This<br />
would allow the manufacturer to notify the<br />
authentic owner should the parts need to<br />
be recalled in the case of a discovered<br />
problem. The blockchain, the phone app,<br />
and the tag would identify the<br />
components and the registered owners<br />
would be alerted of recall notices should<br />
this be needed.<br />
The worldwide counterfeiting industry is<br />
not going to slow down on its own. If a<br />
blockchain-based solution is out there,<br />
consumers and brand-name manufacturers<br />
alike need to make use of it to put an end<br />
to counterfeiting. If not, the black market<br />
will continue, costing billions of dollars for<br />
the original parts makers. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 15
FEATUREBLOCKCHAIN<br />
COLLABORATIVELY ENGINEERING BLOCKCHAIN<br />
THERE IS A LOT TO POTENTIALLY CONSIDER IF ORGANISATIONS<br />
WANT TO DEPLOY BLOCKCHAIN BEYOND ITS BITCOIN MEME.<br />
TRAVIS BIEHN, TECHNICAL STRATEGIST AND RESEARCH LEAD AT<br />
SYNOPSYS EXPLORES THE ISSUES<br />
Cryptocurrency hacks are prevalent<br />
and one of the most recent in the<br />
digital currency space was the one<br />
that took place on South Korea's Bithumb<br />
exchange; it is thought that virtual currency<br />
valued in excess of $31 million was stolen.<br />
With such events wreaking havoc on public<br />
blockchain ventures, why are organisations<br />
rushing to implement blockchain solutions in<br />
their business? Let's consider a few clarifying<br />
factors between public and enterprise<br />
blockchain potential and the impact that this<br />
emerging technology can have.<br />
Enterprise blockchain platforms have their<br />
roots in established public systems like Bitcoin<br />
and Ethereum. However, they also have<br />
significant functional and security-relevant<br />
differences. Public blockchains allow<br />
everyone to participate in the network, using<br />
differing degrees of access. Private<br />
blockchains on the other hand regulate<br />
access using membership control such as<br />
consortium consensus, IP whitelisting,<br />
certificate validation and the use of a central<br />
authority. Unlike Bitcoin, the private<br />
blockchains' primary use case isn't to store<br />
and transfer value, but to provide a platform<br />
for inter-organisational collaboration and to<br />
enforce arbitrarily complex business logic.<br />
While the open source community has<br />
been enamoured with the success of<br />
Ethereum, the enterprise community has<br />
been quietly building the next generation of<br />
distributed trustless applications on<br />
permissioned blockchain technologies.<br />
Enterprise blockchain adoption seems to<br />
have reached fever pitch in 2018.<br />
Meanwhile, the security community has not<br />
yet developed strong idioms for hardening<br />
these platforms against attack.<br />
We have witnessed blockchain technology<br />
both evolve and fragment over recent years<br />
and have been commercially engaged with<br />
blockchain technology since 2015. In the first<br />
half of 2018, we performed over 3,000<br />
hours of threat modeling on systems built<br />
around enterprise blockchain platforms, and<br />
even more in source code review and<br />
dynamic testing.<br />
Through our team's experience, we have<br />
found that the most crucial gaps in<br />
understanding the security impact of<br />
blockchain technology occur in four key areas:<br />
Whole System: This involves the shared<br />
custody and operation of a component<br />
lifecycle which depends on cooperation with<br />
competitors. Additionally, distributed systems<br />
engineering is a rare skill that is essential for<br />
risk analyses of all types.<br />
Software Design: The concept of identity is a<br />
common source of deep design flaws. It's a<br />
consideration throughout blockchain<br />
components and requires mapping to higherlevel<br />
systems.<br />
If development libraries are absent, every<br />
team must develop them from scratch and<br />
that means missing out or deploying their<br />
own model of security controls.<br />
Authentication and authorisation are difficult,<br />
and controls both in smart contracts and in<br />
upstream systems must be created.<br />
Data Management: This involves<br />
compliance to regulation and understanding<br />
how to thoughtfully minimise private data<br />
while still gaining the benefit of the<br />
blockchain components.<br />
Platforms: Usage, metering and audit<br />
resource capabilities are not easily<br />
accomplished with new platforms. New<br />
execution environments and sometimes<br />
languages can often pose challenges to<br />
process, tools, and people.<br />
Decisions made close to blockchain<br />
components have critical fault but they only<br />
make up a small fraction of issues. More<br />
importantly, architects and developers can<br />
make the wrong assumptions about the<br />
security properties provided by these<br />
platforms, and those mistakes can lead to a<br />
large majority of exploitable issues.<br />
The most widely used platforms are often<br />
difficult to configure and dangerous to<br />
expose to untrusted components. Thankfully,<br />
businesses do not have their heads in the<br />
sand regarding this risk and are taking a<br />
cautious approach to evaluation. It is during<br />
this period that security leaders should<br />
collaborate with system stakeholders,<br />
architects, developers, business leaders and<br />
operators. The goal of collaboration is to<br />
refine the security properties of the systems,<br />
develop processes for managing platform<br />
secrets and component lifecycles, and mature<br />
these capabilities of evaluation, prevention,<br />
detection, and response, over time. NC<br />
16 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
DIGITAL WISDOM<br />
WITH DATA VOLUMES AND<br />
AVAILABILITY GROWING<br />
UNIMAGINABLY, THE PRACTICAL<br />
USE OF DATA HAS BECOME A<br />
CHALLENGE. ERIC YU, CEO AT<br />
GTCOM CONSIDERS HOW WE<br />
CAN THRIVE IN A WORLD OF<br />
INFORMATION OVERLOAD<br />
American scientist E.O. Wilson<br />
observed that, ''We are drowning in<br />
information, while starving for<br />
wisdom.'' This statement is as true today as<br />
it was thirty years ago. The availability of<br />
infinite amounts of content, data and<br />
discussion offers incredible possibilities,<br />
but at its worst it can cause delays and<br />
distractions, potentially impacting on<br />
productivity and producing poor quality<br />
decision making.<br />
It's vital that we base decisions on clear<br />
and accurate information if we are to<br />
make the best choices and prepare our<br />
organisations for success. According to a<br />
survey by Helical IT, the success rate of<br />
decisions made based on data is 79 per<br />
cent higher than those using intuition<br />
alone. It is therefore vital that the<br />
information we require can be accessed<br />
quickly and easily and is straightforwardly<br />
presented using clear hierarchy and<br />
structure.<br />
This challenge is currently more<br />
pronounced than ever. The General Data<br />
Protection Regulation (GDPR), data privacy<br />
concerns brought to light through recent<br />
scandals at Cambridge Analytica, and<br />
data breaches at the likes of Uber, Equifax<br />
and Yahoo make data collection and<br />
usage a focal point for all organisations<br />
who must act in a responsible way so that<br />
people can trust them enough to share<br />
their data.<br />
Additionally, we work and live in a global<br />
marketplace, with access to information<br />
published in many different languages. As<br />
breakthroughs are made, this provides<br />
access to more opportunities to develop our<br />
work and explore that of others. However, it<br />
also intensifies the challenges around<br />
dealing with large amounts of data.<br />
2018 will be a pivotal year for many<br />
industries as artificial intelligence works its<br />
way into a wide variety of devices and<br />
services. Researchers and innovators need<br />
to be informed about patents long before<br />
they dive into a specific research project<br />
and kept up to date about breakthrough<br />
insights across multiple disciplines that<br />
could impact their work.<br />
This kind of informed global approach<br />
can only enhance our work, make us more<br />
competitive, and help organisations to<br />
expand. But to do this we must work<br />
through more information than ever, and<br />
many of the challenges around efficiency<br />
and productivity become even more<br />
pronounced. Traditional networking<br />
environments lack the flexibility and<br />
computing power to cope with the volume<br />
of data from multiple sources that must be<br />
analysed to generate smart solutions.<br />
To overcome this, many business leaders<br />
and academics are turning to data<br />
research and analytics tools to do some of<br />
the heavy lifting and secure the best<br />
quality and most appropriate information<br />
as quickly as possible.<br />
There are an impressive range of<br />
qualitative analysis tools available, that<br />
can improve upon traditional quantitative<br />
analytics by analysing a full range of<br />
written text, including theories, code and<br />
discourse, vital to those in network<br />
computing environments. For example,<br />
having access to this kind of global<br />
information can help business intelligence<br />
units and R&D departments to evolve<br />
products and services more efficiently and<br />
more quickly identify any international<br />
property rights issues, ensuring that they<br />
remain ahead of any potential legal risks.<br />
A good AI and Big Data-powered research<br />
platform can save time for entrepreneurs and<br />
R&D departments and provide them with<br />
access to the information they need to be<br />
successful. Such platforms are often updated<br />
with more than 30 million news articles and<br />
500 million pieces of social data, daily.<br />
The pace of change and evolution of<br />
knowledge is moving so rapidly, that the<br />
amount of available information can be a<br />
challenge, rather than an opportunity. The<br />
available qualitative analysis tools allow us<br />
to benefit from access to vast amounts of<br />
data in a way that our existing networks<br />
alone cannot. This allows our research and<br />
development departments to design<br />
products and services using wisdom. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 17
FEATURESD-WAN<br />
RESILIENT<br />
CONNECTIVITY<br />
ONE SIZE OF SD-WAN DOES<br />
NOT FIT ALL. BEWARE OF U.S.<br />
BASED SUCCESS STORIES SAYS<br />
NICK JOHNSON, CEO AT<br />
EVOLVING NETWORKS, WHO<br />
EXPLAINS HOW TO MAKE SD-<br />
WAN WORK FOR BUSINESSES<br />
IN THE U.K.<br />
The business landscape is moving at<br />
pace, driven by the need for flexibility<br />
and the increasing adoption of cloud<br />
services. One of the consequences of this is<br />
the need for improved connectivity. Users<br />
want more capacity, faster speeds, better<br />
quality. And this demand is growing,<br />
especially as more emphasis is placed on<br />
distributed working practises and SaaS. As a<br />
result, the need for resilient connectivity is<br />
now business critical. What this means for<br />
organisations is that they're looking for<br />
solutions that can deliver against both their<br />
current and future needs.<br />
Traditionally, this is where MPLS would come<br />
in. It's robust, supported by SLAs and is an<br />
established technology. However, it's also<br />
expensive, inflexible, takes time to provision,<br />
and it's a challenge to integrate with cloud<br />
services. Importantly, packet prioritisation is an<br />
expensive option, which means that the quality<br />
of VoIP phones could be compromised if they<br />
are run alongside other connectivity-based<br />
services that might saturate the available<br />
bandwidth capacity.<br />
SD-WAN will increasingly provide the<br />
solution to this connectivity problem. Globally,<br />
it's a growing market sector and Gartner<br />
forecasts that by 2020, we'll be spending<br />
$1.24 billion on the technology.<br />
SD-WAN can deliver stable, low latency and<br />
intelligent connectivity and is easily integrated<br />
with cloud apps: this is a key factor for most<br />
businesses now. It's a much newer technology<br />
than MPLS, more agile and cost-effective - all<br />
of which are critical in a world where budgets<br />
are always being scrutinised. But the one<br />
major advantage of SD-WAN is that it is much<br />
more resilient, especially when deployed using<br />
multi-path aggregated connectivity, which<br />
ensures diversity through the infrastructure<br />
layer and low latency where required.<br />
SD-WAN can be particularly effective at<br />
simplifying network topology, linking multiple<br />
sites together in an effective and efficient way.<br />
Unlike MPLS, SD-WAN is also easily scalable,<br />
allowing businesses to add sites and<br />
additional lines quickly and cost-effectively<br />
because of its software-defined nature.<br />
While the technology has a head start in the<br />
US market it is making definite inroads in the<br />
UK. The key to its success in the UK, however,<br />
is not to rely on US-centric technology or<br />
mere resellers of that technology, but on<br />
solutions designed for the local market and<br />
network infrastructure, deployed by partners<br />
who understand the market and its<br />
challenges. The broadband infrastructure in<br />
the US is a very different beast to ours, and<br />
as a result the standardised SD-WAN<br />
products are not fit for our purpose.<br />
A case in point is the recent news that Cisco<br />
is preparing to include an SD-WAN upgrade<br />
in its routers. While this is a positive step for the<br />
market in the UK, it's important to remember<br />
this software was developed in the US for a<br />
broadband infrastructure that is of a much<br />
higher quality and where vendors compete on<br />
that quality, instead of price. As mentioned, the<br />
UK market is very different, which makes it a<br />
little challenging for businesses to get the<br />
promised benefits of SD-WAN.<br />
There is little doubt that change is afoot in<br />
the connectivity market; driven by the everincreasing<br />
demand for better, faster, more. So,<br />
while SD-WAN may indeed be the connectivity<br />
solution that UK businesses are looking for, we<br />
can't rely on the approach and technology<br />
developed by our cousins across the Atlantic<br />
to help us deliver its benefits. Instead, we need<br />
SD-WAN solutions designed for our needs,<br />
with UK broadband infrastructure in mind,<br />
deployed by vendors that understand the<br />
challenges businesses face, developing their<br />
own software based on localised experience.<br />
We are now in a time where ISPs who deliver<br />
SD-WAN solutions with no disconnect<br />
between the software and underlying network<br />
layers will be best placed to deliver. NC<br />
18 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
FEATURESD-WAN<br />
GIVING WAN AN EDGE<br />
SD-WAN IS NOW MAKING ITS<br />
CASE. ALLAN PATON, DIRECTOR<br />
OF UK AND IRELAND AT SILVER<br />
PEAK EXPLORES THE<br />
EVOLUTION OF SD-WAN AND<br />
HOW IT WILL REPLACE THE<br />
COMPLEXITY OF ROUTER-<br />
CENTRIC WAN ARCHITECTURES<br />
In recent years, the software-defined WAN<br />
(SD-WAN) market has experienced<br />
significant growth around the world, with<br />
new SD-WAN acquisitions, partnerships and<br />
investments gaining momentum. As the<br />
benefits of SD-WAN become increasingly<br />
apparent, Gartner has predicted that by 2019,<br />
companies that have deployed SD-WAN will<br />
rise from less than one per cent, where the<br />
market is today, to 30 per cent. SD-WAN<br />
offerings are fast evolving to address the<br />
changing requirements of enterprises as they<br />
embrace cloud and digitally transform.<br />
Underpinning this evolution is the mass<br />
migration of applications and services to the<br />
cloud. Organisations are realising that their<br />
existing router-centric WAN architectures can't<br />
keep up with the changes in network and<br />
application traffic. As such, businesses are<br />
turning to SD-WANs, which promise the<br />
flexibility to use any combination of transport to<br />
connect users to applications and intelligently<br />
route traffic across the network efficiently and<br />
securely. It's therefore not surprising that,<br />
according to the Frost & Sullivan global SD-<br />
WAN survey, 94 per cent of businesses report<br />
that they have deployed, are deploying, or will<br />
deploy SD-WAN over the next two years:<br />
demand will surely continue to increase.<br />
THE BUSINESS-FIRST NETWORKING<br />
MODEL<br />
Increasingly, enterprises are moving beyond<br />
the constraints and complexity of router-centric<br />
WAN architectures. Routers are burdened by<br />
decades of complexity and still retain a lengthy<br />
and arduous device-by-device configuration<br />
process using an inconvenient and arcane<br />
Command Line Interface (CLI). Now,<br />
businesses are seeking more efficient and<br />
secure access to SaaS and cloud applications.<br />
There's a greater need to connect users directly<br />
and securely to the cloud and this requires a<br />
software-driven WAN edge architecture that<br />
can intelligently steer traffic based on<br />
application-driven policies. As such, SD-WAN<br />
solutions are increasingly evolving to empower<br />
highly-distributed enterprises with a new<br />
business first networking model that yields<br />
consistent application performance, robust<br />
security and operational efficiencies.<br />
LESS: THE NEW MORE<br />
In its first WAN edge report published in 2017,<br />
Gartner considered the future of enterprise<br />
networking as a consolidation of "several<br />
branch-office WAN edge functions, including<br />
routing, SD-WAN, WAN path control, security<br />
and WAN optimisation". By deploying a thin<br />
branch SD-WAN solution, distributed<br />
enterprises would be able to dramatically<br />
improve business agility and lower costs, and<br />
improve network and application<br />
performance, availability and security, while<br />
aligning their networks to ever changing<br />
business requirements.<br />
In the Frost & Sullivan survey, respondents<br />
indicated that network managers are looking<br />
to embrace SD-WAN appliances with<br />
integrated routing and WAN optimisation<br />
functions, while keeping existing CPE-based<br />
solutions at other sites until maintenance<br />
contracts expire. Indeed, interoperability with<br />
existing WAN edge infrastructure will be critical<br />
when migrating to a business-driven WAN<br />
edge until organisations completely replace<br />
traditional routers. A flexible deployment<br />
model, fully compatible with routers, firewalls<br />
or other pre-existing devices at the branch, will<br />
enable enterprises to complete the transition at<br />
their own pace.<br />
UTILISING INTELLIGENCE<br />
Through advancements in artificial intelligence<br />
and self-learning, a unified SD-WAN Edge<br />
platform will also go beyond today's<br />
automation and templates to reach a selfdriving<br />
wide area network that gets smarter<br />
every day. A self-driving wide area network<br />
with centralised and adaptive orchestration<br />
enables self-learning and continuous control to<br />
ensure ongoing alignment with business intent.<br />
Ultimately, the consolidation of network<br />
functions - such as SD-WAN, WAN<br />
optimisation, routing and more - into a single,<br />
centrally orchestrated software instance is the<br />
final stage of evolution for SD-WAN<br />
technology. In the next 18 months, SD-WAN<br />
will become a priority for businesses,<br />
particularly in the banking and financial<br />
services space. We will also see an increasing<br />
need for integrated network functions at the<br />
WAN edge, as well as a demand from<br />
enterprises for centralised cloud-based network<br />
management from their SD-WAN vendor. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 19
FEATUREIOT<br />
IoT IN THE SHADOWS<br />
BYOD IS A THING OF THE PAST -<br />
OR IS IT? GARY COX,<br />
TECHNOLOGY DIRECTOR FOR<br />
INFOBLOX IN WESTERN<br />
EUROPE, EXPLORES THE<br />
TROUBLING RISE OF SHADOW<br />
IoT AND HOW TO DETECT IT<br />
With the Internet of Things (IoT)<br />
continuing to grow, and with<br />
employees connecting an<br />
increasing number of consumer devices to<br />
enterprise networks, IT teams find<br />
themselves faced with greater complexity<br />
and more security issues than ever before.<br />
The scale of the problem was illustrated by<br />
the findings of a recent Infoblox survey<br />
which revealed that, while three quarters of<br />
businesses have over 1,000 approved<br />
devices such as PCs and company mobiles<br />
connected to their networks, more than a<br />
third reported at least 5,000 non-approved<br />
devices, including personal phones, laptops<br />
and e-readers.<br />
Typically offering very poor security, many<br />
of these consumer devices provide<br />
cybercriminals with an ideal point of entry to<br />
an organisation's network, and this<br />
represents a very real threat to that<br />
organisation and its business.<br />
IDENTIFYING PREY<br />
Many businesses reported having a<br />
significant number of non-business IoT<br />
devices such as fitness trackers, Smart TVs,<br />
and digital assistants connected to their<br />
enterprise network. There are, however, a<br />
number of tools readily available that will<br />
enable cybercriminals to exploit the control<br />
of such devices. In 2017, for example,<br />
details of a CIA tool dubbed 'Weeping<br />
Angel' were published on WikiLeaks. Here, it<br />
was explained how the tool was used by<br />
agents to transform Samsung smart TVs into<br />
live microphones.<br />
The identification of vulnerable devices<br />
can be achieved with worrying ease. A<br />
basic search on sites such as Shodan, a<br />
search engine for internet-connected<br />
devices, can deliver a wealth of<br />
information, including details of a device's<br />
banner, along with their open ports<br />
including HTTP, SSH, FTP and SNMP.<br />
It's worth noting that the site is not, in itself,<br />
illegal. The details it provides, however,<br />
could be used by even the lowest level<br />
criminals as a means of identifying<br />
potentially vulnerable devices connected to<br />
corporate networks.<br />
ANTISOCIAL MEDIA<br />
Social media is being used as a means of<br />
spreading malware. Cybercriminals often<br />
exploit the fact that users tend to lower their<br />
guard on social networks, making them<br />
more likely to click on links with unknown<br />
sources. The fact that around two in five<br />
employees claimed to have accessed social<br />
media on their personal devices while<br />
connected to their organisation's network<br />
should therefore ring alarm bells.<br />
Equally worrying is the claim by a quarter of<br />
the survey's respondents that they downloaded<br />
apps to their personal device while connected<br />
to an enterprise network. This is especially<br />
concerning when you consider that even apps<br />
from legitimate download sites have been<br />
found to contain malware.<br />
TAKING ACTION<br />
Introducing a security policy for connected<br />
devices is a sensible first step in managing<br />
the threat that they pose although, according<br />
to the report, employees can't necessarily be<br />
relied upon to follow it. IT administrators<br />
should therefore be able to enforce policy,<br />
restrict access to certain sites and types of<br />
content, and review non-compliant activity<br />
throughout the organisation.<br />
By providing unified visibility into all<br />
devices, IP Address Management (IPAM) will<br />
enable IT admins to manage those devices<br />
more effectively, and DNS-based security<br />
will provide essential context and visibility,<br />
alerting IT admins of any network<br />
anomalies, and enabling them to identify<br />
and block malicious activity more quickly.<br />
What's more, with threat intelligence data<br />
integrated into their DNS management,<br />
security teams will be able to monitor and<br />
prevent access to Newly Observed<br />
Domains, the creation of which tends to<br />
indicate that an attack is forthcoming.<br />
A plethora of connected devices, approved<br />
and otherwise, have made Shadow IoT a<br />
reality, and one which affords cybercriminals<br />
the opportunity to exploit vulnerable devices.<br />
To minimise this risk, enterprise teams must<br />
discover and identify what's lurking on their<br />
networks, and take the steps necessary to<br />
protect it from external threats. NC<br />
20 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
SECURITYUPDATE<br />
MINE YOUR OWN BUSINESS?<br />
ORGANISATIONS OF ALL TYPES ARE UNDER THREAT FROM<br />
CRYPTOJACKERS. KARL SIGLER, THREAT INTELLIGENCE MANAGER<br />
OF SPIDERLABS AT TRUSTWAVE, DETAILS THE THREAT<br />
Cybercriminals are always on the<br />
lookout for new technology to<br />
exploit for easy profits. Accordingly,<br />
the increasingly high profile around one<br />
such opportunity, cryptocurrency, has<br />
attracted the attention of opportunists<br />
around the world.<br />
Specialised software or web script can be<br />
used to harness a machine's CPU or GPU<br />
to solve complex equations and earn<br />
coins, but this must be done on a huge<br />
scale for it to become profitable. Web<br />
based cryptomining has been trying to<br />
become more legitimate, for example,<br />
when a website asks permission to use<br />
some of a visitor's processing power while<br />
on the site. In fact, many sites have begun<br />
to explore this as an alternative to<br />
advertising.<br />
Criminals however will run their code<br />
covertly without asking permission. This<br />
practice is known as cryptojacking.<br />
Cryptojackers will usually insert mining<br />
code into a legitimate website without the<br />
owner's knowledge, enabling them to steal<br />
processing power from anyone visiting that<br />
site. Much like the malvertising tactics used<br />
by other cyber-attackers, criminals can also<br />
infect an ad and spread their mining code<br />
to any site within the ad network.<br />
THE ENTERPRISE GOLDMINE<br />
An ideal mining host site will be one that<br />
receives a high number of visitors and<br />
ideally the connection will be left open for<br />
long periods of time. This has made<br />
streaming sites particularly useful, as they<br />
are naturally open for potentially hours per<br />
visit. Enterprise homepages and portals<br />
are also ideal targets: a large company<br />
might have thousands of users visiting its<br />
page who potentially leave it open during<br />
their workday.<br />
Pre-made mining scripts are easily<br />
acquired online and are so simple to use<br />
that even a complete novice can run one.<br />
Coinhive is one of the most popular<br />
choices for cybercriminals to exploit, as the<br />
JavaScript-based programme also mines<br />
the anonymous Monero currency. Monero<br />
requires less effort than other popular<br />
currencies such as Bitcoin before becoming<br />
profitable and is also designed to be used<br />
anonymously. While it is also very widely<br />
used by legitimate users, these features<br />
make it ideal for a criminal. Coinhive is so<br />
popular that it was found to be present in<br />
13 of the Alexa top 1000 sites.<br />
HOW DOES CRYPTOJACKING HARM<br />
AN ENTERPRISE?<br />
Most illicit mining scripts steal just enough<br />
processing power to cause an irritating<br />
slowdown for affected machines. While it<br />
won't be as damaging as more harmful<br />
malware, for example ransomware, the<br />
presence of an unwanted mining script<br />
embedded into a compromised website<br />
can still deliver a damaging blow to the<br />
site owner's reputation. There have been<br />
several instances of customers complaining<br />
because they thought that an infected site<br />
was intentionally running a mining script<br />
without permission.<br />
Cryptojacking also poses a greater threat<br />
to an enterprise target because the<br />
combined effects of thousands of machines<br />
running a mining script can put a<br />
significant strain on the company network.<br />
The drain on processing power will result<br />
in an increased electricity bill, as well as<br />
costs for the IT resources required to<br />
troubleshoot the estate of slow and<br />
crashed machines.<br />
DETECTING A CRYPTOJACKER<br />
While cryptojacking is becoming<br />
increasingly popular as a low-effort and<br />
reliable money-maker for cybercriminals, it<br />
is fortunately easy to identify and prevent<br />
by using good security hygiene.<br />
Good practices such as keeping sites<br />
and systems regularly patched and<br />
updated will see off most cryptomining<br />
attempts. Any existing mining script can be<br />
discovered with a thorough audit and<br />
vulnerability scan, and future attempts to<br />
compromise the site can be detected by<br />
actively monitoring for attempts to access<br />
and edit the web code. Taking action now<br />
will help to prevent your network being<br />
admitted to the unauthorised mining<br />
community later on. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 21
OPINION<br />
DIGITAL VISIBILITY<br />
AS NETWORKS GROW IN<br />
COMPLEXITY, FULL VISIBILITY IS<br />
ESSENTIAL TO THE DELIVERY OF<br />
DIGITAL PERFORMANCE.<br />
RICHARD PIASENTIN, CHIEF<br />
STRATEGY OFFICER AT<br />
ACCEDIAN EXPLAINS<br />
When a software application is<br />
performing poorly or stops working,<br />
the network usually gets blamed,<br />
but it's not usually the culprit. According to<br />
IHS, the network is at fault less than half the<br />
time. To rapidly pinpoint the root cause, the<br />
IT operations team need a detailed view of<br />
how applications and the network actually<br />
relate to each other. This is especially true in<br />
the case of hybrid cloud applications that rely<br />
on the coordination of physically diverse data<br />
centres, clouds, and Software-as-a-Service<br />
(SaaS) to deliver a responsive user<br />
experience. As the network and applications<br />
become delicately intertwined, there's a<br />
growing demand for better visibility.<br />
IDC supports this view, estimating that<br />
$2.8 billion will be spent on network and<br />
application performance monitoring<br />
(N/APM) in 2018. But, for organisations<br />
under pressure to transform, what are the<br />
main considerations?<br />
DRIVING DEMAND<br />
For today's enterprises, IT and business<br />
processes are becoming more complex.<br />
New technologies and the capabilities that<br />
digital transformation brings, such as<br />
cloudification or DevOps, are increasing<br />
this complexity and reducing visibility across<br />
the network and application layer. To<br />
maintain an acceptable user experience, it's<br />
no longer enough for enterprises to manage<br />
the network in its silo parts.<br />
Today's highly distributed and heterogeneous<br />
enterprise networks mean that enterprises<br />
need monitoring solutions that embrace this<br />
complex infrastructure and move away from<br />
systems traditionally split into the separate<br />
functions of network performance monitoring<br />
and application performance monitoring.<br />
While both have served their purpose, the<br />
need to deliver means that both of these<br />
network disciplines must be unified.<br />
WHEN TWO BECOME ONE<br />
Unifying network and application<br />
performance monitoring will benefit<br />
enterprises in several ways. First, the ability<br />
to monitor network and application using<br />
one platform provides IT teams with a single<br />
source of truth. While traditional monitoring<br />
solutions typically force teams to act in silos,<br />
separated from each other, a unified system<br />
promotes collaboration between teams.<br />
Through this single platform, network<br />
operations, development and business line<br />
owners can understand the interactions<br />
between infrastructure, application, and<br />
user experience.<br />
Then in turn, this single source of truth<br />
becomes invaluable for reducing mean time<br />
to resolution (MTTR). The holistic view it<br />
provides allows IT teams to quickly pinpoint<br />
impairments inside the application or<br />
network chain, identify their scope and<br />
origin, and escalate cases to the right team<br />
with clear, supporting evidence. This<br />
ultimately prevents degradations in the<br />
network or application chain from impacting<br />
the end-user.<br />
POWER OF INSIGHT<br />
These benefits go some way towards end-toend<br />
performance visibility, but true granular<br />
visibility is impossible without insight. By<br />
unifying network and application<br />
performance monitoring into one platform,<br />
enterprises benefit from a wide-angle view,<br />
across each and every layer. Not only does<br />
this prevent gaps in coverage, but it also<br />
enables enterprises to decode every layer<br />
and application transactions, benefiting from<br />
the insights that long-term historical trends<br />
and trace-level diagnostics provide.<br />
It's only by using a common monitoring<br />
platform that enterprises will be able to<br />
correlate common network behaviours and<br />
patterns, understand how to predict failures,<br />
and which steps to take to avoid them from<br />
recurring. Ultimately, enterprises can only<br />
solve degradations if they have a full picture<br />
of their network and its application chain.<br />
UNIFY OR DIE<br />
While there are alternatives to unified<br />
N/APM solutions, the reality is that<br />
organisations failing to implement an<br />
effective visibility solution will be unable to<br />
maintain an adequate user experience. This<br />
will be especially challenged as the<br />
organisation digitally transforms.<br />
Quite simply, enterprises do not have the<br />
choice to opt in or out. N/APM is a must if<br />
they are serious about delivering end-to-end<br />
monitoring visibility. The solution is clear, the<br />
case is made: it just needs implementing. NC<br />
22 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
•<br />
•<br />
•<br />
•
PRODUCTREVIEW<br />
Allied Telesis Hybrid<br />
Wireless Solution,<br />
using the AP5403<br />
Access Point<br />
PRODUCT REVIEW<br />
PRODUCT<br />
REVIEWPRODUCT RE<br />
Wired network connections are<br />
becoming less dominant. Persistent,<br />
trouble free WLAN connections,<br />
everywhere, is the default expectation. But it's<br />
only now that vendors can offer solutions fit<br />
for purpose.<br />
Many WLAN networks are configured<br />
around wireless cells, each using a different<br />
channel (frequency) and susceptible to<br />
interference. Mobile users rely on Fast<br />
Roaming (802.11r) to retain connectivity: IP<br />
telephony and wireless scanners for example.<br />
Manual reconnection isn't acceptable - Fast<br />
Roaming improved connection transfer time<br />
from 200ms to less than 50ms, but it's still<br />
too long.<br />
Previously, Extricom created (patent now<br />
owned by Allied Telesis) Channel Blanket<br />
(802.11ac). Bonding multiple APs<br />
broadcasting the same SSID, authenticated<br />
users enjoy seamless connectivity throughout<br />
the coverage range. Each Channel Blanket<br />
AP listens to all in range devices, but only one<br />
transacts. Where a user moves closer to<br />
another AP, data handling responsibility<br />
seamlessly transfers with a connection transfer<br />
time of zero: Zero Wait Roaming.<br />
Both architectures have merit, depending on<br />
use case. The density of connected devices,<br />
mobility and application sensitivity to<br />
connection transfer will vary widely within a<br />
physical space. Until now, a choice between<br />
architectures often meant an unacceptable<br />
compromise.<br />
The AP5403 has three radios (2.4GHZ and<br />
5GHZ) providing Hybrid Wireless. Within the<br />
same environment, using the same APs, it's<br />
possible to provision Cell and Channel<br />
Blanket based Wi-Fi, offering new, powerful<br />
flexibility, control and value without<br />
compromise. In Cell architecture, connected<br />
devices determine which AP to connect to,<br />
but with Channel Blanket, because all APs<br />
listen, they decide which one assumes<br />
connection duty, ensuring that mobile devices<br />
remain connected to the best AP.<br />
IT could implement policies that, for<br />
example, connect laptops to a cell WLAN<br />
and mobile devices to a Channel Blanket for<br />
reliable IP telephony. In some environments -<br />
a warehouse for example - physical space<br />
alters, impacting radio wave propagation.<br />
Channel Blanket ameliorates this without user<br />
intervention or awareness.<br />
We used a four AP infrastructure and a WEB<br />
GUI. We could have used the Allied Telesis<br />
AWC plug-in to the AT-Vista manager EX, or<br />
the admin port of an Allied Telesis firewall.<br />
Familiar WLAN configuration options were<br />
simple to set. Administration options and AP<br />
capability mean this solution can scale across<br />
the full range of WLAN applications.<br />
With two LAN ports - one PoE - a DC jack<br />
for external power, and a Kensington lock<br />
port, this AP can be installed on a table,<br />
wall or ceiling. It is the hybrid cell and<br />
Channel Blanket ability that really make it<br />
stand out.<br />
Using a custom app to display our APs and<br />
connected devices, we moved devices<br />
around and could see them quickly and<br />
seamlessly connect to the nearest AP. We set<br />
up a phone-to-phone video conference and<br />
detected no disruption as we moved.<br />
The hybrid nature of this device makes it<br />
an important asset in WLAN provisioning. It<br />
can operate at scale and integrate with the<br />
extensive Allied Telesis network range using<br />
a single management interface, providing<br />
scaled flexibility in diverse settings.<br />
WLAN is advancing, and this hybrid AP<br />
solution is simple to implement, manage,<br />
and use - factors that might prove critical<br />
when provisioning business class WLAN. NC<br />
Product: Allied Telesis Hybrid Wireless<br />
Solution<br />
Company:Allied Telesis<br />
Website: www.alliedtelesis.com<br />
Email: uk_sales@alliedtelesis.com<br />
Phone: 01793 501 400<br />
Price: Subscription: based on throughput<br />
and sites<br />
24 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
NETWORKING FAST<br />
GIGABIT FIBRE IS STARTING TO<br />
TAKE HOLD, AND IS JUSTIFYING<br />
ITSELF BY DRIVING THE TAKE-UP<br />
OF NEW SERVICES. KARIM TAGA<br />
AND GLEN PERES OF ARTHUR D.<br />
LITTLE PROVIDE AN OVERVIEW<br />
We increasingly see deployment of<br />
applications and services<br />
provisioned using underlying<br />
gigabit broadband infrastructure. This is<br />
enabling people, machines and applications<br />
to collaborate effectively and intelligently and<br />
enhance their quality of life, improve<br />
mobility, grow economies and empower<br />
decision-making. Fibre optic broadband<br />
infrastructure continues to be deployed<br />
throughout the world: there are 20 plus<br />
markets with at least 50 per cent fibre<br />
coverage, and 8 plus markets with more<br />
than 90 per cent.<br />
We expect fibre rollout to expand to<br />
more markets as non-telco operators such<br />
as utilities, municipalities and private<br />
equity firms also invest in fibre<br />
infrastructure. Fibre take-up will continue<br />
to increase and it will be driven by<br />
effective migrations and competition for<br />
higher speeds, in turn creating demand for<br />
new and innovative services.<br />
INTELLIGENT COLLABORATION<br />
ENHANCES QUALITY OF LIFE<br />
Deployment of applications and services<br />
provisioned by underlying gigabit broadband<br />
is enabling people, machines and<br />
applications to collaborate in a new and<br />
more effective way. The increasing<br />
availability of fibre-based broadband is in<br />
turn driving the take-up of other innovative<br />
services such as gigabit-speed broadband to<br />
the home, 4K TV, an increased share of<br />
triple/quadruple play services and the use of<br />
high-end gigabit routers. The recent<br />
PyeongChang Olympics 2018 and FIFA<br />
World Cup 2018 saw large-scale availability<br />
of 4K live sports content broadcast in more<br />
than 30 countries for the first time.<br />
Google WiFi was one of the first to<br />
popularise high-end routers in 2016, and<br />
Singapore was one of the first countries to<br />
bundle high-end routers (for example,<br />
StarHub providing Google WiFi routers to its<br />
customers) with 12 and 24 month contracts.<br />
Ooredoo Qatar also provides Netgear Orbi<br />
mesh WiFi routers to its customers with<br />
attractive multi-year contract options.<br />
FIBRE TAKE-UP DRIVES<br />
INNOVATIVE SERVICES<br />
Fibre take-up has shown a big jump since<br />
the 2016 edition of our "Race to gigabit<br />
fibre" report, largely driven by effective<br />
migration and competition. Fibre markets<br />
are increasingly becoming demand driven<br />
instead of supply driven as they were in the<br />
past. As customers demand higher<br />
broadband speeds, demand for fibre also<br />
increases. Markets that have shown the<br />
biggest jumps in fibre take-up are Qatar,<br />
Singapore, the UAE and New Zealand.<br />
Success in fibre take-up in these markets has<br />
been driven by migration and competition.<br />
Fibre to the home, in turn, is driving takeup<br />
of innovative services such gigabit<br />
broadband, 4K TV and other ancillary<br />
products. Telco operators are moving away<br />
from providing just high-speed broadband to<br />
also bundling services enabled by this highspeed<br />
broadband. As telecom operators<br />
increase their presence inside their<br />
customers' homes with high-end WiFi routers<br />
and services such as 4K TV, this might<br />
become an ideal platform from which to<br />
deliver future smart-home services.<br />
FIBRE GROWTH WILL EXPAND<br />
OUTSIDE TELCOS<br />
We have seen fibre rollout continue to<br />
increase in most markets. The most common<br />
model used for fibre deployment continues<br />
to be incumbent led with government<br />
support. We believe successful fibre<br />
investments are built around partnerships<br />
with the government, investors,<br />
municipalities, or other operators.<br />
There are still some markets which have not<br />
yet shown large gains in fibre deployment:<br />
examples include the UK, Germany, Austria<br />
and Italy. In such markets, non-telecom firms<br />
are making inroads into fibre deployment,<br />
investing into the gigabit future of their<br />
respective markets. A recent success story is<br />
that of open fibre, which announced an<br />
ambitious plan to roll out fibre to more than<br />
18 million homes in Italy with funding of 3.5b<br />
euros from various banks in August 2018 to<br />
fulfil its business plan. We will have to watch<br />
and see who will take the lead. Customers<br />
are demanding higher speeds, and telecom<br />
operators will have to act soon. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 25
OPINION<br />
MOVING RECOVERY<br />
TO THE CLOUD<br />
DAVE PACKER, VICE PRESIDENT<br />
OF PRODUCT AND ALLIANCE<br />
MARKETING AT DRUVA MAKES<br />
THE CASE FOR MOVING DATA<br />
MANAGEMENT TO THE CLOUD<br />
TO SUPPORT SOFTWARE-AS-A-<br />
SERVICE APPLICATIONS<br />
The use of cloud-based applications<br />
continues to grow at pace. Microsoft's<br />
Office 365 now has over 135 million<br />
active business users and they expect more<br />
than two thirds of their business customers to<br />
be in the cloud during the next fiscal year.<br />
Use of other Software-as-a-Service (SaaS)<br />
applications such as Salesforce and Google<br />
G-Suite is also showing decisive growth.<br />
The data that these SaaS applications<br />
create has to be protected from loss,<br />
corruption and accidental deletion, just as if<br />
you they were running on-premise.<br />
Traditionally, business continuity and disaster<br />
recovery planning would be predicated on<br />
protecting identified data against identified<br />
risk. This approach must also be applied to<br />
SaaS application data as well as application<br />
availability and response.<br />
MEETING DATA NEEDS<br />
For companies that have already moved to<br />
cloud applications, and for those planning<br />
their move, several elements should be<br />
considered. Check the contract with your<br />
cloud service provider concerning data and<br />
management. Alongside general security and<br />
privacy management standards, confirm how<br />
data is protected for your benefit, and how it<br />
can be recovered when you need to.<br />
If this does not reflect your existing disaster<br />
recovery plan - and it's likely that there will be<br />
significant differences - analysis will identify<br />
the weak spots. You can then bridge these<br />
with appropriate data management<br />
processes and tools.<br />
You must also confirm how long your cloud<br />
provider will take to recover data and make<br />
sure that this is acceptable. For most cloud<br />
applications, this can be much longer than<br />
your existing service level agreements or<br />
recovery time objectives. For example,<br />
recovering data from Salesforce takes around<br />
a month. It's therefore more effective to<br />
manage your own data protection and<br />
recovery and control your recovery objectives.<br />
CHALLENGING DISASTER<br />
The way we think about disasters can also be<br />
a challenge. Cloud service providers<br />
normally have higher redundancy than<br />
traditional data centres, reducing the impact<br />
of big disasters. However, most DR incidents<br />
are due to issues caused by the loss of<br />
information through individual error,<br />
accidental deletion, or files being overwritten.<br />
These are much more likely to regularly affect<br />
business operations and cause interruption.<br />
Data corruption can also take place<br />
through ransomware or malicious deletion.<br />
For the cloud providers, spotting these<br />
mistakes or unauthorised actions is difficult in<br />
the context of the many daily legitimate<br />
activities. Guarding against this might mean<br />
making your own copies of the data you<br />
create. If the need arises, you can then<br />
recover that affected data on your own terms.<br />
At this point, it's worth considering how far<br />
along you are in your journey of data<br />
management. For new companies that are<br />
born in the cloud, managing cloud data is<br />
easier. For larger companies with existing IT<br />
assets and infrastructure, things may be<br />
more complicated.<br />
CLOUD-BASED RECOVERY<br />
Consolidating your data management for all<br />
your systems, from cloud applications<br />
through to virtualised environments, PCs and<br />
internal applications, should help overcome<br />
this challenge and make good management<br />
practice achievable. It should help to meet<br />
your recovery objectives across all data and<br />
improve visibility as well. By applying one set<br />
of policies, you create a disaster recovery<br />
capability that is manageable and affordable.<br />
One option could be to move some or all of<br />
your data management to the cloud, relying<br />
on cloud services to protect your SaaS<br />
applications and your internal IT: it makes<br />
more sense than bringing that SaaS data<br />
back from the cloud for backup.<br />
Cloud applications can help you to improve<br />
IT services for the organisation. However, you<br />
must not overlook risk management and<br />
business continuity. With care, cloud data<br />
management can deliver the right<br />
combination of agility and security for<br />
important data. NC<br />
26 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
SECURITYUPDATE<br />
THE SERVER THREAT EXPOSED<br />
BECAUSE OF THEIR BACK OFFICE AND CLOUD<br />
LOCATION, SERVER PROTECTION HAS NOT<br />
RECEIVED ADEQUATE ATTENTION. PAUL MURRAY,<br />
PRODUCT DIRECTOR AT SOPHOS CONSIDERS<br />
SERVER-SPECIFIC THREATS AND POSSIBLE<br />
RESPONSES<br />
Servers are the crown jewels in the IT<br />
estate of any organisation. They<br />
represent a large target with a rich<br />
pay off and cybercriminals know this, so<br />
they increasingly target them.<br />
According to SophosLabs, exponential<br />
damage is one of the main threats.<br />
Because servers contain mission critical<br />
data and are the daily workhorse of<br />
organisations, a well targeted attack could<br />
devastate an organisation. Consider, for<br />
example, an endpoint that is compromised<br />
by the likes of WannaCry or SamSam. This<br />
will cause huge inconvenience, damage<br />
productivity and create immediate, direct<br />
and indirect costs. However, if the same<br />
attack strikes a server with thousands of<br />
vital and critical files, the issue is<br />
significantly compounded. Indeed,<br />
targeting file servers is a tactic used by<br />
some cybercriminals because they know<br />
they can demand higher ransom payments.<br />
BEYOND RANSOM<br />
And it does not end with the ransom<br />
threat. When cybercriminals infect the<br />
servers of an organisation with malicious<br />
code, or exploit vulnerabilities to gain<br />
access, they can then dive deep into the<br />
network. They have secured a platform<br />
from which to inflict some serious damage.<br />
Servers are very often the final destination<br />
of an attack mounted to steal sensitive<br />
company information that is specifically<br />
useful for spear-phishing programs.<br />
Perhaps worst of all, this access itself is a<br />
commodity for sale on the Dark Web,<br />
which means that the damage can<br />
continue being inflicted long after the<br />
breach is resolved.<br />
Add to this the new challenge of large<br />
scale cryptojacking, where breached<br />
servers act as proxies to redirect traffic to<br />
malicious websites and install cryptominers<br />
on server farms and cloud accounts to<br />
generate cryptocurrencies at scale. Here<br />
they are stealing CPU, RAM, electricity and<br />
other resources.<br />
For organisations with direct visibility of<br />
their servers, the immediate impact of<br />
cryptominers on performance is a clear<br />
indicator of compromise. But for larger<br />
enterprises with extensive global facilities<br />
including cloud services, the distributed<br />
pools of computing provide great cover for<br />
cryptojackers to hide in. By spinning up<br />
servers in other regions, often invisible to<br />
the end user until they receive a bill,<br />
cryptojacking cybercriminals have a short,<br />
but lucrative window of opportunity.<br />
SPECIFIC RESPONSE<br />
Whilst endpoint security is now thankfully<br />
common, server specific security is often<br />
conspicuously absent. This is typically<br />
because businesses don't want to deploy a<br />
security agent on a server and risk<br />
impeded performance. This legacy of older<br />
technologies causing poor performance is<br />
thankfully resolved by new, lightweight<br />
next-gen technology.<br />
This protection includes predictive, deep<br />
learning neural networks that can predict<br />
new attacks as well as the occasions of<br />
cybercriminals just getting lucky. For<br />
example, WannaCry saw servers suffer<br />
accidental collateral damage.<br />
The predictive element of deep learning<br />
neural networks, trained on hundreds of<br />
millions of samples, looks for suspicious<br />
attributes of malicious code and prevents<br />
never-before-seen attacks. This also learns<br />
as it goes to provide constantly evolving<br />
protection for servers.<br />
One other important area of the server<br />
specific response is that of developing<br />
whitelisting into a full, operational server<br />
lockdown. As plentiful, virtual servers can<br />
be set to run very specific tasks - a given<br />
set of applications for example - this<br />
expected behaviour and technology profile<br />
enables a business to double down on the<br />
security. Knowing how a server should<br />
normally behave, it can be locked down<br />
into a known good state where only those<br />
legitimate applications and trusted updates<br />
can take effect.<br />
The fact that cybercriminals assess how<br />
servers are utilised, what's stored there and<br />
what can be leveraged for multiple crimes,<br />
demonstrates the critical need for serverspecific<br />
security. This response is growing<br />
and businesses are beginning to<br />
appreciate the need to protect these<br />
important IT assets. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 27
OPINION<br />
TAKE IT ON THE CHIN?<br />
ARE BRITISH BUSINESSES FIRING EMPLOYEES UNFAIRLY AS A<br />
RESULT OF POSSIBLE DATA BREACH NEGLIGENCE? IAN<br />
OSBORNE, VICE PRESIDENT UK & IRELAND AT SHRED-IT, TACKLES<br />
THIS THORNY ISSUE<br />
We all know that humans are<br />
invariably the weakest security<br />
link, and data breach after data<br />
breach reminds us of this fact. It may be<br />
an inevitable reality, but it is often a<br />
frustrating one for those responsible for<br />
networks. After all of the hard work and<br />
dedication that comes as part and parcel<br />
of maintaining the security and integrity<br />
of a network, it's understandable that<br />
networking professionals and business<br />
leaders alike take simple data security<br />
mistakes pretty badly.<br />
Research from Shred-it and Ipsos<br />
conducted early in 2018 found that<br />
nearly a third of businesses that suffered<br />
a data breach, have terminated a<br />
negligent employee's contract as a result.<br />
Is that a fair response?<br />
Clearly, a sense of accountability is<br />
required, and the seriousness of<br />
maintaining best practice needs to be<br />
underlined now more than ever given<br />
GDPR. Many will feel that the only way<br />
to do that effectively with employees is by<br />
making a strong example of those that<br />
are negligent.<br />
It is easy to think this way. After all,<br />
many of the most common attack vectors<br />
that bring down networks and lead to<br />
data breaches could seemingly be<br />
prevented by common sense. Think twice<br />
before clicking on an email link to<br />
ensure the source is trusted, don't use<br />
public Wi-Fi to access confidential<br />
information or work systems, etc. The<br />
trouble is, its common sense not to leave<br />
the fridge door open or leave the car<br />
lights on, only to return to spoiled food<br />
or a car that won't start, yet many of us<br />
have done these or similar things. We<br />
are busy, we are human and we make<br />
mistakes. If we want to prevent routine<br />
mistakes in data security, businesses must<br />
train people to be ever vigilant and make<br />
best practice a habit - something they<br />
currently do not do.<br />
In our research, just over half of large<br />
British businesses have trained their<br />
employees on using public Wi-Fi, but only<br />
70 per cent provided training on<br />
identifying fraudulent emails: the latter<br />
was the highest response concerning<br />
critical security training. Overall, just 46<br />
percent of small businesses offer any of<br />
the key employee training that is<br />
necessary at all, with only a quarter<br />
having provided training on the use of<br />
public Wi-Fi and a third having offered<br />
training on identifying fraudulent emails.<br />
In addition, two-thirds of large British<br />
businesses and a quarter of small<br />
business owners have offered their<br />
employees specific GDPR related training.<br />
As an employee sacked for clicking on<br />
a spear phishing attack based on an<br />
apparently authentic email from their<br />
boss, for example, would you have a<br />
right to feel aggrieved if you had never<br />
received any training on how to identify<br />
fraudulent emails? Opinion will be split,<br />
no doubt. That is why it is important that<br />
we have a debate and that<br />
representatives from IT, HR, and the C-<br />
suite consider the question.<br />
It is my personal view that enhanced<br />
training has the benefit of building better<br />
trust with employees. Team members will<br />
feel supported and also understand their<br />
responsibilities in terms of safeguarding<br />
and information security. It will also<br />
reduce the likelihood that network<br />
security can be undone in the simplest of<br />
ways. Fundamentally, demonstrating that<br />
these training steps have been<br />
universally implemented will help to<br />
make a better response to the ICO in the<br />
event of a data breach; simply saying<br />
that you have sacked a low-ranking<br />
employee may not impress.<br />
It's time for you to decide. Should<br />
simple data security mistakes that lead to<br />
a data breach always lead to the<br />
dismissal of an employee, or should<br />
organisations accept that this issue isn't<br />
going away, and take responsibility to<br />
better train staff? NC<br />
28 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
OMINOUS CLOUDS<br />
BUILDING THE NETWORK TEAM INTO THE CLOUD<br />
WILL IMPROVE BUSINESS OUTCOMES. STEVE<br />
BROWN, DIRECTOR OF PRODUCT MARKETING AT<br />
VIAVI SOLUTIONS LOOKS AT THE KEY FINDINGS<br />
AND TAKEAWAYS FROM A RECENT STUDY<br />
Now in its eleventh year, the State of<br />
the Network is conducted annually<br />
amongst enterprise network<br />
engineers, IT directors and CIOs. This<br />
year the study found that while enterprise<br />
clouds flourished, IT teams were unsure<br />
how to handle the associated cloud<br />
migration challenges.<br />
Enterprises are losing control of<br />
infrastructure and services that are<br />
migrating to the cloud. Concurrently they<br />
are also trying to support staff working<br />
remotely, maintain performance and<br />
resolve issues.<br />
ENTERPRISE DILEMMAS<br />
65 per cent of respondents to our recent<br />
study said that network teams were<br />
responsible for troubleshooting cloud<br />
issues, 24 per cent said they were not, while<br />
11 per cent were unsure. This is happening<br />
because network teams are not being<br />
engaged during the initial migration to the<br />
cloud, which causes unnecessary confusion.<br />
Decisions are being taken in business unit<br />
silos and network teams are only called on<br />
after an incident occurs.<br />
This year, and last year, the majority of IT<br />
professionals revealed that their top<br />
challenge was determining whether<br />
problems were caused by the network,<br />
application or system - especially<br />
concerning remote staff. This issue was<br />
deemed by network teams to be more<br />
critical than handling bugs and patches or<br />
managing latency and bandwidth issues.<br />
NEW ENTERPRISE APPLICATIONS<br />
Over the past 12 months, 79 per cent of<br />
those surveyed deployed new server<br />
virtualisation technology, 60 per cent for<br />
private clouds, 56 per cent for public cloud<br />
and 43 per cent utilised SDN. This has been<br />
a major headache for network teams who<br />
must now grapple with this dramatic growth.<br />
As enterprises grow more reliant on the<br />
cloud, so does their need for bandwidth.<br />
42 per cent of enterprises expect their<br />
demand to grow between 51-100 per cent<br />
from 2018 to 2020. Sustainability will be<br />
a challenge.<br />
The key takeaways from this year's study<br />
suggest that IT must be engaged at the<br />
onset of any cloud migration program.<br />
Also, engineers should be able to provide<br />
analytics and metrics, no matter whether it is<br />
a private, public or hybrid cloud. IT teams<br />
are finding that many network tools can't<br />
provide performance insight into most SaaS<br />
applications. This hampers efforts to identify<br />
and rectify user problems.<br />
CLOUD IMPAIRED VISIBILITY<br />
Network engineers must have full visibility<br />
and insight into every aspect of the journey<br />
for each application, from the user, right<br />
through the cloud, to the data centre, and<br />
then back. Network teams must have the<br />
capability to conduct performance analysis<br />
from any local data centre to any SaaS<br />
resource. This is critical, as more than 90<br />
per cent of enterprises have staff accessing<br />
their network remotely.<br />
When remote users encounter problems,<br />
they tend to complain about issues with a<br />
high level of subjectivity, making it difficult<br />
for network engineers to verify and<br />
troubleshoot erratic issues and optimise<br />
performance. Different use cases require<br />
different data and insight, from active<br />
testing, to metadata, to trending and<br />
baselines. With better intelligence IT teams<br />
can quickly drill down to granular packetlevel<br />
data for root cause analysis.<br />
This year's State of the Network paints a<br />
picture of network teams struggling to tame<br />
enterprise infrastructure and services as<br />
demand for cloud services grow at a<br />
phenomenal rate. The study mirrors the<br />
findings from a recent Gartner report, which<br />
estimated that the public cloud market could<br />
grow to $186.4 billion in 2018 - up over<br />
20 per cent from 2017. The Infrastructure<br />
as a Service (IaaS) segment grew the fastest.<br />
With a plethora of applications and<br />
protocols to manage, there are issues with<br />
interoperability. Virtualisation and cloud<br />
technology might make life agile and easy<br />
for users, however the clouds have<br />
darkened the outlook for many IT and<br />
networking teams. NC<br />
30 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
THE CURRENCY THREAT<br />
MUCH IS SAID ABOUT CRYPTOCURRENCIES. LESS IS UNDERSTOOD<br />
REGARDING THEIR INSIDIOUS PRESENCE IN NETWORKS. FABIAN<br />
LIBEAU, VP EMEA AT RISKIQ DISCUSSES THE VULNERABILITIES OF<br />
THE CRYPTOCURRENCY LANDSCAPE<br />
There is no doubt that the<br />
cryptocurrency landscape is<br />
booming, but with the massive<br />
growth in the value of cryptocurrencies<br />
comes an increased risk to those investing<br />
in them. We are currently seeing<br />
cybercriminals actively augmenting their<br />
activities in this space with phishing and<br />
fraudulent cryptocurrency mining proving<br />
to be popular tactics.<br />
Cybercriminals are always developing<br />
new ways to ply their trade, or new<br />
methods to deploy the more classic attack<br />
vectors within new environments. This can<br />
be seen in recent phishing tactics used to<br />
trick Ethereum investors. One approach<br />
we reported on was a phishing automated<br />
transfer system (ATS) dubbed MEWKit<br />
which targeted users of the Ethereum<br />
exchange MyEtherWallet. This attack used<br />
a phishing page mimicking the<br />
MyEtherWallet site and a server-side<br />
component that handles the wallets to<br />
which attackers transfer stolen funds. The<br />
attackers exploited the fact that investors<br />
were given direct access to<br />
MyEtherWallet's Ethereum network<br />
through their browser - functionality that<br />
means that there were few hurdles<br />
between the attackers and a payday.<br />
We also reported on a fake Telegram<br />
MyEtherWallet support group which<br />
currently has over 9,000 members. The<br />
cybercriminals used phishing tweets to<br />
their members urging them to download a<br />
new official MyEtherWallet Android app<br />
which in fact decrypts and steals their<br />
credentials, giving the criminals access to<br />
their account. Gone are the days where<br />
phishing attacks consisted of badly written<br />
emails directing people to poorly<br />
designed websites. Today cybercriminals<br />
use a combination of social media,<br />
mobile apps and well-designed websites<br />
to catch victims off-guard.<br />
In addition to crypto-theft,<br />
cybercriminals have discovered a new way<br />
to exploit the crypto-craze through<br />
cryptocurrency mining. According to some<br />
of our research, more than 50,000<br />
websites have hosted the mining service<br />
Coinhive in the past year, and recent<br />
research into the websites of FT30<br />
companies uncovered 11 instances of<br />
Coinhive still active. By installing<br />
JavaScript code that mines cryptocurrency<br />
using the computing resources of website<br />
visitors, Coinhive allows actors to<br />
monetise the online sessions of<br />
unassuming website visitors.<br />
The reason cryptocurrency mining is on<br />
the rise is due to the extreme levels of<br />
costly computing power needed to mine<br />
even a single coin. To bring their costs<br />
down, cybercriminals are siphoning<br />
computing resources from unwitting users<br />
across the internet by hosting<br />
cryptomining scripts on highly visited sites.<br />
While some brands knowingly capitalise<br />
by running cryptocurrency mining scripts<br />
in the background of their own websites to<br />
leverage the computers of their visitors<br />
legally, threat actors exploit this blind spot<br />
to hack vulnerable sites or spin up fake,<br />
illegitimate websites, often using<br />
typosquatting domains and fraudulent<br />
branding. It is not uncommon for<br />
organisations to be completely unaware<br />
of these activities.<br />
Our research has shown that some<br />
cryptomining scripts illegally hosted on<br />
popular sites have been active for over<br />
160 days. The success of cryptomining<br />
activities clearly highlights the fact that<br />
organisations lack visibility into the<br />
components running on their websites and<br />
into brand infringing domains being<br />
registered and exploited by others. These<br />
assets form part of an organisations'<br />
digital attack surface which now needs to<br />
be defended alongside the more<br />
traditional network and endpoint security<br />
activities that have been the primary focus<br />
of security teams for some time.<br />
It is unlikely that the cryptocurrency<br />
landscape's expansion will show signs of<br />
slowing down anytime soon, and the<br />
potential gains will continue to attract<br />
opportunistic investors and cybercriminals<br />
alike. Both organisations and investors<br />
need to up their game in order to defend<br />
themselves - organisations by increasing<br />
their visibility into how their Internet assets<br />
are being exploited, and investors by<br />
increasing their vigilance through<br />
understanding the current tactics being<br />
used against them. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 31
SECURITYUPDATE<br />
THE INTELLIGENCE NETWORK IS LAUNCHED<br />
IT IS TRUE THAT CYBER DEFENCE TENDS TO BE PERSONAL - AFTER<br />
ALL, WHO CAN YOU TRUST? JAMES HATCH, BAE SYSTEMS APPLIED<br />
INTELLIGENCE, CYBER SECURITY DIRECTOR INTRODUCES A NEW<br />
WAY TO COLLABORATE<br />
Collaboration between public and<br />
private sectors is of critical<br />
importance when it comes to<br />
fighting cybercrime, but there is another<br />
relationship that is just as important: that<br />
which exists between large and small<br />
organisations. It is with this in mind that<br />
The Intelligence Network was launched in<br />
July 2018. It is an initiative to safeguard<br />
society in the digital world and aims to<br />
engage, unite and activate a global<br />
community of security professionals and<br />
industry influencers from organisations of<br />
every size.<br />
SMALL ORGANISATIONS<br />
It's no secret that we don't always<br />
collaborate well when tackling<br />
cybercrime, but what is often overlooked<br />
is the impact at a grass roots level.<br />
Economic incentives and the buying<br />
power of the largest organisations add<br />
further complexity and impose a divisive<br />
layer in the cyber security marketplace:<br />
many small organisations are excluded.<br />
As the world wakes up to the need for<br />
effective cyber security, small<br />
organisations are being left behind. They<br />
don't receive the necessary support and<br />
struggle with integration and<br />
implementation. This is a problem, as<br />
small organisations are targets for<br />
hackers on their own account and as a<br />
means to access the networks of their<br />
customers. We must break down this<br />
segregation and encourage a<br />
collaborative model that works for all<br />
organisations and creates collective ways<br />
of dealing with the threats we face.<br />
The Intelligence Network is an initiative<br />
that aims to safeguard the digital world<br />
and empower the entire community.<br />
Rather than taking a reactive approach<br />
and being vulnerable to criminal<br />
demands, companies must ensure they<br />
are proactive, prepared and resilient. And<br />
what better way to achieve this than by<br />
collaborating as a community?<br />
SUPPORT FROM SMALL<br />
Some companies fail to defend<br />
themselves against cybercriminals simply<br />
because they are too slow to react. There<br />
are valuable lessons to be learnt from the<br />
agility that small organisations<br />
demonstrate.<br />
For example, the default assumption is<br />
that cyber criminals are quicker and more<br />
advanced than those trying to counter<br />
them. It is true that cyber criminals use<br />
creativity and collaboration to operate at<br />
the cutting edge of technology, but small<br />
organisations often do the exact same<br />
things and can move just as quickly as<br />
attackers. Cyber security in the long-term<br />
needs a new and radical approach, as<br />
well as rethinking and reengineering, but<br />
for established organisations the dynamic<br />
pace can be more of a challenge.<br />
What's more, business diversity can be<br />
an advantage - large organisations have<br />
their perspective on the world, problems,<br />
and solutions and younger companies<br />
have theirs. Small organisations offer a<br />
passion and drive to share their<br />
technology. They play by a different set of<br />
rules, allowing them to do things in a way<br />
that larger companies wouldn't or can't.<br />
Because of their nature, small<br />
organisations and start-ups alike are in a<br />
better position to innovate new ways to<br />
solve universal problems.<br />
CRITICAL COLLABORATION<br />
Cyber defence is a communal duty, for all<br />
organisations. Only by taking a more<br />
united stand against cybercriminals can<br />
organisations of all sizes expect to win the<br />
cyber-war. After all, the size of an<br />
organisation does not prevent it from<br />
being a target.<br />
I encourage small organisations to join<br />
The Intelligence Network. The traditional<br />
structures through which we think about<br />
organisations are becoming obsolete in<br />
the digital age and organisations must<br />
move away from working only for<br />
themselves. For this collective cyber<br />
immune system to become a reality, we<br />
must have a level playing field where<br />
enterprises can work together inclusively.<br />
Working in siloes creates criminal<br />
opportunity. We must develop not only<br />
technical defences, but also a collective<br />
sense of responsibility that transcends<br />
organisational size and boundaries: a<br />
unified response to cybercrime for the<br />
benefit of all. NC<br />
32 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION<br />
IP CCTV: THE NETWORK CHALLENGE<br />
IP CAMERAS ARE EASY TO CONNECT. HOWEVER THEIR EFFECT ON<br />
AN EXISTING NETWORK CAN AT BEST BE UNPREDICTABLE. DAN<br />
BARRERA, GLOBAL PRODUCT MANAGER FROM IDEAL NETWORKS<br />
EXPLAINS HOW TO OVERCOME THIS<br />
Because IP CCTV cameras connect to an<br />
Ethernet LAN, business users often<br />
install camera systems onto their<br />
existing network to reduce costs. However,<br />
doing so requires that there is a large and<br />
sufficient amount of available bandwidth.<br />
Without enough bandwidth, installing<br />
cameras will only congest the network and<br />
disrupt existing network services and the<br />
employees that use them.<br />
When adding IP cameras to a network there<br />
are three things to carefully consider, and<br />
each in its turn will affect the amount of<br />
bandwidth that is required to provision a good<br />
service and avoid adverse impact. The first<br />
consideration is the number of cameras. Each<br />
requires a certain amount of bandwidth, so<br />
more cameras exert more pressure on the<br />
network. Next is the image size. Depending<br />
on the application, cameras can record using<br />
low or high-resolution video (mega-pixel<br />
specification) and this again will affect the<br />
volume of data being transmitted. And then<br />
there is compression, determined by what<br />
CODEC and video frame rate is used.<br />
Bandwidth could be saved by increasing<br />
compression, but this will result in choppy and<br />
blocky video which may not be acceptable for<br />
the required application.<br />
There are alternatives to consider when<br />
deploying IP cameras. Using the existing<br />
network is simple and low cost but without<br />
careful planning it will create problems for<br />
other network systems and might deliver poor<br />
quality video. Creating a separate network, on<br />
the other hand, will ensure that cameras are<br />
given dedicated bandwidth and do not impact<br />
the production network. Additional equipment<br />
and infrastructure will obviously increase costs,<br />
but could also help with network security.<br />
If these options aren't suitable then Virtual<br />
LANs (VLANs) might be the answer. Operating<br />
on production network hardware, VLAN uses<br />
software to segregate the virtual network,<br />
which allows bandwidth to be dedicated to the<br />
CCTV system, with the rest available to the<br />
production network. Because it is planned and<br />
managed, congestion is avoided - providing<br />
that the overall available bandwidth is<br />
sufficient of course.<br />
PERFORMANCE<br />
No matter which option is chosen, IP CCTV<br />
cameras can still suffer performance issues,<br />
and when troubleshooting, there is a<br />
knowledge gap among installers and<br />
integrators. IP cameras require a totally<br />
different troubleshooting process to analogue<br />
cameras in order to identify why, for example,<br />
image quality is poor.<br />
A common complaint is that video is choppy<br />
or pixelated. IP cameras detect congestion on<br />
the network and will automatically<br />
compensate by lowering their output<br />
bandwidth by reducing the frame rate or<br />
increasing compression, resulting in poor<br />
quality video. However, at the network level,<br />
the camera settings may look totally fine and<br />
not reflect the characteristics of the actual<br />
video stream.<br />
To avoid this, integrators should stress test<br />
the network before installation. Network<br />
transmission testers are available with IP<br />
CCTV functions that allow installers to input<br />
network and camera details and simulate<br />
how the network will cope before anything<br />
is installed.<br />
It is then possible to see how adding CCTV<br />
to the network will work, allowing options to<br />
be carefully considered. The measurements<br />
and statistics will inform the decision and<br />
prevent adverse performance, call-backs, and<br />
disrupted users.<br />
WHAT'S NEXT?<br />
Ever higher-resolution cameras are entering<br />
the market, but without the network to support<br />
bandwidth requirements they will not ensure<br />
better quality. This may drive a need for<br />
separate networks, and for installers to<br />
properly understand them.<br />
Those installing or updating IP CCTV<br />
cameras should also be aware that the<br />
industry is moving from H.264 to H.265<br />
video compression protocol and should select<br />
test equipment that can support this. H.265<br />
offers more efficient compression, and<br />
provides good quality video from less<br />
bandwidth. Consider the latest H.265<br />
products from the outset. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 33
OPINION<br />
STITCHING UP THE<br />
CLOUD<br />
MULTIPLE CLOUDS ARE AN<br />
UNFOLDING REALITY, BUT THERE<br />
IS AN INCONVENIENT TRUTH.<br />
MATTHEW PARKER, UK SALES<br />
DIRECTOR AND COUNTRY<br />
MANAGER AT INTERCLOUD,<br />
EXPLORES THE ISSUES<br />
Cloud computing is now so<br />
pervasive for individuals and<br />
organisations, especially those<br />
whose operations depend upon the likes of<br />
Salesforce, Amazon, and Microsoft, that its<br />
basic premise is well-accepted, established<br />
and little challenged. But as the variety of<br />
cloud platforms proliferate in an<br />
enterprise, an inconvenient truth emerges,<br />
namely that multiple clouds can give rise<br />
to a very unsatisfactory user experience,<br />
with poor performance, unavailability of<br />
relevant data across applications and even<br />
compromised security.<br />
Problems with cloud proliferation have, at<br />
their root, the patchwork nature of our<br />
existing enterprise computing architecture.<br />
As the Cloud Industry Forum has said,<br />
"Every cloud is built differently" and data<br />
doesn't necessarily flow easily across<br />
multiple clouds. However, data is the<br />
lifeblood of successful enterprise, and if it<br />
can't get to the extremities where it's<br />
needed, in a timely way, then those<br />
extremities will start to develop the<br />
business equivalent of organ failure.<br />
Business agility will suffer, or, worse, users<br />
will start operating with inaccurate or<br />
insecure data - and the enterprise as a<br />
whole is placed at risk.<br />
The key challenge, therefore, is not just<br />
migrating to the cloud, but, once there,<br />
ensuring that the different cloud platforms<br />
can communicate and that data can pass<br />
easily and safely between them.<br />
Cloud Service Providers (CSPs) don't<br />
necessarily help this situation - each CSP has<br />
a vested interest in attracting as much<br />
business as possible to its own platform,<br />
rather than cooperating with others. In turn<br />
the IT function has the unenviable task of<br />
stitching together disparate cloud<br />
environments, adding, shifting and discarding<br />
pieces of the patchwork as the organisation<br />
evolves and users come and go.<br />
Faced with this cloud-to-cloud scenario,<br />
there are three key things the CIO should<br />
seek: the ability to connect cloud<br />
environments as easily as possible; the<br />
need to make sure that this is done<br />
securely; and to accomplish both of these<br />
quickly. Business agility is very often<br />
dependent upon the right supporting<br />
technology being in place at the right time.<br />
There's no point in having the best solution<br />
if your competition already had it six<br />
months ago.<br />
Larger pipes from each of your various<br />
CSPs is, at best, a partial solution and not<br />
the most cost-effective approach - and you<br />
may end up struggling to prevent your own<br />
network becoming the bottleneck that<br />
slows data transfer between your various<br />
CSPs. If you want to get solutions live as<br />
quickly as possible, application<br />
segregation is the key; it's the applications<br />
that support the business, so line them up<br />
against a holistic view of the business<br />
goals to enable a clear view of data<br />
access requirements. Also, look for a way<br />
to connect your various CSPs at the<br />
periphery of your network, to minimise<br />
traffic across it.<br />
Finally, ensure that you find a way to<br />
extend your organisations' security policies<br />
to cover the cloud applications and<br />
services that your business needs to be<br />
agile, efficient and secure. NC<br />
MULTI CLOUD CONSIDERATIONS<br />
Treat this issue holistically and focus<br />
on the business problem you are solving<br />
Priority must be connecting cloud<br />
environments quickly and securely<br />
Application segregation can<br />
efficiently prioritise cloud apps: their<br />
importance is not equal to the business<br />
Connect CSPs at the network edge<br />
or cloud platform to reduce network<br />
overhead<br />
Work only with CSPs with relevant<br />
expertise, and then only connect to<br />
cloud platforms that support your<br />
security policies.<br />
34 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
europe<br />
3-4 October 2018,<br />
ExCeL London<br />
CO LOCATED AT<br />
DIGITALTRANSFORMATIONE PO<br />
INCORPORATING<br />
REGISTER<br />
NOW<br />
EUROPE’S NUMBER ONE<br />
ENTERPRISE IT EVENT<br />
CYBER SECURITY<br />
DEVELOPER<br />
AI-ANALYTICS<br />
INTERNET OF THINGS<br />
BLOCKCHAIN<br />
SIX EVENTS UNDER<br />
ONE ROOF<br />
OVER<br />
16,000<br />
VISITORS<br />
ACCESS PLUS PASS<br />
+<br />
300<br />
EDUCATIONAL<br />
SEMINARS<br />
New for 2018, Access Plus offers exclusive access to the<br />
AI, Analytics, Blockchain & IOT Theatre – HURRY,<br />
Early Bird ends 14th August!<br />
2 DAYS<br />
packed with content<br />
and opportunities<br />
REGISTER NOW<br />
Find out more at ipexpoeurope.com<br />
300<br />
+<br />
EXHIBITORS<br />
View exclusive<br />
product launches<br />
CONFERENCE & EXPO PASS<br />
Register now for access to selected<br />
theatre sessions and exhibitions