NC1809

NETWORKcomputing
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk
MINE YOUR OWN BUSINESS?
Digging into the cryptojacker threat
GIVING WAN AN EDGE
The evolution of SD-WAN
SERVER-SPECIFIC SECURITY THREATS
Out of sight, out of mind?
BLOCKCHAIN TAKES OFF
How blockchain can radically improve
the aerospace and defence supply chain
SEPTEMBER/OCTOBER 2018 VOL 27 NO 05

17 & 18 OCTOBER 2018, LONDON
UNITING THE BUYERS AND SUPPLIERS OF ENTERPRISE NETWORK SERVICES
CONFERENCE
PROGRAMME CREATED
IN COOPERATION WITH
INDUSTRY EXPERTS
EXHIBITION
DISPLAYING THE
LATEST INNOVATIONS
IN WAN TECHNOLOGY
& SERVICES
ENTERPRISE ONLY
NETWORKING AT THE
WAN ENTERPRISE
FORUM BREAKFAST
EXCLUSIVE
ENTERPRISE CASE
STUDIES
LINE-UP OF INTERNATIONAL
EXPERT SPEAKERS FROM
END-USERS, TELECOMS
SERVICE PROVIDERS & IT
SOLUTION VENDORS
INFORMAL NETWORKING
OPPORTUNITIES OVER
EVENING DRINKS
ALLOWING YOU TO CHAT TO DELEGATES PRE EVENT,
PLAN YOUR AGENDA, LIVE VOTE AND ASK THE
SPEAKERS QUESTIONS
SERVICE PROVIDERS
60%
40%
ENTERPRISE
300+ 40+ 25+
DELEGATES SPEAKERS EXHIBITORS
GET 15% OFF WAN SUMMIT LONDON,
QUOTE NETWORKCOMPUTING WHEN REGISTERING
www.wansummit.com
Organised by

COMMENT
COMMENT
BLOCKHEADS AND BLOCKCHAIN
BY RAY SMYTH, EDITOR
Blockchain, which is not necessarily anything to do with cryptocurrency (well at
least not exclusively) is starting to get some recognition for the way that it could
potentially provide an efficient, reliable, and secure infrastructure for the digital
transformation of transaction orientated processing and applications.
On the face of it, some IT and many networking disciplines may sideline this, thinking
that it is not core to their role or contribution, but nothing could be further from
the truth, and such thinking on the part of IT and networking professionals is a grave
error. You see, this is an example of head-in-the-sand tech thinking. In fact, it is comparable
with the thinking that ultimately unleashed the irreversible BYOD phenomenon
on organisations across the world.
Blockchain is evolving into an enterprise scale application enabler, as testified by the
feature articles in this edition of the magazine. Blockchain deployments are going to
require all the facilities that IT and networking can offer - and guess who will be asked
to implement, manage and secure them? While you're at it, who do you think will be
blamed when it doesn't work, or compromises the business?
Apart from digesting our new blockchain coverage in this and future editions, synthesise
your understanding so that you can see if it has a role in your organisation. If it
hasn't then at least you will be able to articulate a view, and if it does, you never
know, you might want to make a proposal to the CEO and marketing team so that this
time you get the credit, and not the headache.
EDITOR: Ray Smyth
(ray.smyth@btc.co.uk)
REVIEWS:
Dave Mitchell
Ray Smyth
SUB EDITOR: Mark Lyward
(netcomputing@btc.co.uk)
PRODUCTION: Abby Penn
(abby.penn@btc.co.uk)
DESIGN: Ian Collis
(ian.collis@btc.co.uk
SALES:
David Bonner
(david.bonner@btc.co.uk)
SUBSCRIPTIONS: Christina Willis
(christina.willis@btc.co.uk)
PUBLISHER: John Jageurs
(john.jageurs@btc.co.uk)
Published by Barrow & Thompkins
Connexion Ltd (BTC)
35 Station Square,
Petts Wood, Kent, BR5 1LZ
Tel: +44 (0)1689 616 000
Fax: +44 (0)1689 82 66 22
SUBSCRIPTIONS:
UK £35/year, £60/two years,
£80/three years;
Europe:
£48/year, £85/two years £127/three years;
ROW:
£62/year, £115/two years, £168/three years;
Subscribers get SPECIAL OFFERS — see subscriptions
advertisement; Single copies of
Network Computing can be bought for £8;
(including postage & packing).
© 2018 Barrow & Thompkins
Connexion Ltd.
All rights reserved.
No part of the magazine may be
reproduced without prior consent, in
writing, from the publisher.
As I will not refrain from saying, in any way I can, until I am proven right or disavowed,
organisations do not need propeller head techies to deliver their IT and networking.
What they need is creative business experts who are also IT and networking
experts, who are also skilled strategists and articulate communicators.
This role, you might be tempted to think, does not exist. However, if you start performing
it and it delivers a small part of its potential, then you may well be seen as
the candidate of choice.
Ray Smyth - Editor, Network Computing.
Ray.Smyth@BTC.CO.UK | https://twitter.com/ItsRay?
GET FUTURE COPIES FREE
BY REGISTERING ONLINE AT
WWW.NETWORKCOMPUTING.CO.UK/REGISTER
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 3

CONTENTS
CONTENTS
S E P T E M B E R / O C T O B E R 2 0 1 8
BLOCKCHAIN......................11
From enabling greater collaboration in
scientific research to automating a range of
business processes, blockchain has
potential far beyond its bitcoin association
MINE YOUR BUSINESS?........21
Organisations of all types are now under
threat from cryptojackers. Karl Sigler at
Trustwave explains the threat
PREPARING FOR LIFT-OFF...10
IP EXPO Europe 2018 takes place at
ExCel London in October, and welcomes
former Astronaut Colonel Chris Hadfield
as its keynote speaker
SD-WAN EVOLVES...............18
In our feature on SD-WAN this issue Allan
Paton at Silver Peak explains its evolution,
while Nick Johnson at Evolving Networks
examines how UK businesses can make SD-
WAN work for them
THE SERVER THREAT.............27
Due to their location the protection of
servers has not received adequate
attention. Paul Murray at Sophos considers
the threat, and possible responses
EDITOR’S COMMENT......................3
Blockheads and blockchain
COMPANY NEWS............................6
Market Dynamics: making sense of the market
NETWORK NEWS............................7
Moves, adds and changes
VERSION X......................................8
The latest networking news
ARTICLES
THE CURRENCY OF BLOCKCHAIN...11
By Jonathan Wilkins at EU Automation
FUELING THE CHAIN OF
DISCOVERY........................................13
By Eitan Katchka at MaterialsZone
BLOCKCHAIN TAKES OFF...............14
By Thane Hall at Thales UK
THE BLACK MARKET BLOCK............15
By Steve Kuh at Bonafi
ENGINEERING BLOCKCHAIN..........16
By Travis Biehn at Synopsys
DIGITAL WISDOM...........................17
By Eric Yu at GTCOM
IoT IN THE SHADOWS.....................20
By Gary Cox at Infoblox
DIGITAL VISIBILITY............................22
By Richard Piasentin at Accedian
NETWORKING FAST........................25
By Karim Taga and Glen Peres at Arthur D. Little
MOVING RECOVERY TO THE
CLOUD............................................26
By Dave Packer at Druva
TAKE IT ON THE CHIN?...................28
By Ian Osborne at Shred-IT
OMINOUS CLOUDS........................30
By Steve Brown at VIAVI
THE CURRENCY THREAT..................31
By Fabian Lineau at RiskIQ
THE INTELLIGENCE NETWORK........32
By James Hatch at BAE Systems
IP CCTV: THE NETWORK
CHALLENGE.....................................33
By Dan Barrera at Ideal Networks
STITCHING UP THE CLOUD............34
By Matthew Parker at InterCloud
PRODUCT REVIEW
ALLIED TELESIS HYBRID WIRELESS
SOLUTION...................................24
4 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

COMPANYNEWS
MARKET DYNAMICS: MAKING SENSE OF THE MARKET
IN A REGULAR LOOK AT RESULTS AND KEY BUSINESS ANNOUNCEMENTS FOR SUPPLIERS INTO THE
NETWORKING AND IT MARKET, NETWORK COMPUTING SUMMARISES THE EDITORS SELECTIONS
We are currently in the centre of
an IT spending maelstrom, one
that is driven by an increasing
fascination for cloud based computing.
This view is given shape by Gartner, who
say that "28 per cent of spending in key
IT segments will shift to the cloud by
2022." This figure is up from the 2018
figure (19 per cent) and Gartner says that
spending on cloud-based offerings will
grow faster than that in traditional, noncloud
IT offerings.
Michael Warrilow, Research Vice
President at Gartner notes, "The shift of
enterprise IT spending to new, cloud-based
alternatives is relentless, although it's
occurring over the course of many years
due to the nature of traditional enterprise
IT. Cloud shift highlights the appeal of
greater flexibility and agility, is perceived
as a benefit of on-demand capacity and
pay-as-you-go pricing in cloud." The
largest cloud shift prior to 2018 occurred
in application software, driven by CRM,
which Gartner says has already reached a
tipping point where a higher proportion of
spend occurs in cloud compared to
traditional software.
Privileged Access Management (PAM)
solutions provider Bomgar has signed a
definitive agreement to acquire
BeyondTrust, who offer Privilege-Centric
Security, from an affiliate of Veritas Capital.
A spokesman for the combined company,
to be called BeyondTrust, said "This brings
together proven innovators with a shared
mission of securing privileged access and
helps customers to defend themselves from
cyber-attacks while increasing productivity."
Matt Dircks, CEO of Bomgar, who will
lead the combined company as CEO said,
"We are extremely excited to build upon
BeyondTrust's Privileged Access
Management leadership. The greater scale
and resources of the combined company
allows us to accelerate innovation and
deliver technology that protects customers
from constantly evolving threats." Earlier
this year Bomgar was acquired by
Francisco Partners, a technology-focused
private equity firm.
Cloud-based messaging, voice and video
collaboration solutions company StarLeaf,
has been named in The Sunday Times Tech
Track, a listing for rapidly growing UK
technology companies. It was ranked 48th
in the 100-strong list. The StarLeaf Cloud,
a global communications network, offers
businesses an end-to-end solution
combining an app, meeting room systems,
conferencing, cloud interop, and
management platforms that don't rely on
third-party products.
Ribbon Communications has closed its
acquisition of Edgewater Networks, who
specialise in Network Edge Orchestration
for the distributed enterprise and Unified
Communications (UC) market. The
company sees the acquisition as significant
and projects that Ribbon will become the
market share leader for enterprise Session
Border Controllers (SBCs) and Network
Edge Orchestration. Ribbon will be able to
offer its customer base a complete core-toedge
product portfolio, unrivaled end-to-end
service assurance and analytics solutions,
and a fully integrated SD-WAN service.
Fritz Hobbs, President and Chief Executive
Officer of Ribbon Communications said,
"The acquisition aligns perfectly with our
strategic initiatives [and] allows us to
immediately extend Edgewater solutions
internationally, expand our cloud offerings,
and enter the SD-WAN market."
Zero-risk enterprise cloud storage
company Zadara has signed a $25 million
funding round led by IGP Capital with
participation from existing investors subject
to the approval of a general meeting. This
brings the total equity raised to over $60
million, and Zadara plans to use the
investment to accelerate growth, including
expanding worldwide sales, dev-ops and
engineering teams, as well as its service
provider partner channel.
Zadara uses a combination of industrystandard
hardware and patented Zadara
software to deliver powerful enterpriseclass
data storage and management via
the convenience of the cloud. Their CEO
and co-founder, Nelson Nahum, said,
"Zadara is dedicated to delivering zerorisk
enterprise cloud storage. The new
funding supports our mission by helping
us to provide customers with industryleading
enterprise data storage
solutions… as a fully-managed service,
with a 100 per cent uptime guarantee and
consumption-based pricing." NC
Disclaimer - all information published in this article is based upon fuller submissions provided under general release. Any interested party is urged to verify
any information printed here, prior to using it in any way. Neither Network Computing nor it publishers accepts any responsibility for the accuracy of the
information contained in this article.
6 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

NETWORKNEWS
NETWORK NEWS - MOVES, ADDS AND CHANGES
A REGULAR LOOK AT THE STORIES INVOLVING PEOPLE, COMPANIES AND SOLUTIONS
It would be difficult to ignore the
upsurge of interest in IoT that has
taken hold and is continuing to
advance. One of the key reasons for
deploying IoT is to gather data, frequently
and sometimes in real-time, to
enable better understanding and control
of business processes, and to be able to
better serve customers, in a more profitable
way. For commercial organisations,
improvement at the bottom line
will be an important investment objective.
IoT deployed at scale is likely to
generate a lot of raw data that needs to
be processed, analysed and enacted.
Recent research from Inmarsat reveals
that, "The vast majority of mining companies
are struggling to access, analyse
and extract full value from the data gathered
by Industrial IoT (IIoT) solutions." Of
the 125 mining organisations surveyed,
half reported that a lag between data
collection and availability for analysis
was preventing them from generating full
value from their IIoT data.
Commenting, Joe Carr, Director of
Mining at Inmarsat Enterprise, said,
"Mining businesses rely on IIoT technology
to extract, haul and process raw
materials. The data produced often has
a shelf life… To secure the significant
benefits that IIoT offers, businesses must
ensure that they can view and analyse
mission critical data in real-time, which
requires a robust and reliable communications
network."
The 2008 banking crisis frequently justifies
ongoing austerity, and this includes
IT spend. According to a study by
Spiceworks, 90 per cent of European
organisations expect IT budgets to grow
or stay steady during 2019, with 65 per
cent planning to increase budgets to
upgrade outdated IT infrastructure. This
research, the first part of the Spiceworks'
annual State of IT Report, examines
international IT budgets and tech trends
in organisations across North America
and Europe. In Europe, organisations
plan to spend 36 per cent of their budgets
on hardware purchases, up by 5 per
cent from last year. Cloud services have
also grown from last year, whilst software
budget allocations have decreased.
While it seems that IT decision makers
will have their say, Business Managers
are more likely to either sign off on final
approval or veto proposals.
If hardware, infrastructure and software
replacement has been on the back burner
then succession planning, in all areas
of IT, has hardly surfaced. It seems that
this tech oversight is not limited to IT
professionals, and the IT industry itself
could be setting a bad example.
Aldermore says that a recent survey indicates
that over half of small and medium-sized
IT sector businesses do not
have a succession plan. Over half of UK
SME decision makers in the IT sector
believe the biggest threat to their business
is the departure of senior executives
and yet, over half have no plan for leaving
their business. Handing the business
to a family member is the most common
way out for bosses who have already
planned their departure.
Aldermore's Future Attitudes report
found the younger generation of UK
SME owners across all industry sectors
seem to be more organised when thinking
about their eventual departure. The
research also revealed that 56 per cent
of those aged 18 to 34 have a succession
plan in place.
Carl D'Ammassa, Group Managing
Director, Business Finance, at Aldermore,
said: "For UK SME leaders in the IT sector
who have planned their departure,
they aim to leave their company within
the next two years… there are fewer senior
executives with a formal business
succession plan compared to a year
ago. Running a business can be very
time consuming. These challenges exert
substantial pressure on leaders, so it is
vital that a succession strategy is
planned out to ensure businesses do not
suffer when change occurs." NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 7

PRODUCTNEWS
VERSION X
VERSION X
VERSION X
VERSION X
VER
WITH PRODUCT ANNOUNCEMENTS RANGING FROM THE TRIVIAL TO THE BIZARRE, THE EDITOR
DISTILS THE ESSENCE OF THOSE THAT ARE OF INTEREST TO THE NETWORKING COMMUNITY
Discussing its new managed detection
and response service in the
UK, Fidelis Cybersecurity cites
increasing cybercrime rates and nationstate
threats that SOCs often do not have
the staff or skills in-house to effectively
monitor and respond to, as a primary
driver. The company said that, "This is
especially pertinent in the UK, where the
chasm between employer demand and a
ready supply of cybersecurity expertise is
the second largest in the world, and especially
acute for smaller enterprises."
Nick Lantuh, President and CEO at
Fidelis Cybersecurity said, "With the risk
enterprises face each day, organisations
need more than just an MSSP partner.
Our experts are true threat hunters, not
just alert watchers. Most come from US
Government Department of Defence
Cyber Security Units and Intelligence
Community backgrounds with deep hunting
and incident response experience.
They are empowered by our advanced
analysis engine which provides rich metadata
and content to expose and understand
the context behind an alert, to gain
full life-cycle visibility during an attack
and to rapidly and accurately find, contain
and eradicate threats."
Vodafone says that it will double the
number of European cell sites in its 5G
Narrowband Internet of Things (NB-IoT)
network footprint by the end of 2019. The
firm says that this major prioritisation of
NB-IoT within their existing capital expenditure
plans reflects the demand it has
seen from enterprise customers. The
world's biggest, international NB-IoT network
will be available in 10 European
countries, including planned launches in
the UK, Romania and Hungary.
NB-IoT is the industrial grade Low Power
Wide Area technology that will provide
connectivity to many smart city applications
such as streetlights, connected
healthcare monitors and wearable devices
at low cost and with equivalent security to
4G. It will also significantly benefit the
agriculture industry in rural areas, giving
rise to new crop monitoring systems,
automated feeding for crops and herds,
and even support for animals giving birth,
all helping to shape the connected farm
of the future.
NB-IoT operates in licenced spectrum to
guarantee customers quality of service,
and provides strong coverage over large
areas - even when devices are underground
or deep within buildings (+20
decibels coverage versus GSM) - along
greater power efficiency, so devices can
run on batteries for 10 years or more on
a single charge. It also provides Vodafone
with the ability to support upwards of
50,000 devices in a single cell without
congestion, for the first time.
Edge cloud services provider Limelight
Networks has been explaining what it
claims is the industry's first globally scalable,
sub-second live video streaming solution:
Limelight Realtime Streaming.
Natively supported by major browsers and
devices, the new service supports integrated
real-time data, making it possible to
create interactive live online experiences.
Streams of live events are typically delayed
from the broadcast feed by 30 seconds or
more which can cause poor viewing experiences,
loss of reputation when viewers publicly
express displeasure, and ultimately loss
of revenue. Limelight Realtime Streaming
eliminates these challenges, enabling
organisations to stream live video from anywhere
in the world to anywhere in the
world, in less than a second.
Claiming it to be the industry's first
cloud-scale programmable router,
Huawei says that the NE40E-F1A provides
a capacity of 2Tbit/s and ultrahigh-density
interfaces and supports SRv6
flexible programming. The NE40E-F1A,
one of the key components of Huawei's
CloudMetro, helps telecom operators
embrace advanced telco cloud bearer
networks and DC-centric simplified metro
networks to accelerate telco cloud service
innovation. To deliver a better user experience
of 5G, 4K, and VR services, operators
are gradually moving towards a
distributed telco cloud, however, this is
bringing uncertainties in the connections
and traffic between data centres.
Through its modular design, flexible programming
and plug-and-play capability,
the cloud-scale programmable router
NE40E-F1A will help operators develop
scalable, flexible, and highly automated
telecom networks to rapidly build new
telco cloud services.
8 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCTNEWS
SION X
Zyxel Communications has unveiled a
new access point that they claim makes
it more practical for hotels, dorms, and
offices to deliver reliable, high-speed
wired and wireless internet. The
NWA1302-AC integrates cutting-edge
AP technology and a Gigabit switch with
PoE and is installed one per room.
There is no need for a network switch
which simplifies deployment. Using a
unique RF-first approach it optimises the
radio frequency design for every hardware
element in order to deliver maximum
coverage and increase data transfer
rates. Its smart antenna and beamforming
technology dynamically customise
signal direction for each device
to create the best path to deliver Wi-Fi
signals while mitigating interference
from neighbouring APs.
Uninterruptible Power Supplies Limited
(UPSL) has launched the PowerWAVE
9250DPA, positioned as "The latest addition
to its range of premium, highly efficient
modular UPS products." It is
designed specifically for medium-sized
critical power applications, the lowest
cost of ownership in its class, delivering
module and system efficiency above 97
per cent and significantly reducing power
loss when compared with similar products.
It also supports Xtra VFI, which further
minimises power consumption by
intelligently configuring the number of
modules required to support the current
critical load requirements.
UPSL Operations Director Alex Emms,
said, "It sets a new benchmark for midrange
power protection in the UK. With
its modular design and low TCO, it
offers the best scalability and flexibility in
its class."
Announcing "groundbreaking solutions
and enhancements" to its analytics platform,
Sumo Logic says that it will
"empower enterprises to win in the analytics
economy." The demand for machine
data across the enterprise is accelerating
at a faster pace than expected. According
to a 451 Research study, more than 54
per cent of survey respondents say their
companies are already using machine
data tools for business insight, and 50
per cent use these tools to support the
end-user experience. Legacy analytics
tools have failed organisations because
they cannot deliver the visibility needed
to support the investment being made in
modern architectures, at cloud scale.
Ramin Sayar, President and CEO at
Sumo Logic said, "By operating one of
the most sophisticated pure-cloud services
in the world over the past eight years,
and now serving 50,000 plus users,
Sumo Logic is quickly becoming the data
steward for modern businesses and we
are just getting started."
Security certification is an important
indicator. When it comes to safe storage
of data, how do you choose between the
options? iStorage has recently passed the
prestigious FIPS 140-2 Level 3 certification,
which is in addition to the NCSC
CPA, NLNCSA BSPA & NATO Restricted
Level. iStorage claims that they are the
world's first and only company to have all
these security certifications.
It is becoming clear to all that Artificial
Intelligence (AI) and Machine Learning
(ML) are technologies that have the
potential to differentiate businesses in a
congested and competitive market. Cisco
has launched its first server built from the
ground up to manage and power these
AI and ML workloads. The new Cisco
UCS server speeds up deep learning, a
compute-intensive form of machine
learning that uses neural networks and
large data sets to train computers for
complex tasks. Businesses will require an
IT architecture that is capable of taking
in vast sets of data and using it to learn,
so this technology is required to power
these initiatives.
Roland Acra, SVP and GM for Cisco's
Data Center Business Group says, "Over
the next few years, apps powered by AI
and ML will become mainstream. While
this solves many complex business issues,
it also creates new IT challenges. This
addition to the Cisco UCS line up will
power AI initiatives across a wide range
of industries: our early-access customers
in the financial sector are exploring ways
to improve fraud detection and enhance
algorithmic trading. Meanwhile in healthcare,
they're interested in better insights
and diagnostics, improving medical
image classification, and speeding drug
discovery and research." NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 9

SHOWPREVIEW
PREPARING FOR
LIFT-OFF…
IP EXPO EUROPE 2018 TAKES
PLACE AT EXCEL LONDON IN
OCTOBER, AND WELCOMES
FORMER ASTRONAUT COLONEL
CHRIS HADFIELD AS ITS
KEYNOTE SPEAKER
IP EXPO Europe, which is colocated with
Digital Transformation EXPO 2018, returns
to London on the 3rd and 4th of October.
The two day event will be opened by
Astronaut Chris Hadfield with a keynote that
will share his truly unique perspectives,
experiences and lessons concerning the next
steps for mankind.
Alongside IP EXPO Europe, the full spectrum
of the technology industry will be present at
Digital Transformation EXPO, offering expert
speakers in the following areas:
IP EXPO
Many organisations exclusively depend on
cloud-based ecosystems. Speakers at IP EXPO
will share their knowledge and strategies to
expose the full potential of the cloud.
Speaker Mayank Prakash, Chief Digital and
Information Officer at DWP will offer advice
concerning the critical ingredients required to
drive digital transformation at pace - from
embedding a digital mindset to empowering
multidisciplinary teams, whilst investing in an
innovative ecosystem. Other speakers
include Margarida Correia, Architect at
Juniper Networks and Alexandra Gates,
Principal Product Marketing Manager at
Aerohive Networks.
CYBER SECURITY X
With GDPR firmly in place, it's time to hear the
discussions around the impact it's having. At
the show, expert speakers will offer a fully
rounded look at cyber security, from
protection to mitigation and detection.
Attendees will also have the opportunity to
explore the world of hacking, with the Cyber
Hack showcase offering a glimpse of how the
bad actors can attack.
Eye-opening talks will be delivered by key
cyber security leaders, including Dave Lewis,
Global Security Advocate at Duo Security,
Doug Howard, Vice President of Global
Services at RSA, Lisa Forte, Partner at Red
Goat Cyber Security LLP and Security Analyst,
Graham Cluley.
DEVELOPER X
The role of the developer has never before
been so crucial in this digitally transforming
world. Speakers at Developer X will include
Paul Fletcher, Enterprise Architect at
Sainsbury's, Marcus Robinson, Technical
Evangelist at Microsoft, and James Allen,
Cloud and DevOps Solution Architect at
Red Hat. Together they will take stock of the
rapid speed of change as disruptive new
technologies and practices become
established.
AI-ANALYTICS X
AI has been the hottest topic for years and
2018 is no different. IP EXPO Europe will
explore new innovations in AI and machine
learning, driven by data. The insights gained
through analytics are incredibly powerful, and
can be used to grow an organisation.
Speakers, including Dr Hannah Fry, Lecturer in
the Mathematics of Cities at UCL, Areiel
Wolanow, Managing Director at Finserv
Experts and Oliver Gindele, Data Scientist at
Datatonic, will together deliver insight and
solutions to help visitors to store, manage and
analyse data on a massive scale.
INTERNET OF THINGS X
With over 23 billion connected devices in use
worldwide, with that figure set to more than
double over the next few years, enterprises in
all verticals are seeing the huge opportunities
for their organisation from harnessing IoT
technology. Internet of Things X will explore
the very latest capabilities offered by IoT
solutions with input from IoT experts including
Yodit Stanton, CEO of OpenSensors and John
David, CEO and Founder of Amnick.
BLOCKCHAIN X
Blockchain is no longer tomorrow's future
megatrend: it is here, today, and has the
potential to change technology forever.
Covering subjects such as performance,
resilience, integration and platforms,
Blockchain X will provide attendees with the
information that they need to help them
understand the opportunities and applications
for business operations.
Carrie Osman, CEO & Founder at Cruxy &
Company will be speaking at Blockchain X
and educate attendees on how best to tackle
Blockchain and gain business benefits. NC
IP Expo Europe is poised to challenge,
inform and lead todays IT professionals. For
further information and to register for IP EXPO
Europe 2018, visit: www.ipexpoeurope.com
10 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATUREBLOCKCHAIN
THE CURRENCY OF BLOCKCHAIN
BLOCKCHAIN IS MORE - MUCH MORE - THAN BITCOIN.
JONATHAN WILKINS, MARKETING DIRECTOR AT EU AUTOMATION
EXPLAINS HOW BLOCKCHAIN CAN AUTOMATE A RANGE OF
BUSINESS PROCESSES
Blockchain was invented in 2008 by
Satoshi Nakamato. He is thought to
be a man living in Japan, born in
1975, but there remains speculation about
the inventor's true identity.
The technology was intended as a digital
ledger for the cryptocurrency Bitcoin. Its
success led to the use of the technology to
automate a range of processes, from asset
traceability to accountancy. But, according
to IDG Connect, only 13 per cent of IT
leaders have a plan to use blockchain.
TAKING AUTOMATION TO THE
NEXT LEVEL
Blockchain adds to the automation
capabilities that Industry 4.0 has already
provided. For example, most manufacturers
have started to integrate components such
as smart sensors and programmable logic
controllers (PLCs), which allow them to
automate equipment maintenance. Plants
can now add blockchain between the
Enterprise Resource Planning (ERP) software
and the parts supplier, so that machines
can autonomously place orders for their
own replacement, before they break.
Businesses still using paper-based records
should transfer them directly to blockchain
to reduce the risk of data being lost or
damaged. Many companies still use paperbased
legal contracts, but with blockchain,
they can produce smart contracts that
automatically execute when certain
conditions are met. Ethereum is an
example of a platform that runs smart
contracts using blockchain. It manages the
release of assets to the owner using
predetermined conditions to prove their
ownership.
As well as automating individual business
processes, blockchain dramatically
improves the ability of companies to safely
share information.
THE CHAIN
When a document is shared on a
blockchain, a block is created that attaches
to previous blocks, forming a visible chain.
This allows for advanced supply chain
traceability and means businesses can
rapidly detect and address problems. For
example, if a manufacturer that uses
blockchain needs to initiate a product
recall, every product can be identified,
located and quickly recalled. It's efficient
and secure.
Blockchain could also help to reduce the
amount of greenhouse gases that
organisations emit. Approximately 1,000
industrial plants and power stations in the
UK are covered by the Emissions Trading
System (ETS). They are issued a limited
number of carbon credits by government. If
they do not use all their carbon credits,
they can trade them to other companies.
IBM and Energy Blockchain Labs are
developing a blockchain marketplace to
increase the visibility and traceability of
carbon credit trading.
Despite the increased clarity and visibility
of records that blockchain allows, it is also
seen as a safer means of digital
information transmission than the
alternatives.
SAFETY MOMENT
An April 2018 Cyber Security Breaches
Survey found that over four in ten UK
businesses suffered a cyber breach or
attack in the previous twelve months. As
more devices become connected across the
Industrial Internet of Things (IIoT), cyber
security will become a bigger concern.
Blockchain is extremely tamper-resistant:
by the time a hacker has hacked into a
block, multiple new blocks have been
created. Alex Tapscott, CEO and founder
of Northwest Passage Ventures, explained,
"You wouldn't just have to hack one system,
you'd have to hack every single computer
on that network."
Blockchain uses a powerful cryptography
that gives individuals ownership of their
own data, reducing the risk of identity
fraud. In addition, the technology uses long
cryptographic keys that work in a similar
way to long, complex passwords, making
accounts challenging for hackers to access.
While he keeps his identity private, the socalled
Satoshi Nakamato is probably
astonished by the vast benefits that his
invention can bring to organisations across
all industries. In coming years, we can
expect to see many more applications for
blockchain, including some that may not
have been considered yet. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 11

FEATUREBLOCKCHAIN
FUELLING THE CHAIN
OF DISCOVERY
SCIENTIFIC RESEARCH IS OFTEN
IMPEDED BY FEAR. EITAN
KATCHKA, CHIEF OPERATING
OFFICER OF MATERIALSZONE
EXPLAINS WHY BLOCKCHAIN
WILL UNLOCK COLLABORATIVE
SCIENCE AND ACCELERATE
DISCOVERY
Science has always been a race. The
scientist or researcher who has the
most published works or finds a
potentially world-changing discovery will
take home the funding and the fame. This
race, however, has been slowly smothering
innovation and discovery.
It is estimated that 95 per cent of scientific
research is inaccessible or lost. This is due to
fears surrounding intellectual property, a lack
of incentive for researchers to publish their
data, and very few platforms where they can
do so. Therefore, under the current publishing
and academic models, most researchers are
reluctant to share their data out of fear that
their findings will get scooped by other
researchers. This creates an insurmountable
barrier for science to shift into an open science
approach, resulting in billions of data entries,
studies and experiments from all research
fields not being shared, which obstructs
innovation and scientific breakthroughs.
In an ideal world, international scientists and
researchers would work together toward the
common goal of discovery. Unfortunately, the
current model of research demonstrates that
this isn't feasible. Even though there have been
many efforts by the EU and US regulators and
other large organisations to shift to an open
science approach, published work is still the
measure of a researcher's success. In the
meantime, the world is falling apart faster than
we can stick it back together. For example,
global warming is an issue that entire
continents are trying and failing to combat.
Technological innovation may yet untie the
hands of science so it can get to work
unhindered. Blockchain technology opens up
a great deal of possibility for the science
community.
For example, MaterialsZone utilises Sample
Protocol to allow researchers in materials
science to share and monetise their data on
the blockchain - whilst securing the creators'
intellectual property by means of immutable
timestamping. Blockchain can also provide a
decentralised place to publish data, so no
single entity will have ultimate control of the
data which is being recorded.
Building an environment like this will
incentivise researchers to upload their data
onto a marketplace and sell it for use, and in
turn build an open science economy. The
benefits aren't confined to the researchers.
Research organisations can then make the
most of their funding and time as it wouldn't
be spent on research already conducted,
which will free up research time for other work.
Research and measurements aren't the only
items to be dealt with. 'Failed' result data can
also be incredibly valuable. If one laboratory
has tried an experiment a number of times
and failed then why should every laboratory in
the world repeat it? Also, the outcome of that
experiment may be a failure for one
researcher but an interesting lead for another.
The failed result data could be freely and
easily shared, or even sold - once more giving
value to the work and saving the time and
money of others. There are estimations that
eliminating the failed results from research can
free up 30 to 50 per cent of research time.
In an economy such as this, smart contracts
on the blockchain guarantee every party
speed and efficiency. What's more, some
parameters can be set to ensure that
everybody gets a fair reward for their work.
For example, if a laboratory purchases a
year's worth of research data from an
organisation, it can be set up to ensure that
the researchers, assistants, the laboratory
and funders of the research etc. all receive
their share.
Those research findings on a USB stick,
buried in a draw, could be the data that leads
a researcher to discovery. Blockchain is key to
unlocking data and creating a truly
collaborative scientific ecosystem, so that
researchers are properly incentivised to share
their data and fuel the fire of discovery. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 13

FEATUREBLOCKCHAIN
BLOCKCHAIN TAKES OFF
BLOCKCHAIN'S SINGULAR ASSOCIATION WITH
BITCOIN IS BEING SLOWLY DISMANTLED. THANE
HALL, DIGITAL TRUST ACCOUNT MANAGER AT
THALES UK EXPLAINS HOW BLOCKCHAIN CAN
RADICALLY IMPROVE THE AEROSPACE AND
DEFENCE SUPPLY CHAIN
According to a recent Accenture report
entitled 'Launchpad to Relevance:
Aerospace & Defense Technology
Vision 2018', 86 per cent of aerospace and
defence (A&D) firms say that they expect to
integrate blockchain technology into
corporate systems by 2021. But why are
they thinking blockchain?
Essentially, blockchain offers a permanent
(immutable) data store even when publically
accessible and without the need for a thirdparty.
Bitcoin has proven that blockchain
technology is secure enough to hold
£100Bn of value in the public domain. It
uses a combination of mechanisms which
including cryptographically locking blocks of
transactions into a chain (hence blockchain)
and then replicating that data in multiple
instances globally, bound with a mechanism
to ensure that they all agree on the true
state of the ledger (hence distributed ledger
technology). The immutability of this data is
ensured through the cryptographic locks
and the many distributed instances that
maintain consensus.
Blockchain is evolving rapidly, although
many still associate this technology with
Bitcoin and other cryptocurrencies. This is a
distraction that inhibits understanding of its
potential value in multiple application areas.
COMPLEX SUPPLY CHAINS: VISIBILITY
Blockchain technology was originally
devised to help businesses improve their
transparency and accountability. This is
particularly relevant in the A&D industries
especially concerning the securing and
simplifying of a transparent and reliable
supply chain for parts.
A blockchain can store any transaction or
data you wish to immutably store, and not
just financial transactions. The advantage of
being immutable with no need for a third
party means that organisations can trust that
the data is correct and that no participating
stakeholder has changed it. In essence, it is
a 'trustable database' and therefore the
parties using it can better trust each other;
an essential principal for good business.
There are hundreds of different suppliers
involved in the manufacture of a single
aircraft and each one must maintain
impeccable and trustworthy visibility
concerning the manufacture and supply of
their components. This requirement makes it
easy to understand the role that blockchain
technology can play.
FUTURE APPLICATIONS, TODAY
Research is currently underway to better
understand the potential applications of
blockchain technology in this area, including
a new blockchain-based system that could
help secure and streamline the complex
global supply chains that support the A&D
industry. Driving this innovative research is the
clear need for manufacturers, especially in
A&D, to establish accountability and eliminate
both counterfeit or grey-market components
and suppliers from its supply chain.
One such project is based on
Hyperledger, an open source blockchain
project managed by The Linux Foundation.
The prototype combines blockchain, the
internet of things and other innovative
technologies, including a Physically
Unclonable Function (PUF) solution for
FPGA silicon chips and tamper-proof
cryptoseals.
This gives aircraft manufacturers,
suppliers, maintenance firms, as well as
airlines, an unparalleled ability to
accurately track and secure trustworthy data
throughout their supply chain. They can all
know the exact configuration of any aircraft
that is in service, at any point in time. This
helps to avoid unnecessary time delays (in
sourcing and delivering required parts, for
example), increased costs, and the potential
risks arising from faulty or counterfeit parts.
This is just one very good example of how
blockchain can be used to increase and
maintain supply chain standards and
improve mission assurance. It will ensure
authentic parts and materials enter the
supply chain, provide a unique identity and
then use this identity for supply chain
transactions in a blockchain to establish
their authenticity.
Blockchain has incredible potential to
increase efficiency and trust in an entire
market. Theories will soon be turned into
practice and a whole new use case for
blockchain will have been born. NC
14 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATUREBLOCKCHAIN
THE BLACK MARKET BLOCK
IF LEFT UNCHECKED, COUNTERFEIT
AUTOMOTIVE PARTS CAN CAUSE DEATH.
STEVE KUH, CEO AT BONAFI EXPLAINS
HOW A BLOCKCHAIN-BASED SOLUTION
CAN ARREST THE GROWTH IN THIS BLACK
MARKET FOR CAR PARTS
It is shocking how counterfeiters will go
to any length to make money, even if it
can potentially result in someone's
death. The pharmaceutical industry is no
stranger to the world of counterfeiting.
However, an equally profitable domain for
counterfeiters is in the aftermarket
automotive parts industry, where they are
using every possible method to persuade
people to buy inferior, low-quality and
possibly dangerous replacement car parts.
They will either sell the car part for a few
dollars less than the manufacturer's
suggested retail price or charge the cost of
the original car part and deceive buyers by
placing a brand name label on the
counterfeit component. In either case,
both the consumer and authentic brand
owner suffer.
Consumers need to realise the
importance of purchasing authentic car
parts. BMW recently conducted a test with
aftermarket counterfeit parts for their
reliability, and the results were shocking.
The international car brand found that a
car with fake braking components could
travel up to 25 meters more after applying
their brakes than a vehicle with authentic
parts. That added distance can be deadly
when moving at high speeds.
The use of blockchain technology can
help to deter the issue of counterfeiting
worldwide. Blockchain is an immutable
public ledger system. It is immutable and
public since records are shared and
agreed upon among the many computers
connected by the network. For example, it
is virtually impossible to make a false entry
on the blockchain without the knowledge
of the other computers on the network. If
the computers connected to the network
are 100, then it would be necessary to
access each one of those computers to
falsify a record. But, if the number of
computers on the network is in the
millions, then it is virtually impossible to
falsify in that way. That is why data
recorded on the blockchain is considered
to be immutable.
While blockchain technology is based in
software, it still requires a hardware
component to interface with goods when
it is used as an anti-counterfeiting
solution. It has to be able to identify
every single item as a unique and
individual component.
For example, imagine having a small
NFC tag attached to an item that users
can scan. Scanning the tag with a
smartphone application is the most
practical way to offer this. As soon as the
user scans the product, the consumer can
see the details of that product on their
screen. The details may include the
manufacturer's name, product ID, and
other supply chain details to help establish
authenticity.
The tag is crucial to the system for the
following reasons:
The end user receives verification when
they scan the item using the phone app
It becomes an identified as an
authentic item
The tag, as it moves through the
supply chain is used to store required
information by recording and updating
data held on the blockchain
It is also beneficial to include an owner
registration for the aftermarket auto parts
using the phone app and the tag. This
would allow the manufacturer to notify the
authentic owner should the parts need to
be recalled in the case of a discovered
problem. The blockchain, the phone app,
and the tag would identify the
components and the registered owners
would be alerted of recall notices should
this be needed.
The worldwide counterfeiting industry is
not going to slow down on its own. If a
blockchain-based solution is out there,
consumers and brand-name manufacturers
alike need to make use of it to put an end
to counterfeiting. If not, the black market
will continue, costing billions of dollars for
the original parts makers. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 15

FEATUREBLOCKCHAIN
COLLABORATIVELY ENGINEERING BLOCKCHAIN
THERE IS A LOT TO POTENTIALLY CONSIDER IF ORGANISATIONS
WANT TO DEPLOY BLOCKCHAIN BEYOND ITS BITCOIN MEME.
TRAVIS BIEHN, TECHNICAL STRATEGIST AND RESEARCH LEAD AT
SYNOPSYS EXPLORES THE ISSUES
Cryptocurrency hacks are prevalent
and one of the most recent in the
digital currency space was the one
that took place on South Korea's Bithumb
exchange; it is thought that virtual currency
valued in excess of $31 million was stolen.
With such events wreaking havoc on public
blockchain ventures, why are organisations
rushing to implement blockchain solutions in
their business? Let's consider a few clarifying
factors between public and enterprise
blockchain potential and the impact that this
emerging technology can have.
Enterprise blockchain platforms have their
roots in established public systems like Bitcoin
and Ethereum. However, they also have
significant functional and security-relevant
differences. Public blockchains allow
everyone to participate in the network, using
differing degrees of access. Private
blockchains on the other hand regulate
access using membership control such as
consortium consensus, IP whitelisting,
certificate validation and the use of a central
authority. Unlike Bitcoin, the private
blockchains' primary use case isn't to store
and transfer value, but to provide a platform
for inter-organisational collaboration and to
enforce arbitrarily complex business logic.
While the open source community has
been enamoured with the success of
Ethereum, the enterprise community has
been quietly building the next generation of
distributed trustless applications on
permissioned blockchain technologies.
Enterprise blockchain adoption seems to
have reached fever pitch in 2018.
Meanwhile, the security community has not
yet developed strong idioms for hardening
these platforms against attack.
We have witnessed blockchain technology
both evolve and fragment over recent years
and have been commercially engaged with
blockchain technology since 2015. In the first
half of 2018, we performed over 3,000
hours of threat modeling on systems built
around enterprise blockchain platforms, and
even more in source code review and
dynamic testing.
Through our team's experience, we have
found that the most crucial gaps in
understanding the security impact of
blockchain technology occur in four key areas:
Whole System: This involves the shared
custody and operation of a component
lifecycle which depends on cooperation with
competitors. Additionally, distributed systems
engineering is a rare skill that is essential for
risk analyses of all types.
Software Design: The concept of identity is a
common source of deep design flaws. It's a
consideration throughout blockchain
components and requires mapping to higherlevel
systems.
If development libraries are absent, every
team must develop them from scratch and
that means missing out or deploying their
own model of security controls.
Authentication and authorisation are difficult,
and controls both in smart contracts and in
upstream systems must be created.
Data Management: This involves
compliance to regulation and understanding
how to thoughtfully minimise private data
while still gaining the benefit of the
blockchain components.
Platforms: Usage, metering and audit
resource capabilities are not easily
accomplished with new platforms. New
execution environments and sometimes
languages can often pose challenges to
process, tools, and people.
Decisions made close to blockchain
components have critical fault but they only
make up a small fraction of issues. More
importantly, architects and developers can
make the wrong assumptions about the
security properties provided by these
platforms, and those mistakes can lead to a
large majority of exploitable issues.
The most widely used platforms are often
difficult to configure and dangerous to
expose to untrusted components. Thankfully,
businesses do not have their heads in the
sand regarding this risk and are taking a
cautious approach to evaluation. It is during
this period that security leaders should
collaborate with system stakeholders,
architects, developers, business leaders and
operators. The goal of collaboration is to
refine the security properties of the systems,
develop processes for managing platform
secrets and component lifecycles, and mature
these capabilities of evaluation, prevention,
detection, and response, over time. NC
16 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION
DIGITAL WISDOM
WITH DATA VOLUMES AND
AVAILABILITY GROWING
UNIMAGINABLY, THE PRACTICAL
USE OF DATA HAS BECOME A
CHALLENGE. ERIC YU, CEO AT
GTCOM CONSIDERS HOW WE
CAN THRIVE IN A WORLD OF
INFORMATION OVERLOAD
American scientist E.O. Wilson
observed that, ''We are drowning in
information, while starving for
wisdom.'' This statement is as true today as
it was thirty years ago. The availability of
infinite amounts of content, data and
discussion offers incredible possibilities,
but at its worst it can cause delays and
distractions, potentially impacting on
productivity and producing poor quality
decision making.
It's vital that we base decisions on clear
and accurate information if we are to
make the best choices and prepare our
organisations for success. According to a
survey by Helical IT, the success rate of
decisions made based on data is 79 per
cent higher than those using intuition
alone. It is therefore vital that the
information we require can be accessed
quickly and easily and is straightforwardly
presented using clear hierarchy and
structure.
This challenge is currently more
pronounced than ever. The General Data
Protection Regulation (GDPR), data privacy
concerns brought to light through recent
scandals at Cambridge Analytica, and
data breaches at the likes of Uber, Equifax
and Yahoo make data collection and
usage a focal point for all organisations
who must act in a responsible way so that
people can trust them enough to share
their data.
Additionally, we work and live in a global
marketplace, with access to information
published in many different languages. As
breakthroughs are made, this provides
access to more opportunities to develop our
work and explore that of others. However, it
also intensifies the challenges around
dealing with large amounts of data.
2018 will be a pivotal year for many
industries as artificial intelligence works its
way into a wide variety of devices and
services. Researchers and innovators need
to be informed about patents long before
they dive into a specific research project
and kept up to date about breakthrough
insights across multiple disciplines that
could impact their work.
This kind of informed global approach
can only enhance our work, make us more
competitive, and help organisations to
expand. But to do this we must work
through more information than ever, and
many of the challenges around efficiency
and productivity become even more
pronounced. Traditional networking
environments lack the flexibility and
computing power to cope with the volume
of data from multiple sources that must be
analysed to generate smart solutions.
To overcome this, many business leaders
and academics are turning to data
research and analytics tools to do some of
the heavy lifting and secure the best
quality and most appropriate information
as quickly as possible.
There are an impressive range of
qualitative analysis tools available, that
can improve upon traditional quantitative
analytics by analysing a full range of
written text, including theories, code and
discourse, vital to those in network
computing environments. For example,
having access to this kind of global
information can help business intelligence
units and R&D departments to evolve
products and services more efficiently and
more quickly identify any international
property rights issues, ensuring that they
remain ahead of any potential legal risks.
A good AI and Big Data-powered research
platform can save time for entrepreneurs and
R&D departments and provide them with
access to the information they need to be
successful. Such platforms are often updated
with more than 30 million news articles and
500 million pieces of social data, daily.
The pace of change and evolution of
knowledge is moving so rapidly, that the
amount of available information can be a
challenge, rather than an opportunity. The
available qualitative analysis tools allow us
to benefit from access to vast amounts of
data in a way that our existing networks
alone cannot. This allows our research and
development departments to design
products and services using wisdom. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 17

FEATURESD-WAN
RESILIENT
CONNECTIVITY
ONE SIZE OF SD-WAN DOES
NOT FIT ALL. BEWARE OF U.S.
BASED SUCCESS STORIES SAYS
NICK JOHNSON, CEO AT
EVOLVING NETWORKS, WHO
EXPLAINS HOW TO MAKE SD-
WAN WORK FOR BUSINESSES
IN THE U.K.
The business landscape is moving at
pace, driven by the need for flexibility
and the increasing adoption of cloud
services. One of the consequences of this is
the need for improved connectivity. Users
want more capacity, faster speeds, better
quality. And this demand is growing,
especially as more emphasis is placed on
distributed working practises and SaaS. As a
result, the need for resilient connectivity is
now business critical. What this means for
organisations is that they're looking for
solutions that can deliver against both their
current and future needs.
Traditionally, this is where MPLS would come
in. It's robust, supported by SLAs and is an
established technology. However, it's also
expensive, inflexible, takes time to provision,
and it's a challenge to integrate with cloud
services. Importantly, packet prioritisation is an
expensive option, which means that the quality
of VoIP phones could be compromised if they
are run alongside other connectivity-based
services that might saturate the available
bandwidth capacity.
SD-WAN will increasingly provide the
solution to this connectivity problem. Globally,
it's a growing market sector and Gartner
forecasts that by 2020, we'll be spending
$1.24 billion on the technology.
SD-WAN can deliver stable, low latency and
intelligent connectivity and is easily integrated
with cloud apps: this is a key factor for most
businesses now. It's a much newer technology
than MPLS, more agile and cost-effective - all
of which are critical in a world where budgets
are always being scrutinised. But the one
major advantage of SD-WAN is that it is much
more resilient, especially when deployed using
multi-path aggregated connectivity, which
ensures diversity through the infrastructure
layer and low latency where required.
SD-WAN can be particularly effective at
simplifying network topology, linking multiple
sites together in an effective and efficient way.
Unlike MPLS, SD-WAN is also easily scalable,
allowing businesses to add sites and
additional lines quickly and cost-effectively
because of its software-defined nature.
While the technology has a head start in the
US market it is making definite inroads in the
UK. The key to its success in the UK, however,
is not to rely on US-centric technology or
mere resellers of that technology, but on
solutions designed for the local market and
network infrastructure, deployed by partners
who understand the market and its
challenges. The broadband infrastructure in
the US is a very different beast to ours, and
as a result the standardised SD-WAN
products are not fit for our purpose.
A case in point is the recent news that Cisco
is preparing to include an SD-WAN upgrade
in its routers. While this is a positive step for the
market in the UK, it's important to remember
this software was developed in the US for a
broadband infrastructure that is of a much
higher quality and where vendors compete on
that quality, instead of price. As mentioned, the
UK market is very different, which makes it a
little challenging for businesses to get the
promised benefits of SD-WAN.
There is little doubt that change is afoot in
the connectivity market; driven by the everincreasing
demand for better, faster, more. So,
while SD-WAN may indeed be the connectivity
solution that UK businesses are looking for, we
can't rely on the approach and technology
developed by our cousins across the Atlantic
to help us deliver its benefits. Instead, we need
SD-WAN solutions designed for our needs,
with UK broadband infrastructure in mind,
deployed by vendors that understand the
challenges businesses face, developing their
own software based on localised experience.
We are now in a time where ISPs who deliver
SD-WAN solutions with no disconnect
between the software and underlying network
layers will be best placed to deliver. NC
18 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATURESD-WAN
GIVING WAN AN EDGE
SD-WAN IS NOW MAKING ITS
CASE. ALLAN PATON, DIRECTOR
OF UK AND IRELAND AT SILVER
PEAK EXPLORES THE
EVOLUTION OF SD-WAN AND
HOW IT WILL REPLACE THE
COMPLEXITY OF ROUTER-
CENTRIC WAN ARCHITECTURES
In recent years, the software-defined WAN
(SD-WAN) market has experienced
significant growth around the world, with
new SD-WAN acquisitions, partnerships and
investments gaining momentum. As the
benefits of SD-WAN become increasingly
apparent, Gartner has predicted that by 2019,
companies that have deployed SD-WAN will
rise from less than one per cent, where the
market is today, to 30 per cent. SD-WAN
offerings are fast evolving to address the
changing requirements of enterprises as they
embrace cloud and digitally transform.
Underpinning this evolution is the mass
migration of applications and services to the
cloud. Organisations are realising that their
existing router-centric WAN architectures can't
keep up with the changes in network and
application traffic. As such, businesses are
turning to SD-WANs, which promise the
flexibility to use any combination of transport to
connect users to applications and intelligently
route traffic across the network efficiently and
securely. It's therefore not surprising that,
according to the Frost & Sullivan global SD-
WAN survey, 94 per cent of businesses report
that they have deployed, are deploying, or will
deploy SD-WAN over the next two years:
demand will surely continue to increase.
THE BUSINESS-FIRST NETWORKING
MODEL
Increasingly, enterprises are moving beyond
the constraints and complexity of router-centric
WAN architectures. Routers are burdened by
decades of complexity and still retain a lengthy
and arduous device-by-device configuration
process using an inconvenient and arcane
Command Line Interface (CLI). Now,
businesses are seeking more efficient and
secure access to SaaS and cloud applications.
There's a greater need to connect users directly
and securely to the cloud and this requires a
software-driven WAN edge architecture that
can intelligently steer traffic based on
application-driven policies. As such, SD-WAN
solutions are increasingly evolving to empower
highly-distributed enterprises with a new
business first networking model that yields
consistent application performance, robust
security and operational efficiencies.
LESS: THE NEW MORE
In its first WAN edge report published in 2017,
Gartner considered the future of enterprise
networking as a consolidation of "several
branch-office WAN edge functions, including
routing, SD-WAN, WAN path control, security
and WAN optimisation". By deploying a thin
branch SD-WAN solution, distributed
enterprises would be able to dramatically
improve business agility and lower costs, and
improve network and application
performance, availability and security, while
aligning their networks to ever changing
business requirements.
In the Frost & Sullivan survey, respondents
indicated that network managers are looking
to embrace SD-WAN appliances with
integrated routing and WAN optimisation
functions, while keeping existing CPE-based
solutions at other sites until maintenance
contracts expire. Indeed, interoperability with
existing WAN edge infrastructure will be critical
when migrating to a business-driven WAN
edge until organisations completely replace
traditional routers. A flexible deployment
model, fully compatible with routers, firewalls
or other pre-existing devices at the branch, will
enable enterprises to complete the transition at
their own pace.
UTILISING INTELLIGENCE
Through advancements in artificial intelligence
and self-learning, a unified SD-WAN Edge
platform will also go beyond today's
automation and templates to reach a selfdriving
wide area network that gets smarter
every day. A self-driving wide area network
with centralised and adaptive orchestration
enables self-learning and continuous control to
ensure ongoing alignment with business intent.
Ultimately, the consolidation of network
functions - such as SD-WAN, WAN
optimisation, routing and more - into a single,
centrally orchestrated software instance is the
final stage of evolution for SD-WAN
technology. In the next 18 months, SD-WAN
will become a priority for businesses,
particularly in the banking and financial
services space. We will also see an increasing
need for integrated network functions at the
WAN edge, as well as a demand from
enterprises for centralised cloud-based network
management from their SD-WAN vendor. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 19

FEATUREIOT
IoT IN THE SHADOWS
BYOD IS A THING OF THE PAST -
OR IS IT? GARY COX,
TECHNOLOGY DIRECTOR FOR
INFOBLOX IN WESTERN
EUROPE, EXPLORES THE
TROUBLING RISE OF SHADOW
IoT AND HOW TO DETECT IT
With the Internet of Things (IoT)
continuing to grow, and with
employees connecting an
increasing number of consumer devices to
enterprise networks, IT teams find
themselves faced with greater complexity
and more security issues than ever before.
The scale of the problem was illustrated by
the findings of a recent Infoblox survey
which revealed that, while three quarters of
businesses have over 1,000 approved
devices such as PCs and company mobiles
connected to their networks, more than a
third reported at least 5,000 non-approved
devices, including personal phones, laptops
and e-readers.
Typically offering very poor security, many
of these consumer devices provide
cybercriminals with an ideal point of entry to
an organisation's network, and this
represents a very real threat to that
organisation and its business.
IDENTIFYING PREY
Many businesses reported having a
significant number of non-business IoT
devices such as fitness trackers, Smart TVs,
and digital assistants connected to their
enterprise network. There are, however, a
number of tools readily available that will
enable cybercriminals to exploit the control
of such devices. In 2017, for example,
details of a CIA tool dubbed 'Weeping
Angel' were published on WikiLeaks. Here, it
was explained how the tool was used by
agents to transform Samsung smart TVs into
live microphones.
The identification of vulnerable devices
can be achieved with worrying ease. A
basic search on sites such as Shodan, a
search engine for internet-connected
devices, can deliver a wealth of
information, including details of a device's
banner, along with their open ports
including HTTP, SSH, FTP and SNMP.
It's worth noting that the site is not, in itself,
illegal. The details it provides, however,
could be used by even the lowest level
criminals as a means of identifying
potentially vulnerable devices connected to
corporate networks.
ANTISOCIAL MEDIA
Social media is being used as a means of
spreading malware. Cybercriminals often
exploit the fact that users tend to lower their
guard on social networks, making them
more likely to click on links with unknown
sources. The fact that around two in five
employees claimed to have accessed social
media on their personal devices while
connected to their organisation's network
should therefore ring alarm bells.
Equally worrying is the claim by a quarter of
the survey's respondents that they downloaded
apps to their personal device while connected
to an enterprise network. This is especially
concerning when you consider that even apps
from legitimate download sites have been
found to contain malware.
TAKING ACTION
Introducing a security policy for connected
devices is a sensible first step in managing
the threat that they pose although, according
to the report, employees can't necessarily be
relied upon to follow it. IT administrators
should therefore be able to enforce policy,
restrict access to certain sites and types of
content, and review non-compliant activity
throughout the organisation.
By providing unified visibility into all
devices, IP Address Management (IPAM) will
enable IT admins to manage those devices
more effectively, and DNS-based security
will provide essential context and visibility,
alerting IT admins of any network
anomalies, and enabling them to identify
and block malicious activity more quickly.
What's more, with threat intelligence data
integrated into their DNS management,
security teams will be able to monitor and
prevent access to Newly Observed
Domains, the creation of which tends to
indicate that an attack is forthcoming.
A plethora of connected devices, approved
and otherwise, have made Shadow IoT a
reality, and one which affords cybercriminals
the opportunity to exploit vulnerable devices.
To minimise this risk, enterprise teams must
discover and identify what's lurking on their
networks, and take the steps necessary to
protect it from external threats. NC
20 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

SECURITYUPDATE
MINE YOUR OWN BUSINESS?
ORGANISATIONS OF ALL TYPES ARE UNDER THREAT FROM
CRYPTOJACKERS. KARL SIGLER, THREAT INTELLIGENCE MANAGER
OF SPIDERLABS AT TRUSTWAVE, DETAILS THE THREAT
Cybercriminals are always on the
lookout for new technology to
exploit for easy profits. Accordingly,
the increasingly high profile around one
such opportunity, cryptocurrency, has
attracted the attention of opportunists
around the world.
Specialised software or web script can be
used to harness a machine's CPU or GPU
to solve complex equations and earn
coins, but this must be done on a huge
scale for it to become profitable. Web
based cryptomining has been trying to
become more legitimate, for example,
when a website asks permission to use
some of a visitor's processing power while
on the site. In fact, many sites have begun
to explore this as an alternative to
advertising.
Criminals however will run their code
covertly without asking permission. This
practice is known as cryptojacking.
Cryptojackers will usually insert mining
code into a legitimate website without the
owner's knowledge, enabling them to steal
processing power from anyone visiting that
site. Much like the malvertising tactics used
by other cyber-attackers, criminals can also
infect an ad and spread their mining code
to any site within the ad network.
THE ENTERPRISE GOLDMINE
An ideal mining host site will be one that
receives a high number of visitors and
ideally the connection will be left open for
long periods of time. This has made
streaming sites particularly useful, as they
are naturally open for potentially hours per
visit. Enterprise homepages and portals
are also ideal targets: a large company
might have thousands of users visiting its
page who potentially leave it open during
their workday.
Pre-made mining scripts are easily
acquired online and are so simple to use
that even a complete novice can run one.
Coinhive is one of the most popular
choices for cybercriminals to exploit, as the
JavaScript-based programme also mines
the anonymous Monero currency. Monero
requires less effort than other popular
currencies such as Bitcoin before becoming
profitable and is also designed to be used
anonymously. While it is also very widely
used by legitimate users, these features
make it ideal for a criminal. Coinhive is so
popular that it was found to be present in
13 of the Alexa top 1000 sites.
HOW DOES CRYPTOJACKING HARM
AN ENTERPRISE?
Most illicit mining scripts steal just enough
processing power to cause an irritating
slowdown for affected machines. While it
won't be as damaging as more harmful
malware, for example ransomware, the
presence of an unwanted mining script
embedded into a compromised website
can still deliver a damaging blow to the
site owner's reputation. There have been
several instances of customers complaining
because they thought that an infected site
was intentionally running a mining script
without permission.
Cryptojacking also poses a greater threat
to an enterprise target because the
combined effects of thousands of machines
running a mining script can put a
significant strain on the company network.
The drain on processing power will result
in an increased electricity bill, as well as
costs for the IT resources required to
troubleshoot the estate of slow and
crashed machines.
DETECTING A CRYPTOJACKER
While cryptojacking is becoming
increasingly popular as a low-effort and
reliable money-maker for cybercriminals, it
is fortunately easy to identify and prevent
by using good security hygiene.
Good practices such as keeping sites
and systems regularly patched and
updated will see off most cryptomining
attempts. Any existing mining script can be
discovered with a thorough audit and
vulnerability scan, and future attempts to
compromise the site can be detected by
actively monitoring for attempts to access
and edit the web code. Taking action now
will help to prevent your network being
admitted to the unauthorised mining
community later on. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 21

OPINION
DIGITAL VISIBILITY
AS NETWORKS GROW IN
COMPLEXITY, FULL VISIBILITY IS
ESSENTIAL TO THE DELIVERY OF
DIGITAL PERFORMANCE.
RICHARD PIASENTIN, CHIEF
STRATEGY OFFICER AT
ACCEDIAN EXPLAINS
When a software application is
performing poorly or stops working,
the network usually gets blamed,
but it's not usually the culprit. According to
IHS, the network is at fault less than half the
time. To rapidly pinpoint the root cause, the
IT operations team need a detailed view of
how applications and the network actually
relate to each other. This is especially true in
the case of hybrid cloud applications that rely
on the coordination of physically diverse data
centres, clouds, and Software-as-a-Service
(SaaS) to deliver a responsive user
experience. As the network and applications
become delicately intertwined, there's a
growing demand for better visibility.
IDC supports this view, estimating that
$2.8 billion will be spent on network and
application performance monitoring
(N/APM) in 2018. But, for organisations
under pressure to transform, what are the
main considerations?
DRIVING DEMAND
For today's enterprises, IT and business
processes are becoming more complex.
New technologies and the capabilities that
digital transformation brings, such as
cloudification or DevOps, are increasing
this complexity and reducing visibility across
the network and application layer. To
maintain an acceptable user experience, it's
no longer enough for enterprises to manage
the network in its silo parts.
Today's highly distributed and heterogeneous
enterprise networks mean that enterprises
need monitoring solutions that embrace this
complex infrastructure and move away from
systems traditionally split into the separate
functions of network performance monitoring
and application performance monitoring.
While both have served their purpose, the
need to deliver means that both of these
network disciplines must be unified.
WHEN TWO BECOME ONE
Unifying network and application
performance monitoring will benefit
enterprises in several ways. First, the ability
to monitor network and application using
one platform provides IT teams with a single
source of truth. While traditional monitoring
solutions typically force teams to act in silos,
separated from each other, a unified system
promotes collaboration between teams.
Through this single platform, network
operations, development and business line
owners can understand the interactions
between infrastructure, application, and
user experience.
Then in turn, this single source of truth
becomes invaluable for reducing mean time
to resolution (MTTR). The holistic view it
provides allows IT teams to quickly pinpoint
impairments inside the application or
network chain, identify their scope and
origin, and escalate cases to the right team
with clear, supporting evidence. This
ultimately prevents degradations in the
network or application chain from impacting
the end-user.
POWER OF INSIGHT
These benefits go some way towards end-toend
performance visibility, but true granular
visibility is impossible without insight. By
unifying network and application
performance monitoring into one platform,
enterprises benefit from a wide-angle view,
across each and every layer. Not only does
this prevent gaps in coverage, but it also
enables enterprises to decode every layer
and application transactions, benefiting from
the insights that long-term historical trends
and trace-level diagnostics provide.
It's only by using a common monitoring
platform that enterprises will be able to
correlate common network behaviours and
patterns, understand how to predict failures,
and which steps to take to avoid them from
recurring. Ultimately, enterprises can only
solve degradations if they have a full picture
of their network and its application chain.
UNIFY OR DIE
While there are alternatives to unified
N/APM solutions, the reality is that
organisations failing to implement an
effective visibility solution will be unable to
maintain an adequate user experience. This
will be especially challenged as the
organisation digitally transforms.
Quite simply, enterprises do not have the
choice to opt in or out. N/APM is a must if
they are serious about delivering end-to-end
monitoring visibility. The solution is clear, the
case is made: it just needs implementing. NC
22 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

•
•
•
•

PRODUCTREVIEW
Allied Telesis Hybrid
Wireless Solution,
using the AP5403
Access Point
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
Wired network connections are
becoming less dominant. Persistent,
trouble free WLAN connections,
everywhere, is the default expectation. But it's
only now that vendors can offer solutions fit
for purpose.
Many WLAN networks are configured
around wireless cells, each using a different
channel (frequency) and susceptible to
interference. Mobile users rely on Fast
Roaming (802.11r) to retain connectivity: IP
telephony and wireless scanners for example.
Manual reconnection isn't acceptable - Fast
Roaming improved connection transfer time
from 200ms to less than 50ms, but it's still
too long.
Previously, Extricom created (patent now
owned by Allied Telesis) Channel Blanket
(802.11ac). Bonding multiple APs
broadcasting the same SSID, authenticated
users enjoy seamless connectivity throughout
the coverage range. Each Channel Blanket
AP listens to all in range devices, but only one
transacts. Where a user moves closer to
another AP, data handling responsibility
seamlessly transfers with a connection transfer
time of zero: Zero Wait Roaming.
Both architectures have merit, depending on
use case. The density of connected devices,
mobility and application sensitivity to
connection transfer will vary widely within a
physical space. Until now, a choice between
architectures often meant an unacceptable
compromise.
The AP5403 has three radios (2.4GHZ and
5GHZ) providing Hybrid Wireless. Within the
same environment, using the same APs, it's
possible to provision Cell and Channel
Blanket based Wi-Fi, offering new, powerful
flexibility, control and value without
compromise. In Cell architecture, connected
devices determine which AP to connect to,
but with Channel Blanket, because all APs
listen, they decide which one assumes
connection duty, ensuring that mobile devices
remain connected to the best AP.
IT could implement policies that, for
example, connect laptops to a cell WLAN
and mobile devices to a Channel Blanket for
reliable IP telephony. In some environments -
a warehouse for example - physical space
alters, impacting radio wave propagation.
Channel Blanket ameliorates this without user
intervention or awareness.
We used a four AP infrastructure and a WEB
GUI. We could have used the Allied Telesis
AWC plug-in to the AT-Vista manager EX, or
the admin port of an Allied Telesis firewall.
Familiar WLAN configuration options were
simple to set. Administration options and AP
capability mean this solution can scale across
the full range of WLAN applications.
With two LAN ports - one PoE - a DC jack
for external power, and a Kensington lock
port, this AP can be installed on a table,
wall or ceiling. It is the hybrid cell and
Channel Blanket ability that really make it
stand out.
Using a custom app to display our APs and
connected devices, we moved devices
around and could see them quickly and
seamlessly connect to the nearest AP. We set
up a phone-to-phone video conference and
detected no disruption as we moved.
The hybrid nature of this device makes it
an important asset in WLAN provisioning. It
can operate at scale and integrate with the
extensive Allied Telesis network range using
a single management interface, providing
scaled flexibility in diverse settings.
WLAN is advancing, and this hybrid AP
solution is simple to implement, manage,
and use - factors that might prove critical
when provisioning business class WLAN. NC
Product: Allied Telesis Hybrid Wireless
Solution
Company:Allied Telesis
Website: www.alliedtelesis.com
Email: uk_sales@alliedtelesis.com
Phone: 01793 501 400
Price: Subscription: based on throughput
and sites
24 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION
NETWORKING FAST
GIGABIT FIBRE IS STARTING TO
TAKE HOLD, AND IS JUSTIFYING
ITSELF BY DRIVING THE TAKE-UP
OF NEW SERVICES. KARIM TAGA
AND GLEN PERES OF ARTHUR D.
LITTLE PROVIDE AN OVERVIEW
We increasingly see deployment of
applications and services
provisioned using underlying
gigabit broadband infrastructure. This is
enabling people, machines and applications
to collaborate effectively and intelligently and
enhance their quality of life, improve
mobility, grow economies and empower
decision-making. Fibre optic broadband
infrastructure continues to be deployed
throughout the world: there are 20 plus
markets with at least 50 per cent fibre
coverage, and 8 plus markets with more
than 90 per cent.
We expect fibre rollout to expand to
more markets as non-telco operators such
as utilities, municipalities and private
equity firms also invest in fibre
infrastructure. Fibre take-up will continue
to increase and it will be driven by
effective migrations and competition for
higher speeds, in turn creating demand for
new and innovative services.
INTELLIGENT COLLABORATION
ENHANCES QUALITY OF LIFE
Deployment of applications and services
provisioned by underlying gigabit broadband
is enabling people, machines and
applications to collaborate in a new and
more effective way. The increasing
availability of fibre-based broadband is in
turn driving the take-up of other innovative
services such as gigabit-speed broadband to
the home, 4K TV, an increased share of
triple/quadruple play services and the use of
high-end gigabit routers. The recent
PyeongChang Olympics 2018 and FIFA
World Cup 2018 saw large-scale availability
of 4K live sports content broadcast in more
than 30 countries for the first time.
Google WiFi was one of the first to
popularise high-end routers in 2016, and
Singapore was one of the first countries to
bundle high-end routers (for example,
StarHub providing Google WiFi routers to its
customers) with 12 and 24 month contracts.
Ooredoo Qatar also provides Netgear Orbi
mesh WiFi routers to its customers with
attractive multi-year contract options.
FIBRE TAKE-UP DRIVES
INNOVATIVE SERVICES
Fibre take-up has shown a big jump since
the 2016 edition of our "Race to gigabit
fibre" report, largely driven by effective
migration and competition. Fibre markets
are increasingly becoming demand driven
instead of supply driven as they were in the
past. As customers demand higher
broadband speeds, demand for fibre also
increases. Markets that have shown the
biggest jumps in fibre take-up are Qatar,
Singapore, the UAE and New Zealand.
Success in fibre take-up in these markets has
been driven by migration and competition.
Fibre to the home, in turn, is driving takeup
of innovative services such gigabit
broadband, 4K TV and other ancillary
products. Telco operators are moving away
from providing just high-speed broadband to
also bundling services enabled by this highspeed
broadband. As telecom operators
increase their presence inside their
customers' homes with high-end WiFi routers
and services such as 4K TV, this might
become an ideal platform from which to
deliver future smart-home services.
FIBRE GROWTH WILL EXPAND
OUTSIDE TELCOS
We have seen fibre rollout continue to
increase in most markets. The most common
model used for fibre deployment continues
to be incumbent led with government
support. We believe successful fibre
investments are built around partnerships
with the government, investors,
municipalities, or other operators.
There are still some markets which have not
yet shown large gains in fibre deployment:
examples include the UK, Germany, Austria
and Italy. In such markets, non-telecom firms
are making inroads into fibre deployment,
investing into the gigabit future of their
respective markets. A recent success story is
that of open fibre, which announced an
ambitious plan to roll out fibre to more than
18 million homes in Italy with funding of 3.5b
euros from various banks in August 2018 to
fulfil its business plan. We will have to watch
and see who will take the lead. Customers
are demanding higher speeds, and telecom
operators will have to act soon. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 25

OPINION
MOVING RECOVERY
TO THE CLOUD
DAVE PACKER, VICE PRESIDENT
OF PRODUCT AND ALLIANCE
MARKETING AT DRUVA MAKES
THE CASE FOR MOVING DATA
MANAGEMENT TO THE CLOUD
TO SUPPORT SOFTWARE-AS-A-
SERVICE APPLICATIONS
The use of cloud-based applications
continues to grow at pace. Microsoft's
Office 365 now has over 135 million
active business users and they expect more
than two thirds of their business customers to
be in the cloud during the next fiscal year.
Use of other Software-as-a-Service (SaaS)
applications such as Salesforce and Google
G-Suite is also showing decisive growth.
The data that these SaaS applications
create has to be protected from loss,
corruption and accidental deletion, just as if
you they were running on-premise.
Traditionally, business continuity and disaster
recovery planning would be predicated on
protecting identified data against identified
risk. This approach must also be applied to
SaaS application data as well as application
availability and response.
MEETING DATA NEEDS
For companies that have already moved to
cloud applications, and for those planning
their move, several elements should be
considered. Check the contract with your
cloud service provider concerning data and
management. Alongside general security and
privacy management standards, confirm how
data is protected for your benefit, and how it
can be recovered when you need to.
If this does not reflect your existing disaster
recovery plan - and it's likely that there will be
significant differences - analysis will identify
the weak spots. You can then bridge these
with appropriate data management
processes and tools.
You must also confirm how long your cloud
provider will take to recover data and make
sure that this is acceptable. For most cloud
applications, this can be much longer than
your existing service level agreements or
recovery time objectives. For example,
recovering data from Salesforce takes around
a month. It's therefore more effective to
manage your own data protection and
recovery and control your recovery objectives.
CHALLENGING DISASTER
The way we think about disasters can also be
a challenge. Cloud service providers
normally have higher redundancy than
traditional data centres, reducing the impact
of big disasters. However, most DR incidents
are due to issues caused by the loss of
information through individual error,
accidental deletion, or files being overwritten.
These are much more likely to regularly affect
business operations and cause interruption.
Data corruption can also take place
through ransomware or malicious deletion.
For the cloud providers, spotting these
mistakes or unauthorised actions is difficult in
the context of the many daily legitimate
activities. Guarding against this might mean
making your own copies of the data you
create. If the need arises, you can then
recover that affected data on your own terms.
At this point, it's worth considering how far
along you are in your journey of data
management. For new companies that are
born in the cloud, managing cloud data is
easier. For larger companies with existing IT
assets and infrastructure, things may be
more complicated.
CLOUD-BASED RECOVERY
Consolidating your data management for all
your systems, from cloud applications
through to virtualised environments, PCs and
internal applications, should help overcome
this challenge and make good management
practice achievable. It should help to meet
your recovery objectives across all data and
improve visibility as well. By applying one set
of policies, you create a disaster recovery
capability that is manageable and affordable.
One option could be to move some or all of
your data management to the cloud, relying
on cloud services to protect your SaaS
applications and your internal IT: it makes
more sense than bringing that SaaS data
back from the cloud for backup.
Cloud applications can help you to improve
IT services for the organisation. However, you
must not overlook risk management and
business continuity. With care, cloud data
management can deliver the right
combination of agility and security for
important data. NC
26 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

SECURITYUPDATE
THE SERVER THREAT EXPOSED
BECAUSE OF THEIR BACK OFFICE AND CLOUD
LOCATION, SERVER PROTECTION HAS NOT
RECEIVED ADEQUATE ATTENTION. PAUL MURRAY,
PRODUCT DIRECTOR AT SOPHOS CONSIDERS
SERVER-SPECIFIC THREATS AND POSSIBLE
RESPONSES
Servers are the crown jewels in the IT
estate of any organisation. They
represent a large target with a rich
pay off and cybercriminals know this, so
they increasingly target them.
According to SophosLabs, exponential
damage is one of the main threats.
Because servers contain mission critical
data and are the daily workhorse of
organisations, a well targeted attack could
devastate an organisation. Consider, for
example, an endpoint that is compromised
by the likes of WannaCry or SamSam. This
will cause huge inconvenience, damage
productivity and create immediate, direct
and indirect costs. However, if the same
attack strikes a server with thousands of
vital and critical files, the issue is
significantly compounded. Indeed,
targeting file servers is a tactic used by
some cybercriminals because they know
they can demand higher ransom payments.
BEYOND RANSOM
And it does not end with the ransom
threat. When cybercriminals infect the
servers of an organisation with malicious
code, or exploit vulnerabilities to gain
access, they can then dive deep into the
network. They have secured a platform
from which to inflict some serious damage.
Servers are very often the final destination
of an attack mounted to steal sensitive
company information that is specifically
useful for spear-phishing programs.
Perhaps worst of all, this access itself is a
commodity for sale on the Dark Web,
which means that the damage can
continue being inflicted long after the
breach is resolved.
Add to this the new challenge of large
scale cryptojacking, where breached
servers act as proxies to redirect traffic to
malicious websites and install cryptominers
on server farms and cloud accounts to
generate cryptocurrencies at scale. Here
they are stealing CPU, RAM, electricity and
other resources.
For organisations with direct visibility of
their servers, the immediate impact of
cryptominers on performance is a clear
indicator of compromise. But for larger
enterprises with extensive global facilities
including cloud services, the distributed
pools of computing provide great cover for
cryptojackers to hide in. By spinning up
servers in other regions, often invisible to
the end user until they receive a bill,
cryptojacking cybercriminals have a short,
but lucrative window of opportunity.
SPECIFIC RESPONSE
Whilst endpoint security is now thankfully
common, server specific security is often
conspicuously absent. This is typically
because businesses don't want to deploy a
security agent on a server and risk
impeded performance. This legacy of older
technologies causing poor performance is
thankfully resolved by new, lightweight
next-gen technology.
This protection includes predictive, deep
learning neural networks that can predict
new attacks as well as the occasions of
cybercriminals just getting lucky. For
example, WannaCry saw servers suffer
accidental collateral damage.
The predictive element of deep learning
neural networks, trained on hundreds of
millions of samples, looks for suspicious
attributes of malicious code and prevents
never-before-seen attacks. This also learns
as it goes to provide constantly evolving
protection for servers.
One other important area of the server
specific response is that of developing
whitelisting into a full, operational server
lockdown. As plentiful, virtual servers can
be set to run very specific tasks - a given
set of applications for example - this
expected behaviour and technology profile
enables a business to double down on the
security. Knowing how a server should
normally behave, it can be locked down
into a known good state where only those
legitimate applications and trusted updates
can take effect.
The fact that cybercriminals assess how
servers are utilised, what's stored there and
what can be leveraged for multiple crimes,
demonstrates the critical need for serverspecific
security. This response is growing
and businesses are beginning to
appreciate the need to protect these
important IT assets. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 27

OPINION
TAKE IT ON THE CHIN?
ARE BRITISH BUSINESSES FIRING EMPLOYEES UNFAIRLY AS A
RESULT OF POSSIBLE DATA BREACH NEGLIGENCE? IAN
OSBORNE, VICE PRESIDENT UK & IRELAND AT SHRED-IT, TACKLES
THIS THORNY ISSUE
We all know that humans are
invariably the weakest security
link, and data breach after data
breach reminds us of this fact. It may be
an inevitable reality, but it is often a
frustrating one for those responsible for
networks. After all of the hard work and
dedication that comes as part and parcel
of maintaining the security and integrity
of a network, it's understandable that
networking professionals and business
leaders alike take simple data security
mistakes pretty badly.
Research from Shred-it and Ipsos
conducted early in 2018 found that
nearly a third of businesses that suffered
a data breach, have terminated a
negligent employee's contract as a result.
Is that a fair response?
Clearly, a sense of accountability is
required, and the seriousness of
maintaining best practice needs to be
underlined now more than ever given
GDPR. Many will feel that the only way
to do that effectively with employees is by
making a strong example of those that
are negligent.
It is easy to think this way. After all,
many of the most common attack vectors
that bring down networks and lead to
data breaches could seemingly be
prevented by common sense. Think twice
before clicking on an email link to
ensure the source is trusted, don't use
public Wi-Fi to access confidential
information or work systems, etc. The
trouble is, its common sense not to leave
the fridge door open or leave the car
lights on, only to return to spoiled food
or a car that won't start, yet many of us
have done these or similar things. We
are busy, we are human and we make
mistakes. If we want to prevent routine
mistakes in data security, businesses must
train people to be ever vigilant and make
best practice a habit - something they
currently do not do.
In our research, just over half of large
British businesses have trained their
employees on using public Wi-Fi, but only
70 per cent provided training on
identifying fraudulent emails: the latter
was the highest response concerning
critical security training. Overall, just 46
percent of small businesses offer any of
the key employee training that is
necessary at all, with only a quarter
having provided training on the use of
public Wi-Fi and a third having offered
training on identifying fraudulent emails.
In addition, two-thirds of large British
businesses and a quarter of small
business owners have offered their
employees specific GDPR related training.
As an employee sacked for clicking on
a spear phishing attack based on an
apparently authentic email from their
boss, for example, would you have a
right to feel aggrieved if you had never
received any training on how to identify
fraudulent emails? Opinion will be split,
no doubt. That is why it is important that
we have a debate and that
representatives from IT, HR, and the C-
suite consider the question.
It is my personal view that enhanced
training has the benefit of building better
trust with employees. Team members will
feel supported and also understand their
responsibilities in terms of safeguarding
and information security. It will also
reduce the likelihood that network
security can be undone in the simplest of
ways. Fundamentally, demonstrating that
these training steps have been
universally implemented will help to
make a better response to the ICO in the
event of a data breach; simply saying
that you have sacked a low-ranking
employee may not impress.
It's time for you to decide. Should
simple data security mistakes that lead to
a data breach always lead to the
dismissal of an employee, or should
organisations accept that this issue isn't
going away, and take responsibility to
better train staff? NC
28 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION
OMINOUS CLOUDS
BUILDING THE NETWORK TEAM INTO THE CLOUD
WILL IMPROVE BUSINESS OUTCOMES. STEVE
BROWN, DIRECTOR OF PRODUCT MARKETING AT
VIAVI SOLUTIONS LOOKS AT THE KEY FINDINGS
AND TAKEAWAYS FROM A RECENT STUDY
Now in its eleventh year, the State of
the Network is conducted annually
amongst enterprise network
engineers, IT directors and CIOs. This
year the study found that while enterprise
clouds flourished, IT teams were unsure
how to handle the associated cloud
migration challenges.
Enterprises are losing control of
infrastructure and services that are
migrating to the cloud. Concurrently they
are also trying to support staff working
remotely, maintain performance and
resolve issues.
ENTERPRISE DILEMMAS
65 per cent of respondents to our recent
study said that network teams were
responsible for troubleshooting cloud
issues, 24 per cent said they were not, while
11 per cent were unsure. This is happening
because network teams are not being
engaged during the initial migration to the
cloud, which causes unnecessary confusion.
Decisions are being taken in business unit
silos and network teams are only called on
after an incident occurs.
This year, and last year, the majority of IT
professionals revealed that their top
challenge was determining whether
problems were caused by the network,
application or system - especially
concerning remote staff. This issue was
deemed by network teams to be more
critical than handling bugs and patches or
managing latency and bandwidth issues.
NEW ENTERPRISE APPLICATIONS
Over the past 12 months, 79 per cent of
those surveyed deployed new server
virtualisation technology, 60 per cent for
private clouds, 56 per cent for public cloud
and 43 per cent utilised SDN. This has been
a major headache for network teams who
must now grapple with this dramatic growth.
As enterprises grow more reliant on the
cloud, so does their need for bandwidth.
42 per cent of enterprises expect their
demand to grow between 51-100 per cent
from 2018 to 2020. Sustainability will be
a challenge.
The key takeaways from this year's study
suggest that IT must be engaged at the
onset of any cloud migration program.
Also, engineers should be able to provide
analytics and metrics, no matter whether it is
a private, public or hybrid cloud. IT teams
are finding that many network tools can't
provide performance insight into most SaaS
applications. This hampers efforts to identify
and rectify user problems.
CLOUD IMPAIRED VISIBILITY
Network engineers must have full visibility
and insight into every aspect of the journey
for each application, from the user, right
through the cloud, to the data centre, and
then back. Network teams must have the
capability to conduct performance analysis
from any local data centre to any SaaS
resource. This is critical, as more than 90
per cent of enterprises have staff accessing
their network remotely.
When remote users encounter problems,
they tend to complain about issues with a
high level of subjectivity, making it difficult
for network engineers to verify and
troubleshoot erratic issues and optimise
performance. Different use cases require
different data and insight, from active
testing, to metadata, to trending and
baselines. With better intelligence IT teams
can quickly drill down to granular packetlevel
data for root cause analysis.
This year's State of the Network paints a
picture of network teams struggling to tame
enterprise infrastructure and services as
demand for cloud services grow at a
phenomenal rate. The study mirrors the
findings from a recent Gartner report, which
estimated that the public cloud market could
grow to $186.4 billion in 2018 - up over
20 per cent from 2017. The Infrastructure
as a Service (IaaS) segment grew the fastest.
With a plethora of applications and
protocols to manage, there are issues with
interoperability. Virtualisation and cloud
technology might make life agile and easy
for users, however the clouds have
darkened the outlook for many IT and
networking teams. NC
30 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION
THE CURRENCY THREAT
MUCH IS SAID ABOUT CRYPTOCURRENCIES. LESS IS UNDERSTOOD
REGARDING THEIR INSIDIOUS PRESENCE IN NETWORKS. FABIAN
LIBEAU, VP EMEA AT RISKIQ DISCUSSES THE VULNERABILITIES OF
THE CRYPTOCURRENCY LANDSCAPE
There is no doubt that the
cryptocurrency landscape is
booming, but with the massive
growth in the value of cryptocurrencies
comes an increased risk to those investing
in them. We are currently seeing
cybercriminals actively augmenting their
activities in this space with phishing and
fraudulent cryptocurrency mining proving
to be popular tactics.
Cybercriminals are always developing
new ways to ply their trade, or new
methods to deploy the more classic attack
vectors within new environments. This can
be seen in recent phishing tactics used to
trick Ethereum investors. One approach
we reported on was a phishing automated
transfer system (ATS) dubbed MEWKit
which targeted users of the Ethereum
exchange MyEtherWallet. This attack used
a phishing page mimicking the
MyEtherWallet site and a server-side
component that handles the wallets to
which attackers transfer stolen funds. The
attackers exploited the fact that investors
were given direct access to
MyEtherWallet's Ethereum network
through their browser - functionality that
means that there were few hurdles
between the attackers and a payday.
We also reported on a fake Telegram
MyEtherWallet support group which
currently has over 9,000 members. The
cybercriminals used phishing tweets to
their members urging them to download a
new official MyEtherWallet Android app
which in fact decrypts and steals their
credentials, giving the criminals access to
their account. Gone are the days where
phishing attacks consisted of badly written
emails directing people to poorly
designed websites. Today cybercriminals
use a combination of social media,
mobile apps and well-designed websites
to catch victims off-guard.
In addition to crypto-theft,
cybercriminals have discovered a new way
to exploit the crypto-craze through
cryptocurrency mining. According to some
of our research, more than 50,000
websites have hosted the mining service
Coinhive in the past year, and recent
research into the websites of FT30
companies uncovered 11 instances of
Coinhive still active. By installing
JavaScript code that mines cryptocurrency
using the computing resources of website
visitors, Coinhive allows actors to
monetise the online sessions of
unassuming website visitors.
The reason cryptocurrency mining is on
the rise is due to the extreme levels of
costly computing power needed to mine
even a single coin. To bring their costs
down, cybercriminals are siphoning
computing resources from unwitting users
across the internet by hosting
cryptomining scripts on highly visited sites.
While some brands knowingly capitalise
by running cryptocurrency mining scripts
in the background of their own websites to
leverage the computers of their visitors
legally, threat actors exploit this blind spot
to hack vulnerable sites or spin up fake,
illegitimate websites, often using
typosquatting domains and fraudulent
branding. It is not uncommon for
organisations to be completely unaware
of these activities.
Our research has shown that some
cryptomining scripts illegally hosted on
popular sites have been active for over
160 days. The success of cryptomining
activities clearly highlights the fact that
organisations lack visibility into the
components running on their websites and
into brand infringing domains being
registered and exploited by others. These
assets form part of an organisations'
digital attack surface which now needs to
be defended alongside the more
traditional network and endpoint security
activities that have been the primary focus
of security teams for some time.
It is unlikely that the cryptocurrency
landscape's expansion will show signs of
slowing down anytime soon, and the
potential gains will continue to attract
opportunistic investors and cybercriminals
alike. Both organisations and investors
need to up their game in order to defend
themselves - organisations by increasing
their visibility into how their Internet assets
are being exploited, and investors by
increasing their vigilance through
understanding the current tactics being
used against them. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 31

SECURITYUPDATE
THE INTELLIGENCE NETWORK IS LAUNCHED
IT IS TRUE THAT CYBER DEFENCE TENDS TO BE PERSONAL - AFTER
ALL, WHO CAN YOU TRUST? JAMES HATCH, BAE SYSTEMS APPLIED
INTELLIGENCE, CYBER SECURITY DIRECTOR INTRODUCES A NEW
WAY TO COLLABORATE
Collaboration between public and
private sectors is of critical
importance when it comes to
fighting cybercrime, but there is another
relationship that is just as important: that
which exists between large and small
organisations. It is with this in mind that
The Intelligence Network was launched in
July 2018. It is an initiative to safeguard
society in the digital world and aims to
engage, unite and activate a global
community of security professionals and
industry influencers from organisations of
every size.
SMALL ORGANISATIONS
It's no secret that we don't always
collaborate well when tackling
cybercrime, but what is often overlooked
is the impact at a grass roots level.
Economic incentives and the buying
power of the largest organisations add
further complexity and impose a divisive
layer in the cyber security marketplace:
many small organisations are excluded.
As the world wakes up to the need for
effective cyber security, small
organisations are being left behind. They
don't receive the necessary support and
struggle with integration and
implementation. This is a problem, as
small organisations are targets for
hackers on their own account and as a
means to access the networks of their
customers. We must break down this
segregation and encourage a
collaborative model that works for all
organisations and creates collective ways
of dealing with the threats we face.
The Intelligence Network is an initiative
that aims to safeguard the digital world
and empower the entire community.
Rather than taking a reactive approach
and being vulnerable to criminal
demands, companies must ensure they
are proactive, prepared and resilient. And
what better way to achieve this than by
collaborating as a community?
SUPPORT FROM SMALL
Some companies fail to defend
themselves against cybercriminals simply
because they are too slow to react. There
are valuable lessons to be learnt from the
agility that small organisations
demonstrate.
For example, the default assumption is
that cyber criminals are quicker and more
advanced than those trying to counter
them. It is true that cyber criminals use
creativity and collaboration to operate at
the cutting edge of technology, but small
organisations often do the exact same
things and can move just as quickly as
attackers. Cyber security in the long-term
needs a new and radical approach, as
well as rethinking and reengineering, but
for established organisations the dynamic
pace can be more of a challenge.
What's more, business diversity can be
an advantage - large organisations have
their perspective on the world, problems,
and solutions and younger companies
have theirs. Small organisations offer a
passion and drive to share their
technology. They play by a different set of
rules, allowing them to do things in a way
that larger companies wouldn't or can't.
Because of their nature, small
organisations and start-ups alike are in a
better position to innovate new ways to
solve universal problems.
CRITICAL COLLABORATION
Cyber defence is a communal duty, for all
organisations. Only by taking a more
united stand against cybercriminals can
organisations of all sizes expect to win the
cyber-war. After all, the size of an
organisation does not prevent it from
being a target.
I encourage small organisations to join
The Intelligence Network. The traditional
structures through which we think about
organisations are becoming obsolete in
the digital age and organisations must
move away from working only for
themselves. For this collective cyber
immune system to become a reality, we
must have a level playing field where
enterprises can work together inclusively.
Working in siloes creates criminal
opportunity. We must develop not only
technical defences, but also a collective
sense of responsibility that transcends
organisational size and boundaries: a
unified response to cybercrime for the
benefit of all. NC
32 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION
IP CCTV: THE NETWORK CHALLENGE
IP CAMERAS ARE EASY TO CONNECT. HOWEVER THEIR EFFECT ON
AN EXISTING NETWORK CAN AT BEST BE UNPREDICTABLE. DAN
BARRERA, GLOBAL PRODUCT MANAGER FROM IDEAL NETWORKS
EXPLAINS HOW TO OVERCOME THIS
Because IP CCTV cameras connect to an
Ethernet LAN, business users often
install camera systems onto their
existing network to reduce costs. However,
doing so requires that there is a large and
sufficient amount of available bandwidth.
Without enough bandwidth, installing
cameras will only congest the network and
disrupt existing network services and the
employees that use them.
When adding IP cameras to a network there
are three things to carefully consider, and
each in its turn will affect the amount of
bandwidth that is required to provision a good
service and avoid adverse impact. The first
consideration is the number of cameras. Each
requires a certain amount of bandwidth, so
more cameras exert more pressure on the
network. Next is the image size. Depending
on the application, cameras can record using
low or high-resolution video (mega-pixel
specification) and this again will affect the
volume of data being transmitted. And then
there is compression, determined by what
CODEC and video frame rate is used.
Bandwidth could be saved by increasing
compression, but this will result in choppy and
blocky video which may not be acceptable for
the required application.
There are alternatives to consider when
deploying IP cameras. Using the existing
network is simple and low cost but without
careful planning it will create problems for
other network systems and might deliver poor
quality video. Creating a separate network, on
the other hand, will ensure that cameras are
given dedicated bandwidth and do not impact
the production network. Additional equipment
and infrastructure will obviously increase costs,
but could also help with network security.
If these options aren't suitable then Virtual
LANs (VLANs) might be the answer. Operating
on production network hardware, VLAN uses
software to segregate the virtual network,
which allows bandwidth to be dedicated to the
CCTV system, with the rest available to the
production network. Because it is planned and
managed, congestion is avoided - providing
that the overall available bandwidth is
sufficient of course.
PERFORMANCE
No matter which option is chosen, IP CCTV
cameras can still suffer performance issues,
and when troubleshooting, there is a
knowledge gap among installers and
integrators. IP cameras require a totally
different troubleshooting process to analogue
cameras in order to identify why, for example,
image quality is poor.
A common complaint is that video is choppy
or pixelated. IP cameras detect congestion on
the network and will automatically
compensate by lowering their output
bandwidth by reducing the frame rate or
increasing compression, resulting in poor
quality video. However, at the network level,
the camera settings may look totally fine and
not reflect the characteristics of the actual
video stream.
To avoid this, integrators should stress test
the network before installation. Network
transmission testers are available with IP
CCTV functions that allow installers to input
network and camera details and simulate
how the network will cope before anything
is installed.
It is then possible to see how adding CCTV
to the network will work, allowing options to
be carefully considered. The measurements
and statistics will inform the decision and
prevent adverse performance, call-backs, and
disrupted users.
WHAT'S NEXT?
Ever higher-resolution cameras are entering
the market, but without the network to support
bandwidth requirements they will not ensure
better quality. This may drive a need for
separate networks, and for installers to
properly understand them.
Those installing or updating IP CCTV
cameras should also be aware that the
industry is moving from H.264 to H.265
video compression protocol and should select
test equipment that can support this. H.265
offers more efficient compression, and
provides good quality video from less
bandwidth. Consider the latest H.265
products from the outset. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards SEPTEMBER/OCTOBER 2018 NETWORKcomputing 33

OPINION
STITCHING UP THE
CLOUD
MULTIPLE CLOUDS ARE AN
UNFOLDING REALITY, BUT THERE
IS AN INCONVENIENT TRUTH.
MATTHEW PARKER, UK SALES
DIRECTOR AND COUNTRY
MANAGER AT INTERCLOUD,
EXPLORES THE ISSUES
Cloud computing is now so
pervasive for individuals and
organisations, especially those
whose operations depend upon the likes of
Salesforce, Amazon, and Microsoft, that its
basic premise is well-accepted, established
and little challenged. But as the variety of
cloud platforms proliferate in an
enterprise, an inconvenient truth emerges,
namely that multiple clouds can give rise
to a very unsatisfactory user experience,
with poor performance, unavailability of
relevant data across applications and even
compromised security.
Problems with cloud proliferation have, at
their root, the patchwork nature of our
existing enterprise computing architecture.
As the Cloud Industry Forum has said,
"Every cloud is built differently" and data
doesn't necessarily flow easily across
multiple clouds. However, data is the
lifeblood of successful enterprise, and if it
can't get to the extremities where it's
needed, in a timely way, then those
extremities will start to develop the
business equivalent of organ failure.
Business agility will suffer, or, worse, users
will start operating with inaccurate or
insecure data - and the enterprise as a
whole is placed at risk.
The key challenge, therefore, is not just
migrating to the cloud, but, once there,
ensuring that the different cloud platforms
can communicate and that data can pass
easily and safely between them.
Cloud Service Providers (CSPs) don't
necessarily help this situation - each CSP has
a vested interest in attracting as much
business as possible to its own platform,
rather than cooperating with others. In turn
the IT function has the unenviable task of
stitching together disparate cloud
environments, adding, shifting and discarding
pieces of the patchwork as the organisation
evolves and users come and go.
Faced with this cloud-to-cloud scenario,
there are three key things the CIO should
seek: the ability to connect cloud
environments as easily as possible; the
need to make sure that this is done
securely; and to accomplish both of these
quickly. Business agility is very often
dependent upon the right supporting
technology being in place at the right time.
There's no point in having the best solution
if your competition already had it six
months ago.
Larger pipes from each of your various
CSPs is, at best, a partial solution and not
the most cost-effective approach - and you
may end up struggling to prevent your own
network becoming the bottleneck that
slows data transfer between your various
CSPs. If you want to get solutions live as
quickly as possible, application
segregation is the key; it's the applications
that support the business, so line them up
against a holistic view of the business
goals to enable a clear view of data
access requirements. Also, look for a way
to connect your various CSPs at the
periphery of your network, to minimise
traffic across it.
Finally, ensure that you find a way to
extend your organisations' security policies
to cover the cloud applications and
services that your business needs to be
agile, efficient and secure. NC
MULTI CLOUD CONSIDERATIONS
Treat this issue holistically and focus
on the business problem you are solving
Priority must be connecting cloud
environments quickly and securely
Application segregation can
efficiently prioritise cloud apps: their
importance is not equal to the business
Connect CSPs at the network edge
or cloud platform to reduce network
overhead
Work only with CSPs with relevant
expertise, and then only connect to
cloud platforms that support your
security policies.
34 NETWORKcomputing SEPTEMBER/OCTOBER 2018 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

europe
3-4 October 2018,
ExCeL London
CO LOCATED AT
DIGITALTRANSFORMATIONE PO
INCORPORATING
REGISTER
NOW
EUROPE’S NUMBER ONE
ENTERPRISE IT EVENT
CYBER SECURITY
DEVELOPER
AI-ANALYTICS
INTERNET OF THINGS
BLOCKCHAIN
SIX EVENTS UNDER
ONE ROOF
OVER
16,000
VISITORS
ACCESS PLUS PASS
+
300
EDUCATIONAL
SEMINARS
New for 2018, Access Plus offers exclusive access to the
AI, Analytics, Blockchain & IOT Theatre – HURRY,
Early Bird ends 14th August!
2 DAYS
packed with content
and opportunities
REGISTER NOW
Find out more at ipexpoeurope.com
300
+
EXHIBITORS
View exclusive
product launches
CONFERENCE & EXPO PASS
Register now for access to selected
theatre sessions and exhibitions