NC May-Jun 2022

NETWORKcomputing
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk
ZERO TRUST: THE TRUTH IS OUT THERE
Do you believe in your network security architecture?
REMOTE CONTROL
A resilient approach
to hybrid working
GOING CLOUD-NATIVE
Is a brave new world on
the horizon?
CAPITAL GAINS
How a London-based IoT
project could benefit us all
MAY/JUNE 2022 VOL 31 NO 02

COMMENT
COMMENT
TRUST ISSUES
Working from home kept so many of us safe during the Covid-19 pandemic - but
can the same be said for our networks? With the pandemic receding and hybrid
working here to stay it's starting to feel like the network perimeter is now a thing of
the past. We have embraced the flexibility of remote working but with that comes an even
greater need to ensure that employees aren't the weak link when it comes to keeping the
network secure. "Even before the pandemic, the safeguarding of corporate networks was a
high priority for IT teams," writes Rodolphe Harand at YesWeHack in his article on hybrid
working in this issue. "Now, with the rise of hybrid working, IT team concerns have only
amplified as more employees are using unsecured public Wi-Fi networks in places such as
coffee shops, hotels and libraries."
If so many of us are now moving away from legacy networks, both literally and metaphorically,
then the onus of security has to come with us. "The truth is that legacy security solutions
cannot support a zero trust network," according to Matthew Margetts at Smarter
Technologies in his article on Zero Trust. "In the legacy model, security measures are reliant
on a closed perimeter security model that assumes that all users and applications are coming
from the same network location and entry points. This approach is no longer sufficient,
which is why Zero Trust security is becoming the preferred network security architecture."
With a Zero Trust security architecture we are all treated as outsiders to the network,
regardless of our location. "Everyone now sees that the real need is not for users to access
networks, but rather just to access the applications as though they are all cloud accessible.
That's the Zero Trust-based future for us all," according to Kevin Peterson, Senior
Cybersecurity Strategist at Xalient. "Most enterprises realise that it is time to enhance remote
access strategies and eliminate sole reliance on perimeter-based protection, with employees
instead connecting from a Zero Trust standpoint. However, most organisations will find that
their Zero Trust journey is not an overnight accomplishment - particularly if they have legacy
systems or mindsets that don't transition well to this model."
For Paul German at Certes Networks a High Assurance SD-WAN framework is the ideal
way to facilitate Zero Trust: "There are no constraints on network redesign; no barriers to the
types of data or applications that can be migrated to the cloud, which ensures both operational
agility and a consistent data security posture that can evolve throughout the Digital
Transformation journey, from on premise, through hybrid, to the cloud." It's a move that Paul
urges the UK Government to make in this issue. Can we trust them to do the right thing?
REVIEWS:
Dave Mitchell
DEPUTY EDITOR: Mark Lyward
(netcomputing@btc.co.uk)
PRODUCTION: Abby Penn
(abby.penn@btc.co.uk)
DESIGN: Ian Collis
(ian.collis@btc.co.uk
SALES:
David Bonner
(david.bonner@btc.co.uk)
Julie Cornish
(julie.cornish@btc.co.uk)
SUBSCRIPTIONS: Christina Willis
(christina.willis@btc.co.uk)
PUBLISHER: John Jageurs
(john.jageurs@btc.co.uk)
Published by Barrow & Thompkins
Connexion Ltd (BTC)
35 Station Square,
Petts Wood, Kent, BR5 1LZ
Tel: +44 (0)1689 616 000
Fax: +44 (0)1689 82 66 22
SUBSCRIPTIONS:
UK £35/year, £60/two years,
£80/three years;
Europe:
£48/year, £85/two years £127/three years;
ROW:
£62/year, £115/two years, £168/three years;
Subscribers get SPECIAL OFFERS — see subscriptions
advertisement; Single copies of
Network Computing can be bought for £8;
(including postage & packing).
© 2022 Barrow & Thompkins
Connexion Ltd.
All rights reserved.
No part of the magazine may be
reproduced without prior consent, in
writing, from the publisher.
GET FUTURE COPIES FREE
BY REGISTERING ONLINE AT
WWW.NETWORKCOMPUTING.CO.UK/REGISTER
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 03

CONTENTS
CONTENTS
M A Y / J U N E 2 0 2 2
IoT IN THE PUBLIC SECTOR...19
Tim Kidd at Hitachi Solutions shares his
experience of working on a leading London
IoT project, and Nick Sacke at Comms365
explains how IoT can help overcome the
challenges now facing local authorities
ZERO TOLERANCE...............12
Our Zero Trust feature looks at how
enterprises can no longer assume they have
full control over closed networks, and
explains why a Zero Trust architecture is the
ideal way to mitigate a network breach
COMMENT.....................................3
Trust issues
INDUSTRY NEWS.............................6
The latest networking news
ARTICLES
BRIDGING THE TECHNOLOGY
SKILLS GAP.......................................8
By Ciara Campbell at Tenable
THE TRUTH IS OUT THERE................12
By Matthew Margetts at Smarter Technologies
ZERO TRUST ARCHITECTURE: FIVE
REASONS YOU NEED IT...................14
By Adrian Taylor at A10 Networks
IMPLEMENTING IOT TO ADDRESS
COUNTY COUNCIL CHALLENGES...20
By Nick Sacke at Comms365
THE FUTURE OF CLOUD-NATIVE....22
By Erez Yalon at Checkmarx
GOVERNMENT CLOUD
ON-RAMPING................................24
By Paul German at Certes Networks
THE DATA CENTRE IN 2022
AND BEYOND.......................32
The times they are a-changin’ for the data
centre, according to Peter Miller at ETB
Technologies
GOING CLOUD-NATIVE.......22
Our cloud feature this issue explains how
to best ensure that your cloud-native
solutions are secure and explores how to
unleash your untapped data potential with
a modern cloud strategy
A RESILIENT APPROACH TO
HYBRID WORKING..............34
Hybrid working presents a number of
security challenges for IT teams.
Rodolphe Harand at YesWeHack looks at
how to address them
LEVERAGING THE DATA DELUGE...26
By Laura Malins at Matillion
STRENGTHENING THE UK’S
CYBER RESILIENCE..........................28
By Mike Foster at VIPRE
CASE STUDIES
A SEAWORTHY SOLUTION..............16
How Seajacks migrated its business-critical
infrastructure with ServerChoice
LEADING BETTER LIVES WITH IoT....19
Tim Kidd at Hitachi Solutions shares his
experience of working on a leading Internet of
Things project in London
PRODUCT REVIEW
TREND NETWORKS LANTEK IV-S............9
EXAGRID X COMMVAULT EX84.......10
CLOUDCALL....................................17
PERLE IOLAN SCG.............................18
PROGRESS WHATSUP GOLD 2022......27
FLUKE NETWORKS FIBERLERT.........31
04 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

INDUSTRY NEWS
NEWSNEWS
NEWS NEWS
NEWS NEWS NEWS NEWS
NEWS NEWS
New Fluke HQ has the customer experience at heart
Fluke has launched its new European Headquarters in
Eindhoven, Netherlands, which includes a 400sqm
customer experience centre. For the first time, customers will
not only be able to see Fluke's range of world-class tools, but
experience using them in a variety of real-world applications.
The individual environments in which each of Fluke's tools are
used have been reimagined in the heart of the building. From
miniaturised electrical substations to small scale factories, a
scene has been set for each.
"The best way to offer training is to do so in a hands-on
environment such as this. If customers are unable to attend in
person, we can make demonstration videos to show the best of
our equipments," said Fluke Strategic support and training
manager, Eric van Riet. "It's working, our customers love it."
The environments include a small factory set up, an Industrial
Island complete with a motor driven pump pushing water in a
closed-loop system, a traditional data centre, as well as a
window into networking of the future with communications
cabling channelled through our ceiling tile infrastructure. There
is also a miniaturised high-voltage substation complete with
intricate 3D printed scale models and a tesla coil to simulate
partial discharge.
Hybrid working shifts priorities for IT teams
ManageEngine has unveiled the results of its new survey,
"The State of ITSM Two Years Into the COVID-19
Pandemic", following up on a similar survey conducted in
2020 to understand the challenges the pandemic has caused
for IT service teams. The latest findings indicate that
organisations are now grappling with a new set of problems
that were not previously deemed the top priorities.
With three-fifths of the workforce now working in a hybrid
mode, managing IT assets (46%) and communication and
collaboration (41%) have emerged as the biggest challenges.
Both jumped to the top spots, registering a positive difference
of 11% and 7%, respectively, when compared to the 2020
figures. The most significant shift in reported challenges was a
drop from 36% to 22% for securing company and client data
in a distributed network. This change is likely the result of the
proactive efforts of IT teams to ensure remote working risks
were minimised.
"ITSM teams played a critical role in ensuring that business
operations continued during the pandemic, from overseeing
BYOD policies and the provision of mobile assets to
implementing self-service features and chatbots, investing
more in business continuity planning and offering IT service
delivery and support," commented Kumaravel Ramakrishnan,
evangelist at ManageEngine.
A hardened approach to endpoint security
VIPRE has introduced Vulnerability and Patch Management
(Endpoint Hardening) to its Endpoint Security Cloud service.
These two features work together to give IT admins and
Managed Service Providers (MSPs) increased visibility into
network and device vulnerabilities, and enables them to apply
patches right from the intuitive management portal.
With the addition of vulnerability and patch management
VIPRE’s enhanced Endpoint Security Cloud give increased
visibility to the risks posed by third-party applications within an
organisation, while prioritising the weaknesses to address. It then
delivers embedded patch management to close discovered
vulnerabilities automatically while restricting other potential
attacks with intrusion prevention, DNS Protection, and URL
blockers. It also offers multi-layered protection, against file,
application, and network layer attacks. Through powerful
technologies such as signature-based detection, heuristic
analysis, and behavioural analysis, VIPRE Endpoint Security
Cloud proactively spots vulnerabilities, including zero-day threats.
Changes ahead for Cyber Certified Professional scheme
Responsibility for running the cyber security industry's Cyber
Certified Professional scheme has transferred from the
National Cyber Security Centre (NCSC) to the UK Cyber Security
Council. As part of its oversight role, the Council will be
reviewing the Cyber Certified Professional (CCP) scheme and
launching a six-month pilot to inform new chartered standards.
06 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

INDUSTRY NEWS
The Council, which has been formed to act as the voice of
the cyber security industry and has a key focus on creating
aligned standards and qualifications for the sector, will now
conduct a six-month review of the CCP scheme. As part of the
review, the Council will be running a pilot scheme of new
chartered standards for the industry. The Ministry of Defence,
NCSC and Department for Work and Pensions will be
participatingialong with existing qualification providers BCS,
APMG and CIISec.
KnowBe4 wins UK's Best Workplaces recognition
KnowBe4 has been recognised as one of the 290 UK's Best
Workplaces (2022) by Great Place to Work, the global
authority on workplace culture. "We are so proud to be
recognised as one of the UK's Best Workplaces this year," said
Stu Sjouwerman, CEO, KnowBe4. "Company culture is
something we strive to perfect every day by creating an
environment where open communication, transparency and
positive attitudes are valued."
To determine the 2022 UK's Best Workplaces list, Great Place to
Work performed rigorous evaluate hundreds of employee survey
responses alongside Culture Audit submissions from leaders at
each company. They then used these data insights to benchmark
the effectiveness of companies' employee value propositions
against the culture their employees actually experience. "This was
the best onboarding experience ever! From the recruiting/interview
process to onboarding and training, I felt so supported and
welcomed. The company culture is amazing and they really do like
to have fun. I love the transparency and the overall opportunities
to continue to learn," said a KnowBe4 employee.
Progressing Managed File Transfers with MOVEit 2022
Progress has released its secure, automated Managed File
Transfer software, Progress MOVEit 2022, which can be
deployed both on premise and in the cloud. Progress MOVEit
is used by thousands of organisations worldwide and enables
users to manage, view, secure and control all file transfer
activity. The new release includes an add-in for Microsoft
Outlook and advanced security and usability features.
"With MOVEit 2022, users can manage all of their sensitive
data transfers between partners, customers, users and systems
from a single pane of glass, giving them complete visibility and
control over where data goes and ensuring the highest levels
of security," said John Ainsworth, EVP Enterprise Application
Experience Products, Progress.
Talend Data Fabric enhancements boost data health
Data integration and management vendor Talend, based in
Maidenhead, has updated its namesake data fabric all-inone
data management solution. By understanding data health
by dataset groups, these new features, which are set to be
available from June, will help businesses analyse combined
data quality metrics to evaluate data trust at macro and micro
levels, across networks - including all datasets, customisable
groups of datasets or individual datasets.
Talend Trust Score, which was introduced by Talend in 2020,
helps businesses assess the quality of their datasets. The 2021
iteration added the ability to measure trust of data shred by
APIs. With the new update Talend Trust Score can now provide
a micro- or macro-level quality visualisation into datasets.
Users can also see the impact of data interventions and detect
how data quality has changed over time. In addition to Talend
Trust Score updates the new update accelerates productivity
with collaborative workflows that can serve as a conduit
between users at different technical levels.
Intel-based accelerators for new Supermicro solutions
S
uper Micro Computer, Inc. has launched a range of new
systems that include two new Intel-based accelerators for
demanding cloud gaming, media delivery, AI and ML
workloads, enabling customers to deploy the latest
acceleration technology from Intel and Intel Habana. The
Habana LabsGaudi2 (above) excels at a range of workloads
that include vision applications such as image classification,
object detection, Natural Language Processing (NLP) models,
and recommendation systems. The new AI Training server will
be the first commercial implementation with the new Habana
Gaudi2 (HL-225) in an 8U chassis. This server will accelerate
AI training to new performance levels combined with dual 3rd
Gen Intel Xeon Scalable processors and up to 8TB DRAM.
NEWS NEWSNEWS
NEWS
NEWS NEWS NEWS NEWS NEWS
NEWS
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 07

OPINION: IT SKILLS
BRIDGING THE TECHNOLOGY SKILLS GAP
DOES DIVERSITY IN CYBSECURITY ACTUALLY MATTER? CIARA CAMPBELL, SENIOR SECURITY
ENGINEER, TENABLE GIVES US HER TAKE
The technology skills gap, particularly
in cybersecurity, has been a
recurring challenge for years. Harvey
Nash Group suggests that there has been
a shortfall of 10,000 people a year in the
UK's cybersecurity talent pool. According
to Microsoft, there are 2.5 million unfilled
cybersecurity jobs worldwide. Can
anything be done to overcome this
shortfall?
In short, yes. During the pandemic,
technology became increasingly
incorporated into our daily lives. The way
we work has moved from physical offices
to hybrid work environments and
organisations just need to think a little
more creatively about what they offer to
their workforce.
Companies should broaden their thinking
when it comes to finding the right talent.
Embrace running intern or graduate
programs, and how best to support
women and/or men returning to the
workforce who might have taken time out
for family or health reasons. Offer training
and mentor programs that support new
hires and existing employees to keep
everyone at the top of their game. I myself
started my career through intern and
graduate programs.
Security can be about prevention and
detection but it doesn't just come down to
those two aspects. There are many layers
to security, which is what makes it such a
fun industry to work in. Of course, it's not
all a bed of roses. Sometimes, keeping up
with all the technical knowledge can be
hard and it's so vast. But that also presents
an opportunity.
POWERED BY DIVERSITY
No matter if it's working in IT, cybersecurity,
or any industry, it's really important for teams
to have different inputs and ways of thinking.
By having diversity, different ideas and
perspectives are brought to the table that
can lead to the creation of amazing
innovation. It empowers us all to achieve
greater creativity, to think outside the box,
and drive alternative viewpoints that enables
us to grow both individually and as a team.
Diversity also makes the workplace far more
enjoyable and a more interesting
environment to work in. It makes a very
boring work environment when everyone is
the same - you need the diversity for different
perspectives and opinions.
When it comes to cyber talent, flexibility in
location and adaptability to schedule
changes is almost a requirement. Businesses
that have embraced a remote working
environment have been able to successfully
widen their candidate pool considerably and
found it advantageous in the battle for talent.
When you break it down, a business is
nothing more than a group of people, often
organised by a common set of values and
interests that carry forward a shared business
mission. Even the smallest community (our
friends, our families) are diverse by nature:
the most obvious one being diversity of
gender. That said, there will still be
differences in opinions and contributions that
each member brings to the table. For
companies, and cybersecurity specifically, if
everyone on the team thinks the same way,
you've already lost the race with attackers.
Only through increased inclusion and
diversity-of race, gender, perspective and
thought can we achieve greater creativity
and innovation, think outside the box, and
outmanoeuvre our adversaries.
It's also important to recognise that no
candidate is perfect, in terms of experience
and expertise. One solution is for companies
to hire people with less experience, or even an
intern program, and spend time and money to
train and upskill recruits. It's not just about new
hires, but employers investing in their people
through certifications and training that
nurtures career longevity and retention.
Thinking long term, the underrepresentation
of diverse backgrounds in
cybersecurity is linked to the broader
problem of a lower rate enrolling in science,
technology, engineering and mathematics
(STEM) fields. Diversity breeds diversity. We
need to foster relationships and show the
next generation of the cyber workforce there
are people like them in the industry. It sends
a message that "you can do it too." NC
08 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCT REVIEW
TREND Networks
LanTEK IV-S
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
TREND Networks has an excellent
reputation in the network cable
certification world and its LanTEK IV-S
takes this to the next level. Building on the
successes of its well-respected LanTEK IV
model, the IV-S boasts a faster v3.0 operating
system, a dual-core CPU, double the system
RAM and room to store up to 5,000 test
results - twice that of its predecessor.
This extra horsepower makes its mark as the
IV-S can run a full certification test on Cat6A
cabling in only 7 seconds, making it one of
the fastest in the world. It also incorporates
valuable future-proofing as it can certify
Cat8.1 and Cat8.2 links up to 3,000MHz.
The kit we tested includes LanTEK IV-S
3000MHz display and IV-S remote handsets
supplied in a rugged transport case. It also
includes two power adapters, shoulder straps,
Cat8 channel adapters and TREND's Cat8
RJ45 VisiLINQ permanent link adapters.
Installers working in noisy data centres will
approve of the VisiLINQ adapters as these
provide clear visual cues for link status and test
results. Their integral LEDs turn blue to confirm
a connection between the handsets, yellow for
a marginal test pass and red for a test failure,
while pressing on their collar activates a white
torch mode - handy when working in the dingy
depths of a rack cabinet. The adapters also
incorporate field-replaceable RJ45 tips rated
for at least 2,000 insertions.
The handset's LCD touchscreen makes light
work of configuration and with the aid of its
quick start wizard, we easily created our first
certification job. After providing a meaningful
name, we added identifiers such as the
building, floor, room and rack cabinet and
assigned a sequence of tests.
For each test, you select standards from the
extensive list, choose link and cable types and
pick a cable brand, which can be generic or
manufacturer-specific (there's a big choice).
We performed a range of certification tests on
the lab's Cat6A cabling infrastructure and
were mightily impressed with the levels of
information presented. And yes, all full cable
tests were completed in precisely 7 seconds.
Tapping on a completed test in the screen
brings up all the results which can be scrolled
through and selected for more detail. Cable
lengths are revealed, the wiremap screen
shows connection issues along with the
distance to detected faults, and you can use
the live wiremap view to check consistency
prior to running a full test.
Below this onscreen are the results of all the
certification tests you elected to run - there
are far too many to list here but rest assured
the LanTEK IV-S supports all the important
ones. Tapping on each result brings up
graphs or tables of the measurements and
you can view all or selected cable pairs
where appropriate, and swap between the
main display and remote handsets.
Integration with TREND's AnyWARE cloud
portal allows project managers to work
remotely with their field engineers and create
pre-defined certification tests for direct
download to the handset. It worked perfectly
for us as after connecting our handset to the
lab's wireless network - we synced it with our
cloud account, pulled down jobs and
uploaded test results.
Choose a set of tests and the portal creates
professional certification reports for
presentation to customers. Another smart
feature is that the handset runs the
TeamViewer server component and we had
no problems setting up sessions and
controlling it remotely.
The powerful LanTEK IV-S makes cable
certification a breeze as it combines a
wealth of standards-based tests with extreme
ease of use. Performance is on the money,
integration with AnyWARE accelerates
project management and TREND's Sapphire
Care Plans will significantly reduce the total
cost of ownership. NC
Product: LanTEK IV-S
Supplier: TREND Networks
Web site: www.trend-networks.com
Tel: +44 (0)1925 428 380
Price: Model R163009 from £10,110
exc VAT
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 09
NETWORKcomputing
@NCMagAndAwards

PRODUCT REVIEW
ExaGrid x
Commvault =
Enhanced Storage
Economics
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
ExaGrid stands tall in the enterprise data
backup and disaster recovery market as
its Tiered Backup Storage family of EX
appliances deliver a unique data protection
solution with a sharp focus on performance
and reduced storage costs. Even more
compelling is ExaGrid's data deduplication
technology, as its patented Landing Zone with
Adaptive Deduplication solves the performance
challenges inherent in traditional inline data
reduction techniques. That's not to say that
ExaGrid wants to replace your existing data
protection solution. Far from it, as its Tiered
Backup Storage solution works hand in glove
with over 25 leading enterprise backup
applications where it can enhance their
capabilities immensely.
Commvault fans will approve of this approach
as they can retain their existing data protection
infrastructure and integrate ExaGrid into it to
provide the backend storage. More importantly,
they can continue to enjoy the clear benefits of
Commvault's deduplication engine and allow
ExaGrid to deduplicate backup data further on
its target storage, with combined reduction
ratios improved up to an impressive 20:1.
These numbers are very compelling, as
combining ExaGrid and Commvault into one
backup strategy will reduce its storage footprint
by as much as 300%. Extrapolate this over a
number of years and it's clear that substantial
savings can be made.
A key feature of ExaGrid's appliances is their
Landing Zone, where data from the Commvault
backup application is written directly to a disk
cache. As backups complete, the data in the
Landing Zone is 'tiered' and written to a separate
long-term retention repository where it is
compressed and deduplicated.
This has no impact on performance, and as
copies of the most recent backups are retained
in the Landing Zone, restore operations are
much faster as data doesn't need rehydration
and decompression. Data security and
protection against ransomware attacks are
further enhanced as while the Landing Zone is
network facing, the repository has a tiered air
gap between the network-facing Landing Zone
and the non-network-facing retention repository
which is only visible to ExaGrid. From the
Commvault administrator's perspective, there is
very little they need to change as ExaGrid
storage is presented as CIFS/NFS shares, so all
they need do is declare them to Commvault
storage policies as backup destinations. They
can leave the Commvault MediaAgent inline
deduplication and data integrity validation
services enabled as well.
Keeping Commvault's deduplication in play
brings extra rewards by reducing space
requirements for the ExaGrid Landing Zone, as
it is already receiving deduplicated data.
Conversely, disabling Commvault's
deduplication and only using ExaGrid's services
means the MediaAgents can be installed on less
powerful host systems.
This solution clearly works very well and
demonstrates significant storage savings. For
testing, ExaGrid used a 15.5TB dataset
comprising system data, SQL Server databases
and multiple VMware VMs. ExaGrid's mighty
EX84 appliance was called up to provide the
backend storage plus an 84TB landing zone
which was presented to Commvault as a
CIFS/SMB network share. A 15-day simulation
comprising multiple full and incremental
backups generated a total of over 123TB of
backup data. On completion, Commvault's
own deduplication had only sent 27TB to the
EX84, resulting in an initial 4.5:1 reduction
ratio. ExaGrid's adaptive deduplication
subsequently squashed this down further to only
8.7TB resulting in an impressive overall
reduction ratio of 14:1.
Enterprises looking for new ways to energise
their data protection strategies and reduce
ongoing storage costs will find this ExaGrid and
Commvault team provides an innovative
solution. ExaGrid's scale-out architecture
delivers huge, cost-effective backup capacities,
its smart Landing Zone provides a boost in
performance, and combining its Adaptive
Deduplication with Commvault's own highly
efficient data reduction technologies offers
industry-leading storage savings. NC
Product: EX84
Supplier: ExaGrid
Web site: www.exagrid.com
Tel: +44 (0) 1189 497 051
10 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PLEASE VOTE NOW
Many thanks to everyone who made nominations for the Awards this year. As our search for
the Champions of 2022 continues we ask for your help again.
Please vote now at:
WWW.NETWORKCOMPUTINGAWARDS.CO.UK
The Awards ceremony - 23rd June - Leonardo City Hotel,
8-14 Coopers Row, London EC3N 2BQ
Be there to experience the drama as the results are revealed and the trophies are presented. A
drinks reception, dinner and entertainment will also be provided at this special event.
IS YOUR COMPANY A CONTENDER FOR AN AWARD? If you haven't booked your tickets
yet, now would be a good time. Contact dave.bonner@btc.co.uk
The Awards are sponsored by

FEATURE: ZERO TRUST
ZERO TRUST: THE TRUTH IS OUT THERE
THE CONNECTED WORLD IS A CHANGED WORLD, AND ENTERPRISES CAN NO LONGER ASSUME THEY
HAVE FULL CONTROL OVER CLOSED NETWORKS, ACCORDING TO MATTHEW MARGETTS, DIRECTOR OF
SALES AND MARKETING AT SMARTER TECHNOLOGIES
The COVID-19 pandemic further
accelerated the new normal, which shifted
a large proportion of the workforce to
remote working and forced businesses to
increase their use of cloud platforms to support
a variety of devices and networks.
Unfortunately, criminals can take advantage of
this upheaval and attempt to increase network
infiltrations for nefarious gains.
The truth is that legacy security solutions
cannot support a Zero Trust network. In the
legacy model, security measures are reliant on
a closed perimeter security model that assumes
that all users and applications are coming from
the same network location and entry points.
This approach is no longer sufficient, which is
why Zero Trust security is becoming the
preferred network security architecture.
WHAT IS ZERO TRUST SECURITY?
Zero Trust architecture is an approach to IT
system design where inherent trust in the
network is removed. The network is assumed
to be hostile, and each request is verified
based on an access policy. Regardless of the
device, network and user activity, Zero Trust
architecture is built on access management
checks at every level.
The National Cyber Security Centre (NCSC)
says: "In a Zero Trust architecture, inherent trust
is removed from the network. Just because
you're connected to a network doesn't mean
you should be able to access everything on that
network. This is commonly seen in breaches;
an attacker gains a foothold in a network and
is able to move laterally because everything on
the network is trusted. In a Zero Trust
architecture, the network is treated as hostile."
The key concepts of Zero Trust are:
The network is hostile and should be
treated as compromised
Inherent trust is removed from the network
Every request to access data or a service
should be authenticated and authorised
against an access policy
Gain confidence dynamically by
continuously evaluating the trustworthiness
of connections
THE 8 DESIGN PRINCIPLES OF A ZERO
TRUST NETWORK
The NCSC has introduced eight Zero Trust
architecture design principles that are paving
the way for future networks for the government.
These eight principles are intended to help the
public sector and large organisations to
implement a Zero Trust network architecture in
an enterprise environment.
1. Know your architecture, including users,
devices, services and data
2. Know your user, service and device
identities
3. Assess user behaviour, service and device
health
4. Use policies to authorise requests
5. Authenticate and authorise everywhere
6. Focus your monitoring on users, devices
and services
7. Don't trust any network, including your own
8. Choose services that have been designed
for Zero Trust.
Let's take a closer look at the eight
principles' objectives:
1. Know your architecture, including users,
devices, services and data
To get the benefits from Zero Trust, you need to
have a clear understanding about each
component of your architecture so that you
can identify:
Where your key resources are
The main risks to your architecture
How to avoid integrating legacy services
that do not support Zero Trust
2. Know your user, service and device identities
An identity can represent a:
User (human)
Service (Software Process)
Device
Each identity should be uniquely identifiable
in a Zero Trust architecture. This is the most
12 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATURE: ZERO TRUST
important factor in deciding whether or not
something or someone should be allowed
access to data or services.
3. Assess your user behaviour, devices and
services health
The most important indicators when looking to
establish confidence in the security of your
systems are:
User behaviour
Service health
Device health
Zero Trust policy engines need to be able to
measure user behaviour, device health and
service health.
4. Use policies to authorise requests
The power of a Zero Trust architecture lies in
the defined access policies. Each request for
services or data should be authorised against a
specific security policy. These policies also help
to facilitate safer sharing of data or services
with partner organisations or guest users. The
key characteristics of a policy engine in a Zero
Trust architecture are:
Uses multiple signals
Provides a secure and flexible access
control mechanism
Adapts to the resources being requested
5. Authenticate & authorise everywhere
Any authentication and authorisation activities
should consider multiple signals, such as:
Device health
Device location
User identity
Status to evaluate the risk associated with
the request.
Because the network is assumed to be
hostile, a Zero Trust architecture ensures that
all connections that access your organisation's
data or services are authenticated and
authorised.
6. Focus your monitoring on users, devices
and services
In a Zero Trust architecture, monitoring should
always link back to the policies you have set
with regards to gaining assurance. A Zero Trust
monitoring strategy focuses on individual users,
user behaviour, devices and services to help
organisations establish their health.
7. Don't trust any network, including your own
In a Zero Trust architecture, traditional user
protections such as phishing protection and
malicious website filtering may be
implemented differently and may require
different solutions. A key principle of Zero
Trust is to remove inherent trust from any
network between a device and a service -
including the local network. Any
communication over a network to access data
or services should use a secure transport
protocol to ensure that the traffic is protected
in transit and is less susceptible to threats.
8. Choose services designed for Zero Trust
Not all services support Zero Trust, which
means that they may require additional
resources to integrate Zero Trust architecture.
This causes an increased support overhead, so
it's advisable to consider alternative services
and products that have been designed with
Zero Trust architecture in mind. Products with
Zero Trust capabilities allow for easier
integration and simpler interoperability.
ADOPTING ZERO TRUST PRINCIPLES IN
YOUR ORGANISATIONS
If you are new to Zero Trust or if you're
unsure whether it is the right network
architecture for your needs, it's a good idea
to engage with a digital transformation
partner to help you design and review a
Zero Trust architecture that meets your
organisation's specific requirements. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 13

FEATURE: ZERO TRUST
ZERO TRUST ARCHITECTURE: 5 REASONS YOU NEED IT
ADRIAN TAYLOR AT A10 NETWORKS EXPLAINS WHY A ZERO TRUST ARCHITECTURE IS THE IDEAL WAY TO
MITIGATE A BREACH IN YOUR NETWORK
There's a relatable metaphor that best
describes how network security
architectures have evolved. People
living in small towns usually know all their
neighbours, so hardly anyone locks their
doors. But for people living in bigger towns,
it's much harder to know who their
neighbours are, so everyone starts locking
their doors. People not only lock their
doors, they also install security systems, put
bars on their windows, and might even get
a guard dog.
In other words, when you have limited risk,
your network security architecture can be
simple but as the risks become greater -
when certainty in your security decreases -
then you need to rethink how to keep your
property safe. As a consequence, security
becomes more complicated.
In the late '80s through the early '90s,
network security was simple; once an entity (a
person, a machine, a process) was inside
your network and authenticated with your
security service it was assumed that entity was
trustworthy. Of course, this couldn't last for
long. As networks started to become more
central to business operations and the need
arose for external connections for business
partners, network complexity increased
exponentially. By the late '90s, these networks
began connecting to the internet, and by the
2000s, hundreds of service providers
complicated networks further by offering
software-as-a-service (SaaS).
THE END OF SIMPLE NETWORK
SECURITY
By 2010, the network no longer had a single,
unbroken network perimeter. It had become
"porous" to support mobile and remote
workers, as well as business partners and new
third-party services. "One and done"
authentication of entities requesting access
became inadequate. You could no longer
assume that anyone on your network,
including your staff, could be trusted.
14 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATURE: ZERO TRUST
A BETTER NETWORK SECURITY
ARCHITECTURE
In 2010, John Kindervag, an analyst at
Forrester Research, wrote a paper that
popularised the idea of the Zero Trust
architecture. Over the next few years, as
enterprise computing embraced cloud
computing and the problems with perimeter
security became more pressing, the concept
of the Zero Trust architecture gained
traction. The fundamental concept of the
Zero Trust architecture is simple: Never trust,
always verify.
HOW TO BUILD A ZERO TRUST
ARCHITECTURE
Zero Trust network architectures have four
main requirements:
The use of micro-perimeters and microsegments
to restrict traffic flow and limit
user privileges and access as much as
possible. Micro-perimeters take the
concept of a secured network perimeter
that defines what is inside of the network
and what is outside and applies similar
access controls to smaller groupings of
network entities, sometimes even to a
single device. Micro-segmentation creates
zones within data centres and cloud
environments to isolate workloads and
secure them individually
Effective incident detection and response
using comprehensive analytics and
automation
Integrated multi-vendor network solutions
to ensure seamless compliance and
unified cybersecurity
Comprehensive and centralised visibility
into all entities and workflows including
users, devices, data, the network itself,
and workflows. Including visibility into all
encrypted communications.
To reiterate, the Zero Trust security
architectures are based on not trusting
anyone or anything on your network. Every
access attempt by any entity, even if known,
must be validated at multiple points to make
sure no unauthorised entity moves into or
within the network without being detected.
Making a Zero Trust network work requires
in-depth traffic inspection and analytics.
Central to this is the use of SSL inspection
solutions that decrypt and analyse encrypted
network traffic (sometimes called "break and
inspect") to ensure policy compliance and
maintain privacy standards.
By monitoring encrypted traffic to detect
suspicious network communications and
malware payloads as well as attempts to
exfiltrate controlled data, for example, credit
card and social security numbers, SSL
inspection makes it possible for the Zero Trust
model to protect networks from both internal
and external threats.
WHY YOU NEED TO MIGRATE TO A
ZERO TRUST SECURITY ARCHITECTURE
Here are the five crucial reasons to move to a
Zero Trust network:
The complexity of your network - the
number of users, where they work, the
devices they use, the number of
workloads, your use of SaaS, a hybrid
cloud environment, and so on - is just
going to increase. A Zero Trust network
reduces the complexity of securing your
assets and isolating problems
As the complexity of your network is
increasing rapidly, the attack surface of
the network has also expanded. To
reduce vulnerability and regain
control, you must establish microperimeters
and micro-segments
Third-party services such as
SaaS and PaaS can't be
trusted: it takes one breach
to compromise your
network. Creating
robust microperimeters
around
these services is an
absolute must
The internet is,
essentially, an unsecured network, and
cyberattacks from amateurs, organised
crime, and hostile state actors are
increasing rapidly. In addition, the costs of
mitigating a breach or a ransomware
attack have increased enormously. The
financial risks have become profound and
will drastically change IT budgets
Insider threats have also increased rapidly.
A mix of employees working from home
and from branch offices and
simultaneously providing access externally
requires robust and well-structured
security controls.
If you've started down the path to a Zero
Trust network, are you moving fast enough?
Does the C-suite understand the issues, and
will it fund a strategy that might be all that
stands between business success and
irreversible failure? If you've not yet started to
plan and implement a Zero Trust architecture,
there's no time like the present. NC
Adrian Taylor,
A10 Networks
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 15

CASE STUDY
A SEAWORTHY DATA CENTRE SOLUTION
HOW SEAJACKS MIGRATED ITS BUSINESS-CRITICAL INFRASTRUCTURE AFTER ITS INCUMBENT DATA
CENTRE ENTERED ADMINISTRATION
Seajacks' fleet of the world's most advanced
self-propelled jack-up vessels provide safe
and efficient offshore oil, gas and wind
solutions across the globe. Seajacks has
completed over 500 wind turbine installations
and has brought a new dimension to the
construction, maintenance and
decommissioning of off-shore platforms.
SEAJACKS' CHALLENGES:
With its incumbent data centre provider
unexpectedly entering administration, Seajacks
had extremely limited time to identify a new
supplier and migrate its business-critical
infrastructure that supports its global fleet of offshore
vessels.
The challenge for Seajacks was to research,
shortlist, select and onboard with a data centre
operator that could work flexibly to
accommodate varied requirements. The short
3-month timeframe and hard deadline meant
the new provider would also have to offer
thorough support at every step of the way. In
addition to securely hosting its primary
operations in a rock-solid data centre, Seajacks
needed commercially critical connectivity links
between its UK HQ in Norfolk and all satellite
offices and vessels.
THE SERVERCHOICE EXPERIENCE
ServerChoice was able to react quickly and
work flexibly to meet all of Seajacks' technical
and operational needs, keeping well within the
tight deadline. Seajacks IT Co-Ordinator,
Daniel Bird, outlines his ServerChoice
experience.
Accessibility: "We needed somewhere with
good road connections and a low riskprofile
that we could pop-out to on a Friday
afternoon. ServerChoice provided a toptier,
secure data centre in just the right
location."
Tailored Cost-Package: "In the first
instance, we explored a number of
different configuration options with
ServerChoice. They helpfully quoted all
these across 3 to 5 years to provide us
with a range of price options."
Responsive Service: "Adam has been our
contact from our initial sales call. He's been
there from the site tour through to
onboarding, and it's him we contact on the
rare occasions we have a question."
THE SERVERCHOICE SOLUTION
Smarter thinking
ServerChoice offered space in its awardwinning
Harlow Data Centre, just north of
London, in the UK's largest and most innovative
data centre campus. Its location puts it within
easy reach, but crucially provides a much lower
risk profile than London-based facilities, which
was a vital consideration for Seajacks' missioncritical
global operations.
The resilience, efficiency and security of
Harlow Data Centre is immediately apparent
from a tour of the state-of-the-art site. Built to a
minimum of Tier 3 Standards throughout, the
data centre uses 100% renewable energy and
features advanced security, including threefactor
authentication and biometric access
controls. The facility is provisioned with highdensity
racks, is OCP-Ready, and is truly carrierneutral,
with low-latency fibre routes directly
connecting to major tier1 provider and strategic
PoPs across Europe.
"The facility is better than Tier 4 in many
regards, and the high level of security exceeded
our expectations," says Daniel Bird.
A trusted partner
The original Internet requirement was for 200
Mbps, but after listening to Seajacks'
challenges, ServerChoice upgraded the
connection to 1 Gbps. This provided a highperformance,
future-proof and cost-effective
connection that also lowered future upgrade
costs. ServerChoice also offered FlexMove®, its
free relocation service.
ServerChoice was on-hand to offer support
and guidance through every stage of the
process, from Seajacks' initial sales enquiry call
right through to go-live, to ensure that Seajacks
were up and running smoothly and successfully.
And with ServerChoice's proven 100% uptime
track record, there's been little need for
Seajacks to test the on-site 24/7 support.
Bird adds, "It sits in the background and ticks
along nicely. It's a great service and I know we
can rely on it." NC
16 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCT REVIEW
CloudCall - The CRM
Centric
Communications
Platform
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
As businesses move their phone system
into the cloud, it makes perfect sense to
integrate it with their customer
relationship management (CRM) solution.
Aligning a cloud phone system with a CRM
can improve communications, provide
accurate customer and prospect interaction
and data tracking which allows for streamlined
sales processes.
The intelligent phone system from CloudCall
stands out from its competitors as it is
designed to help integrate seamlessly with all
major CRM vendors. The list is extensive and
includes the likes of, but not limited to,
Salesforce, Bullhorn, Microsoft Dynamics 365,
Vincere, Access, Tracker and Zoho.
At its foundation, CloudCall provides cloudhosted
business VoIP solutions and employs inhouse
developers to work with partner teams
for all CRM integrations. This allows
businesses to use CloudCall to maintain a
single source of information and provide an
accurate viewpoint of what is happening in the
business relating to customer activities.
The CloudCall Click-2-dial feature is a
perfect example as it allows staff to instantly
initiate calls directly from a CRM record.
Furthermore, when a call is made from the
CRM, CloudCall automatically logs all call
details and opens a note file linked to the
recipient, making sure all your call data is
automatically synced into one central source.
An SMS can be sent directly from a CRM
record and its list of contacts used to swiftly
broadcast SMS to multiple recipients. The
CloudCall Chrome extension allows mobile
SMS to be sent directly, simply by hovering the
mouse pointer on a web page that contains a
phone number.
The embedded Power Dialler feature reduces
the manual effort required when making
multiple calls to customers and candidates.
Using lists built from your CRM or uploaded to
the dialer, it will call the contacts in sequence
and can be used to prioritise calls so you can
reach out to the most promising prospects first.
It can also be combined with CloudCall's
voicemail drop, where users can set up to five
pre-recorded messages making sure you leave
the correct information with each recipient.
Inbound calls and SMS are handled just as
efficiently by CloudCall's Screen Pops. These
present a pop-up window feature allowing the
user to open the associated CRM record
instantly without having to waste valuable time
searching for it.
Call recording features are equally
impressive as CloudCall saves all the CRM
contact activity history, so they can be easily
accessed for download or playback
purposes. If a verbal consent prior to call
recording is a business requirement,
CloudCall will capture and store these details
while a user is on the phone.
The extensive call handling features of
CloudCall offer valuable monitoring and
training aids to help managers. These
include the CloudCall web portal which can
monitor all calls being made, listen to them
in real-time and use features such as the
whisper function to provide guidance and
training, the barge function in times of need
if required, and can even turn it into a
conference call to help you connect teams.
The portal provides a central
administrative point where you can create
custom activity dashboards to present
advanced real-time analytics. It can
manage your organisation's call profiles
while access to all activities and
communications reports, detailed call
logs, notes and recordings are never more
than a few clicks away.
CloudCall solves the challenges faced by
businesses that have invested heavily in
cloud phone services and CRM. With
support for all key CRM providers,
CloudCall removes all the manual effort
required by administrators to keep these
two core systems constantly updated and
aligned to deliver a measurable boost to
productivity and business growth. NC
Product: CloudCall
Supplier: CloudCall
Web site: www.cloudcall.com
Tel: +44 (0)203 854 4000
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 17
NETWORKcomputing
@NCMagAndAwards

PRODUCT REVIEW
Perle IOLAN SCG
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
Managing data centres and large
distributed networks demands remote
access to critical infrastructure
devices as issues can be quickly resolved
before they become disasters. This avoids
tedious and expensive site visits, but if the
network at the remote site fails, support staff
will lose access to these devices.
Perle Systems has the ideal solution as its
IOLAN remote console servers provide highly
redundant OOB (out-of-band) management
access to critical network devices. They look to
have every eventuality covered as along with
dual, redundant Gigabit copper and fibre
ports for WAN access, they can fall back to a
wireless network, an integral V.92 modem or a
high-speed 4G LTE cellular network.
The IOLAN SCG on review is highly
versatile as its modular design allows up to
three 16-port serial interface cards to be
installed for a total of 50 management ports.
The RJ45 modules support softwareselectable
RS232, RS422 and RS485 modes
and can be mixed with USB versions.
Teaming the latter up with the two USB ports
at the front allows Perle to claim an industryleading
USB serial port density.
The appliance provides full IPv4/IPv6 routing
capabilities plus support for RIP, OSPF, and
BGP protocols for easy integration into data
centres including VRRPv3 for network
redundancy support. Zero-touch provisioning
ensures a swift initial deployment while
RESTFul API and VPN support allows it to work
closely with customer's third-party
management systems.
Deployment is simple and the appliance's
web console dashboard shows plenty of detail
on the system while a list of all interfaces
below reveals their link status along with
inbound and outbound traffic. Interface high
availability and failover are handled by health
profiles which use Ping and traceroute tests to
determine their availability. If the primary
WAN connection goes down, you can elect to
automatically swap to another available WAN
connection or assign priorities to them for
load sharing.
Each RJ45 serial interface offers a wide
range of services with the Console
Management profile used to create a serial
port for Telnet or SSH access. Other profiles
include Trueport virtual COM ports, TCP and
UDP sockets, virtual modem and Modbus
gateway emulation while the USB ports can
use Console Management, Trueport and TCP
socket service profiles.
Access security is excellent as along with an
integral firewall, you can enable 2FA on
selected user accounts and apply a range of
AAA (authentication, authorisation,
accounting) services using Radius, TACACS+
or LDAP. When creating user accounts, you
can set them as operators so they can't
manage the appliance and decide which ports
they are allowed to access.
Operators have two options for accessing
serial port devices as they can use their
personal web console to view the ports they
are permitted to see, choose one from the
Monitor and Stats screen and click on the
Easyport button to load an SSH session in a
new browser. The other alternative is to use a
client such as PuTTY to SSH to the appliance
using the port number assigned to the serial
port they want to connect to, login in with
their IOLAN username and then supply the
device credentials.
It's very simple to use and we had no
problems connecting the RJ45 console ports
of our lab switches to the appliance with
standard Cat6 network cables. Using either
method, we could quickly set up SSH sessions
and access their CLIs.
Perle's IOLAN SCG is the perfect solution
for support staff that need always-on remote
OOB access to their core network devices.
The appliance is easy to manage, its
modular design makes it very flexible and its
tough security measures allow access to be
strictly controlled. NC
Product: IOLAN SCG
Supplier: Perle
Web site: www.perle.com
Sales: +44 1280 825 540
18 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATURE: PUBLIC SECTOR IoT
IoT: THE KEY TO HELPING PEOPLE LIVE BETTER AND HEALTHIER LIVES
TIM KIDD, HEAD OF UK PUBLIC SECTOR AT HITACHI SOLUTIONS, SHARES HIS EXPERIENCE OF
WORKING ON A LEADING INTERNET OF THINGS PROJECT IN LONDON
As technology advances, a huge volume
of data is being produced that can
help public sector decision makers
make the right choices for society's
happiness, health, and prosperity. The
problem is making the information easily
understood and readily available.
THE INNOVATE PROJECT
The InnOvaTe project is a collection of 40
yearlong trials across five London boroughs
that uses sensors to gather information about
a range of social issues. The work, organised
by the South London Partnership (SLP), has
been gathering data on a range of issues,
from air pollution to social care, to help
improve society. The results aren't just
theoretical. IoT sensors installed in homes of
vulnerable people to monitor movements
were able to alert carers when a resident,
Maureen, fell at home. Ambulance staff who
attended the scene credited the quick
response with saving her life.
The InnOvaTe trial has clearly been a huge
success for the five boroughs involved. The
volume of data provided, and individual stories
like Maureen's prove it. However, the question
remains how we convert huge amounts of data
into easily understood and readily available
information so that decision makers in the
public sector can use it effectively.
MAKING DATA READILY AVAILABLE
AND EASILY UNDERSTOOD
Following a comprehensive procurement
process, the SLP team selected Hitachi
Solutions and our partners at Microsoft to take
on the challenge of making the information
gathered by the InnOvaTe project readily
available and easily accessible. It is no small
task given the volume of invaluable data
collected. We are also keenly aware that our
work is directly linked to achieving better
outcomes for society; keeping residents safe,
improving quality of life, making urban areas
cleaner, ensuring transport infrastructure keeps
moving and expediting the move to other
greener travel modes.
Our solution has been to use Microsoft's
Azure cloud platform to create a single unified
platform that draws in all the data being
collected for the different sensors. The system
creates visualisations and dashboards to help
the maximum number of people access,
understand and ultimately use the data.
KEEPING DATA SAFE
Given the sensitivity of the data we are
handling, the solution was designed with
GDPR and data privacy in mind as a first
principle, with data encryption at rest and in
transit. Secure access is achieved through Role
Based Access Controls meaning only named
users are granted access to relevant aspects of
the data that they have a need to use and are
authorised to view. This access is tied to their
Active Directory account. Azure has granular
audit logs that can see who accesses what
and when. Whilst Microsoft ultimately host the
data within the Azure cloud, due to the multilayered
security approach of their personnel,
no one person can ever have direct access to
the data making it a safe and secure
integrated platform.
SUPPORTING PUBLIC SECTOR
DECISION MAKING WITH DATA
Data, IoT and Smart solutions are rapidly
becoming key components of local authority
infrastructures, both in cities and rural areas.
The ability to analyse real-time information to
better understand our societies has huge
potential to make lives happier, healthier, and
more prosperous. In the future, we hope the
technology will contribute to improving the
lives of people and businesses up and down
the UK and beyond.
At its core, IoT is about connecting our
physical environment to a digital world. There
is still a lot of untapped potential in the IoT,
but this partnership showcases the importance
of working together to solve complex
challenges with the best solutions for the
benefit of all. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE NETWORKcomputing 19

FEATURE: PUBLIC SECTOR IoT
ROLLING OUT IoT TO ADDRESS COUNTY COUNCIL CHALLENGES
NICK SACKE, HEAD OF IoT SOLUTIONS AT COMMS365 ADDRESSES SOME OF THE AREAS WHERE IOT
SOLUTIONS CAN BE RAPIDLY ROLLED OUT, TO NOT JUST OVERCOME THE CHALLENGES LOCAL
AUTHORITIES ARE FACING, BUT EXCEED THEM
As the country emerges from the COVID-
19 pandemic 2022 will be a year of
recovery, and local authorities have a
crucial role to play in leading this process.
However, pressures continue to increase from
the government to meet targets on climate
change, improve health and social care and
ensure that local infrastructure continues to
meet increasing demand after the pandemic -
all with restricted financial support. So how
can technology help councils to address and
meet these challenges?
SUSTAINABILITY AND CLIMATE
CHANGE
It is well known that we are still producing
masses of waste across the UK. With
traditional and non-efficient processes still in
place for collecting waste from public places
and homes, it leaves councils and third-party
contractors with a massive challenge. But by
investing in IoT technology, current ineffective
processes can be easily and dramatically
improved - from creating an optimally efficient
route to collect waste to reduce carbon
emissions, to emptying the right bins, at the
right time, to further improve green objectives.
Sensor technology, for example, can not only
indicate how full a bin is, but can also detect
temperature and motion, to see if somebody
has thrown something flammable in the
container, as well as the bin tipping over or
being misplaced. This information can then be
used to build a data profile, which will in turn,
provide a more efficient collections schedule,
and also identify hotspot areas with potential
problems including fly tipping.
Also, technology is becoming more
efficient at determining different types of
waste, particularly within underground
storage, that can be useful for recycling
efforts. By deploying IoT solutions, sensors
can check how much glass is in a specific
container, by comparing the sonic 'signature'
via intelligent algorithms for different types
of waste materials.
IoT can additionally help councils and thirdparty
contractors plan in advance by knowing
how much waste they will be collecting, by
real-time monitoring of waste in the bin lorry
itself, which can help the business to forecast
cost and / or revenue. In turn, this has the
potential to revolutionise payment models for
contractors that are paid by weight.
With heavy regulations coming into play
around air quality, and as we as a society
strive towards a greener future, there is a need
for local authorities to be more proactive and
involved in their citizens' health. By tracking
environmental elements such as pollution
levels, CO2 concentrations in offices and
classrooms and chemical pollutants,
environmental monitoring will become a big
part of both our indoor and outdoor future.
INTEGRATING HEALTHCARE SERVICES
The IoT healthcare market is expected to reach
$188.2 billion by 2025, driven by the
pandemic and increasing focus on patientcentric
services. It's clear that technology can
transform industries, helping to reduce the
burden on primary, acute and community care,
as well as local councils. This was highlighted
during the peak of the pandemic, with
hospitals across the NHS implementing virtual
clinics and remote monitoring technology to
care for patients at home, while focusing on
the ever-increasing COVID-19 cases.
IoT technology enabled the use of health and
care devices to collect valuable and real-time
data to provide care to patients both in and out
of hospital, while keeping them connected to
health care professionals. The data collected
helps to automate the mapping of activities into
a profile around an individual, which can then
be analysed and shared every day with the
care organisation and local authority.
Ongoing patient health and vital signs can be
recorded from home, such as heart rates,
blood pressure and temperature, meaning
clinicians' time can be used elsewhere,
enhancing the efficiency of existing processes.
Specialists can be alerted when deterioration or
health concerns are detected to allow for
immediate intervention and deliver targeted
care. Targeted intervention allows expansion of
existing resources, and a rapid return on
20 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATURE: PUBLIC SECTOR IoT
investment in care-assistive technology. By
flagging any issues earlier and preventing the
escalation of problems while the individual is
at home, the need for them to go to the
hospital for check-ups or treatment is
mitigated, in turn reducing pressure on the
public purse.
Technology can also be used to reduce
inequality of or variation in care by
identifying patients who may be at risk and
have not seen their GP, or those who are in
rural and remote areas, by providing access
to interact with and monitor people in places
that have been traditionally harder to reach.
IoT technology has greatly improved
accessibility and productivity in healthcare,
while keeping patients safe and in the
comfort of their own homes. This provides a
mechanism to help the NHS with extending
their care beyond the hospital, with another
significant return on investment.
LOCAL INFRASTRUCTURE
With almost 50 shops closing a day on the
high street during the first six months of
2021, and UK shopper footfall dropping,
local authorities are now looking for
alternative initiatives to encourage people
back to the high street. If shoppers are
looking to travel to physical stores once
more, the parking experience should be
painless - or else they'll just return to the
convenience of online shopping.
It's estimated that motorists spend two
months of their lifetime searching for a
parking space. But what if this could be cut
down with the use of technology? What if an
individual's mobile device was to alert them in
real-time where a parking space was? Better
yet, what if this space could be reserved, or
set up a subscription model to park monthly?
It's all about data collection and a better,
more informed use of this data. By
incorporating electric charging and disabled
bays, as well as the use of innovative
technology, re-engineered and revitalised
parking solutions will boost council revenue
and provide more efficient and customerpleasing
services, in turn, regenerating the
high street shopping experience
THE RISING COST OF LIVING, ENERGY
AND FUEL POVERTY
At the time of writing, inflation had just
breached 5.5% and is on course to exceed
7%, another record. The price of oil and gas
are rising, producing knock-on effects in the
cost of raw materials and transportation costs,
energy to heat the home, shopping basket
prices, and more. The current economic
climate is creating a punishing set of
circumstances for all, but especially the
elderly, those on low incomes and families
where one or other partner has lost their job
during the pandemic. It has been reported in
the media that in several cases the vulnerable
are already making choices between heating
or eating, which is of grave concern to all.
Many of these vulnerable citizens live in local
authority housing, so what can IoT technology
do to assist?
Specifically in the case of fuel poverty,
monitoring temperature and environmental
conditions in vulnerable households, together
with energy consumption from the boiler will
create a profile of energy use, highlighting
which of the population require targeted
interventions to assist with fuel bills and other
assistance that the local authority has at its
disposal. Smart radiator solutions can also be
implemented to heat sections of the home that
require it at different times of day, providing
energy savings and improved living conditions.
The IoT data collected could also profile and
identify potential dwellings that have insulation,
leaks, and other structural issues that affect the
housing asset integrity and prioritise
intervention. The business case for this type of
technological intervention is already proven
through current projects in the UK.
CONCLUSION
IoT technology is advancing to meet ever more
imposing challenges and requirements. We're
not only seeing an uptake in interest and the
use of these solutions, but the technology itself
is becoming increasingly cost-effective,
adaptable, and easier to deploy and maintain.
The COVID-19 crisis has prompted a greater
need and priority for local councils to be
forward-thinking in how digital technology and
data can help towns recover now and strive in
the future. The value of IoT technology and the
real-time data it collects is being recognised,
and will help to inform better decision-making,
introduce early interventions and reduce the
cost of changing practices. But for this to work
in practice, there is a significant need for a
cultural shift in the relationship local
governments have with technology.
The technological solutions must be designed
around the user, creating a better customer
experience, while ensuring any potential
barriers to adoption are removed. The guiding
principle for deploying technology as an
enabler of these more streamlined processes is
simplicity and invisibility to the user, while
collecting valuable data for insight. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 21

FEATURE: CLOUD
THE FUTURE OF CLOUD-NATIVE IN A BRAVE NEW WORLD
HOW CAN ORGANISATIONS AND THEIR DEVELOPERS CREATING
CLOUD NATIVE SOLUTIONS ENSURE THE HIGHEST LEVELS OF
SECURITY? EREZ YALON, VP OF SECURITY RESEARCH, CHECKMARX
SHARES HIS THOUGHTS
Over the last couple of years, the
global workforce has
experienced a seismic digital
shift, forcing many organisations to turn
to the cloud to maintain business
continuity. According to one report the
growth in cloud services has been
accelerating, with forecasts that the
cloud market could eventually be worth
$1 trillion.
Part of this shift has been the evolution
of cloud-native. A modern approach to
building and running applications,
cloud-native has gone from a
marketing term to a highly
desirable and useful architecture choice.
Yielding benefits around the design,
building, and deployment of applications,
it's easy to see why it's become the default
approach for many organisations.
Although convenient, cloud-native
applications have intricate and layered
attack surfaces which are widely
misunderstood and thus under-secured.
As a result, they have introduced a new
series of challenges for application
security (AppSec), proving that it is now
imperative for organisations to learn how
to effectively secure their interconnected,
cloud-based solutions.
With investment in digital technologies
underpinned by cloud solutions set to
increase, how can organisations and their
developers creating cloud native solutions
ensure the highest levels of security?
22 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATURE: CLOUD
SECURING THE NEW HYBRID
ECOSYSTEM
We know that in today's modern software
era, with the continued explosion of
emerging technologies, digital
transformation journeys, and the move to
cloud-native, demands on developer teams
to create secure code have increased.
Here are three best practice steps to
which developers should adhere to in
order to effectively secure their
interconnected, cloud-based solutions:
1. Testing code from the first line: No
portion of a code base is inherently
secure, and every line needs to be
inspected from the beginning of
development to ensure vulnerabilities
are found and addressed. It is also
important to remember that, when
new features and functionalities are
added to the application, the
introduced code blocks must be
given the same time and attention as
all other pieces in the bigger
software puzzle.
2. Ensuring each component is secure:
It's vital to test everything, including
third-party components and APIs, as
it's common for vulnerabilities to lurk
in their shadows. A 'trust and verify'
approach is paramount - meaning
organisations trust but make a
concentrated effort to also verify and
validate - third-party solutions and
components before using them. As we
continue to build applications from a
diverse set of components, blindly
trusting that third-party technologies
are secure is a recipe for disaster.
3. Test the infrastructure as code (IaC):
With the transition to the cloud came
new challenges for software
developers, namely the abundance of
IaC. This is evidenced by our survey,
which found that one in six developers
aren't performing any security testing
when building cloud-native
applications, having a major impact
on the security of their applications.
Therefore, just as you take careful
steps to testing and securing
applications, the same must be done
when it comes to IaC.
COMMON PITFALLS WHICH
HINDER PROGRESS
Time and time again, we have seen
examples of software full of exploitable
vulnerabilities being released and
subsequently abused by malicious actors.
Moreover, new applications are being
rushed to market every day, further
expanding the attack surface at an
unprecedented pace.
There are a number of pitfalls which
developers are falling for that are
hindering their progress and allowing
attackers easy access into their solutions.
These include:
1. Not embedding application security
testing (AST) early enough in the
application development process:
AST solutions do not replace security
awareness and common sense but
they do deploy a safety net and
enable security to become an
inherent part of development;
however, developers frequently
implement security solutions after
development is completed. This
perspective needs to change as it is
cheaper and easier to fix security
vulnerabilities earlier in the lifecycle.
2. Not understanding the nuances
between traditional AppSec vs. cloudnative
security: To properly secure
cloud-native apps, these nuances must
be understood. Generally, traditional
AppSec is more contained; whereas
with cloud-native, there are many
more components and connections
interacting and "speaking" to each
other to make it all work. While this
makes for more dynamic applications,
it also creates an exponentially larger
attack surface. Security teams and
software developers are now tasked
with learning to build applications in a
completely new environment while
evolving the way they test for security
vulnerabilities.
3. Dispersed security responsibilities: The
ownership of security has changed
hands too. With dispersed code and
responsibility for digital transformation
projects sitting across multiple teams,
comes dispersed security
responsibilities. Now, developers,
DevOps, and IT teams need to take
on this responsibility together. This
shared ownership may be complex,
but it's necessary given how easy it is
for security to be an afterthought.
LOOKING AHEAD
Cloud-native is the future. Undoubtedly, it
is a central part of software development
in the brave new world in which we find
ourselves living. However, with the
additional challenges it brings and the
pace at which it's being implemented,
organisations must consider the security
practices needed to ensure that
developers see security as a vital step in
software development, rather than an
added layer of complexity.
With greater awareness of the
challenges the new hybrid ecosystem
brings, and by adopting the
aforementioned best practices to
overcome these obstacles, organisations
can ensure their teams are utilising the
full benefits of cloud native, while
significantly lowering the risk. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 23

FEATURE: CLOUD
GOVERNMENT CLOUD ON-RAMPING
NOW'S THE TIME FOR UK GOVERNMENT DEPARTMENTS TO FULLY
EMBRACE DIGITAL TRANSFORMATION ACCORDING TO PAUL
GERMAN, CEO, CERTES NETWORKS
The UK Treasury is becoming
increasingly frustrated by the billions
of pounds wasted by government
departments on legacy technology and
proprietary infrastructure. With Digital
Transformation now imperative, there is
little patience for the endemic delays in
decision making that are adding untenable
costs to a government that simply has no
more resources.
Why are departments still spending
£millions every month on expensive
proprietary connectivity when the tried, tested
and proven Software Defined Wide Area
Network (SD-WAN) alternative costs just a
fraction? How can departments justify the
use of outdated legacy systems that demand
huge expenditure just to keep up and
running when reliable, lower cost cloudbased
alternatives are so accessible?
With the High Assurance SD-WAN
framework now generally available, there
are no more excuses. Digital Transformation
must progress, quickly, and while the risks
used to outweigh the rewards the rewards
now significantly outweigh the risks.
WEAK EXCUSES
Digital Transformation is now vital for
government departments. After two years of
pandemic delayed projects and facing
unprecedented financial pressures, there is
zero tolerance for excuses. Not only are
legacy systems both unreliable and
expensive, but the cloud offers many benefits
in flexibility, agility and cost reduction. And
yet, an estimated 80% of UK government
departments are still failing to make the
move, with their cloud strategies on hold.
24 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

FEATURE: CLOUD
So what's going on? Many departments have
clearly defined Digital Transformation
roadmaps; cloud providers have been
selected - often more than one to provide
resilience and contingency - and application
migration plans have been defined. The one
remaining sticking point is data security - most
notably, the safeguarding of data in transit
between the on site systems and the cloud.
With departments typically opting for a hybrid
environment during the incremental Digital
Transformation process, rather than a
wholesale move to the cloud, it is clearly
important to extend the data security posture
between the current environment and the
cloud. Furthermore, there is no argument that
Government departments have stringent data
security requirements - much of the data is
highly sensitive. Compromising security due to
the impact on network performance is, clearly,
not a viable option - or for those organisations
who have chosen that route, an extremely high
risk alternative, particularly given increasingly
concerning geopolitical circumstances.
Claims that the use of low cost SD-WANs to
provide the vital link to the cloud are inherently
lacking in the security required to safeguard
sensitive data, however, are out of date. Yes,
SD-WANs use public infrastructure, but the
Common Criteria accredited High Assurance
SD-WAN framework that couples a High
Assurance security overlay with market leading
SD-WAN technologies, is proven and being
used by governments and organisations
across the world to safely accelerate Digital
Transformation plans.
SECURITY STAND-OFF
The only beneficiaries of this endemic
decision-making paralysis are technology
vendors and service providers raking in
£millions every month to support and
maintain outdated, often inadequate,
technology. Given the huge cost differential
between legacy and cloud-based solutions,
the biggest risk now facing UK government is
that individuals tasked with achieving Digital
Transformation and radically reducing IT
spend will feel compelled to simply ignore
data security issues.
With a desire to achieve a stable, effective
and scalable technology infrastructure, it is a
hugely frustrating situation for IT and network
teams - not to mention those with budgetary
sign off. While the risks associated with failing
to consider the security implications are
profoundly serious, there is no more money:
unless this stand-off is addressed, everyone
involved stands to lose.
Security must be at the heart of any Digital
Transformation journey - and that requires a
shift towards a Zero Trust mindset. It means
stepping away from the concept of a trusted
environment and a focus on securing the data
irrespective of its location. This is where High
Assurance SD-WAN frameworks change the
game, using crypto-segmentation to protect
and ensure the integrity of sensitive data -
without any impact on network performance.
ACCELERATING CHANGE
With this Zero Trust approach, a High
Assurance SD-WAN overlay makes the
underlying network infrastructure irrelevant,
whether it is public or private, trusted or
untrusted. The data security team simply needs
to define the policy and, with ownership of the
cryptography keys, can be confident that data
is protected at all times wherever it goes.
The model is akin to the transfer of gold or
cash between banks. Security at each bank is
established and accepted - it is the movement
between the banks that raises concerns. The
use of a secured armoured vehicle is
reinforced by locking the gold away in a
secure environment using keys that only the
bank - not the guards - have access to.
Similarly with crypto-segmentation, even if the
data is compromised in transit, the only
people who have access to the keys are the
owners of the data: no one else can do
anything with that data. Irrespective of where
that data is travelling, it is protected.
For government departments the High
Assurance approach to SD WAN enables the
secure utilisation of low-cost SD-WAN
connectivity, which is a huge financial
incentive. Furthermore, there are no
constraints on network redesign; no barriers to
the types of data or applications that can be
migrated to the cloud, which ensures both
operational agility and a consistent data
security posture that can evolve throughout the
Digital Transformation journey, from on
premise, through hybrid, to the cloud. This
means Digital Transformation plans can be
accelerated and departments can quickly
realise economies of scale.
CONCLUSION
Delaying Digital Transformation is creating
unacceptable risk and incurring unacceptable
costs. Every postponed decision compromises
progress and leaves government departments
at the mercy of vendors who are continuously
inflating maintenance and support charges.
The transformation away from legacy to
current technology is an absolute must - a fact
clearly recognised by government department
heads who are having to explain, under fire,
why they are continuing to spend Treasury
money on outdated IT projects.
Right now, most decision making committees
are using the concept of data risk as an
excuse for not progressing Digital
Transformation. But any claim that plans
cannot move forward due to regulatory
compliance or internal controls are no longer
true - that risk argument has been addressed
and resolved.
The benefits of Digital Transformation are
indisputable, from systems stability to hugely
significant cost savings: so just what is the
excuse for continued mis-spend of public
money and failure to follow well established
routes to the cloud? NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 25

FEATURE: CLOUD
LEVERAGING THE DATA DELUGE
LAURA MALINS, DIRECTOR OF PRODUCT MANAGEMENT AT
MATILLION, EXPLAINS HOW TO UNLEASH YOUR UNTAPPED
DATA POTENTIAL WITH A MODERN CLOUD STRATEGY
Only as recently as five years ago,
mining data insights in sufficient time
to deliver outcomes was almost
unheard of. The arrival of cloud data analytics
changed all that, with many business leaders
now counting on data to inform real-time
decisions and maintain relevance in the market.
The evolution of modern data analytics means
organisations now have the right ingredients to
deliver meaningful improvements to businesses,
but managing the complexity and volume of
data they produce requires very specific tools.
Right now those tools aren't up to the task.
Our research suggests three quarters of UK
data professionals believe outdated and
inefficient data integration processes are
wasting business resources and hampering
productivity. Despite the boom in cloud
investment, the reality is that most organisations
are grappling with legacy tools and struggling
to deliver meaningful insights as a result. In the
context of an ongoing data talent war, if this
failure to adapt technology offerings to meet
the needs of the workforce persists, it could
make the situation untenable.
So, what is the solution? For businesses aiming
to take advantage of the scale and performance
benefits of the cloud, a modern cloud data
stack has a pivotal part to play. Adopting this
approach starts with considering the challenges
that can present barriers to data engineers in
their quest to deliver transformation:
The "Three Vs" of data pools: As modern
data evolves, it grows in volume, variety,
and velocity. Assessing these metrics is key
to understanding how big data can be
measured, yet the complexity involved can
often hinder data migration efforts.
War for data talent: As demand for tech
skills soars, organisations clearly recognise
the value of big data to boost innovation
and the bottom line. Having the talent to
act on it is another conversation, however.
Nearly half (46 per cent) of businesses have
struggled to recruit for data roles over the
last two years, according to the DCMS.
Legacy data management: Outdated data
tools and process could be costing
organisations up to £32.5 million a year,
according to McKinsey estimates. The
subsequent cascading impacts of inefficient
data maintenance can be felt companywide,
ultimately making data
democratisation more difficult to achieve.
CLOUD DATA ANALYTICS
A business' ability to overcome these issues
depends on how effectively teams can implement
a modern cloud data stack. Data teams, unable
to realise the full power of cloud data analytics,
tend to be restrained by manual integration and
therefore deprived of time. Strategic and
analytical work to prioritise their data needs
however can help data engineers benefit from
enhanced automation, and transform their raw
data into analytics-ready data.
The "Three Vs" of data can then be better
managed if it is refined as quickly as possible
once generated, opening up vast data sets to
immediate business application. Streamlining the
data integration process in this way empowers
typically overloaded data teams to deliver critical
insights much faster than previously.
As business leaders try to tackle the data skills
gap, they need to rethink how they can
accommodate the needs and nurture the
capabilities of the workforce. Deploying lowcode
and no-code interfaces is another route
to improving data democratisation from the
bottom up. Typically with little knowledge of
programming, business users need to quickly
tap into key business insights with minimal effort
to progress their analytics projects. Such an
approach makes data accessible and usable
for the wider team and allows data engineers to
reallocate time to taking advantage of what the
cloud has to offer.
To truly keep pace with the paradigms of the
cloud and data needs of the enterprise though,
a modern cloud data strategy, underpinned by
a single cloud platform, merits consideration.
For some time, legacy Extraction,
Transformation, and Loading (ETL) processes
for data have been rigid, time-consuming, and
simply incapable of managing the new,
unprecedented volume of data. Yet, modern
ELT processes - taking place in the cloud - are
much more agile and can help teams across
organisations ingest data and make strategic
decisions at speed.
THE COLLECTIVE BENEFIT
The evolution of the modern data fabric
shows no sign of slowing down. Yet the
increasing volume, complexity, and speed at
which business's data footprints are growing
means a shift towards a modern cloud data
stack is imminent.
An influx of unstructured data requires
seamless management, automation, and
analysis if organisations are to extract and
operationalise insights. The workforce should
be equipped with the processes to leverage
data more easily and effectively if businesses
are to improve productivity and allow the
wider organisation to benefit from collective
insight. NC
26 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCT REVIEW
Progress WhatsUp
Gold 2022
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
In the world of network monitoring, WhatsUp
Gold (WUG) has a remarkable track record
going back to the early 1990s. It's easy to
see why as it has consistently offered an
unbeatable range of monitoring tools ideally
suited to SMBs and enterprises. Not content to
rest on its laurels, Progress has implemented a
vigorous development program and the latest
WUG 2022 adds even more valuable features.
Centre stage is support for the Progress
Loadmaster and Flowmon appliances as WUG
2022 can discover and monitor them.
Alerting gets a boost as it can now send
notifications to Microsoft Teams groups and
users. Access security is even tighter, as the
WUG dashboards offer new customisation
features for greater visibility and the log
management service provides regulatory
compliant archiving.
Progress offers flexible licensing options with
the Premium edition available on device-based
yearly subscriptions or with a perpetual license.
An alternative is points-based licensing where
each device, regardless of hardware
components, costs one point while NetFlow
data sources or monitored applications cost
ten points each.
The Premium edition includes core features
such as discovery, interactive mapping, alerting
and reporting plus cloud, wireless network and
storage monitoring. The optional add-on
modules can be purchased separately while
the Total Plus version includes them all, and
smaller businesses will love the new free
edition which includes a perpetual 20 points of
monitoring goodness.
Installation on a Windows Server 2019 host
took 30 minutes and discovery is also swift. A
wizard helped conjure up the first one and
after we'd added all our credentials, it reported
back in 10 minutes with a complete list of all
our network devices. The WUG web console is
a pleasure to use as it's simple to navigate with
only four main options in its upper menu
ribbon. We could easily create custom network
discoveries, pull up network topology views,
swap to a network map and create custom
analysis dashboards.
The Analyse tab provides deep insights into
device status with the home dashboard
presenting a real-time graphical network
overview along with predefined tabs showing
the top 10 busiest devices, actions, critical
errors and storage status. You can add more
tabs as required and increase the number of
columns, making it easy to create your perfect
NOC (network operations centre) views.
We run the Progress VMware Flowmon
Collector appliance in the lab for application
security and anomaly detection, and after
adding SNMP and REST API credentials,
WUG discovered and correctly identified it
by assigning a special Flowmon icon to it.
The Analyse tab also has a new option for
accessing dashboards and events for
Flowmon appliances. We could view details
such as total traffic, packets, responses and
flows for areas such as users, QoS/ToS, mail,
services and so on. The Home dashboards
offer seven reports specifically for Flowmon
data so you can quickly add these graphs to
NOC views.
WUG provides great alerting features and
uses policies to link device state changes with
a range of actions including running a
program, restarting a service, sending emails
and posting alerts. A Post to MS Teams is
provided in the actions menu, and we had no
problems adding our account using the Teams
Incoming Webhook connector and
customising the example JSON template to
add specific details in the alert messages we
wanted sent out.
WhatsUp Gold 2022 offers a remarkable
range of network monitoring tools and its
smart dashboard is clearly capable of
presenting a wealth of valuable information
about your network. It's easy to deploy and
use, the flexible licensing options make it very
affordable and the seamless integration with
LoadMaster and Flowmon appliances makes it
even more appealing. NC
Product: WhatsUp Gold 2022
Supplier: Progress Software Ltd
Tel: +44 (0)1344 360444
Web site: www.whatsupgold.com
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 27

OPINION: CYBER RESILIENCE
STRENGTHENING THE UK'S CYBERSECURITY RESILIENCE
NEW LAWS ARE BEING PROPOSED BY THE UK GOVERNMENT TO DRIVE SECURITY STANDARDS IN
OUTSOURCED IT SERVICES USED BY ALMOST ALL UK BUSINESSES
The proposed laws come in the wake
of recent high profile cyber attacks
targeting SolarWinds and Microsoft
Exchange Servers, which highlighted
vulnerabilities in third-party products and
services which can be exploited by
cybercriminals. Mike Foster, Channel
Manager, VIPRE explains how these laws
will affect the channel market and help to
strengthen the country's cyber resilience,
with MSPs taking on a more important
trusted advisor role than ever before.
THE ROLE OF THE TRUSTED
ADVISOR
Since 2018, Network and Information
Systems (NIS) Regulations have been in
force to improve the cybersecurity of
companies which provide essential
services, such as water, energy, transport,
healthcare and digital infrastructure. These
regulations require such businesses to
undertake risk assessments, put in place
reasonable security measures to protect
their network, and report any significant
incidents whilst having plans in place to
recover if an attack occurs. Those who fail
to implement effective cybersecurity
measures can be fined as much as £17
million. However, the government now
wants to widen the list of companies that
comply with such measures to include
Managed Service Providers (MSPs).
With more businesses undergoing digital
transformations and shifting to the cloud,
which was accelerated over the pandemic
as a means to survive, there has been an
increase in dependence on MSPs to act as
a business' trusted advisor to assist them
on their digital journey. These IT partners
are also crucial in boosting the growth of
the country's £150.6 billion digital sector,
and therefore play a monumental role in
the economy.
Outsourced IT
services
should
create a
solid
cyber
security strategy for the businesses who
choose them. Security standards should
therefore be high - especially to battle the
ever-developing and innovative
cybersecurity market, with new
methodology and tactics constantly
evolving from hackers. As highlighted in the
Government's recent announcement: "Every
UK organisation must take their cyber
resilience seriously as we strive to grow,
innovate and protect people
online. Additionally,
outsourced IT
providers have
the
28 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: CYBER RESILIENCE
knowledge, skills and solutions for
businesses to benefit from and leverage to
keep their data, networks and users safe.
By partnering with an established MSP
who can act as an external security partner
to help businesses achieve cyber resilience,
the pressure and responsibility of defending
the business against cyber threats will lay
with the expert. This creates a unique
opportunity for MSPs to guide customers on
their cybersecurity journey and ensure they
are receiving relevant education and have
the right technology and tools in place to
protect their businesses. By identifying the
gaps in their cyber needs, or allowing an
MSP to make these judgments, a strong
infrastructure can be built upon the
business' existing setup.
REPORTING INCIDENTS AND
DAMAGE LIMITATION
Other published proposals include
improving the way organisations report
cybersecurity incidents and reforming
legislation so that it is more flexible and
can react to the speed of technological
change. This is specifically timely due to the
increase in ransomware attacks, particularly
during the peak of COVID-19, which saw
twice as many ransomware attacks occur -
taking advantage of remote workers being
away from the help of IT teams, and of the
businesses that pay the ransom fee, such as
in the Colonial Pipeline attack, where the
cybercriminal group DarkSide were paid
nearly $5m (£3.6m) in ransom.
If a ransomware attack were to take
place, it is important that the organisation
works with local authorities to try to rectify
the issue and follow their guidance. Often,
many ransomware attacks go unreported -
and this is where a lot of criminal power
lies. Prevention is always better than cure,
and damage limitation and containment
are important right from the outset. Most
organisations should have a detailed
disaster recovery plan in place and if they
don't, they should rectify this immediately.
The key to every disaster recovery plan is
backups. Once the breach has been
contained, businesses can get back up and
running quickly and relatively easily,
allowing for maximum business continuity.
As soon as the main threat has passed, it
is recommended that all organisations
conduct a full retrospective audit, ideally
without blame or scapegoats, and share
their findings and steps taken with the
world. Full disclosure is helpful - not only
for customer, client or patient reassurances,
but also for other organisations to
understand how they can prevent an attack
of this type being successful again.
EQUIPPING BUSINESSES ON THEIR
CYBERSECURITY JOURNEY
The UK Cyber Security Council, which
regulates the cybersecurity profession, also
needs powers to raise the bar and create a
set of agreed qualifications and
certifications so those working in
cybersecurity can prove they are properly
equipped to protect businesses online.
With security breaches showing no signs
of slowing down, MSPs must be constantly
vigilant and develop cyber resilience
approaches that go beyond deploying
security solutions. This means having not
only the market-leading technology
available, but also the technical expertise
to support business security plans and
growth. MSPs must take a proactive role in
understanding the current state of a
customer's ability to protect against, prevent
and respond to modern cyber threats
when recommending the best
approaches to true cyber resilience.
Have they engaged in phishing
penetration testing? Is sending an
email to the wrong person an
embarrassing mistake or a data
breach? Are they using a
layered and dedicated security approach or
settling for security as part of a broader
'cloud services' package? These are just
some of the key questions MSPs should be
asking when they look to fulfil their trusted
advisor role.
CONCLUSION
MSPs have privileged access to their
client's networks and systems, potentially
enabling attackers to attack a wide range
of organisations through a single breach.
This is why it's of the utmost importance
for all outsourced IT providers to
understand the role they play in keeping
business data secure, while also educating
their customers on how to become more
cyber resilient. Combining MSP
knowledge and expertise with
government-backed credentials should
surely be a winning formula for the IT
security industry and enable MSPs to
prove to their clients they have what it
takes to keep their businesses secure. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 29

EVENT ORGANISERS:
Do you have something coming up that may
interest readers of Network Computing?
Contact dave.bonner@btc.co.uk
FORTHCOMING EVENTS
FORTHCOMING EVENTS
2022
FORTHCOMING EVENTS
21
JUN
23
JUN
12
JUL
CIO/CISO DACH SUMMIT
Frankfurt Germany
https://bit.ly/3tkTd96
NETWORK COMPUTING
AWARDS DINNER
London
www.networkcomputingawards.co.uk
CIO/CISO IRELAND SUMMIT
Dublin, Ireland
https://bit.ly/3P0NdLE

PRODUCT REVIEW
Fluke Networks
FiberLert
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
Fibre cabling is by far and away the
predominant choice for connecting highperformance
networks and is used for
core networks and backbone connections by
data centres, data communications providers,
campus networks and much more.
With fibre networks carrying so much
critical data it is imperative that fibre cabling
is kept in tip-top condition and that faults
are identified quickly to avoid major
downtime and loss of services. Often, the
biggest problems facing network engineers
are broken or sub-standard cabling, dirty
cable connections, faulty transceivers and
failed ports.
The FiberLert from Fluke Networks is an
elegantly simple and eminently safe testing
solution that is designed to detect active fibre
signals, allowing it to be used to troubleshoot
switch and host ports, transceivers, cables and
polarity. It detects active signals in singlemode
and multimode fibre with an infrared
range of 850nm to 1625nm and can be used
for ports and patch cords, SM, MM, UPC and
APC connections.
It will appeal to network engineers that only
have an occasional requirement to test fibre
connections and don't want to make a big
investment. The FiberLert is compact, easily
portable, incredibly simple to use and with a
price tag that's only a shade over £100, is
exceedingly good value.
This Sharpie-sized tool is constructed of
sturdy impact resistant plastic and has a solid
pocket clip. It's powered by two AAA batteries
which are easily accessible by releasing and
sliding the yellow cover backwards.
The FiberLert is designed for one-hand use
and has a single button on its upper surface
where one quick press turns it on and a two
second press mutes or enables its internal
beeper. It'll conserve battery life if you forget
to turn it off as after five minutes of no
inactivity, it powers itself off.
The business end has a single ceramic
ferrule and its non-contact design reduces
the likelihood of contamination or
damage. To test a transceiver, you just hold
it in front of its ports and it'll tell you if it
detects a signal.
Likewise with fibre cabling terminals, as the
FiberLert's tethered protective cap has a
ferrule adapter below where you place one
end over the FiberLert's detector and plug the
cable ferrule into the other side to ensure
perfect alignment. The FiberLert really is a
cinch to use as when turned on, its smart
LightBeat feature flashes the single red LED in
front of the button to confirm it is powered on
and battery life is good.
When it detects an infra-red light source
from the device or cable under test, the
LED turns solid red and the beeper sounds
continuously. There's nothing to set up,
read or interpret - there's either a signal or
there isn't.
We used it to test a range of lab equipment
including our TP-Link TL-SX3016F core switch
which provides sixteen SFP+ 10GbE ports.
With transceivers inserted, we moved the
FiberLert probe within a few millimetres of the
ports on test and it immediately confirmed
which one was presenting a signal.
It proved invaluable to us as we'd recently
been experiencing connectivity issues
between one of our 10GbE-enabled servers
and the switch. We confirmed that the server's
transceiver was functional, used the
FiberLert's ferrule adapter to verify a signal
was passing through the cable and that
polarity was correct, and then found that the
transceiver in the switch was faulty - all in less
than a minute.
The Fluke Network FiberLert takes all the
guesswork out of troubleshooting fibre
activity, polarity and connectivity. It's very
affordable and we found it so simple to use -
right-thinking network engineers won't leave
home without it. NC
Product: FiberLert
Supplier: Fluke Networks
Web site: www.flukenetworks.com
Tel: +44 (0)207 942 0721
Price: £101 exc VAT
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 31

OPINION: DATA CENTRES
THE DATA CENTRE IN 2022 AND BEYOND
THE TIMES THEY ARE A-CHANGIN' FOR THE DATA CENTRE,
ACCORDING TO PETER MILLER, SALES MANAGER AT ETB
TECHNOLOGIES
We live in an ever-changing, datahungry
world - and IT and data
centre managers need to ensure
their set-up is fit for purpose, especially with
the changing nature of work accelerated by
the pandemic. These managers need to
question whether their existing estates meet
the businesses' needs both now and in
preparation for any future challenges
caused by external forces - be it regulatory
or another unprecedented global crisis.
One side-effect of the pandemic was a
reallocation of budgets as businesses had
to rethink their physical office and IT
needs. According to data from Synergy
Research Group, cloud spend in 2020
"dwarfed" investment in on-premise
solutions, growing by 35% to reach almost
$130 billion versus just $90 billion for data
centres. However, as offices reopen and
the way we work changes once again, it is
possible that budgets will again change
and on-premise infrastructure will increase
in 2022 in beyond.
With no crystal ball at hand to see exactly
what will change about business operating
models, it seems like ensuring IT estates are
fit for the future is a lost cause; however
there are some things to consider that will
help - whatever changes come our way.
COMMIT TO A FULL REVIEW
Reopening offices doesn't mean returning to
the way things were in 2019. Many
businesses will maintain a hybrid working
model, so what worked before businesses
went remote doesn't necessarily mean it will
work as we return.
A hybrid model means a high level of
traffic as team members access and save
files from multiple locations. IT managers
must ensure their estate can cope with this,
and consider where adaptations and
improvements might be needed, specifically
concerning storage capacity, networking
capabilities, and connectivity and
bandwidth. This is particularly important as
we continue to see employees use online
collaboration tools like Microsoft Teams to
edit documents in real-time, as well as
access internal servers.
Part of this review should involve a
consultation with the wider organisation to
better understand the company's full IT
usage. Reviewing the tools, processes and
practices that occur at all levels will better
inform the technical team of any
enhancements that are needed within an
organisation's data centre - and beyond.
Only once this has been done can changes
be made to strengthen the data centre and
make it fit for purpose in the future.
BUILDING IN FLEXIBILITY
If the pandemic has taught us nothing else,
it's that we need systems and processes in
place that can be turned on and off when
our technology and operations requirements
change - potentially overnight. While this
was most obvious in March 2020, no one
could have envisaged then that it would be
two years until we considered returning to
the office again. As a result, we all know
now that embedding flexibility within data
centre architectures to scale up (or down)
according to the current organisational
needs is an absolute must.
Achieving this requires planning: not just
consideration of what's needed right now,
32 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: DATA CENTRES
but also allowing flexibility for extra
capacity down the line. That's not to say
that IT managers should automatically
spend their budget on the biggest capacity
system - but they should be looking for an
upgrade-friendly configuration. For
example, half populating a server's
memory slots with 32GB Dimms may be
more prudent than completely filling them
with 16GB Dimms.
Another example would be purchasing a
48-port switch over a 24-port switch. The
former option provides the additional
ports to use if required; the latter would
require an additional switch. Taking all
this into account will ensure the IT estate
has the flexibility embedded from the
outset to futureproof, which may also
mean budgets are better managed.
Consideration for data migration must
also be top of mind for IT managers. Due
process must be given while a migration is
happening, with temporary solutions in
place to limit downtime. This is where
utilising refurbished enterprise IT
equipment can help. Rather than
following an "invest-to-upgrade" strategy,
companies may choose to rent the
equipment that's needed on a short-term
basis until the migration is complete.
There are several companies, including
ETB, that can help organisations of all
shapes and sizes source this stopgap,
enabling them to continue operations
until the migration is complete
BYPASS SUPPLY ISSUES BY BUYING
REFURB
The refurb market can also help in
addressing the current supply chain crisis.
Delivery staff shortages combined with a
global semiconductor shortage means
some businesses are waiting up to 100
days for brand new servers and
networking equipment. For many business,
IT requirements change far too quickly to
accept waiting more than three months for
a piece of kit.
More and more organisations are
considering alternative routes to get the
equipment they need, with many seriously
considering refurbished enterprise IT
equipment for the first time. Gone are the
days when refurbished equated to old and
slow; indeed, even equipment that is just
one generation older than its "brand new
equivalent" can often be used for as long
as its newer peer, with the added benefit
of providing significant cost savings.
Equally, the refurb market also presents a
stronger opportunity for spare or
replacement parts to be sourced in a short
amount of time - sometimes seeing
processing and shipping times cut by 10x
than buying new.
The opportunity to upgrade equipment is
also greater when it comes to refurbished
tech, as specs can be adapted to better
suit the user. All this means that businesses
can reinvest any savings in other areas of
the IT estate or business to drive recovery
or mitigate any impact from rising costs
resulting from changes to inflation.
Put simply, when it comes to the data
centre this year and beyond, speed, flex
and source of technology must be high on
the agenda to make sure organisations
have a data centre to meet their needs -
both now and in the future. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2022 NETWORKcomputing 33

OPINION: HYBRID WORKING
A RESILIENT APPROACH TO HYBRID
WORKING
HYBRID WORKING PRESENTS A NUMBER OF SECURITY
CHALLENGES FOR IT TEAMS. RODOLPHE HARAND, VP OF
SALES AT YESWEHACK, LOOKS AT HOW TO ADDRESS THEM
During the first lockdown, 60% of UK
employees worked remotely. Now
as offices reopen, many businesses
find themselves continuing to support
remote working while encouraging staff to
come in a couple of days a week.
With British workers favouring remote
working according to a recent YouGov poll,
rather than an all or nothing approach,
companies are adopting a hybrid working
approach. Although beneficial for
employees, hybrid working is placing
pressure onto business leaders to achieve a
balance between providing staff with
increased flexibility while also contending
with a host of security issues arising from
having a distributed workforce.
PUBLIC NETWORK CHALLENGE
Even before the pandemic, the
safeguarding of corporate networks was
a high priority for IT teams. Now, with the
rise of hybrid working, IT team concerns
have only amplified as more employees
are using unsecured public Wi-Fi
networks in places such as coffee shops,
hotels and libraries.
While this increased flexibility is great for
employees, it raises a challenge for
organisations as they have little visibility on
the security standards of these networks.
Knowing this, cybercriminals are setting up
routers in public places. Once an
unsuspecting employee connects to one of
these routers, the cybercriminal has access
to their communications and can infiltrate a
business' corporate assets.
Breaching a public network is a far easier
task for hackers than intercepting a wellprotected
company network. Think of it as a
criminal having multiple doors to breach a
premises, rather than one well-reinforced
front door. The easiest solution to tackle this
problem is mandating that employees use a
Virtual Private Network (VPN). Using VPNs
before signing onto a public network will
encrypt the employee's internet traffic and
flag any infractions on the corporate network.
SOCIAL ENGINEERING ATTACKS
INTENSIFY
In 2021, online fraud increased by 85%
according to a report by software company
Arkose Lab. The pandemic has also resulted
in a significant rise in social engineering
attacks, the act of exploiting human
interactions to trick individuals into sharing
sensitive data. An example of this is phishing,
where someone may receive an email
supposedly from the IT team asking them to
share their log-in details. Working remotely
increases the likelihood of being susceptible
to social engineering attacks as they rely
heavily on human error and manipulation.
Contributing to this is our increasing
reliance on digital communications. For
example, a new employee who is
onboarded remotely is less likely to be able
to identify legitimate correspondence
coming from within the business and more
prone to a cybercriminal's phishing email.
For IT teams, while anti-spam filters are a
good start, the key to success is enacting
cybersecurity policies and standards of
behaviour for all staff to follow, including
those working from remote locations. Part
of this means encouraging employees to
question the source of emails, investigate
irregularities and take the time to check
with others on communications they are
unsure about.
ELIMINATING POOR CYBER
SECURITY HYGIENE
Another key factor businesses should
consider is the behavioural difference
between employees working from home
and the office. Employees are more
inclined to partake in risky online activity
when working remotely as they don't have
the eyes of the IT department directly on
them. As a result, cybersecurity measures
are more likely to be contravened.
When it comes to cybersecurity, it is
ultimately your employees who are first and
foremost the strongest line of defence. It's
for this reason that organisations must
continuously invest in cyber awareness
training while also providing tools that
support secure remote working.
No matter how advanced the
deployment of your latest cybersecurity
tools are, if the right training is not
provided in the first place your defences
are already compromised. As hybrid
working becomes the new normal, IT
security teams must rise to the challenge
of preventing and combating the
associated security implications as in the
end, strong cyber resilience equates to
strong business resilience. NC
34 NETWORKcomputing MAY/JUNE 2022 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

SUPERMICRO
Edge Building Blocks
Accelerating Innovation at the Intelligent Edge with the Broadest Range of Systems
for Any Environment, Featuring 3 rd Gen Intel® Xeon® Scalable processors
Learn more at www.supermicro.com
© Supermicro and Supermicro logo are trademarks of Super Micro Computer, Inc. in the U.S. and/or other countries.