NC2405

NETWORKcomputing
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk
THE FINAL FRONTIER FOR NTNS
The challenges threatening the success
of non-terrestrial networks
OPTIMISING NETWORK
INNOVATION
Tips for a cost-conscious
climate
TESTING TIMES
Why software testing
automation matters
FUELING AI SYSTEMS
Best practices for dealing
with data
MAY/JUNE 2024 VOL 33 NO 02

CSPs NEED CAPACITY THAT
SHIPS PREPARED FOR DUTY
Supermicro delivers
complete, rack-ready
systems, from validation
through SW installation.
Powered by
AMD EPYC TM processors.
Accelerate your cloud.
Learn more at
www.supermicro.com/csp
© Supermicro and Supermicro logo are trademarks of
Super Micro Computer, Inc. in the US and other countries.

COMMENT
COMMENT
"AND OUR 2024 WINNER ARE..."
As we go to print with this issue the winners of the 2024 Network Computing
Awards have just been unveiled at an awards ceremony in central London (timing
is everything!). We'll have a full round-up of all of our winners in our next issue
but they include Netreo, who won both the Network Infrastructure Product of the Year
and Testing/Monitoring Product of the Year Awards and Veritas, winners of the Storage
Product of the Year and Product of the Year categories for Veritas Backup Exec.
Hornetsecurity were winners of the Data Protection Product of the Year award for 365
Total Protection as well as the Bench Tested Product of the Year award (Software and
Services Category) for 365 Permission Manager, while NetAlly's CyberScope Air wireless
network security scanner won the Bench Tested Hardware category. The Network Security
Product of the Year award was won by WatchGuard's Firebox M Series and Prism DCS
triumphed in the Customer Service category, while Zeus Cloud took home the trophy in
the One To Watch Company category.
Congratulations once again to all of our winners and a big 'thank you' to our sponsors
and everyone who took the time to vote online. You will find a complete list of the 2024
winners and runners-up on the awards website: https://networkcomputingawards.co.uk
and we'll have a full round-up in our next issue.
REVIEWS:
Dave Mitchell
DEPUTY EDITOR: Mark Lyward
(netcomputing@btc.co.uk)
PRODUCTION: Abby Penn
(abby.penn@btc.co.uk)
DESIGN: Ian Collis
(ian.collis@btc.co.uk
SALES:
David Bonner
(david.bonner@btc.co.uk)
SUBSCRIPTIONS: Christina Willis
(christina.willis@btc.co.uk)
PUBLISHER: John Jageurs
(john.jageurs@btc.co.uk)
Published by Barrow & Thompkins
Connexion Ltd (BTC)
35 Station Square,
Petts Wood, Kent, BR5 1LZ
Tel: +44 (0)1689 616 000
Fax: +44 (0)1689 82 66 22
SUBSCRIPTIONS:
UK £35/year, £60/two years,
£80/three years;
Europe:
£48/year, £85/two years £127/three years;
ROW:
£62/year, £115/two years, £168/three years;
Subscribers get SPECIAL OFFERS — see subscriptions
advertisement; Single copies of
Network Computing can be bought for £8;
(including postage & packing).
© 2024 Barrow & Thompkins
Connexion Ltd.
All rights reserved.
No part of the magazine may be
reproduced without prior consent, in
writing, from the publisher.
Stepping away from the awards stage, you'll find articles in this issue that offer advice
on optimising your network in a cost-conscious climate and consider how to keep pace
with the latest innovations in a period of rapid digital change. According to Cisilion's
Nathan Ashby "We've moved from keeping the lights on and building reliable infrastructure
to business transformation. We cannot use the same mindsets as we once did to
ensure the success of our businesses. As such the network's driving force now is to
enable business outcomes - which means we need to reinvent the network approach."
We also look at the future of the wireless network - both terrestrial and non-terrestrial -
and learn about the challenges faced by British software testers, and how software testing
automation can help. And we've done plenty of testing of our own this issue with our
latest product reviews, which include Highlight's Service Observability Platform and
Portnox Cloud's UAC (unified access control) solution. NC
GET FUTURE COPIES FREE
BY REGISTERING ONLINE AT
WWW.NETWORKCOMPUTING.CO.UK/REGISTER
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 03

MAY/JUNE 2024 VOL 33 NO 02
CONTENTS
CONTENTS
M A Y / J U N E 2 0 2 4
NETWORKcomputing
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk
THE FINAL FRONTIER FOR NTNS
The challenges threatening the success
of non-terrestrial networks
OPTIMISING NETWORK
INNOVATION
Tips for a cost-conscious
climate
TESTING TIMES
Why software testing
automation matters
FUELING AI SYSTEMS
Best practices for dealing
with data
BUILDING A SUCCESSFUL AI
STRATEGY............................12
Skip Levens at Quantum provides three
best practices for dealing with data to
create better AI systems
THE FINAL FRONTIER FOR NON-
TERRESTRIAL NETWORKS.........26
Nancy Friedrich at Keysight Technologies
explains how we can expand aerospace
and defence connectivity by moving from a
terrestrial to hybrid space / ground network
NETWORK INNOVATION......10
Alan Stewart-Brown at Opengear gives us five
top tips for network innovation while Nathan
Ashby at Cisilion explains why our networks
need to work harder and more intelligently
IT’S THE OFFICE, BUT NOT AS
WE KNOW IT.........................24
Principle Networks' Ian Wharton considers
the future of the wireless network - and why
the office we once knew no longer exists
TESTING TIMES......................30
Guy Arieli at BlinqIO gives us an overview
of software testing automation - and
explores why it really matters
COMMENT.....................................3
"And our 2024 winner are..."
INDUSTRY NEWS.............................6
The latest networking news
ARTICLES
OBSERVANT I.T.................................8
By Martin Saunders at Highlight
IT’S NOT OFFENCE OR DEFENCE -
IT’S BOTH!......................................14
By Ed Williams at Trustwave
FOUR KEY STEPS TO STRENGTHEN
CLOUD SECURITY..........................16
By Guy Warren at ITRS
ADVANCING NETWORK
EFFICIENCY....................................18
By Richard Petrie at LINX
YOU SHALL NOT PASS!...................20
By David Higgins at CyberArk
REVOLUTIONISING YOUR NETWORK
FOR TOMORROW’S DIGITAL NEEDS..16
By Nathan Ashby at Cisilion
HOLISTIC DATA CENTRE DESIGNS
FOR THE AI ERA..............................28
By Sam Bainborough at Vertiv
DESIGNING FOR HUMAN..............32
By Neil Thacker at Netskope
CAN YOU MANAGE IT?..................34
By Barry O’Donnell at TSG
REVIEWS
HIGHLIGHT SERVICE OBSERVABILITY
PLATFORM........................................8
NETALLY CYBERSCOPE AIR..............11
EXAGRID EX189..............................15
PORTNOX CLOUD..........................19
04 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

INDUSTRY NEWS
NEWSNEWS
NEWS NEWS
NEWS NEWS NEWS NEWS
NEWS NEWS
Enhanced Network Tester and Cable Qualifier from TREND
TREND Networks has announced major enhancements to its
SignalTEK 10G Network Throughput Tester and Cable
Qualifier, introducing a suite of features aimed at simplifying
operation, expanding functionalities, and improving overall
user experience. The SignalTEK 10G now offers users more
intuitive options with the new Basic Operation mode. With the
goal of streamlining Cable and Network Qualification testing,
this option is tailored to accommodate both novice and
experienced users, simply requiring a choice between copper
and fibre and the speed the user wishes to qualify, ranging from
10Mbps to 10Gbps for copper (including 2.5 and 5Gbps
Multigig), and 1Gb or 10Gb for fibre.
The SignalTEK 10G also now supports data transmission testing
at 1G and 10G using a single 10G SFP+ module, removing the
need for separate SFP modules for varying fibre speeds. The
addition of fibre length and dB Loss measurement via SFP/SFP+
modules sets a new standard for qualification testers, enabling
fibre qualification based on data transmission (BERT), cable
attenuation (dB loss), and cable length, adhering to IEEE
Ethernet, TIA, or ISO cabling standards. TREND has also listened
to user feedback and simplified the interface management.
Zyxel offer WiFi 7 for the price of WiFi 6
Zyxel Networks has launched a special promotion that gives
customers WiFi 7 for the price of WiFi 6 as a way of
highlighting the performance, quality and value of the latest
addition to its leading range of access points. For an unspecified
period, the company's NWA130BE WiFi 7 access point will be
available at a discounted price through Zyxel partners, enabling
customers to future-proof their networks for a longer period
without making a higher investment.
It also means both MSPs and end-user customers can get
experience the full benefits of Nebula, Zyxel's cloud
management platform, which provides simple remote
management capabilities and built-in security, and harnesses the
power of AI and machine learning to save time and maximise
network performance and availability.
Rachel Rothwell, Senior Regional Director, UK and Ireland,
Zyxel Networks, said: "We are making this offer, not only to
demonstrate our absolute commitment to delivering exceptional
value to our customers, but also because we are totally
confident in the performance, consistence and quality of our
WiFi 7 solutions. By investing in WiFi 7 today, SMBs can benefits
from the highest speeds and reliable connectivity, and futureproof
their networks for longer."
Vertiv SmartCabinet rack for applications at the edge
Vertiv has introduced the Vertiv SmartCabinet ID, an all-in-one,
fully sealed single-rack enclosure that delivers cooling, power,
and environmental protection for applications at the network
edge. The SmartCabinet ID is available now iwith multiple rack
sizes and cooling capacity options, including 24U and 42U
racks, and 3.5 kW and 7.0 kW of cooling capacity.
The sealed SmartCabinet ID solution protects the enclosed IT
equipment against dirt, dust, and fluctuating temperatures typical
of warehouses, factory floors, and other common edge locations,
and is IP54-rated for water-resistance, providing protection in
case of indoor sprinkler system activation. Integrated emergency
fans also provide backup cooling in the event of a power outage
or a primary cooling module failure. A built-in touchscreen
display with communication capabilities enables local or remote
monitoring and control of key components, while alarms and
notifications for local and remote users can be customised to
alert to out-of-spec ambient conditions.
06 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

INDUSTRY NEWS
Complete data centre liquid-cooled solutions
Supermicro is addressing the most demanding requirements
from customers who want to expand their AI and HPC
capacities while reducing data centre power requirements.
"Supermicro continues to work with our AI and HPC customers to
bring the latest technology, including total liquid cooling solutions,
into their data centers," said Charles Liang, President and CEO of
Supermicro. "Our complete liquid cooling solutions can handle up
to 100 kW per rack, which reduces the TCO in data centres and
allows for denser AI and HPC computing. Our building block
architecture allows us to bring the latest GPUs and accelerators to
market, and with our trusted suppliers, we continue to bring new
rack-scale solutions to the market that ship to customers with a
reduced time to delivery."
Supermicro application-optimised high-performance servers are
designed to accommodate the most performant CPUs and GPUs
for simulation, data analytics, and machine learning. The
Supermicro 4U 8-GPU liquid-cooled server delivers petaflops of AI
computing power in a dense form factor with the NVIDIA
H100/H200 HGX GPUs. Supermicro will soon ship liquid-cooled
Supermicro X14 SuperBlade in 8U and 6U configurations, the
rackmount X14 Hyper, and the Supermicro X14 BigTwin. Several
HPC-optimised server platforms will support the Intel Xeon 6900
with P-cores in a compact, multi-node form factor. In addition,
Supermicro continues to ship the broadest portfolio of liquid cooled
MGX Products in the industry, and has confirmed its support for the
new Intel® Gaudi® 3 accelerator and AMD's MI300X accelerators.
Hippodrome Casino holds all the aces with Extreme
The Hippodrome Casino, an iconic entertainment landmark in
London's Leicester Square, now relies on Extreme's WiFi 6E
solutions, data centre and edge switches, analytics and cloud
management platform to improve network performance,
streamline operational efficiency and provide first-class guest
experiences. In partnership with ITHQ, the Hippodrome deployed
a new wired and wireless network across its six-story facility,
delivering improved network reliability, flexibility and security.
For the Hippodrome - which consists of three casinos, eight
bars, a theatre, multiple restaurants and a three-story roof
terrace - ensuring uninterrupted WiFi availability is imperative to
delivering amazing guest experiences while maintaining
seamless operations. The historic entertainment venue can now
rely on a dynamic and adaptable network that is easy to
manage and provides enhanced visibility and insights to drive
organisational objectives.
Philip Mitchell, IT Director, The Hippodrome Casino said "While
the robustness of the WiFi solution is key for operations, on the
back end they are producing an amazing amount of customer
data for our analytics teams to look at. We can clearly see the
amount of traffic going through each particular system and the
impact our improved solutions are making on the business. Our
systems show that not only has the amount of monitored
endpoints doubled, but the number of alerts has actually
reduced to one-sixth of what they were."
CyberArk set to acquire Venafi for $1.5bn
CyberArk has signed a definitive agreement to acquire Venafi,
a leader in machine identity management, from Thoma
Bravo. This acquisition will combine Venafi's machine identity
management capabilities with CyberArk's identity security
capabilities to establish a unified platform for end-to-end
machine identity security at enterprise scale.
The combination of Venafi's certificate lifecycle management,
private Public Key Infrastructure, IoT identity management and
cryptographic code signing, with CyberArk's secrets management
capabilities will enable organisations to protect against misuse and
compromise of machine identities, vastly improve security, and
stop costly outages. Having a breadth and depth of options for
machine identity security all in one solution - deployable as SaaS
or hybrid - will enable faster risk mitigation for organisations of all
sizes looking to secure modern cloud environments.
NEWS NEWSNEWS
NEWS
NEWS NEWS NEWS NEWS NEWS
NEWS
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 07

OPINION: NETWORK OBSERVABILITY
OBSERVANT I.T.
MARTIN SAUNDERS, COO AT HIGHLIGHT OUTLINES THE TOP 5
IT OBSERVABILITY ISSUES COSTING BUSINESSES TIME AND
MONEY - AND HOW TO SOLVE THEM
Technology is the lifeblood of modern
business and every outage can directly
impact an organisation's performance,
revenue and reputation. To thrive, they must
streamline support processes and improve their
ability to observe the full stack of IT services, in
order to ensure that the employee and
customer experience is at its best. To this end,
here are five ways that IT operations can
increase their use of data to improve decisions
and create quantifiable advantages:
1. Getting what you paid for and ensuring the
network delivers what is promised.
Communication service providers are the
backbone of many IT operations, as well as
being a significant part of an IT budget.
Maximising this relationship can save both
money and reputations - but the problem is
that most providers are unable to provide
effective proof of delivery.
One of the first things to do is confirm that
service level agreements (SLAs) are being met.
Rather than rely on the service provider, look
for tools that will capture and utilise persistent
performance metrics and native SLA scoring
(including maintenance windows and
exceptions) for both individual connections
and grouped services. In this way, IT and
network managers can hold their providers to
account and reclaim credits where required.
2. The network is rarely to blame - but how to
prove it? Increasing dependence on the core
network and application services means that
it's hard to determine the source of issues,
which can increase meantime-to-repair when
outages occur.
With access to persistent network data,
separated into categories (such as
Broadband, Cellular, WiFi, LAN, Switches and
Applications), managers will be far better
equipped to pinpoint the source of problems
immediately. It's important to make sure that
you have an observability solution in place to
make metrics from these different categories
both understandable and comparable.
3. Centralised IT support structures are
forced to be reactive. Every outage in an
organisation has the potential to result in lost
revenues. The issue is that IT support teams
cannot be in every office or branch and by the
time an issue is reported, it is often too late.
Creating a support process that is proactive
rather than reactive will deliver considerable
benefits for both support teams and users.
Seek a flexible alerting suite with customisable
sensitivity to ensure that problems are flagged
long before they become outages, with alerts
integrated with support ticketing platforms.
4. Bandwidth requirements are always
changing and difficult to estimate. The
continually changing and increasing
technology requirements of a business will
stretch bandwidth capability. This is
combined with an absence of ways to
effectively measure and plan capacity,
forcing either expensive over-specification or
compromised reliability.
Access to data on network consumption and
application performance will make capacity
decisions based on real data far more accurate.
The latest tools will identify broadband speeds,
WiFi AP utilisation and analyse trends alongside
a reporting engine that removes the guesswork
from capacity planning.
5. Your network can't always be uniform.
Different regional requirements and legacy
technologies in different offices or branches will
fragment support processes, lowering efficiency
and increasing training costs. Whilst the
network may not be uniform, the view of it can
be. Tools that show the location and a servicecentric
view of network estates presenting all
the data in a standardised way will help ensure
a more uniform support process.
More IT teams are looking to increase
their use of data to improve decisions and
create quantifiable advantages. Many are
looking to achieve complete service
observability with standardised data
delivering insights across multi-tenants,
multiple technologies and SLA reports that
go beyond complex technical monitoring.
With a clear understanding of how complex
systems are performing, organisations can
identify significant events before they cause
an issue. NC
08 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCT REVIEW
Highlight Service
Observability
Platform
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
In today's highly competitive landscape,
businesses must ensure that the IT services
they provide are delivering on all counts. With
a track record going back over 20 years, UKbased
Highlight has the solution, as its Service
Observability Platform is designed from the
ground up to provide senior managers with
clear and unambiguous visibility into the
technologies and services that business success
depends on.
Delivered as a SaaS cloud platform, Highlight
scales across all business types, ranging from
single sites to global enterprises with multiple
locations and technologies in play. Value is
another compelling feature as you only pay for
what you need and unlike some competitors
Highlight is transparent about pricing, with its
entry-level subscription costing £500 per month,
supporting up to 100 devices.
Highlight's vendor-agnostic approach means
there's little beyond its remit as it integrates with
over 85 vendor services. Typical
communications technologies supported include
MPLS, SD-WAN, broadband, cellular, LAN and
Wi-Fi, and it works hand in glove with all main
vendors including Cisco, Cisco Meraki, Fortinet,
Aruba, Juniper, Cradlepoint and ThousandEyes.
Deployment is uncomplicated as Highlight has
minimal requirements and, unlike some other
competitors, doesn't need additional investment
in on-premises hardware. It leverages API
connectivity to cloud orchestrators, such as
those from Cisco and Fortinet, uses agents to
report on SNMP compliant network devices and
assesses application visibility and availability with
NetFlow data exports.
Highlight runs collections every three minutes,
retains all metrics data for a year and summary
reports indefinitely allowing long-term
comparisons to be conducted. Security is a top
priority as all data is encrypted using SSL prior to
transit to the Highlight cloud platform.
The informative portal opens with an Explorerstyle
tree in its left pane showing only the
locations, services, networks and devices that
are permitted by the user's role. This makes it
ideal for complex networks and multi-tenancy
environments as it can present all relevant
connections in views that are simple to
understand. The top-level view uses a unique
combination of 'Heat Tiles' and traffic light
indicators to show at-a-glance summaries of
service, network and device status so you can
quickly identify pain points. The portal is very
easy to navigate and it takes seconds to drill
down for more information, as you can traverse
from top-level estate views to individual
connections in no more than two clicks.
Highlight grades all issues into three categories
so you can quickly see stability, load and health
of all services and locations. It maintains
essential consistency across all views regardless
of the technology, connection or vendor. Tests
on routers and switches include connection
performance analysis. These determine packet
loss and delay and will be invaluable to network
service managers, as they can verify bandwidth
SLAs with users and give them high levels of
visibility into the network services being
delivered.
Alert smoke screens are avoided as Highlight
employs sensitivity controls which can be
customised for stability, load and health.
Inherited settings mean that sensitivity controls
for an entire estate can be deployed with one
click. Highlight uses webhooks and email for
integration with many third-party workflow
automation products, including ServiceNow and
AutoTask. It also uses APIs to integrate report
data into external analysis systems such as
Microsoft Power BI.
The Highlight Service Observability Platform
ensures that IT managers and support teams
responsible for the smooth operation of business
IT services are not living in a digital void. It's
clearly capable of providing high levels of
information in real-time about network service
and application performance but presents it all
in a format that anyone can understand, and its
SaaS model makes it highly flexible and very
affordable. NC
Product: Highlight Service Observability Platform
Supplier: Highlight
Web site: www.highlight.net
Telephone: +44 (0) 1483 209 970
Price: Monthly Entry - 100 devices - £500 exc
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 09
NETWORKcomputing
@NCMagAndAwards

OPINION: NETWORK INNOVATION
OPTIMISING NETWORK INNOVATION IN A COST-CONSCIOUS CLIMATE
ALAN STEWART-BROWN, VP EMEA, OPENGEAR GIVES US FIVE TOP TIPS FOR NETWORK
INNOVATION AS I.T. BUDGETS DWINDLE
In 1980, Robert Metcalfe's formulation,
known as Metcalfe's Law, posited that a
network's value increases exponentially with
each new connected device. Decades later, in
an era of billions of devices and server cores,
we're witnessing a scale of connectivity that
likely surpasses even what Metcalfe might have
imagined. The current wave of IT
transformation is notably driven by AI and
Generative AI, significantly impacting business
efficiency and necessitating robust network
infrastructure investment.
However, today's economic climate
increasingly compels CFOs to scrutinise budget
allocations more closely, presenting challenges
in maintaining and innovating network
infrastructure. To ensure networks remain fit for
purpose amidst these issues, here are the top
considerations for businesses.
1. Invest in a unified management framework:
Enterprise observability often reacts to issues
only once problems like application failures, or
connectivity losses, arise. The shift towards
virtualisation and management fragmentation
in the enterprise make it difficult to achieve the
observability needed to not only troubleshoot,
but to automate too. A management
framework that connects to physical and virtual
infrastructure through a single interface,
coupled with management applications such as
Splunk or Juniper's Apstra, creates a closed
loop observability system which accelerates the
time to problem resolution. It also provides the
foundation for automation on day 0 and
monitoring on day 2.
2. Leverage automation and AI for more
efficient operations: Automation, enhanced by
AI can significantly increase operational
efficiency and reduce errors. These
technologies automate repetitive tasks such as
checking configurations, authentication, and
logging. However, without a unified
management framework the full benefits of
automation and AI will not be realised. While
virtualisation and software-defined networking
have essentially changed what is analogous to
the product in industrial automation, the factory
must be redesigned with a unified management
framework. Otherwise the benefits will be
restricted to single tasks.
3. Multi-cloud and hybrid deployments provide
opportunities: The drive for local application
hosting due to latency and privacy concerns
introduces the challenge of managing private
cloud infrastructures. An emerging model is
utilising public cloud infrastructure on premise.
The public cloud provider is responsible for the
Infrastructure as a Service (IaaS) and the
desired degree of interconnection to the public
cloud can be set. In some models, the network
operator is responsible for managing the
physical infrastructure and network connectivity.
Meanwhile, the public cloud provider is
responsible for the public cloud software
platform. This enables the organisation to
maintain the same tool chains and reduces the
overall management burden.
4. Additional security layers on networks are
necessary: With increasing cybersecurity threats,
additional security layers are essential. A unified
management system that integrates security
applications can ingest real time telemetry data
and use AI to spot suspicious behaviour and
respond to threats promptly. Full visibility and
control over the network is critical to mitigate
the risk of security breaches and reduce
compliance risk and insurance cost.
5. Embrace 5G and edge computing: As 5G
becomes mainstream, edge computing is
gaining prominence, enabling new applications
and data processing closer to data collection
points. 5G's rapid connections facilitate the
transition as enterprises balance their network
usage across data centres, the cloud, and the
edge, benefiting high-response applications
such as VR/AR and autonomous vehicles and
accelerating technology adoption.
Navigating network innovation amidst
tightening budgets requires a strategic
approach focusing on secure, cost-effective
management frameworks like Smart Out-of-
Band management. Such strategies underline
the importance of a unified management
framework for cost reduction, particularly
during economic downturns. It promotes
efficiency from initial deployment, through
effective network monitoring and mitigating
failures, ensuring substantial savings. In
challenging economic times, organisations can
enable the security of their network
infrastructure moving forward, while
maintaining focus on impactful customer
experiences and ensuring profitable operations
in tandem. NC
10 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCT REVIEW
NetAlly CyberScope
Air
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
When NetAlly launched its CyberScope
last year it proudly hailed it as the
world's first wired and wireless
handheld network vulnerability scanner capable
of providing in-depth cybersecurity analysis and
reporting. NetAlly has now released the
CyberScope Air, which places all the same great
features in the hands of technicians responsible
for wireless security at the network edge.
As you'd expect, the CyberScope Air fully
supports Wi-Fi 6/6E networks and brings
visibility into the 6GHz band, where it can
connect at its full data rate and capture
frames. It's capable of providing a wealth of
information including site surveying, analysis
and troubleshooting tools, network discovery,
L2 and L3 path analysis, short-term monitoring
facilities with real-time wireless measurements
and trend graphs that highlight network
changes over time.
The CyberScope Air identifies all Wi-Fi and
Bluetooth/BLE devices, shows where they are
connected and can easily spot rogue access
points (APs). Even better, it identifies everything
on wireless networks including IoT, OT and
unmanaged devices.
Vulnerability scanning gets a big boost as the
CyberScope Air runs the well-respected Nmap
utility. It can perform on-demand scans for
endpoint audits using built-in or custom scripts
and neatly integrates Nmap with its AutoTest
and network discovery tools. The device also
works directly with NetAlly's Link-Live cloud
portal for topology mapping, analytics and
remote control. Link-Live sees a significant
upgrade as it adds an interactive dashboard
view of discovery results and WiFi data to
provide technicians with an 'at a glance'
snapshot of what is happening on their
wireless networks.
The CyberScope Air runs the same Androidbased
OS as NetAlly's other handheld analysis
products, which will appeal to novices as well as
technicians and engineers. As we've frequently
said in previous NetAlly product reviews - if they
can use a mobile, they can use the CyberScope
Air. The 5in. colour touchscreen presents icons
for quick one-tap access to all tasks and you
can install other third-party Android apps. The
screen's FAB (floating access button) opens
floating action menus offering instant access to
further analysis tools related to the selected task.
The CyberScope Air is easy to use and for
testing, we created new AutoTest Wi-Fi profiles
that connected to the lab's Netgear WAX630E
and Zyxel WAX640S-6E tri-band APs over their
6GHz radios using WPA3 encryption. Profiles
are started with one tap and after 25 seconds,
they reported back with an incredible amount of
wireless information presented as 'cards' colour
coded to indicate warnings or errors.
The Wi-Fi test discovers internal and external
wireless networks with the Channels map screen
offering an extra Map 6E tab. You can drill
down for more details on channels, active
SSIDs, associated APs, encryption schemes,
connected clients and detected Bluetooth/BLE
devices.
Nothing can hide from the Discovery tool
which presented us with a list of every device on
our network - including some we didn't know
about that warranted further investigation.
Nmap is another one-tap app where you can
run any of the predefined tests or create your
own scripts for deeper endpoint analysis.
After claiming the device for our Link-Live
portal account, we could upload test results,
browse them at our leisure and share them with
colleagues. The interactive dashboard view is
very impressive as it presents a heap of graphs
showing the number of discovered Wi-Fi
devices, SSIDs, channels in use, active
encryption schemes and much more.
The combination of powerful diagnostics
tools and vulnerability scanning makes
NetAlly's CyberScope Air a highly desirable
tool for technicians tasked with maintaining
wireless network security. It's remarkably easy to
use and clearly capable of filling the security
gaps that common network monitoring
products leave behind. NC
Product: CyberScope Air
Supplier: NetAlly
Web site: www.netally.com
Telephone: +44 (0)115 865 5676
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 11
NETWORKcomputing
@NCMagAndAwards

OPINION: AI STRATEGIES
BUILDING A SUCCESSFUL AI STRATEGY
SKIP LEVENS, DIRECTOR, MEDIA AND
ENTERTAINMENT AT QUANTUM PROVIDES THREE
BEST PRACTICES FOR DEALING WITH DATA TO CREATE
BETTER AI SYSTEMS
As organisations
everywhere look to
harness the
transformative benefits of AI,
finding ways to effectively implement
this ground-breaking technology is
proving challenging. According to
Gartner, 85% of all AI projects fail to
produce positive outcomes for businesses
and a significant number of R&D projects
never make it to production.
To realise on the promise of AI,
however, organisations will first need
to be able to successfully
operationalise it. This involves
feeding AI models with training
data gathered from a variety of
sources in the most efficient and
resilient way possible.
Ultimately, an AI solution will
only be as good as the data and
metadata content it has to work
with. Plus, this data needs to
be appropriately organised
and labelled to make it both
accessible and easily
searchable.
To maximise the success
of their AI projects,
organisations will need
to implement an endto-end
infrastructure
that makes it possible
to capture fresh data
and update AI models
in a highly adaptive
manner.
GETTING TO GRIPS WITH AI
When it comes to building AI systems,
organisations operating in specialist
arenas such as healthcare, law,
construction, or tax and accountancy
often utilise foundational AI models
featuring predefined data sets and
algorithms.
These general AI models are then
trained to undertake analysis for specific
tasks. For example, a medical research
firm might train a model using a massive
repository of millions of MRT images so it
can learn to detect cancer cells.
Meanwhile, an insurance firm might look
to utilise AI and machine learning to
identify patterns and anomalies that are
indicative of fraud.
To ensure these software models
perform as expected, however,
organisations will need to fuel and scale
these generic foundational AI models
using both structured and unstructured
data. Let's look at three best practice
principles that should underpin a data
management strategy that is optimised
for AI.
1. AI and data: why data is king
Training an AI model to undertake
specific tasks successfully depends on the
quantity, quality, and variety of the
underlying data the model has access to.
The more data a model is trained on,
the better it is able to learn to perform
tasks, and the resulting output will be
more accurate and comprehensive. By
12 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: AI STRATEGIES
using pre-existing data and new data
sources to augment their AI models,
organisations will be able to build more
robust and higher precision models
faster and at a much lower cost.
When it comes to jumping ahead of
the competition, the ability to collect
and integrate data sources that are
difficult for competitors to obtain will
help to generate significant
marketplace advantage. Since this data
comes from a company's own content
libraries, it will be uniquely adapted to
an organisation's real-world business
needs and operations.
As recognition grows that
organisations that can leverage their
own unique data are better placed to
shift from reliance on generic generalpurpose
models and more likely to
achieve a highly personalised and
effective AI integration, the importance
of being able to retain as much
information as possible and establish
data pipelines that can be readily
integrated has risen to the fore. In
particular, the ability to analyse,
catalogue, and tag unstructured data is
now key.
2 Streamlining the collection,
organisation, and labelling of data
The efficient organisation and
preparation of data is critical to the
performance of AI models and recent
technology advances are making it easier
for organisations to unlock maximum
value from their unstructured data.
Today's AI-infused storage
infrastructures now make it easy to
ingest unstructured data and index,
tag, and catalogue this data so it can
be leveraged for AI applications.
Providing the holistic data overview
organisations need to oversee and
curate data for a wide range of AI
solutions, these storage platforms
feature AI algorithms that ensure data
is easily searchable and reusable for AI
and analysis. For example, these
platforms are able to search for
content based on attributes such as
people, places, things, and even
sentiment.
In addition to simplifying and
automating data access and sharing
for AI resources, these modern AIenabled
storage platforms also deliver
the end-to-end data management
needed to enable high-performance
data ingest for AI applications.
Importantly, they also provide the
long-term archiving capabilities that
are essential for building the massive
data stores that will support analysis.
This is something that is vital for
organisations that need the scalable
capacity required for enabling new AI
initiatives as business needs evolve and
AI models expand and become more
enriched.
3 Unlocking efficient AI workflows
To accelerate their journey to an
effective, high-speed, and integrated
AI infrastructure, organisations will
need to find ways to extend their
existing object recognition library so
they can create AI-friendly content
production workflows.
By incorporating both data and AI
models on the same platform,
organisations will be able to streamline
how they use data. They will also be
able to take advantage of existing
object recognition libraries to easily
extend their general-purpose library for
maximum commercial advantage.
While competitors get entangled in
undertaking resource-intensive manual
content tagging, organisations that can
initiate AI-friendly content production
workflows will be able to use data sets
to extend existing object or action
identification models 'on the fly'. For
example, if an organisation has built
an AI model to identify images of owls,
it can quickly pivot this model to find
tagged images of zebras.
CAPTURING VALUE AND
FUELLING AI
AI is only as good as the data it is built
on and organisations looking to scale
their AI ambitions will need to ensure
they initiate the solid data foundation
needed to achieve effective AI
outcomes. Rather than relying on
standard AI solutions and models, they
should ideally look to infuse their AI
models with data that is closely aligned
to their business objectives and unique
operational nuances.
By utilising models that are fed with
data leveraged from across their
business, organisations will be able to
train and re-train their models to
generate more accurate and relevant
predictions and insights. Adding new
features and continually customising AI
models whenever new needs are
identified.
To achieve all this and more,
organisations will need to establish
best practices that enable teams to
store, manage, analyse, and use large
volumes of valuable unstructured data
wherever and whenever required. For
this, an end-to-end AI-enabled
infrastructure will be critical for
managing data assets and automating
data preparation and deployment, so
that models can be retrained with new
data and efficiently managed in
production. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 13

SECURITY UPDATE
IT'S NOT OFFENCE OR DEFENCE - IT'S BOTH!
ED WILLIAMS, VP EMEA CONSULTING AND PROFESSIONAL SERVICES AT TRUSTWAVE, ON WHY A
BALANCED CYBERSECURITY STRATEGY SHOULD BE YOUR ULTIMATE GOAL
With cyber attacks targeting every
business, no matter the size, industry,
or region, the traditional reactive
approach to cybersecurity - while it has its
place - simply isn't enough. Organisations
need an offensive and proactive approach
that can address the full spectrum of exposure
to threats. This not only requires cybersecurity
basics, but also a comprehensive
understanding of their unique vulnerabilities
across the entire attack surface, which need to
be identified before they become a problem.
GOING ON THE OFFENSIVE
It's easy to tell businesses to introduce offensive
security into their strategy - but what does this
really mean? On the surface, the term
offensive security may be misleading. It does
not mean attacking threat groups; instead, it is
a proactive and adversarial approach to
fortifying computer systems, networks, and
individuals from cyberattacks.
In addition to relying on more defensive
cybersecurity measures like managed detection
and response (MDR), email security, firewalls,
or database security, security teams must not
only actively hunt for intruders in a system, but
also test for weaknesses and paths an
adversary can take to gain entry.
Offensive cybersecurity can be made up of
an array of solutions such as penetration
testing, threat intelligence, threat hunting,
and red teaming; each have their merits.
Threat intelligence, especially threat
intelligence as a service that is human-led
and contextualised for the individual
business, serves as an early warning of risks
to brand reputation, infrastructure, and
overall security posture.
Red teaming - expert-led testing and
simulated attacks - provides realistic breach
scenarios, identifies gaps before bad actors
can exploit them, and pushes security teams to
their limits to prepare for worst-case-scenarios.
Meanwhile, behavioural-based threat hunting
goes beyond alerts to find the threats that
evade traditional tools, stopping hidden threats
before the damage is done.
No matter which route a business takes, the
important thing to remember is that offensive
cybersecurity translates into being proactive
and getting ahead of adversaries. The
approach delivers the necessary real-world
testing of an organisation's personnel, policies,
and systems, in order to provide a realistic view
of its security posture and prepare it for the
inevitability that a cyberattack will occur.
REMEMBERING THE BASICS
While offensive cybersecurity plays a vital role
in a business' cybersecurity strategy, it isn't the
whole picture, and it won't be effective if the
basics of cyber hygiene are forgotten.
Businesses can get distracted by shiny new
solutions and approaches, but these should
build on existing measures to create holistic
coverage, not replace them.
Before moving onto bigger investments, every
business must have initial security measures
such as strong passwords, adequate policies
and audits, and strong vulnerability and patch
management in place. Although top-level
attacks will always change, ranging from either
supply chain, ransomware, or phishing, the
fundamentals under the hood will always be
the same, so an overarching strategy should
remain consistent too.
ACTIONABLE TAKEAWAYS
While adding new approaches to a
cybersecurity strategy can be daunting, it
doesn't all have to happen overnight. As a first
step, it's vital all organisations do the basics
really well. Once those are established, the
goal should be to start moving towards a more
offensive approach.
Adding in a solution such as threat
intelligence as a service will provide
organisations with timely, contextualised, and
prioritised insights which serve as a basis for a
holistic and proactive security strategy.
Meanwhile, penetration testing and red
teaming will simulate cyberattacks, identifying
vulnerabilities, across processes, people, and
technology, and giving organisations ways of
mitigating the issues identified.
Ultimately, the goal of offensive cybersecurity
is to get ahead of an attacker, block possible
routes before they become an issue, and
provide an organisation with a realistic view of
its security posture from an attacker's
perspective. Coupling this with defensive
measures will give organisations improved
coverage, limited exposure, and enhanced
overall resilience. NC
14 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCT REVIEW
ExaGrid EX189
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
Enterprises facing rapidly growing backup
demands and ever shrinking windows of
opportunity need to rethink their data
protection strategies. ExaGrid has these
demands covered however, as their Tiered
Backup Storage systems deliver a smart scaleout
solution, and the latest EX189 model takes
density into the stratosphere with an industryleading
12PB of raw backup capacity in 64U
of rack space.
The EX appliances differ dramatically from
other backup storage solutions as each one
adds compute with capacity that linearly
scales as data grows. A key feature of the
new range is their form factor has significantly
increased capacity while reducing rack space
per appliance from 4U to 2U for a
substantial increase in rack storage density
and a considerable reduction in power and
cooling requirements.
Any of its seven EX models can be mixed
together in a single scale-out system
comprising up to 32 appliances. Even better,
ExaGrid's price protection guarantees ongoing
maintenance costs won't be more than 3% per
year and the initial price you pay for
appliances will be the same for additional units
over the following five years.
ExaGrid's deduplication avoids the backup
and restore performance compromises many
other solutions suffer from. Its appliances
present a Landing Zone where data received
from the backup application is written to it in
undeduplicated form allowing ExaGrid to claim
an unprecedented ingest rate for the EX189 of
up to 516TB/hr for a 6PB full backup.
Along with the Landing Zone, data is also
written to a Repository Tier on the appliances
during backup operations where it is
compressed and deduplicated. This dual
approach has big performance benefits as the
landing zone accelerates restore operations by
up to 20 times, as data doesn't require
rehydration and decompression.
Deployment is undemanding as the
appliances are 100% customer installable and
can be implemented in one hour, with initial
backups occurring the same day. The ExaGrid
appliances present their storage as CIFS or
NFS shares, Veeam Data Mover and Veritas
OST, and work with over 25 enterprise class
backup applications.
Backups are prime ransomware targets for
cybercriminals but ExaGrid has you covered, as
although the Landing Zone is network facing,
the repository has a tiered air gap between the
Landing Zone and the non-network-facing
Repository Tier, which is only visible to the
ExaGrid software. There's more valuable security
as ExaGrid's Retention Time-Lock (RTL) provides
a deeper defence against ransomware attacks.
RTL delays delete requests to the non-networkfacing
Repository Tier that come into the
Landing Zone via the user network or backup
app. The requests will be carried out in the
Landing Zone but when a time-lock period is
applied, they have no impact on the retention
repository. To configure a site Retention Time-
Lock period you click on its icon in the main
admin dashboard and enter a value in days,
and even this setting is protected as changes
must be verified by a user with the ExaGrid
Security Officer role. Any attempts to change it
result in a request being sent to this user where
it appears in their console awaiting approval.
New features include support for Veeam
Backup for M365 and the S3 protocol with
object locking for immutable storage. This
allows the appliances to function as object
storage targets for Veeam and enforce its S3
object locks in both the landing zone and the
Repository Tier.
ExaGrid's EX appliances are a natural choice
for enterprise data backup and disaster recovery
as they deliver an easily deployed, highly flexible
and high performing scale-out storage solution.
Their innovative data protection features keep
ransomware attacks at bay and ExaGrid's
flagship EX189 appliance offers a huge backup
capacity that defies belief. NC
Product: EX189
Supplier: ExaGrid
Web site: www.exagrid.com
Tel: +44 (0) 1189 497 051
Sales: UKSales@exagrid.com
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 15
NETWORKcomputing
@NCMagAndAwards

OPINION: CLOUD SECURITY
4 KEY STEPS TO STRENGTHEN CLOUD SECURITY
BUSINESSES ARE ACCELERATING THEIR ADOPTION OF CLOUD SERVICES, BUT THIS JOURNEY DOES
NOT COME WITHOUT SECURITY RISKS CAUTIONS GUY WARREN, CEO AT ITRS, THE IT
MONITORING AND OPERATIONAL RESILIENCE FIRM
Driven by a surge in digital services and
the growth of hybrid working,
enterprises across all sectors have
been flocking to the cloud. Gartner estimates
85% of organisations will embrace a cloudfirst
principle by 2025, while 95% of new
digital workloads will be deployed on cloudnative
platforms.
However, adopting a cloud-first strategy is
far easier said than done. Not only does it
involve a whole host of legal, regulatory and
privacy risks, but also replacing legacy
technology can disrupt important business
operations. Many businesses may therefore
be unaware of the security risks they face
when adopting cloud services. Here are four
key steps that firms can take to bolster their
cloud security:
1. SCALE SAFELY
When it comes to cloud technology, it's a
common misconception that external threats
pose the greatest risk, often causing internal
sources of vulnerability to be overlooked. In
fact, the most common vulnerabilities come
from when firms make changes to their own
IT systems. This is because as businesses
grow, they may seek new software or tools
that require manual configuration which can
be prone to human error.
To mitigate this risk, businesses looking to
scale up should implement products and
systems that can also scale in line with
company growth.
2. PRIORITISE EMPLOYEE EDUCATION
It's estimated that a huge 56% of all incidents
originate from the innocent mistakes of
employees, costing organisations $6.6 million
annually. As a result, it is imperative that staff
are trained to have a sufficient level of
understanding and knowledge when it comes
to identifying cloud threats and handling
cloud data as safely as possible. Taking steps
to educate employees about common threats
and best practices for securely handling cloud
data can help enable firms detect issues faster
and reduce the likelihood of insider threats
that come from employee mistakes.
3. PLAN FOR ALL SCENARIOS
As well as taking preventative measures
against incidents, businesses need to make
sure they have stringent plans in place should
an outage or malicious attack occur.
Despite the importance planning for all
eventualities, 84% of UK IT leaders admit that
they are unsure as to whether cloud security is
their responsibility or that of the cloud service
provider. Firms should make sure that they
have a clearly defined responsibility model so
they can adopt a coordinated response
against vulnerabilities. This means should an
incident occur, they can take the necessary
steps to mitigate its impact more effectively.
4. IMPLEMENT MONITORING
SOLUTIONS
The implementation of monitoring tools is
essential for firms managing hybrid cloud
environments. The vast majority (93%) of
businesses use more than one cloud platform,
meaning many may suffer from multi-cloud
complexity. This makes it harder to have
complete visibility across all platforms,
increasing the risk of misconfigurations and
vulnerability exposure.
Implementing monitoring solutions for hybrid
environments gives firms full visibility over their
entire IT infrastructure, enabling them to
manage multiple clouds through a single
pane of glass. In addition to monitoring
solutions, IT teams should also consider
adopting cloud management tools to enable
them to more clearly review the security
settings of tenancies and report back
vulnerabilities. Not only does this help firms
detect incidents faster, but also improves
operational efficiency, cost savings and time.
AHEAD IN THE CLOUD
Cloud computing brings many security benefits
compared to applications hosted on-premise,
but this doesn't mean it is without its own
particular risks. With cloud adoption set to
accelerate in the coming years, following the
above steps can help businesses ensure that
they have the right processes and technology
in place to bolster their cloud security. NC
16 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

EVENT ORGANISERS:
Do you have something coming up that may
interest readers of Network Computing?
Contact dave.bonner@btc.co.uk
FORTHCOMING EVENTS
2024
FORTHCOMING EVENTS
FORTHCOMING EVENTS
4-6
JUNE
13
JUNE
19
SEPT
2-3
OCT
20-21
NOV
INFOSECURITY EUROPE
ExCel London
www.infosecurityeurope.com
2024 CIO/CISO DACH SUMMIT
Frankfurt, Germany
www.cdmmedia.com/events
2024 CIO/CISO IRELAND SUMMIT
Dublin, Ireland
www.cdmmedia.com/events
2024 UC EXPO EUROPE
ExCel, London
https://ucxevents.io/ucexpo/en/page
/ucexpo-home
DATA CENTRES IRELAND
RDS, Dublin
www.datacentres-ireland.com

OPINION: NETWORK DIVERSITY
ADVANCING NETWORK EFFICIENCY
A ONE-STOP APPROACH TO NETWORK DIVERSITY AND
REDUNDANCY IS ONE THAT WORKS, ACCORDING TO RICHARD
PETRIE, CTO, LINX (THE LONDON INTERNET EXCHANGE)
In a more cloud-centric world, network
engineers face the intricate task of
managing escalating data traffic while
conforming to demanding performance
standards and security requirements.
Enterprises are increasingly ready to migrate
data and applications to the cloud, posing
questions about network diversity, control
and redundancy.
The cloud-centric world is complex -
organisations need multiple clouds, have
multiple suppliers and use many different SaaS
applications. In this year's Flexera State of the
Cloud Report, 59% of respondents are using
multiple public clouds. Addressing questions
about network diversity, control, reliability and
security is becoming increasingly important, as
organisations migrate more data and
applications to the cloud.
Financial services is an example of a sector
where institutions have begun to address
concerns about resilient access and security
that have restricted cloud adoption. Even
cloud-native organisations without many
physical locations to support still tend to
overlook the underlying infrastructure necessary
for their business agility and slick user-friendly
processes. In many sectors, the need for
network diversity, control and redundancy has
led organisations to seek out the necessary
skill, innovation and experience.
Aware that the increasing use of AI, the
growth of 5G and IoT, and dispersed, mobile
working patterns will continue to increase
latency, resilience requirements and network
capacity, they are adopting strategies that
enhance redundancy and bolster control,
focusing on advanced aspects of network
architecture. Engineers are transforming
traditional set-ups to meet contemporary
requirements, especially in sectors where
latency is critical.
Network diversity is necessary, and dealing
with multiple providers to achieve it can be a
complicated and drawn-out series of tasks,
resulting in high costs. Using a neutral peering
provider, free of any ties to a specific network,
can simplify the process. A not-for-profit
organisation like LINX strives to resolve many
of these hassles, with more than 950 ASNs
connecting from 80 different countries. It
provides internet exchange points for its
members and is more cost-effective as
organisations use its internet exchange for
ever-greater volumes of data.
Having greater control is another important
aspect of networking strategies. A
conventional approach offers little in the way
of transparency about which alternative route
across the internet the traffic will take, as and
when required.
The danger is that the transit will take longer
than it should, increasing packet loss, cost and
security risk. Peering at an internet exchange
like LINX ensures the route between network
operators is more direct, reducing the number
of hops while keeping traffic closer to the enduser.
The gains for companies that deliver
content, depend on streaming or are involved
in gaming, are significant - reducing lag and
buffering. A network-neutral approach offers
increased network redundancy, giving
companies control over who they peer with,
and the route they take.
With control comes greater security.
Monitoring the end-to-end route taken by
data, and having the approval of the peers it
passes through, minimises the risks of DDoS
and other cyber-attacks. But end-to-end
visibility brings more advantages. It enables
companies to understand the end-to-end
data journey so they have insight into the
user experience.
Another important, but often-overlooked
benefit of a membership organisation is the
access to expertise from fellow professionals
facing similar challenges. The technical aspects
of achieving and maintaining networks can be
substantial as data volumes increase and
company and customer requirements change
quickly, reacting to technical innovations or
switches in market demand. A membership
organisation of fellow network engineers with
masses of experience makes all the difference,
assisting with the rapid resolution of the
difficulties that inevitably occur.
It is vital that as cloud use expands, putting
more pressure on networks, network engineers
have access to the most comprehensive
connectivity solutions to meet their complex
needs. The technical solutions offered by
internet exchange points like LINX are often
overlooked by enterprises; however, they will
be essential for building and maintaining a
resilient network. NC
18 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

PRODUCT REVIEW
Portnox Cloud
PRODUCT REVIEW
PRODUCT
REVIEWPRODUCT RE
Network access control and endpoint
security have a mixed reception in
enterprises as many solutions are
challenging to deploy, complex to manage and
prohibitively expensive. Portnox Cloud avoids all
these pitfalls as an affordable UAC (unified
access control) solution that stands out by being
the first and only cloud-native platform currently
on the market. Unlike most legacy on-premises
and cloud-managed UAC solutions, Portnox
Cloud can use an agentless architecture, doesn't
require any on-site appliances and can be up
and running in as little as 30 minutes.
Transparency in pricing is another compelling
way Portnox brings value, as is only requiring
you to pay for the components you need.
Portnox Cloud comprises four main
components - RADIUS authentication,
TACACS+, Zero Trust NAC and Conditional
Access for Applications. All components are
managed from a single intuitive cloud portal,
which seamlessly combines them to deliver
essential security features such as passwordless
authentication, risk posture assessment, network
device administration, and compliance
enforcement. Onboarding is swift and you can
try it out first as a free 30-day trial with
unrestricted access to all features. Once you
have signed up, you are directed to create cloud
RADIUS server instances for your company.
Portnox uses N+2 redundant clusters for all
wired, wireless and VPN authentication.
The portal furnishes you with unique RADIUS
server IP addresses, authentication and
accounting port numbers plus shared secrets
which you use to configure your network access
servers. Portnox has internet outages covered as
you can optionally deploy its local virtualised
RADIUS servers to avoid any service disruption.
Next, you integrate Portnox Cloud with your
preferred authentication repository. There are
plenty on its guest list including Microsoft Entra
ID, Google Workspace and Okta Workforce plus
local Active Directory and OpenLDAP instances.
A key feature of Portnox Cloud is certificatebased
authentication. This method elevates an
organisation's security posture by preventing
sharing credentials, reused/insecure passwords,
and the ever-present danger of falling victim to a
phishing or social engineering scheme. Standard
credential-based authentication is supported
(along with MFA), but certificate-based
authentication is a superior option. Portnox will
provide each organisation with a root certificate,
or they can import their own. Businesses worried
about the complexity and scale of certificate
deployment to endpoints can rest easy as
Portnox Cloud supports products that leverage
the SCEP (simple certificate enrollment protocol)
such as Microsoft InTune and Jamf.
Portnox places employees and devices in
groups that each have policies assigned to them
to enforce access controls, privileges and
requirements. Policies are highly flexible as they
can, for example, use 802.1x to control wired
network access, assign specific wireless SSIDs to
group members or guests and define VPN access.
Available for Windows, macOS, Linux, iOS and
Android endpoints, Portnox AgentP is a lightweight
software agent that takes access controls to the
next level. It provides streamlined onboarding,
particularly where certificates for user and device
authentication are being used, and can gather a
lot more information about endpoints such as the
OS, user, installed applications, and system
configuration. This extra information allows device
risk policies that cover a plethora of options such
as checking for unauthorised software,
unencrypted disks, out-of-date antivirus, and
more, when determining access. Other major
benefits include automated endpoint remediation
to ensure endpoints meet your criteria for network
access and Portnox's Conditional Access for
Applications service which enables SSO for secure
access to web applications.
Businesses concerned about the cost,
complexity and management overheads
associated with traditional NAC products will
find Portnox Cloud very appealing. This unique
cloud-native solution is simple to deploy and
manage, doesn't require additional
infrastructure investment and is available in a
range of competitively priced subscriptions. NC
Product: Portnox Cloud
Supplier: Portnox
Web site: www.portnox.com
Tel: +1-855-476-7866
Sales: sales@portnox.com
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 19
NETWORKcomputing
@NCMagAndAwards

SECURITY UPDATE
YOU SHALL NOT PASS!
IT'S TIME TO EMBRACE THE FUTURE OF AUTHENTICATION AND
MOVE TOWARDS PASSWORDLESS ACCORDING TO DAVID
HIGGINS, EMEA TECHNICAL DIRECTOR AT CYBERARK
Passwords are the
first barrier to
prevent data
breaches, but
individuals
often have bad
habits when it
comes to choosing or
regularly changing their
password. In fact, despite all the
requirements to make passwords truly
secure, research shows that 75% of people
globally don't respect widely-accepted best
practices, with 64% using a weak password
or just changing it slightly when asked to pick
a new one.
Overlooking the security implications of
failing to choose a password that meets the
standards is a real mistake and gives attackers
incredible opportunities to infiltrate systems.
Once they have their hands on valid
password credentials, threat actors can easily
elevate their privileges to an administrator or
a superuser level, bypassing an organisation's
identity security.
Data breaches can severely impact a
company's reputation and lead to major
financial damage, so companies must make it
a priority to improve password hygiene and
implement a robust identity security strategy.
As such, some organisations have started to
adopt multi-factor authentication (MFA) to
reduce the risk of attackers stealing
credentials and gaining unauthorised access.
With MFA, users can log into applications and
access corporate networks and resources if
they provide an additional form of verification,
whether it's a code they received in their
inbox, or a code momentarily displayed on
their phone.
However, companies adopting more secure
approaches to log into applications means
attackers have started to innovate to find
creative ways to bypass MFA protections, such
as stealing cookies, employing social
engineering techniques or performing MFA
fatigue-based attacks. So, while MFA remains
more secure than traditional passwords, it's
important to remember that there's always a
way for attackers to undermine it.
Companies must redouble their efforts to
improve identity security. New attacks are the
opportunity to go one step further and find a
new way to combat the rising threat of data
breaches - and while counterintuitive, a
passwordless approach might be the solution.
ENHANCING IDENTITY SECURITY AND
STREAMLINING AUTHENTICATION
Businesses are slowly starting to give up
traditional passwords to adopt passwordless
approaches. With passwordless
authentication, individuals can confirm their
identity in various ways - whether it's a QR
code displayed at login or an SMS message
with a one-time code - beyond a memorised
password. This type of approach helps reduce
risks of threat actors infiltrating networks, as
private keys are unique and only accessible
from the user's local device. Overall, identity
security is enhanced.
Additionally, it's easier and more convenient
for both users and IT teams to remove
passwords. Users no longer need to
remember their password or change it
20 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

SECURITY UPDATE
regularly, and IT no longer need to spend
time assisting employees with account
unlocks and password resets. A
passwordless approach also has a positive
impact on productivity thanks to a more
seamless sign-in experience.
NAVIGATING THE TRANSITION TO
PASSWORDLESS AUTHENTICATION
It's important to keep in mind that, while
passwordless technology brings significant
benefits, going passwordless can't be done
overnight - and some organisations might
even never be able to adopt a completely
passwordless approach. Removing
passwords is a big commitment, particularly
for businesses managing thousands of
users, countless applications, hybrid and
multi-cloud environments and complex
login flows. There are just too many legacy
systems deeply entrenched in IT
infrastructure that require passwords.
So, it's about finding the best approach for
each company and what works from both
an identity security and a cost point of view.
The journey to passwordless authentication
is unique to the requirements of every
company, and the needs of every user.
There is no one-size-fits-all approach. And
with technology constantly evolving and
user adoption increasing, successfully
achieving an entirely passwordless
environment involves a phased approach.
CONSIDERING IAM SOLUTIONS TO
SUCCESSFULLY MOVE TOWARDS
PASSWORDLESS
While completely eliminating passwords
may pose challenges for some businesses,
they can still reduce their dependence on
them by adopting appropriate identity and
access management (IAM) solutions that
facilitate passwordless functionalities.
When when assessing IAM solutions,
organisations should prioritise specific
capabilities:
1. Zero sign-on (ZSO) uses robust
cryptographic standards such as certificates
and mixes user identities with contextual
information such as device fingerprints and
security posture. It is the first pillar of a true
passwordless solution. With ZSO, users can
smoothly log in to their assigned
applications and services once their devices
have been checked and it's confirmed they
meet security posture requirements. Users
don't need any form of additional
authentication. ZSO can be combined with
other passwordless authentication factors
best suited to the business requirements,
enabling businesses to improve usability
and increase identity security.
2. FIDO2 Web Authentication (WebAuthn)
is widely supported by nearly every identity
vendor and plays a pivotal role in enabling
passwordless authentication for typical end
users. Along with FIDO2, FIDO's passkeys
offer a new approach to achieving
passwordless access across multiple
devices, using users' devices' security
capabilities to further enhance individuals'
experience. These passkeys are also highly
resilient to phishing attempts - in other
words they can effectively mitigate attack
vectors associated with MFA which
necessitate human interaction.
3. With remote work now a prevailing
trend, ensuring secure access for
employees accessing a corporate network
through a VPN is essential. In particular,
using adaptive MFA is recommended as
this adds an extra layer of identity security
to remote access, protecting the company's
corporate network and on-site apps and
resources, while ensuring a seamless login
experience that continuously evaluates and
adjusts as needed with passwordless factors
based on contextual and risk analytics.
Adaptive MFA as an approach is
important and effective because it gives
high-risk users or authorisation requests
additional steps before access is granted
and vice versa.
4. To achieve a true passwordless
experience, it's critical to deploy a solution
that empowers users to self-enrol, replace
and delete passwordless authenticators
under appropriate security protocols, along
with a wide variety of alternative
passwordless authentication methods to
choose from. For example, in the event of
an individual losing their mobile phone, they
should be able to replace the passwordless
authenticator factor from various factors with
the appropriate security controls.
COMBATTING THREATS BY GOING
PASSWORDLESS
Although businesses are increasingly
adopting multi-factor authentication (MFA)
to reduce the risk of threat actors stealing
their passwords, MFA is less of a silver
bullet than originally thought. It seems
passwordless authentication is the ultimate
solution to prevent unauthorised access to
corporate networks - and not only does
this approach help improve identity
security and organisational resilience
against cyber threats, but it also enhances
user experience.
However, no company can go
passwordless from day one. Such an
approach requires strategy, planning,
discipline and employee awareness. This
implies receiving sufficient support from
leadership to make sure all employees are
educated on the best practices for
efficiently and securely implement
passwordless authentication. Additionally,
collaboration with experienced and trusted
vendors is key to a successful
organisational adoption of passwordless
approaches. For companies to be able to
anticipate and prevent the threats, they
must make sure the IAM providers they
work with have the expertise required to
support their security needs. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 21

OPINION: NETWORK INNOVATION
REVOLUTIONISING
YOUR NETWORK FOR
TOMORROW'S
DIGITAL NEEDS
NATHAN ASHBY, SENIOR
SOLUTIONS ARCHITECT AT
CISILION EXPLAINS WHY OUR
NETWORKS NEED TO WORK
HARDER AND MORE
INTELLIGENTLY TO DELIVER
SUCCESSFUL BUSINESS
OUTCOMES
The rapid pace of digital change is
driving network innovation. The question
is now becoming whether your network
can be agile and supportive of the growing
business demands required to run the latest
intelligent business apps. In turn our role as
technology leaders is evolving from focusing
on keeping the lights on to ensuring our
solutions are agile enough to handle the next
phase of digital transformation.
Largely speaking, network architectures have
followed the same blueprints built to move 1's
and 0's around. While technology has evolved
to in networks, it is too common that we build
our networks with a core switch, access
switches and perhaps a distribution layer
depending on the size and the outcomes of the
business. But with the complexities of AI, more
and more sophisticated apps and hybrid
working we need more innovative and
intelligent networks to handle and deliver
successful outcomes.
SO, WHAT DOES INNOVATION IN
THE NETWORK LOOK LIKE?
Before we answer this, it is important to
change our perspectives on what we design
our networks for. One way to look at is to
look at networks in terms of the workforce
(people), workload (applications and tools
the workforce is trying to access) and
workplace (which is where we have seen
most disruption in the last few years). We
can think of these as our three W's.
Networks need to be able to connect all
these elements in different ways to enable
the business to operate effectively.
With this in mind, traditionally networks were
built around everyone being in the same
location with perhaps a little bit of remote
access via a VPN, or to connect the business to
a central DC hosting our business data and
applications. However as our three W's
changed this approach no longer aligns with
our traditional networks.
Even more so, we've moved from keeping the
lights on and building reliable infrastructure to
business transformation. We cannot use the
same mindsets as we once did to ensure the
success of our businesses. As such the
network's driving force now is to enable
business outcomes - which means we need to
reinvent the network approach.
With this in mind, connectivity and security
are now foundational key outcomes, which
must ensure a positive user experience, while
also striving to improve sustainability. During
the pandemic, we realised connectivity could
be better as the workplace element changed.
My workplace is no longer just in the office, it
can be at home or in a coffee shop and so
forth. We must consider how to integrate
home users with our SD-WAN fabric or how to
provide the same level of protection to
someone sitting in a coffee shop as we do in
the office, where we may have previously
invested heavily in firewalls and security tools
such as IPS etc.
Businesses need to be building more dynamic
infrastructures with the use of automation and
better integration to address these changing
needs. The adaptability of the network and the
22 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: NETWORK INNOVATION
agility we can provide with software-defined
fabrics are helping deal with this change,
whether a change in the location of the
workforce or workload. Automation from a
networking infrastructure perspective drives
change, reducing manpower hours on certain
tasks and reenergising time for other activities.
Automation can vary from Infrastructure-asa-Code
(the managing and provisioning of
infrastructure through code instead of through
manual processes) to an engineer using
simple Python to automate a repetitive task
they would have done manually before. The
value in automation is in automating regular
tasks to save time.
Innovative networks also need better
programmability - the ability to interface
with business software, for example, a
management node for a network solution.
It's about the ability to get data out and
squeeze data in. Automation is about time
saving, but integration is about pulling data
out of one place and putting it in another
place, either bidirectional or one directional,
to improve business processes, for example
SIEM integration.
Programmability is about context and
building a bigger picture too, for example, "I
have observed some poor network conditions
so I'm going to make some policy changes to
improve it." From a security perspective it could
be about providing some additional context
between security solutions that are going to
deliver a better level of threat protection.
By adding Software-as-a-Service (SaaS) onto
the network it can do more for the business; it
is an enabler to drive better business outcomes.
For example, integrating foundational security
with new security layers that ensure security
around home working. The key is to ensure
your network is adaptable enough to be able
to do use these SaaS solutions.
It's not always necessary to build a new
network to cope with today's complexities if
you already have appropriate compute
power available and the flexibility to increase
and decrease workloads when needed. What
is important is to ensure that, when you
update software or try to integrate new
software into the network, it results in a good
user experience.
User experience is critical to the success of
your network. For example, chatbots are in
high demand as a result of ChatGPT and the
like, but there is also a lot you can do with
simple chatbots. People like language driven
results. For example, network engineers want
to receive a message alert when there is an
issue with the network, and they want to query
it back in a chat as it's a more natural way of
working and helps fit into their workload. It's
also simple to get up and running quickly and
doesn't require them to code because its
already been created elsewhere and is
available for wider use.
Containerisation is another technique that
allows for network innovation. It is important
to network innovation because it provides a
consistent runtime environment, enables
continuous integration and continuous
delivery, and is more efficient than virtual
machines. Building virtual firewalls within our
switches or using apps running natively, for
example, can enable our already deployed
infrastucture to drive quicker, more secure
results. Containers use fewer resources and
deliver higher utilisation of compute
resources, which also helps with sustainability.
It also makes it easier to scale applications up
or down as needed, which is essential for
modern network architectures.
For network engineers these new networks
require a move away from coding to working
with scripts, which in turn requires a different
mindset. If they can focus on the benefits that
can be achieved from working in this new
way and see the network as its own software
platform then they don't have to reinvent the
wheel. Lots of the material is already
available off the shelf from vendors and
managed service providers and through
network communities such as the Cisco
DevNet community.
IT teams needs to assess how revolutionising
their network with automation and AI will help
deliver better business outcomes. Showing
ROI is not often easy, which is why working
with a managed service partner can help
demonstrate this.
Once you have a revolutionised the network
using automation and new tools to drive new
outcomes, strong user experience and high
levels of security, what happens next? Plug it
in and off you go, right? No, issues will still
arise even with the best designs in the world,
whether through user error or network
outage. However, by making sure you have a
good assurance plan and appropriate
monitoring tools in place you can pick up on
any issues quickly.
A mature assurance solution, like Cisco's
ThousandEyes, can prioritise and grade issues
in terms of risk and cost. This is achieved by
applying intelligence or machine learning to
help interpret the data that the network spits
out. This kind of visibility of what is happening
across your network is now available to
everyone, and can help change your response
to issues from reactive to proactive. You can
start to predict likely problems that can then
be addressed before they occur - which is the
ideal goal of an intelligent network.
As technology evolves, our networks need to
work harder and be more intelligent to deliver
successful business outcomes. By harnessing
automation and containerisation, and ensuring
assurance across your network, you will be
able to pioneer innovation to ensure continued
business success. By doing so we can drive
innovation in our networks and in turn ensure
the best user and business outcomes, instead
of just moving our 1's and 0's around. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 23

OPINION: WIRELESS NETWORKS
IT'S THE OFFICE, BUT NOT AS WE KNOW IT
IAN WHARTON, PRINCIPLE NETWORKS' TECHNICAL ARCHITECT, CONSIDERS THE FUTURE OF THE
WIRELESS NETWORK - AND WHY THE OFFICE WE ONCE KNEW NO LONGER EXISTS
The office as we know it no longer exists.
Hybrid working has reshaped how we
work and redefined the essence of the
workplace. The modern workspace has
become a multifunctional hub, blending work
with client interactions and social events and
at its core is a fast, reliable and secure
wireless network.
However, the shift to the modern office isn't
as simple as updating old systems. It's a
comprehensive overhaul which demands a
fundamental reimagining of existing
infrastructure and all that underpins it. The
density of traffic travelling through today's
networks is no longer akin to those of the past,
which means on-premise Local Area Networks
(LAN) and clunky, standard guest WiFi
connections are no longer fit for purpose.
Businesses want multifaceted networks that
are about more than just connectivity. They
want to create cloud-based environments that
embody flexibility, adaptability and efficiency.
Perceptions of wireless networks have
changed, and expectations have risen.
WHY IS THERE A DESIRE FOR CHANGE?
For many organisations, the office wireless
network hasn't been a priority. Incorporating
guest Wi-Fi into existing infrastructure was
considered enough. Fast-forward ten years,
those same businesses are attempting to
transition to the cloud and using the same
network connection to host multiple users.
Almost immediately, they found it had limited
bandwidth and couldn't cope with the density
of devices trying to connect.
This approach is hindering innovation for
businesses across the globe. A recent survey
of over 500 IT decision-makers found that
organisations spent an estimated 40% of their
annual IT budget on maintaining legacy
technology. Furthermore, 69% of respondents
acknowledged that technical debt is hindering
their ability to innovate.
There has been a shift in what organisations
need, want and expect from a wireless
network. Why? Hybrid working is one reason,
but another is the fact consumer brands have
transformed our experiences as technology
users. We now expect the same level of instant
service in a working environment as we do
when ordering clothes, food or taxis online.
For example, hybrid working has made it
possible for us to use public spaces such as
coffee shops as a place to work. They offer
instant, fast and secure internet access, which
can be more appealing than going into the
office. It has highlighted flexibility as the
cornerstone of modern network infrastructure.
Organisations need to match this with a
network that seamlessly adapts to the dynamic
24 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: WIRELESS NETWORKS
nature of the current working environment.
When a new starter joins your organisation,
they or any visitors must connect to your
network. It's a benchmark of a modern
business. It sounds simple. But, doing it right
requires attention to detail and a strategic
approach. Businesses need to create efficient
wireless networks to meet their objectives.
TRANSITIONING TO THE FUTURE
The Department for Science, Innovation and
Technology's (DSIT) Wireless Infrastructure
Strategy, details the government's plan to
deliver world-class wireless infrastructure
across the UK by 2030. But how do we get
there? Organisations need to move away from
simplistic, standard networks and embrace
more secure, user-friendly and cloud-based
infrastructure that reflects the needs of the
modern office. This shift should be a necessity
and is driven by several key factors.
Firstly, modern security concerns require a
more robust network. Standard solutions often
lack the required security measures to
safeguard against a potential cyber-attack.
Any attack could prove extremely costly to
your business, whether financially or
reputationally. The rise of hybrid working and
the handling of sensitive data across dispersed
environments means security protocols are
imperative to maintain data integrity and
minimise the threat of unauthorised access to
a network.
Secondly, scalability and flexibility are central
to organisations' operations. Traditional
networks can struggle to adapt to the evolving
needs of multiple devices and a fluctuating
workforce. Cloud-based infrastructure
provides the required adaptability, scaling up
or down to meet the changing needs without
compromising network performance.
The modern office demands a more intuitive,
user-centric network experience. Cloud-based
systems ensure a hassle-free connection
across various devices and locations. This
accessibility drives productivity and
collaboration, delivering a user experience
that surpasses physical boundaries.
Optimised performance is another crucial
factor when it comes to upgrading wireless
networks. Cloud-based infrastructure can
manage dense environments well. It ensures
speed, latency, and reliability are not
compromised, no matter how busy the
network is. Transitioning to the cloud also
facilitates ongoing innovation. It supports new
technologies and enables the deployment of
updated security measures. This is essential to
businesses trying to stay ahead in a
competitive marketplace.
THE OFFICE WE ONCE KNEW NO
LONGER EXISTS
IT decision-makers can mould what the office
of the future looks like. By prioritising network
upgrades and designing a network
infrastructure that aligns with their business
objectives, they'll create a modern workspace
that enables their business to thrive.
It's about implementing networks that
facilitate change rather than hinder it. The
need to embrace future-ready infrastructure is
imperative. It's time to overhaul legacy
systems, transition to the cloud and build a
secure, reliable and scalable network that
drives success. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 25

OPINION: NTNs
HOW TO OVERCOME THE FIVE CHALLENGES THREATENING NTN SUCCESS
NANCY FRIEDRICH AT
KEYSIGHT TECHNOLOGIES
EXPLAINS HOW WE CAN
EXPAND AEROSPACE AND
DEFENCE CONNECTIVITY BY
MOVING FROM A TERRESTRIAL
TO HYBRID SPACE / GROUND
NETWORK WITH VIRTUAL
SIMULATION, EMULATION,
AND DIGITAL TWIN
TECHNOLOGY
To heighten communications
capabilities and improve situational
awareness, military and government
agencies increasingly leverage
commercially developed technologies.
Many plan to boost their connectivity
capabilities with fifth generation (5G)
non-terrestrial networks (NTNs). An NTN
is a hybrid network, applying satellite
communication (SATCOM) technology to
extend existing 5G technology. 5G NTNs
draw many features from 5G terrestrial
networks and face many of the same
challenges, adding higher reliability
expectations for 5G NTN service
compared to earlier SATCOM networks.
To help assure performance of 5G NTN
deployments, virtual simulation,
emulation, and digital twin technology
use RF system measurement science to
deliver results beyond what is possible
through physical testing alone.
Despite the hype over the commercial
possibilities of 5G NTN, it also promises
to transform capabilities for aerospace
and defence. Potential 5G NTN use cases
for military and government include
coverage for forward battlefields or
focused special operations. NTNs also
will provide coverage to restore
communications in disaster areas
experiencing widespread infrastructure
outages. Among transportation use cases,
NTNs support logistic in-transit tracking
for long-haul trucking routes, rail lines,
and maritime shipping lanes.
FIVE CHALLENGES FACING NTN
1 - More Data, Crowded Spectrum
The hybrid 5G NTN provides obvious
advantages as well as challenges.
Handheld or vehicle-based user
equipment (UE) tends to demand high
volumes of data for video and mapping
services. Additionally, sensor applications
may connect user equipment with lower
data rates. Delivering the required
volumes of data means leveraging 5G
signalling fundamentals for 5G NTN,
including mmWave carrier frequencies and
complex modulation in wide bandwidths.
5G spectrum is already tightly allocated
in terrestrial networks, and an onslaught
of tens of thousands of lower earth orbit
(LEO) satellites and geostationary earth
orbit (GEO), medium earth orbit (MEO),
and high-altitude platform systems (HAPS)
platforms soon operating in 5G NTNs will
add to the spectrum crowding.
2 - The Space Environment
Space is the foremost challenge for NTNs.
Once deployed, equipment is
inaccessible. In addition, systems must
operate in an extremely harsh environment
with extreme temperatures and radiation.
For successful performance, systems also
need to provide consistent power
generation and storage. For all of these
aspects, satellite system providers need to
balance risk versus cost across the lifetime
of the operation.
3 - Size, Weight, Power, and Cost
Another concern is the physical limits of
placing high-frequency RF and computing
resources in the sky. Size, weight, power,
and cost (SWaP-C) become issues when
moving away from the GEO 20 tonners
into more compact LEO satellites and
HAPS platforms, and payloads must
transform accordingly. On the plus side,
placing more satellites into service with
smaller payloads and shorter life cycles is
now feasible and cost-effective. A 5G
NTN might consist of a group of satellites
working together in various orbits.
26 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: NTNs
4 - Connecting in Motion
5G NTNs put some things, or perhaps
everything in the network, in constant
motion. Satellite and HAPS movements
factor into connection setup, signal quality,
and handovers. gNodeB instances and
parts of the RAN flying aloft add to the
movement of any UE at the surface.
Parameters previously fixed or confined in a
small range in a 5G terrestrial network
suddenly become wide-ranging variables in
a 5G NTN. Tracking areas, bulk delays,
Doppler shifts, signal-to-noise ratios
(SNRs), and more elements take on
dynamic characteristics.
5 - The Payload Question
The introduction of 5G NTNs disrupts the
traditional 5G terrestrial network
architecture and opens up a paradigm shift
in connectivity. Many alternatives exist for
satellites and HAPS participating in gNodeB
and RAN domains, some with multiple
satellites in the chain scattered across miles
of sky. The choice between transparent or
regenerative payloads can completely
change how the network organises and the
resulting signal routing.
With LEO satellites in motion, remember
that all timing relationships are dynamic. At
stake is the quality of service (QoS) user
experience, primarily due to variable delays
and complex handovers that can result in
dropped connections.
Platform kinematics rapidly alter 5G NTN
channel behaviour, and staging fast-moving
platforms in the proper orientation long
enough to gather detailed physical
measurements is not an option. However,
simulations can account for complex orbital
paths and decompose real-time motion into
precise detail with time-correlated analysis.
ADVANCING THE NEXT NTN WAVE
Accurate multi-domain simulation of a 5G
NTN link depends on four elements: an
authentic representation of complex
digital modulation in a 5G waveform with
real-world effects, a complete model of
satellite kinematics, robust modelling of
RF system signal processing, and a timecorrelated
view of 5G protocol decoding.
The critical goal is validating performance
in a simulation before deployment of
orbital hardware. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 27

OPINION: DATA CENTRES
HOLISTIC DATA CENTRE DESIGNS FOR THE AI ERA
SAM BAINBOROUGH, SALES DIRECTOR EMEA-STRATEGIC SEGMENT COLOCATION & HYPERSCALE
AT VERTIV, EXPLORES INNOVATIVE DATA CENTRE STRATEGIES TO NAVIGATE THE COMPLEXITIES OF
THE AI-DRIVEN ERA WHILE PRIORITISING SUSTAINABILITY AND EFFICIENCY
In a landscape dominated by AI, mobile,
and cloud technologies, data centres are
undergoing a transformative evolution.
The exponential growth in AI applications has
triggered an unprecedented demand for
computing power, prompting data centre
operators to reimagine traditional
approaches to design and operation.
RETHINKING SUSTAINABILITY: A CORE
TENET OF DATA CENTRE DESIGN
As the demand for computing power
continues to surge in the era of AI
proliferation, sustainability is a fundamental
pillar of data centre operations. The adoption
of specialised processors tailored for AI tasks
has unleashed a tidal wave of power
requirements, compelling data centre
operators to recalibrate their strategies
towards energy efficiency.
In response to this need, the data centre
industry is tasked with embarking on a quest
for innovative solutions that not only minimise
energy consumption but also amplify overall
performance metrics. This journey towards
sustainability necessitates a holistic approach,
encompassing the integration of energyefficient
hardware and leveraging
advancements in processor technology.
At the heart of this endeavour is a concerted
effort to align data centre operations with
global sustainability initiatives. Beyond
optimising operational efficiency, sustainability
embodies a broader commitment to the
responsible stewardship of precious resources
- making sure renewable and sustainably
sourced energy is utilised, reducing waste and
mitigating the environmental impact of the
industry's activities.
By championing sustainable practices, data
centres assume the mantle of environmental
guardians, transcending their role as mere
infrastructure providers. In doing so, they not
only rise to meet the challenges posed by the
burgeoning demands of AI workloads but
also carve a path towards a more ecoconscious
future for the digital realm.
Ultimately, sustainability becomes more than
just a buzzword; instead it's the guiding
principle that shapes the ethos of data centre
design and operation. Through a dedication to
sustainability, data centres can be leaders in
environmental responsibility, paving the way for
a greener, more sustainable digital ecosystem.
28 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: DATA CENTRES
complexities of the AI-driven transformation
with agility and foresight. By embracing
collaboration, data centres can leverage
collective expertise to identify innovative
solutions and anticipate emerging trends,
ensuring adaptability in the face of rapid
technological evolution.
NAVIGATING THERMAL COMPLEXITY:
THE EVOLUTION OF LIQUID COOLING
The proliferation of specialised processors has
brought about a new era of thermal
management challenges, characterised by
significantly increased heat generation by the
critical digital infrastructure. Traditional cooling
methods are proving inadequate to contend
with this surge, prompting the data centre
industry to innovate and adapt.
Amidst this upheaval, liquid cooling has
emerged as a frontrunner, offering a promising
route for addressing the escalating heat
dissipation demands. Data centres are at the
forefront of innovation, exploring a spectrum of
liquid cooling solutions ranging from active or
passive rear-door heat exchangers to liquid-toliquid
cooling distribution units (CDU) to
cutting-edge immersion cooling technologies.
However, despite the allure of liquid cooling,
the coexistence of air-cooled and liquid-cooled
solutions underscores the nuanced nature of
thermal management. Each approach brings
its own set of advantages and challenges,
meaning that operators need to strike balance
to optimise performance while minimising
environmental impact.
Efficient cooling practices not only enhance
operational performance but also reinforce
data centres' commitment to sustainable
operations. By harnessing the power of liquid
cooling, data centres can achieve thermal
management precision, ensuring optimal
performance while mitigating their
environmental footprint.
COLLABORATION AND ADAPTABILITY:
KEY PILLARS OF FUTURE-PROOF DESIGN
In the pursuit of future-ready design principles,
collaboration is a vital part of success.
Engaging stakeholders across diverse
disciplines fosters a comprehensive
understanding of data centre requirements,
paving the way for innovation and adaptability.
As data centres embrace denser
configurations and rapid technological
evolution, holistic design extends beyond
technical specifications. It encompasses
streamlined decision-making processes and
proactive engagement with industry experts to
navigate the complexities of the AI-driven
transformation.
The integration of diverse perspectives
enables data centre designers to navigate the
Furthermore, the importance of technology
interchangeability can't be overstated in futureproof
design. With the technological
landscape evolving at an unprecedented
pace, data centres must anticipate diverse
scenarios and prepare for the integration of
new technologies seamlessly.
The ability to strike a delicate balance
between CPU and GPU environments is crucial
to ensuring adaptability over an extended
operational lifespan. By adopting a flexible
architecture that accommodates diverse
technological landscapes, data centres can
future-proof their infrastructure and remain
agile in responding to evolving demands.
CHARTING A COURSE FOR
SUSTAINABLE INNOVATION
In conclusion, the era of AI proliferation
heralds a new frontier in data centre design. By
embracing a holistic approach, data centres
are poised to lead the charge in sustainable
innovation, spearheading progress in an era
defined by unprecedented growth and
technological advancement.
Through strategic alignment with sustainability
principles and a relentless pursuit of efficiency,
data centres not only meet the demands of AI
workloads but also drive progress towards a
more eco-conscious future.
As the custodians of digital infrastructure, data
centres have a responsibility to lead the way in
sustainable innovation. By prioritising
collaboration, adaptability, and responsible
stewardship, data centres are primed to shape
the future of technology and propel sustainable
growth in the AI-driven era and beyond. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 29

OPINION: SOFTWARE TESTING
TESTING TIMES
GUY ARIELI, CO-FOUNDER, CTO, BLINQIO GIVES US AN
OVERVIEW OF SOFTWARE TESTING AUTOMATION - AND
EXPLAINS WHY IT REALLY MATTERS
In the digital age, the lens through
which we view software testing is
evolving, revealing facets of this crucial
process that many people outside the
industry might not be aware of. Software
testing has become an essential
component of organisations and their
digitisation efforts.
Here I will discuss the lesser-known aspects
of testing automation, the unique
challenges British software testers face, the
delicate balance between humans and AI
and the ever-intriguing world of testing bots.
THE HIDDEN LAYERS OF TESTING
AUTOMATION
While there are many benefits of test
automation, such as enhanced efficiency
and broader coverage, implementation
often means there are many pros and
cons that need to be considered. Beyond
speed and repeatability, test automation
introduces a nuanced debate around the
high initial investment in tools and
training, the criticality of test design
quality, and the irreplaceable value of
human insight.
I believe the sophistication of testing
automation lies not just in its ability to
perform tasks, but in the strategic
planning and continuous refinement it
demands from teams to truly reap its
benefits. It is this double-edged sword
that illustrates the intricate balance
organisations must adopt to harness the
full potential of automation without
succumbing to its pitfalls.
THE CHALLENGE: SOFTWARE TESTING
IN THE DIGITAL FAST LANE
In the UK, the velocity of digital transformation
brings to the forefront unique challenges for
software testers. The rapid adoption of AIdriven
tools and advanced testing frameworks
necessitates a higher level of expertise, while
pressure to maintain quality in an accelerated
development timeline exacerbates the existing
backlog of testing tasks.
This scenario is further complicated by the
UK's strict regulatory landscape, demanding a
meticulous approach to ensure compliance
alongside functional excellence. British testers,
therefore, find themselves at the crossroads of
technological advancement and regulatory
rigor, pushing the boundaries of traditional
testing methodologies.
THE WORK-AI BALANCE IN THE
INTERNET OF THINGS ERA
As IoT solutions proliferate, the interplay
between human efforts and AI in testing has
become of critical importance. Automation,
driven by AI, is not just about coding efficiency
but ensuring the reliability and quality of
increasingly complex IoT systems. This
paradigm shift highlights the importance of
sophisticated testing and test automation
frameworks that can adapt to the nuanced
requirements of IoT solutions. In return, I
believe that the emphasis on quality over
quantity, and strategic integration of AI in
testing processes underscores a broader trend
towards achieving a sustainable balance that
supports innovation, whilst preserving the
integrity of digital solutions.
DEMYSTIFYING TESTING BOTS
I believe testing bots, powered by AI, represent
a revolutionary stride in automating the
software testing process. By leveraging artificial
intelligence these bots streamline the initial
phases of test planning and execution, offering
a glimpse into the future where software
30 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: SOFTWARE TESTING
testing becomes more adaptive and
sophisticated.
The automation of test generation and
execution through these bots not only enhances
efficiency but also fosters a proactive approach
to quality assurance, allowing teams to address
potential issues well before they escalate.
Testing bots, thus, exemplify the innovative
application of AI in refining and advancing the
entire software testing paradigm.
EMBRACING COMPLEXITY: THE PATH
FORWARD IN SOFTWARE TESTING
From experience, it is evident that the future of
software testing lies in embracing
complexity. This means recognising
and effectively dealing with
complex situations and
challenges that arise from
advancements in
technology,
automation, and
digital
transformation. Complexity in this context can
refer to the intricate nature of software being
developed, the introduction of sophisticated
tools and methods for testing, the integration
of AI and automation, and the need to adapt
rapidly to change.
I believe that to thrive in this evolving
landscape, individuals, teams, and
organisations involved in software testing must
be willing to embrace this complexity. This
involves being open to learning new skills and
adopting innovative testing methods. It also
includes leveraging advanced tools, and being
flexible enough to handle increasingly complex
software systems and the dynamic tech industry.
I think that for organisations across the
UK, embracing complexity not only
facilitates effective problem-solving and
innovation but also enhances the quality
improvement of software testing processes.
This, in turn, ensures that all software meets
the ever-growing and changing demands of
users and industries in a rapidly evolving
digital landscape. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 31

OPINION: SECURITY TRAINING
DESIGNING FOR HUMANS
NEIL THACKER, CISO FOR EMEA AT NETSKOPE, EXPLAINS WHY
THE ENTERPRISE SHOULD USE NUDGE THEORY TO EDUCATE
EMPLOYEES
The recent UK cybersecurity breaches
survey found that three quarters of
businesses report that cybersecurity is
a high priority for senior management (up
5% from the previous year). It's no surprise
that business leaders are clocking onto its
significance, given that cyber attacks
continued to hit major UK institutions
across 2023.
The British Library, for example, faced a
major cyber attack in October 2023 and
last month published a full report of the
incident to help drive learnings for
companies across the UK. The report
recommended that cyber-risk awareness
and expertise be instilled in senior
leadership, and it hammered home the
importance of regular staff training.
Certainly, many businesses today roll out
annual cybersecurity training to their
employees. In fact, it's a lucrative industry:
the security awareness training market hit
$5.6 billion last year.
IN ONE EAR, EVERY YEAR?
Last year, social engineering techniques,
where a bad actor targets employees to
gain access to systems or data - and tricks
them into handing over credentials or data
or perform a certain action - were the most
popular form of attacks. It's clear,
therefore, that the people within an
organisation must be encouraged to
continuously identify these social
engineering attempts.
However, there is little evidence that
annual cybersecurity training influences the
day-to-day security awareness and culture
of an organisation. In fact there is growing
recognition that annual cybersecurity
awareness training is not effective.
Businesses need to ensure employees
engage with positive cyber behaviours
regularly, but how is this possible without
exhausting people with training?
A SIMPLE NUDGE
Nudge Theory is a psychological theory
used across industries to help guide
behaviour toward more positive outcomes,
and it's showing traction in cybersecurity.
It's a behavioural science approach that
uses subtle tools to help people make
better decisions in the moment. For
example, public recycling bins in the UK
often have an opening to match the item
they're used for, to help remind people how
to dispose of items correctly (circular holes
for cans and plastic bottles and flat holes
for paper). It streamlines the operation,
making the right decision the easiest one
to follow.
This same approach can be used in
cybersecurity, by designing cybersecurity
training so that the correct way of using a
device, network or cloud application is
also the easiest one so people are less
inclined to bypass rules and subsequently
increase cyber risk.
INVISIBLE GUIDES
Making the right option the easiest path is
a form of transparent nudging, and it's
effective because it does not require the
employee to take any additional steps to
achieve a desired goal. It removes
obstacles that can act as a barrier between
an individual's, or company's, best
intentions. In the world of cybersecurity, a
general enforcement of a cyber hygiene
mandate will not drive behavioural
change, because people simply follow
directions to meet minimum requirements.
32 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK

OPINION: SECURITY TRAINING
If the easiest pathway to achieving a task is
in line with a cyber hygiene mandate, it is
much more likely to be followed.
In other words, if employees can
understand why and how they can impact
the business, and the path to protecting the
business is easy and frictionless, they'll buy
into this positive culture. The enterprise
needs to see the shift as easy, and not
something that introduces extra processes
and steps just to get their job done.
Regular nudges help cybersecurity training
stay top of mind and create lasting
behavioural change.
On the opposite end, an enterprise with
poor network performance will cause
employees to find workarounds, not for
malicious reasons but simply to find an
easier, more efficient way to do their job.
For example, enterprises with poor
performance VPN's that have an impact on
performance may find that many
employees are circumventing these security
controls altogether (by disabling and going
directly to the internet, for example),
bypassing the security control.
DELIBERATE FRICTION
Making the correct pathway seamless and
easy is one side of the coin, but it's also
important to make sure there is a level of
friction when employees start to veer off the
correct path and make high-risk decisions.
Security tools that use friction to
intentionally slow down the decisionmaking
process - forcing an employee to
spend more time considering their options
- can help them make better choices.
Real-time employee coaching is an
example of a mechanism to limit a certain
high-risk behaviour. It's a highly worthwhile
feat because it provides continuous
education and reinforcement in exactly the
way that annual training lacks. It's a
chance for employees to contextualise their
knowledge and prevent their cybersecurity
awareness from being forgotten.
Both transparent and non-transparent
nudges in cybersecurity architecture are
crucial to help guide employees to truly
understand and engage in cyber best
practices and play their part in defending
the enterprise against threats. It's a staple
that should be prioritised above the
limitations of annual cybersecurity training
for organisations to tackle the complex
landscape in an increasingly digital world.
ABOUT NEIL THACKER
Neil holds over 25+ years of experience
within the information security industry,
currently serving as EMEA CISO for
Netskope. He has been recognised by his
peers as a leader in the industry including
being selected in the CSO30 for 2022,
shortlisted for an unsung hero award and
awarded MVP in consecutive years (2021
& 2022) by his Netskope peers.
Neil is advisory board member to the
Cloud Security Alliance (CSA) and former
advisor to ENISA EU agency for
Cybersecurity. He is also co-founder and
board member to the Security Advisor
Alliance (SAA), a non-profit organisation
focused on promoting the industry to the
next generation and ensuring that
students, teachers, and schools have the
resources and mentorship necessary to
foster the cybersecurity professionals of
the future. NC
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards
MAY/JUNE 2024 NETWORKcomputing 33

OPINION: CO-MANAGED IT
CAN YOU MANAGE IT?
BARRY O'DONNELL AT TSG CONSIDERS THE IMPORTANCE OF SOURCING CO-MANAGED IT
SERVICE FROM AN INDEPENDENT PROVIDER
In-house IT teams across every industry can
face all manner of challenges and
disruptions in their day-to-day processes,
and while technology is becoming more
accessible and demystified, it is important to
ensure that you have a team that understands
emerging technology. This is where comanaged
IT services, which offer a
collaborative approach to supporting your
organisation, can act as a solution. Offering a
collaborative approach to IT support with
external resources and expertise for managed
IT, co-managed IT services can remove some
of the strain your in-house team experiences.
But what exactly can they assist with?
EXPERTISE AND SPECIALIST RESOURCES
When you partner with a co-managed IT
services provider, you unlock expertise and
specialised skills that you may not have had
access to previously. Your in-house team will
have knowledge that excels in certain areas
but may not cover all the information
necessary to address every question, query,
and challenge effectively. This is where comanaged
IT services providers are useful, as
they have a deep level of expertise in
various technologies in several sectors. As a
result, your team receives comprehensive
support regardless of their query, issue, or
requirement.
FLEXIBLE AND SCALABLE
Every business has different demands for their
IT infrastructure which can vary throughout the
year, whether that's due to requirements from
the wider business, seasonal trends, or
unexpected dilemmas. Having a co-managed
IT services provider can help your
organisation obtain a level of flexibility
previously unavailable to them.
This means that they're able to scale the
resources available for requirements of all
sizes flexibly, whether you're expanding into
new markets, supporting unexpected user
influxes, or dealing with large-scale software
updates. No matter the significance, comanaged
IT allows for responsive and reactive
processes.
24/7 SUPPORT
IT services rely on being able to respond to
disruptions of all scales to prevent extended
periods of downtime. Not only can downtime
have a significant effect on operations within
businesses, they can also have a knock-on
impact on customer satisfaction. Outsourcing
monitoring and support to co-managed IT
services can be a game-changer and a
proactive approach. Using tools and
resources, they can offer help 24/7,
minimising downtime while increasing system
reliability and improving productivity. This puts
the focus back on achieving your business
goals rather than being concerned with
possible disruptions.
STRATEGIC PLANNING
Co-managed IT service providers can also
support with strategic guidance and planning
ahead for your organisation to achieve longterm
goals. This can be done thorough
examination and assessment of the existing
infrastructure to identify areas of improvement
and offer advice.
These can range from innovative solutions
such as the integration of more modern
technology, to automation and optimising
spending to support operational efficiency.
Co-managed service providers can also help
build out IT roadmaps for the future, meaning
that no matter how quickly the landscape of
technology changes, your in-house team will
be able to adapt fast and stay competitive.
COST-EFFECTIVE
Partnering with a co-managed IT service can
be a cost-effective way to achieve your
operational goals. Using the resources and
expertise of the provider means that the costs
associated with recruitment, training, and
retention of quality in-house employees are
removed completely from the process,
making it a more cost-effective alternative.
They can also offer flexible pricing models
to truly optimise what you're spending to get
the services that you require. Overall, this can
be a cost-saving solution to maintain and
grow your digital infrastructure without
straining your budget. By offering a strategic
partnership that works closely with existing inhouse
IT teams, co-managed IT services offer
a level of assistance that can leverage the
expertise and resources necessary to keep
your business optimal. This also allows
companies to better build strategies for their
future, with the knowledge of what's required
and the flexibility to scale these projects. NC
34 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards
WWW.NETWORKCOMPUTING.CO.UK