Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
NETWORKcomputing<br />
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk<br />
THE FINAL FRONTIER FOR NTNS<br />
The challenges threatening the success<br />
of non-terrestrial networks<br />
OPTIMISING NETWORK<br />
INNOVATION<br />
Tips for a cost-conscious<br />
climate<br />
TESTING TIMES<br />
Why software testing<br />
automation matters<br />
FUELING AI SYSTEMS<br />
Best practices for dealing<br />
with data<br />
MAY/JUNE 2024 VOL 33 NO 02
CSPs NEED CAPACITY THAT<br />
SHIPS PREPARED FOR DUTY<br />
Supermicro delivers<br />
complete, rack-ready<br />
systems, from validation<br />
through SW installation.<br />
Powered by<br />
AMD EPYC TM processors.<br />
Accelerate your cloud.<br />
Learn more at<br />
www.supermicro.com/csp<br />
© Supermicro and Supermicro logo are trademarks of<br />
Super Micro Computer, Inc. in the US and other countries.
COMMENT<br />
COMMENT<br />
"AND OUR 2024 WINNER ARE..."<br />
As we go to print with this issue the winners of the 2024 Network Computing<br />
Awards have just been unveiled at an awards ceremony in central London (timing<br />
is everything!). We'll have a full round-up of all of our winners in our next issue<br />
but they include Netreo, who won both the Network Infrastructure Product of the Year<br />
and Testing/Monitoring Product of the Year Awards and Veritas, winners of the Storage<br />
Product of the Year and Product of the Year categories for Veritas Backup Exec.<br />
Hornetsecurity were winners of the Data Protection Product of the Year award for 365<br />
Total Protection as well as the Bench Tested Product of the Year award (Software and<br />
Services Category) for 365 Permission Manager, while NetAlly's CyberScope Air wireless<br />
network security scanner won the Bench Tested Hardware category. The Network Security<br />
Product of the Year award was won by WatchGuard's Firebox M Series and Prism DCS<br />
triumphed in the Customer Service category, while Zeus Cloud took home the trophy in<br />
the One To Watch Company category.<br />
Congratulations once again to all of our winners and a big 'thank you' to our sponsors<br />
and everyone who took the time to vote online. You will find a complete list of the 2024<br />
winners and runners-up on the awards website: https://networkcomputingawards.co.uk<br />
and we'll have a full round-up in our next issue.<br />
REVIEWS:<br />
Dave Mitchell<br />
DEPUTY EDITOR: Mark Lyward<br />
(netcomputing@btc.co.uk)<br />
PRODUCTION: Abby Penn<br />
(abby.penn@btc.co.uk)<br />
DESIGN: Ian Collis<br />
(ian.collis@btc.co.uk<br />
SALES:<br />
David Bonner<br />
(david.bonner@btc.co.uk)<br />
SUBSCRIPTIONS: Christina Willis<br />
(christina.willis@btc.co.uk)<br />
PUBLISHER: John Jageurs<br />
(john.jageurs@btc.co.uk)<br />
Published by Barrow & Thompkins<br />
Connexion Ltd (BTC)<br />
35 Station Square,<br />
Petts Wood, Kent, BR5 1LZ<br />
Tel: +44 (0)1689 616 000<br />
Fax: +44 (0)1689 82 66 22<br />
SUBSCRIPTIONS:<br />
UK £35/year, £60/two years,<br />
£80/three years;<br />
Europe:<br />
£48/year, £85/two years £127/three years;<br />
ROW:<br />
£62/year, £115/two years, £168/three years;<br />
Subscribers get SPECIAL OFFERS — see subscriptions<br />
advertisement; Single copies of<br />
Network Computing can be bought for £8;<br />
(including postage & packing).<br />
© 2024 Barrow & Thompkins<br />
Connexion Ltd.<br />
All rights reserved.<br />
No part of the magazine may be<br />
reproduced without prior consent, in<br />
writing, from the publisher.<br />
Stepping away from the awards stage, you'll find articles in this issue that offer advice<br />
on optimising your network in a cost-conscious climate and consider how to keep pace<br />
with the latest innovations in a period of rapid digital change. According to Cisilion's<br />
Nathan Ashby "We've moved from keeping the lights on and building reliable infrastructure<br />
to business transformation. We cannot use the same mindsets as we once did to<br />
ensure the success of our businesses. As such the network's driving force now is to<br />
enable business outcomes - which means we need to reinvent the network approach."<br />
We also look at the future of the wireless network - both terrestrial and non-terrestrial -<br />
and learn about the challenges faced by British software testers, and how software testing<br />
automation can help. And we've done plenty of testing of our own this issue with our<br />
latest product reviews, which include Highlight's Service Observability Platform and<br />
Portnox Cloud's UAC (unified access control) solution. NC<br />
GET FUTURE COPIES FREE<br />
BY REGISTERING ONLINE AT<br />
WWW.NETWORKCOMPUTING.CO.UK/REGISTER<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 03
MAY/JUNE 2024 VOL 33 NO 02<br />
CONTENTS<br />
CONTENTS<br />
M A Y / J U N E 2 0 2 4<br />
NETWORKcomputing<br />
I N F O R M A T I O N A N D C O M M U N I C A T I O N S – N E T W O R K E D www.networkcomputing.co.uk<br />
THE FINAL FRONTIER FOR NTNS<br />
The challenges threatening the success<br />
of non-terrestrial networks<br />
OPTIMISING NETWORK<br />
INNOVATION<br />
Tips for a cost-conscious<br />
climate<br />
TESTING TIMES<br />
Why software testing<br />
automation matters<br />
FUELING AI SYSTEMS<br />
Best practices for dealing<br />
with data<br />
BUILDING A SUCCESSFUL AI<br />
STRATEGY............................12<br />
Skip Levens at Quantum provides three<br />
best practices for dealing with data to<br />
create better AI systems<br />
THE FINAL FRONTIER FOR NON-<br />
TERRESTRIAL NETWORKS.........26<br />
Nancy Friedrich at Keysight Technologies<br />
explains how we can expand aerospace<br />
and defence connectivity by moving from a<br />
terrestrial to hybrid space / ground network<br />
NETWORK INNOVATION......10<br />
Alan Stewart-Brown at Opengear gives us five<br />
top tips for network innovation while Nathan<br />
Ashby at Cisilion explains why our networks<br />
need to work harder and more intelligently<br />
IT’S THE OFFICE, BUT NOT AS<br />
WE KNOW IT.........................24<br />
Principle Networks' Ian Wharton considers<br />
the future of the wireless network - and why<br />
the office we once knew no longer exists<br />
TESTING TIMES......................30<br />
Guy Arieli at BlinqIO gives us an overview<br />
of software testing automation - and<br />
explores why it really matters<br />
COMMENT.....................................3<br />
"And our 2024 winner are..."<br />
INDUSTRY NEWS.............................6<br />
The latest networking news<br />
ARTICLES<br />
OBSERVANT I.T.................................8<br />
By Martin Saunders at Highlight<br />
IT’S NOT OFFENCE OR DEFENCE -<br />
IT’S BOTH!......................................14<br />
By Ed Williams at Trustwave<br />
FOUR KEY STEPS TO STRENGTHEN<br />
CLOUD SECURITY..........................16<br />
By Guy Warren at ITRS<br />
ADVANCING NETWORK<br />
EFFICIENCY....................................18<br />
By Richard Petrie at LINX<br />
YOU SHALL NOT PASS!...................20<br />
By David Higgins at CyberArk<br />
REVOLUTIONISING YOUR NETWORK<br />
FOR TOMORROW’S DIGITAL NEEDS..16<br />
By Nathan Ashby at Cisilion<br />
HOLISTIC DATA CENTRE DESIGNS<br />
FOR THE AI ERA..............................28<br />
By Sam Bainborough at Vertiv<br />
DESIGNING FOR HUMAN..............32<br />
By Neil Thacker at Netskope<br />
CAN YOU MANAGE IT?..................34<br />
By Barry O’Donnell at TSG<br />
REVIEWS<br />
HIGHLIGHT SERVICE OBSERVABILITY<br />
PLATFORM........................................8<br />
NETALLY CYBERSCOPE AIR..............11<br />
EXAGRID EX189..............................15<br />
PORTNOX CLOUD..........................19<br />
04 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
INDUSTRY NEWS<br />
NEWSNEWS<br />
NEWS NEWS<br />
NEWS NEWS NEWS NEWS<br />
NEWS NEWS<br />
Enhanced Network Tester and Cable Qualifier from TREND<br />
TREND Networks has announced major enhancements to its<br />
SignalTEK 10G Network Throughput Tester and Cable<br />
Qualifier, introducing a suite of features aimed at simplifying<br />
operation, expanding functionalities, and improving overall<br />
user experience. The SignalTEK 10G now offers users more<br />
intuitive options with the new Basic Operation mode. With the<br />
goal of streamlining Cable and Network Qualification testing,<br />
this option is tailored to accommodate both novice and<br />
experienced users, simply requiring a choice between copper<br />
and fibre and the speed the user wishes to qualify, ranging from<br />
10Mbps to 10Gbps for copper (including 2.5 and 5Gbps<br />
Multigig), and 1Gb or 10Gb for fibre.<br />
The SignalTEK 10G also now supports data transmission testing<br />
at 1G and 10G using a single 10G SFP+ module, removing the<br />
need for separate SFP modules for varying fibre speeds. The<br />
addition of fibre length and dB Loss measurement via SFP/SFP+<br />
modules sets a new standard for qualification testers, enabling<br />
fibre qualification based on data transmission (BERT), cable<br />
attenuation (dB loss), and cable length, adhering to IEEE<br />
Ethernet, TIA, or ISO cabling standards. TREND has also listened<br />
to user feedback and simplified the interface management.<br />
Zyxel offer WiFi 7 for the price of WiFi 6<br />
Zyxel Networks has launched a special promotion that gives<br />
customers WiFi 7 for the price of WiFi 6 as a way of<br />
highlighting the performance, quality and value of the latest<br />
addition to its leading range of access points. For an unspecified<br />
period, the company's NWA130BE WiFi 7 access point will be<br />
available at a discounted price through Zyxel partners, enabling<br />
customers to future-proof their networks for a longer period<br />
without making a higher investment.<br />
It also means both MSPs and end-user customers can get<br />
experience the full benefits of Nebula, Zyxel's cloud<br />
management platform, which provides simple remote<br />
management capabilities and built-in security, and harnesses the<br />
power of AI and machine learning to save time and maximise<br />
network performance and availability.<br />
Rachel Rothwell, Senior Regional Director, UK and Ireland,<br />
Zyxel Networks, said: "We are making this offer, not only to<br />
demonstrate our absolute commitment to delivering exceptional<br />
value to our customers, but also because we are totally<br />
confident in the performance, consistence and quality of our<br />
WiFi 7 solutions. By investing in WiFi 7 today, SMBs can benefits<br />
from the highest speeds and reliable connectivity, and futureproof<br />
their networks for longer."<br />
Vertiv SmartCabinet rack for applications at the edge<br />
Vertiv has introduced the Vertiv SmartCabinet ID, an all-in-one,<br />
fully sealed single-rack enclosure that delivers cooling, power,<br />
and environmental protection for applications at the network<br />
edge. The SmartCabinet ID is available now iwith multiple rack<br />
sizes and cooling capacity options, including 24U and 42U<br />
racks, and 3.5 kW and 7.0 kW of cooling capacity.<br />
The sealed SmartCabinet ID solution protects the enclosed IT<br />
equipment against dirt, dust, and fluctuating temperatures typical<br />
of warehouses, factory floors, and other common edge locations,<br />
and is IP54-rated for water-resistance, providing protection in<br />
case of indoor sprinkler system activation. Integrated emergency<br />
fans also provide backup cooling in the event of a power outage<br />
or a primary cooling module failure. A built-in touchscreen<br />
display with communication capabilities enables local or remote<br />
monitoring and control of key components, while alarms and<br />
notifications for local and remote users can be customised to<br />
alert to out-of-spec ambient conditions.<br />
06 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
INDUSTRY NEWS<br />
Complete data centre liquid-cooled solutions<br />
Supermicro is addressing the most demanding requirements<br />
from customers who want to expand their AI and HPC<br />
capacities while reducing data centre power requirements.<br />
"Supermicro continues to work with our AI and HPC customers to<br />
bring the latest technology, including total liquid cooling solutions,<br />
into their data centers," said Charles Liang, President and CEO of<br />
Supermicro. "Our complete liquid cooling solutions can handle up<br />
to 100 kW per rack, which reduces the TCO in data centres and<br />
allows for denser AI and HPC computing. Our building block<br />
architecture allows us to bring the latest GPUs and accelerators to<br />
market, and with our trusted suppliers, we continue to bring new<br />
rack-scale solutions to the market that ship to customers with a<br />
reduced time to delivery."<br />
Supermicro application-optimised high-performance servers are<br />
designed to accommodate the most performant CPUs and GPUs<br />
for simulation, data analytics, and machine learning. The<br />
Supermicro 4U 8-GPU liquid-cooled server delivers petaflops of AI<br />
computing power in a dense form factor with the NVIDIA<br />
H100/H200 HGX GPUs. Supermicro will soon ship liquid-cooled<br />
Supermicro X14 SuperBlade in 8U and 6U configurations, the<br />
rackmount X14 Hyper, and the Supermicro X14 BigTwin. Several<br />
HPC-optimised server platforms will support the Intel Xeon 6900<br />
with P-cores in a compact, multi-node form factor. In addition,<br />
Supermicro continues to ship the broadest portfolio of liquid cooled<br />
MGX Products in the industry, and has confirmed its support for the<br />
new Intel® Gaudi® 3 accelerator and AMD's MI300X accelerators.<br />
Hippodrome Casino holds all the aces with Extreme<br />
The Hippodrome Casino, an iconic entertainment landmark in<br />
London's Leicester Square, now relies on Extreme's WiFi 6E<br />
solutions, data centre and edge switches, analytics and cloud<br />
management platform to improve network performance,<br />
streamline operational efficiency and provide first-class guest<br />
experiences. In partnership with ITHQ, the Hippodrome deployed<br />
a new wired and wireless network across its six-story facility,<br />
delivering improved network reliability, flexibility and security.<br />
For the Hippodrome - which consists of three casinos, eight<br />
bars, a theatre, multiple restaurants and a three-story roof<br />
terrace - ensuring uninterrupted WiFi availability is imperative to<br />
delivering amazing guest experiences while maintaining<br />
seamless operations. The historic entertainment venue can now<br />
rely on a dynamic and adaptable network that is easy to<br />
manage and provides enhanced visibility and insights to drive<br />
organisational objectives.<br />
Philip Mitchell, IT Director, The Hippodrome Casino said "While<br />
the robustness of the WiFi solution is key for operations, on the<br />
back end they are producing an amazing amount of customer<br />
data for our analytics teams to look at. We can clearly see the<br />
amount of traffic going through each particular system and the<br />
impact our improved solutions are making on the business. Our<br />
systems show that not only has the amount of monitored<br />
endpoints doubled, but the number of alerts has actually<br />
reduced to one-sixth of what they were."<br />
CyberArk set to acquire Venafi for $1.5bn<br />
CyberArk has signed a definitive agreement to acquire Venafi,<br />
a leader in machine identity management, from Thoma<br />
Bravo. This acquisition will combine Venafi's machine identity<br />
management capabilities with CyberArk's identity security<br />
capabilities to establish a unified platform for end-to-end<br />
machine identity security at enterprise scale.<br />
The combination of Venafi's certificate lifecycle management,<br />
private Public Key Infrastructure, IoT identity management and<br />
cryptographic code signing, with CyberArk's secrets management<br />
capabilities will enable organisations to protect against misuse and<br />
compromise of machine identities, vastly improve security, and<br />
stop costly outages. Having a breadth and depth of options for<br />
machine identity security all in one solution - deployable as SaaS<br />
or hybrid - will enable faster risk mitigation for organisations of all<br />
sizes looking to secure modern cloud environments.<br />
NEWS NEWSNEWS<br />
NEWS<br />
NEWS NEWS NEWS NEWS NEWS<br />
NEWS<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 07
OPINION: NETWORK OBSERVABILITY<br />
OBSERVANT I.T.<br />
MARTIN SAUNDERS, COO AT HIGHLIGHT OUTLINES THE TOP 5<br />
IT OBSERVABILITY ISSUES COSTING BUSINESSES TIME AND<br />
MONEY - AND HOW TO SOLVE THEM<br />
Technology is the lifeblood of modern<br />
business and every outage can directly<br />
impact an organisation's performance,<br />
revenue and reputation. To thrive, they must<br />
streamline support processes and improve their<br />
ability to observe the full stack of IT services, in<br />
order to ensure that the employee and<br />
customer experience is at its best. To this end,<br />
here are five ways that IT operations can<br />
increase their use of data to improve decisions<br />
and create quantifiable advantages:<br />
1. Getting what you paid for and ensuring the<br />
network delivers what is promised.<br />
Communication service providers are the<br />
backbone of many IT operations, as well as<br />
being a significant part of an IT budget.<br />
Maximising this relationship can save both<br />
money and reputations - but the problem is<br />
that most providers are unable to provide<br />
effective proof of delivery.<br />
One of the first things to do is confirm that<br />
service level agreements (SLAs) are being met.<br />
Rather than rely on the service provider, look<br />
for tools that will capture and utilise persistent<br />
performance metrics and native SLA scoring<br />
(including maintenance windows and<br />
exceptions) for both individual connections<br />
and grouped services. In this way, IT and<br />
network managers can hold their providers to<br />
account and reclaim credits where required.<br />
2. The network is rarely to blame - but how to<br />
prove it? Increasing dependence on the core<br />
network and application services means that<br />
it's hard to determine the source of issues,<br />
which can increase meantime-to-repair when<br />
outages occur.<br />
With access to persistent network data,<br />
separated into categories (such as<br />
Broadband, Cellular, WiFi, LAN, Switches and<br />
Applications), managers will be far better<br />
equipped to pinpoint the source of problems<br />
immediately. It's important to make sure that<br />
you have an observability solution in place to<br />
make metrics from these different categories<br />
both understandable and comparable.<br />
3. Centralised IT support structures are<br />
forced to be reactive. Every outage in an<br />
organisation has the potential to result in lost<br />
revenues. The issue is that IT support teams<br />
cannot be in every office or branch and by the<br />
time an issue is reported, it is often too late.<br />
Creating a support process that is proactive<br />
rather than reactive will deliver considerable<br />
benefits for both support teams and users.<br />
Seek a flexible alerting suite with customisable<br />
sensitivity to ensure that problems are flagged<br />
long before they become outages, with alerts<br />
integrated with support ticketing platforms.<br />
4. Bandwidth requirements are always<br />
changing and difficult to estimate. The<br />
continually changing and increasing<br />
technology requirements of a business will<br />
stretch bandwidth capability. This is<br />
combined with an absence of ways to<br />
effectively measure and plan capacity,<br />
forcing either expensive over-specification or<br />
compromised reliability.<br />
Access to data on network consumption and<br />
application performance will make capacity<br />
decisions based on real data far more accurate.<br />
The latest tools will identify broadband speeds,<br />
WiFi AP utilisation and analyse trends alongside<br />
a reporting engine that removes the guesswork<br />
from capacity planning.<br />
5. Your network can't always be uniform.<br />
Different regional requirements and legacy<br />
technologies in different offices or branches will<br />
fragment support processes, lowering efficiency<br />
and increasing training costs. Whilst the<br />
network may not be uniform, the view of it can<br />
be. Tools that show the location and a servicecentric<br />
view of network estates presenting all<br />
the data in a standardised way will help ensure<br />
a more uniform support process.<br />
More IT teams are looking to increase<br />
their use of data to improve decisions and<br />
create quantifiable advantages. Many are<br />
looking to achieve complete service<br />
observability with standardised data<br />
delivering insights across multi-tenants,<br />
multiple technologies and SLA reports that<br />
go beyond complex technical monitoring.<br />
With a clear understanding of how complex<br />
systems are performing, organisations can<br />
identify significant events before they cause<br />
an issue. NC<br />
08 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
PRODUCT REVIEW<br />
Highlight Service<br />
Observability<br />
Platform<br />
PRODUCT REVIEW<br />
PRODUCT<br />
REVIEWPRODUCT RE<br />
In today's highly competitive landscape,<br />
businesses must ensure that the IT services<br />
they provide are delivering on all counts. With<br />
a track record going back over 20 years, UKbased<br />
Highlight has the solution, as its Service<br />
Observability Platform is designed from the<br />
ground up to provide senior managers with<br />
clear and unambiguous visibility into the<br />
technologies and services that business success<br />
depends on.<br />
Delivered as a SaaS cloud platform, Highlight<br />
scales across all business types, ranging from<br />
single sites to global enterprises with multiple<br />
locations and technologies in play. Value is<br />
another compelling feature as you only pay for<br />
what you need and unlike some competitors<br />
Highlight is transparent about pricing, with its<br />
entry-level subscription costing £500 per month,<br />
supporting up to 100 devices.<br />
Highlight's vendor-agnostic approach means<br />
there's little beyond its remit as it integrates with<br />
over 85 vendor services. Typical<br />
communications technologies supported include<br />
MPLS, SD-WAN, broadband, cellular, LAN and<br />
Wi-Fi, and it works hand in glove with all main<br />
vendors including Cisco, Cisco Meraki, Fortinet,<br />
Aruba, Juniper, Cradlepoint and ThousandEyes.<br />
Deployment is uncomplicated as Highlight has<br />
minimal requirements and, unlike some other<br />
competitors, doesn't need additional investment<br />
in on-premises hardware. It leverages API<br />
connectivity to cloud orchestrators, such as<br />
those from Cisco and Fortinet, uses agents to<br />
report on SNMP compliant network devices and<br />
assesses application visibility and availability with<br />
NetFlow data exports.<br />
Highlight runs collections every three minutes,<br />
retains all metrics data for a year and summary<br />
reports indefinitely allowing long-term<br />
comparisons to be conducted. Security is a top<br />
priority as all data is encrypted using SSL prior to<br />
transit to the Highlight cloud platform.<br />
The informative portal opens with an Explorerstyle<br />
tree in its left pane showing only the<br />
locations, services, networks and devices that<br />
are permitted by the user's role. This makes it<br />
ideal for complex networks and multi-tenancy<br />
environments as it can present all relevant<br />
connections in views that are simple to<br />
understand. The top-level view uses a unique<br />
combination of 'Heat Tiles' and traffic light<br />
indicators to show at-a-glance summaries of<br />
service, network and device status so you can<br />
quickly identify pain points. The portal is very<br />
easy to navigate and it takes seconds to drill<br />
down for more information, as you can traverse<br />
from top-level estate views to individual<br />
connections in no more than two clicks.<br />
Highlight grades all issues into three categories<br />
so you can quickly see stability, load and health<br />
of all services and locations. It maintains<br />
essential consistency across all views regardless<br />
of the technology, connection or vendor. Tests<br />
on routers and switches include connection<br />
performance analysis. These determine packet<br />
loss and delay and will be invaluable to network<br />
service managers, as they can verify bandwidth<br />
SLAs with users and give them high levels of<br />
visibility into the network services being<br />
delivered.<br />
Alert smoke screens are avoided as Highlight<br />
employs sensitivity controls which can be<br />
customised for stability, load and health.<br />
Inherited settings mean that sensitivity controls<br />
for an entire estate can be deployed with one<br />
click. Highlight uses webhooks and email for<br />
integration with many third-party workflow<br />
automation products, including ServiceNow and<br />
AutoTask. It also uses APIs to integrate report<br />
data into external analysis systems such as<br />
Microsoft Power BI.<br />
The Highlight Service Observability Platform<br />
ensures that IT managers and support teams<br />
responsible for the smooth operation of business<br />
IT services are not living in a digital void. It's<br />
clearly capable of providing high levels of<br />
information in real-time about network service<br />
and application performance but presents it all<br />
in a format that anyone can understand, and its<br />
SaaS model makes it highly flexible and very<br />
affordable. NC<br />
Product: Highlight Service Observability Platform<br />
Supplier: Highlight<br />
Web site: www.highlight.net<br />
Telephone: +44 (0) 1483 209 970<br />
Price: Monthly Entry - 100 devices - £500 exc<br />
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 09<br />
NETWORKcomputing<br />
@NCMagAndAwards
OPINION: NETWORK INNOVATION<br />
OPTIMISING NETWORK INNOVATION IN A COST-CONSCIOUS CLIMATE<br />
ALAN STEWART-BROWN, VP EMEA, OPENGEAR GIVES US FIVE TOP TIPS FOR NETWORK<br />
INNOVATION AS I.T. BUDGETS DWINDLE<br />
In 1980, Robert Metcalfe's formulation,<br />
known as Metcalfe's Law, posited that a<br />
network's value increases exponentially with<br />
each new connected device. Decades later, in<br />
an era of billions of devices and server cores,<br />
we're witnessing a scale of connectivity that<br />
likely surpasses even what Metcalfe might have<br />
imagined. The current wave of IT<br />
transformation is notably driven by AI and<br />
Generative AI, significantly impacting business<br />
efficiency and necessitating robust network<br />
infrastructure investment.<br />
However, today's economic climate<br />
increasingly compels CFOs to scrutinise budget<br />
allocations more closely, presenting challenges<br />
in maintaining and innovating network<br />
infrastructure. To ensure networks remain fit for<br />
purpose amidst these issues, here are the top<br />
considerations for businesses.<br />
1. Invest in a unified management framework:<br />
Enterprise observability often reacts to issues<br />
only once problems like application failures, or<br />
connectivity losses, arise. The shift towards<br />
virtualisation and management fragmentation<br />
in the enterprise make it difficult to achieve the<br />
observability needed to not only troubleshoot,<br />
but to automate too. A management<br />
framework that connects to physical and virtual<br />
infrastructure through a single interface,<br />
coupled with management applications such as<br />
Splunk or Juniper's Apstra, creates a closed<br />
loop observability system which accelerates the<br />
time to problem resolution. It also provides the<br />
foundation for automation on day 0 and<br />
monitoring on day 2.<br />
2. Leverage automation and AI for more<br />
efficient operations: Automation, enhanced by<br />
AI can significantly increase operational<br />
efficiency and reduce errors. These<br />
technologies automate repetitive tasks such as<br />
checking configurations, authentication, and<br />
logging. However, without a unified<br />
management framework the full benefits of<br />
automation and AI will not be realised. While<br />
virtualisation and software-defined networking<br />
have essentially changed what is analogous to<br />
the product in industrial automation, the factory<br />
must be redesigned with a unified management<br />
framework. Otherwise the benefits will be<br />
restricted to single tasks.<br />
3. Multi-cloud and hybrid deployments provide<br />
opportunities: The drive for local application<br />
hosting due to latency and privacy concerns<br />
introduces the challenge of managing private<br />
cloud infrastructures. An emerging model is<br />
utilising public cloud infrastructure on premise.<br />
The public cloud provider is responsible for the<br />
Infrastructure as a Service (IaaS) and the<br />
desired degree of interconnection to the public<br />
cloud can be set. In some models, the network<br />
operator is responsible for managing the<br />
physical infrastructure and network connectivity.<br />
Meanwhile, the public cloud provider is<br />
responsible for the public cloud software<br />
platform. This enables the organisation to<br />
maintain the same tool chains and reduces the<br />
overall management burden.<br />
4. Additional security layers on networks are<br />
necessary: With increasing cybersecurity threats,<br />
additional security layers are essential. A unified<br />
management system that integrates security<br />
applications can ingest real time telemetry data<br />
and use AI to spot suspicious behaviour and<br />
respond to threats promptly. Full visibility and<br />
control over the network is critical to mitigate<br />
the risk of security breaches and reduce<br />
compliance risk and insurance cost.<br />
5. Embrace 5G and edge computing: As 5G<br />
becomes mainstream, edge computing is<br />
gaining prominence, enabling new applications<br />
and data processing closer to data collection<br />
points. 5G's rapid connections facilitate the<br />
transition as enterprises balance their network<br />
usage across data centres, the cloud, and the<br />
edge, benefiting high-response applications<br />
such as VR/AR and autonomous vehicles and<br />
accelerating technology adoption.<br />
Navigating network innovation amidst<br />
tightening budgets requires a strategic<br />
approach focusing on secure, cost-effective<br />
management frameworks like Smart Out-of-<br />
Band management. Such strategies underline<br />
the importance of a unified management<br />
framework for cost reduction, particularly<br />
during economic downturns. It promotes<br />
efficiency from initial deployment, through<br />
effective network monitoring and mitigating<br />
failures, ensuring substantial savings. In<br />
challenging economic times, organisations can<br />
enable the security of their network<br />
infrastructure moving forward, while<br />
maintaining focus on impactful customer<br />
experiences and ensuring profitable operations<br />
in tandem. NC<br />
10 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
PRODUCT REVIEW<br />
NetAlly CyberScope<br />
Air<br />
PRODUCT REVIEW<br />
PRODUCT<br />
REVIEWPRODUCT RE<br />
When NetAlly launched its CyberScope<br />
last year it proudly hailed it as the<br />
world's first wired and wireless<br />
handheld network vulnerability scanner capable<br />
of providing in-depth cybersecurity analysis and<br />
reporting. NetAlly has now released the<br />
CyberScope Air, which places all the same great<br />
features in the hands of technicians responsible<br />
for wireless security at the network edge.<br />
As you'd expect, the CyberScope Air fully<br />
supports Wi-Fi 6/6E networks and brings<br />
visibility into the 6GHz band, where it can<br />
connect at its full data rate and capture<br />
frames. It's capable of providing a wealth of<br />
information including site surveying, analysis<br />
and troubleshooting tools, network discovery,<br />
L2 and L3 path analysis, short-term monitoring<br />
facilities with real-time wireless measurements<br />
and trend graphs that highlight network<br />
changes over time.<br />
The CyberScope Air identifies all Wi-Fi and<br />
Bluetooth/BLE devices, shows where they are<br />
connected and can easily spot rogue access<br />
points (APs). Even better, it identifies everything<br />
on wireless networks including IoT, OT and<br />
unmanaged devices.<br />
Vulnerability scanning gets a big boost as the<br />
CyberScope Air runs the well-respected Nmap<br />
utility. It can perform on-demand scans for<br />
endpoint audits using built-in or custom scripts<br />
and neatly integrates Nmap with its AutoTest<br />
and network discovery tools. The device also<br />
works directly with NetAlly's Link-Live cloud<br />
portal for topology mapping, analytics and<br />
remote control. Link-Live sees a significant<br />
upgrade as it adds an interactive dashboard<br />
view of discovery results and WiFi data to<br />
provide technicians with an 'at a glance'<br />
snapshot of what is happening on their<br />
wireless networks.<br />
The CyberScope Air runs the same Androidbased<br />
OS as NetAlly's other handheld analysis<br />
products, which will appeal to novices as well as<br />
technicians and engineers. As we've frequently<br />
said in previous NetAlly product reviews - if they<br />
can use a mobile, they can use the CyberScope<br />
Air. The 5in. colour touchscreen presents icons<br />
for quick one-tap access to all tasks and you<br />
can install other third-party Android apps. The<br />
screen's FAB (floating access button) opens<br />
floating action menus offering instant access to<br />
further analysis tools related to the selected task.<br />
The CyberScope Air is easy to use and for<br />
testing, we created new AutoTest Wi-Fi profiles<br />
that connected to the lab's Netgear WAX630E<br />
and Zyxel WAX640S-6E tri-band APs over their<br />
6GHz radios using WPA3 encryption. Profiles<br />
are started with one tap and after 25 seconds,<br />
they reported back with an incredible amount of<br />
wireless information presented as 'cards' colour<br />
coded to indicate warnings or errors.<br />
The Wi-Fi test discovers internal and external<br />
wireless networks with the Channels map screen<br />
offering an extra Map 6E tab. You can drill<br />
down for more details on channels, active<br />
SSIDs, associated APs, encryption schemes,<br />
connected clients and detected Bluetooth/BLE<br />
devices.<br />
Nothing can hide from the Discovery tool<br />
which presented us with a list of every device on<br />
our network - including some we didn't know<br />
about that warranted further investigation.<br />
Nmap is another one-tap app where you can<br />
run any of the predefined tests or create your<br />
own scripts for deeper endpoint analysis.<br />
After claiming the device for our Link-Live<br />
portal account, we could upload test results,<br />
browse them at our leisure and share them with<br />
colleagues. The interactive dashboard view is<br />
very impressive as it presents a heap of graphs<br />
showing the number of discovered Wi-Fi<br />
devices, SSIDs, channels in use, active<br />
encryption schemes and much more.<br />
The combination of powerful diagnostics<br />
tools and vulnerability scanning makes<br />
NetAlly's CyberScope Air a highly desirable<br />
tool for technicians tasked with maintaining<br />
wireless network security. It's remarkably easy to<br />
use and clearly capable of filling the security<br />
gaps that common network monitoring<br />
products leave behind. NC<br />
Product: CyberScope Air<br />
Supplier: NetAlly<br />
Web site: www.netally.com<br />
Telephone: +44 (0)115 865 5676<br />
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 11<br />
NETWORKcomputing<br />
@NCMagAndAwards
OPINION: AI STRATEGIES<br />
BUILDING A SUCCESSFUL AI STRATEGY<br />
SKIP LEVENS, DIRECTOR, MEDIA AND<br />
ENTERTAINMENT AT QUANTUM PROVIDES THREE<br />
BEST PRACTICES FOR DEALING WITH DATA TO CREATE<br />
BETTER AI SYSTEMS<br />
As organisations<br />
everywhere look to<br />
harness the<br />
transformative benefits of AI,<br />
finding ways to effectively implement<br />
this ground-breaking technology is<br />
proving challenging. According to<br />
Gartner, 85% of all AI projects fail to<br />
produce positive outcomes for businesses<br />
and a significant number of R&D projects<br />
never make it to production.<br />
To realise on the promise of AI,<br />
however, organisations will first need<br />
to be able to successfully<br />
operationalise it. This involves<br />
feeding AI models with training<br />
data gathered from a variety of<br />
sources in the most efficient and<br />
resilient way possible.<br />
Ultimately, an AI solution will<br />
only be as good as the data and<br />
metadata content it has to work<br />
with. Plus, this data needs to<br />
be appropriately organised<br />
and labelled to make it both<br />
accessible and easily<br />
searchable.<br />
To maximise the success<br />
of their AI projects,<br />
organisations will need<br />
to implement an endto-end<br />
infrastructure<br />
that makes it possible<br />
to capture fresh data<br />
and update AI models<br />
in a highly adaptive<br />
manner.<br />
GETTING TO GRIPS WITH AI<br />
When it comes to building AI systems,<br />
organisations operating in specialist<br />
arenas such as healthcare, law,<br />
construction, or tax and accountancy<br />
often utilise foundational AI models<br />
featuring predefined data sets and<br />
algorithms.<br />
These general AI models are then<br />
trained to undertake analysis for specific<br />
tasks. For example, a medical research<br />
firm might train a model using a massive<br />
repository of millions of MRT images so it<br />
can learn to detect cancer cells.<br />
Meanwhile, an insurance firm might look<br />
to utilise AI and machine learning to<br />
identify patterns and anomalies that are<br />
indicative of fraud.<br />
To ensure these software models<br />
perform as expected, however,<br />
organisations will need to fuel and scale<br />
these generic foundational AI models<br />
using both structured and unstructured<br />
data. Let's look at three best practice<br />
principles that should underpin a data<br />
management strategy that is optimised<br />
for AI.<br />
1. AI and data: why data is king<br />
Training an AI model to undertake<br />
specific tasks successfully depends on the<br />
quantity, quality, and variety of the<br />
underlying data the model has access to.<br />
The more data a model is trained on,<br />
the better it is able to learn to perform<br />
tasks, and the resulting output will be<br />
more accurate and comprehensive. By<br />
12 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION: AI STRATEGIES<br />
using pre-existing data and new data<br />
sources to augment their AI models,<br />
organisations will be able to build more<br />
robust and higher precision models<br />
faster and at a much lower cost.<br />
When it comes to jumping ahead of<br />
the competition, the ability to collect<br />
and integrate data sources that are<br />
difficult for competitors to obtain will<br />
help to generate significant<br />
marketplace advantage. Since this data<br />
comes from a company's own content<br />
libraries, it will be uniquely adapted to<br />
an organisation's real-world business<br />
needs and operations.<br />
As recognition grows that<br />
organisations that can leverage their<br />
own unique data are better placed to<br />
shift from reliance on generic generalpurpose<br />
models and more likely to<br />
achieve a highly personalised and<br />
effective AI integration, the importance<br />
of being able to retain as much<br />
information as possible and establish<br />
data pipelines that can be readily<br />
integrated has risen to the fore. In<br />
particular, the ability to analyse,<br />
catalogue, and tag unstructured data is<br />
now key.<br />
2 Streamlining the collection,<br />
organisation, and labelling of data<br />
The efficient organisation and<br />
preparation of data is critical to the<br />
performance of AI models and recent<br />
technology advances are making it easier<br />
for organisations to unlock maximum<br />
value from their unstructured data.<br />
Today's AI-infused storage<br />
infrastructures now make it easy to<br />
ingest unstructured data and index,<br />
tag, and catalogue this data so it can<br />
be leveraged for AI applications.<br />
Providing the holistic data overview<br />
organisations need to oversee and<br />
curate data for a wide range of AI<br />
solutions, these storage platforms<br />
feature AI algorithms that ensure data<br />
is easily searchable and reusable for AI<br />
and analysis. For example, these<br />
platforms are able to search for<br />
content based on attributes such as<br />
people, places, things, and even<br />
sentiment.<br />
In addition to simplifying and<br />
automating data access and sharing<br />
for AI resources, these modern AIenabled<br />
storage platforms also deliver<br />
the end-to-end data management<br />
needed to enable high-performance<br />
data ingest for AI applications.<br />
Importantly, they also provide the<br />
long-term archiving capabilities that<br />
are essential for building the massive<br />
data stores that will support analysis.<br />
This is something that is vital for<br />
organisations that need the scalable<br />
capacity required for enabling new AI<br />
initiatives as business needs evolve and<br />
AI models expand and become more<br />
enriched.<br />
3 Unlocking efficient AI workflows<br />
To accelerate their journey to an<br />
effective, high-speed, and integrated<br />
AI infrastructure, organisations will<br />
need to find ways to extend their<br />
existing object recognition library so<br />
they can create AI-friendly content<br />
production workflows.<br />
By incorporating both data and AI<br />
models on the same platform,<br />
organisations will be able to streamline<br />
how they use data. They will also be<br />
able to take advantage of existing<br />
object recognition libraries to easily<br />
extend their general-purpose library for<br />
maximum commercial advantage.<br />
While competitors get entangled in<br />
undertaking resource-intensive manual<br />
content tagging, organisations that can<br />
initiate AI-friendly content production<br />
workflows will be able to use data sets<br />
to extend existing object or action<br />
identification models 'on the fly'. For<br />
example, if an organisation has built<br />
an AI model to identify images of owls,<br />
it can quickly pivot this model to find<br />
tagged images of zebras.<br />
CAPTURING VALUE AND<br />
FUELLING AI<br />
AI is only as good as the data it is built<br />
on and organisations looking to scale<br />
their AI ambitions will need to ensure<br />
they initiate the solid data foundation<br />
needed to achieve effective AI<br />
outcomes. Rather than relying on<br />
standard AI solutions and models, they<br />
should ideally look to infuse their AI<br />
models with data that is closely aligned<br />
to their business objectives and unique<br />
operational nuances.<br />
By utilising models that are fed with<br />
data leveraged from across their<br />
business, organisations will be able to<br />
train and re-train their models to<br />
generate more accurate and relevant<br />
predictions and insights. Adding new<br />
features and continually customising AI<br />
models whenever new needs are<br />
identified.<br />
To achieve all this and more,<br />
organisations will need to establish<br />
best practices that enable teams to<br />
store, manage, analyse, and use large<br />
volumes of valuable unstructured data<br />
wherever and whenever required. For<br />
this, an end-to-end AI-enabled<br />
infrastructure will be critical for<br />
managing data assets and automating<br />
data preparation and deployment, so<br />
that models can be retrained with new<br />
data and efficiently managed in<br />
production. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 13
SECURITY UPDATE<br />
IT'S NOT OFFENCE OR DEFENCE - IT'S BOTH!<br />
ED WILLIAMS, VP EMEA CONSULTING AND PROFESSIONAL SERVICES AT TRUSTWAVE, ON WHY A<br />
BALANCED CYBERSECURITY STRATEGY SHOULD BE YOUR ULTIMATE GOAL<br />
With cyber attacks targeting every<br />
business, no matter the size, industry,<br />
or region, the traditional reactive<br />
approach to cybersecurity - while it has its<br />
place - simply isn't enough. Organisations<br />
need an offensive and proactive approach<br />
that can address the full spectrum of exposure<br />
to threats. This not only requires cybersecurity<br />
basics, but also a comprehensive<br />
understanding of their unique vulnerabilities<br />
across the entire attack surface, which need to<br />
be identified before they become a problem.<br />
GOING ON THE OFFENSIVE<br />
It's easy to tell businesses to introduce offensive<br />
security into their strategy - but what does this<br />
really mean? On the surface, the term<br />
offensive security may be misleading. It does<br />
not mean attacking threat groups; instead, it is<br />
a proactive and adversarial approach to<br />
fortifying computer systems, networks, and<br />
individuals from cyberattacks.<br />
In addition to relying on more defensive<br />
cybersecurity measures like managed detection<br />
and response (MDR), email security, firewalls,<br />
or database security, security teams must not<br />
only actively hunt for intruders in a system, but<br />
also test for weaknesses and paths an<br />
adversary can take to gain entry.<br />
Offensive cybersecurity can be made up of<br />
an array of solutions such as penetration<br />
testing, threat intelligence, threat hunting,<br />
and red teaming; each have their merits.<br />
Threat intelligence, especially threat<br />
intelligence as a service that is human-led<br />
and contextualised for the individual<br />
business, serves as an early warning of risks<br />
to brand reputation, infrastructure, and<br />
overall security posture.<br />
Red teaming - expert-led testing and<br />
simulated attacks - provides realistic breach<br />
scenarios, identifies gaps before bad actors<br />
can exploit them, and pushes security teams to<br />
their limits to prepare for worst-case-scenarios.<br />
Meanwhile, behavioural-based threat hunting<br />
goes beyond alerts to find the threats that<br />
evade traditional tools, stopping hidden threats<br />
before the damage is done.<br />
No matter which route a business takes, the<br />
important thing to remember is that offensive<br />
cybersecurity translates into being proactive<br />
and getting ahead of adversaries. The<br />
approach delivers the necessary real-world<br />
testing of an organisation's personnel, policies,<br />
and systems, in order to provide a realistic view<br />
of its security posture and prepare it for the<br />
inevitability that a cyberattack will occur.<br />
REMEMBERING THE BASICS<br />
While offensive cybersecurity plays a vital role<br />
in a business' cybersecurity strategy, it isn't the<br />
whole picture, and it won't be effective if the<br />
basics of cyber hygiene are forgotten.<br />
Businesses can get distracted by shiny new<br />
solutions and approaches, but these should<br />
build on existing measures to create holistic<br />
coverage, not replace them.<br />
Before moving onto bigger investments, every<br />
business must have initial security measures<br />
such as strong passwords, adequate policies<br />
and audits, and strong vulnerability and patch<br />
management in place. Although top-level<br />
attacks will always change, ranging from either<br />
supply chain, ransomware, or phishing, the<br />
fundamentals under the hood will always be<br />
the same, so an overarching strategy should<br />
remain consistent too.<br />
ACTIONABLE TAKEAWAYS<br />
While adding new approaches to a<br />
cybersecurity strategy can be daunting, it<br />
doesn't all have to happen overnight. As a first<br />
step, it's vital all organisations do the basics<br />
really well. Once those are established, the<br />
goal should be to start moving towards a more<br />
offensive approach.<br />
Adding in a solution such as threat<br />
intelligence as a service will provide<br />
organisations with timely, contextualised, and<br />
prioritised insights which serve as a basis for a<br />
holistic and proactive security strategy.<br />
Meanwhile, penetration testing and red<br />
teaming will simulate cyberattacks, identifying<br />
vulnerabilities, across processes, people, and<br />
technology, and giving organisations ways of<br />
mitigating the issues identified.<br />
Ultimately, the goal of offensive cybersecurity<br />
is to get ahead of an attacker, block possible<br />
routes before they become an issue, and<br />
provide an organisation with a realistic view of<br />
its security posture from an attacker's<br />
perspective. Coupling this with defensive<br />
measures will give organisations improved<br />
coverage, limited exposure, and enhanced<br />
overall resilience. NC<br />
14 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
PRODUCT REVIEW<br />
ExaGrid EX189<br />
PRODUCT REVIEW<br />
PRODUCT<br />
REVIEWPRODUCT RE<br />
Enterprises facing rapidly growing backup<br />
demands and ever shrinking windows of<br />
opportunity need to rethink their data<br />
protection strategies. ExaGrid has these<br />
demands covered however, as their Tiered<br />
Backup Storage systems deliver a smart scaleout<br />
solution, and the latest EX189 model takes<br />
density into the stratosphere with an industryleading<br />
12PB of raw backup capacity in 64U<br />
of rack space.<br />
The EX appliances differ dramatically from<br />
other backup storage solutions as each one<br />
adds compute with capacity that linearly<br />
scales as data grows. A key feature of the<br />
new range is their form factor has significantly<br />
increased capacity while reducing rack space<br />
per appliance from 4U to 2U for a<br />
substantial increase in rack storage density<br />
and a considerable reduction in power and<br />
cooling requirements.<br />
Any of its seven EX models can be mixed<br />
together in a single scale-out system<br />
comprising up to 32 appliances. Even better,<br />
ExaGrid's price protection guarantees ongoing<br />
maintenance costs won't be more than 3% per<br />
year and the initial price you pay for<br />
appliances will be the same for additional units<br />
over the following five years.<br />
ExaGrid's deduplication avoids the backup<br />
and restore performance compromises many<br />
other solutions suffer from. Its appliances<br />
present a Landing Zone where data received<br />
from the backup application is written to it in<br />
undeduplicated form allowing ExaGrid to claim<br />
an unprecedented ingest rate for the EX189 of<br />
up to 516TB/hr for a 6PB full backup.<br />
Along with the Landing Zone, data is also<br />
written to a Repository Tier on the appliances<br />
during backup operations where it is<br />
compressed and deduplicated. This dual<br />
approach has big performance benefits as the<br />
landing zone accelerates restore operations by<br />
up to 20 times, as data doesn't require<br />
rehydration and decompression.<br />
Deployment is undemanding as the<br />
appliances are 100% customer installable and<br />
can be implemented in one hour, with initial<br />
backups occurring the same day. The ExaGrid<br />
appliances present their storage as CIFS or<br />
NFS shares, Veeam Data Mover and Veritas<br />
OST, and work with over 25 enterprise class<br />
backup applications.<br />
Backups are prime ransomware targets for<br />
cybercriminals but ExaGrid has you covered, as<br />
although the Landing Zone is network facing,<br />
the repository has a tiered air gap between the<br />
Landing Zone and the non-network-facing<br />
Repository Tier, which is only visible to the<br />
ExaGrid software. There's more valuable security<br />
as ExaGrid's Retention Time-Lock (RTL) provides<br />
a deeper defence against ransomware attacks.<br />
RTL delays delete requests to the non-networkfacing<br />
Repository Tier that come into the<br />
Landing Zone via the user network or backup<br />
app. The requests will be carried out in the<br />
Landing Zone but when a time-lock period is<br />
applied, they have no impact on the retention<br />
repository. To configure a site Retention Time-<br />
Lock period you click on its icon in the main<br />
admin dashboard and enter a value in days,<br />
and even this setting is protected as changes<br />
must be verified by a user with the ExaGrid<br />
Security Officer role. Any attempts to change it<br />
result in a request being sent to this user where<br />
it appears in their console awaiting approval.<br />
New features include support for Veeam<br />
Backup for M365 and the S3 protocol with<br />
object locking for immutable storage. This<br />
allows the appliances to function as object<br />
storage targets for Veeam and enforce its S3<br />
object locks in both the landing zone and the<br />
Repository Tier.<br />
ExaGrid's EX appliances are a natural choice<br />
for enterprise data backup and disaster recovery<br />
as they deliver an easily deployed, highly flexible<br />
and high performing scale-out storage solution.<br />
Their innovative data protection features keep<br />
ransomware attacks at bay and ExaGrid's<br />
flagship EX189 appliance offers a huge backup<br />
capacity that defies belief. NC<br />
Product: EX189<br />
Supplier: ExaGrid<br />
Web site: www.exagrid.com<br />
Tel: +44 (0) 1189 497 051<br />
Sales: UKSales@exagrid.com<br />
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 15<br />
NETWORKcomputing<br />
@NCMagAndAwards
OPINION: CLOUD SECURITY<br />
4 KEY STEPS TO STRENGTHEN CLOUD SECURITY<br />
BUSINESSES ARE ACCELERATING THEIR ADOPTION OF CLOUD SERVICES, BUT THIS JOURNEY DOES<br />
NOT COME WITHOUT SECURITY RISKS CAUTIONS GUY WARREN, CEO AT ITRS, THE IT<br />
MONITORING AND OPERATIONAL RESILIENCE FIRM<br />
Driven by a surge in digital services and<br />
the growth of hybrid working,<br />
enterprises across all sectors have<br />
been flocking to the cloud. Gartner estimates<br />
85% of organisations will embrace a cloudfirst<br />
principle by 2025, while 95% of new<br />
digital workloads will be deployed on cloudnative<br />
platforms.<br />
However, adopting a cloud-first strategy is<br />
far easier said than done. Not only does it<br />
involve a whole host of legal, regulatory and<br />
privacy risks, but also replacing legacy<br />
technology can disrupt important business<br />
operations. Many businesses may therefore<br />
be unaware of the security risks they face<br />
when adopting cloud services. Here are four<br />
key steps that firms can take to bolster their<br />
cloud security:<br />
1. SCALE SAFELY<br />
When it comes to cloud technology, it's a<br />
common misconception that external threats<br />
pose the greatest risk, often causing internal<br />
sources of vulnerability to be overlooked. In<br />
fact, the most common vulnerabilities come<br />
from when firms make changes to their own<br />
IT systems. This is because as businesses<br />
grow, they may seek new software or tools<br />
that require manual configuration which can<br />
be prone to human error.<br />
To mitigate this risk, businesses looking to<br />
scale up should implement products and<br />
systems that can also scale in line with<br />
company growth.<br />
2. PRIORITISE EMPLOYEE EDUCATION<br />
It's estimated that a huge 56% of all incidents<br />
originate from the innocent mistakes of<br />
employees, costing organisations $6.6 million<br />
annually. As a result, it is imperative that staff<br />
are trained to have a sufficient level of<br />
understanding and knowledge when it comes<br />
to identifying cloud threats and handling<br />
cloud data as safely as possible. Taking steps<br />
to educate employees about common threats<br />
and best practices for securely handling cloud<br />
data can help enable firms detect issues faster<br />
and reduce the likelihood of insider threats<br />
that come from employee mistakes.<br />
3. PLAN FOR ALL SCENARIOS<br />
As well as taking preventative measures<br />
against incidents, businesses need to make<br />
sure they have stringent plans in place should<br />
an outage or malicious attack occur.<br />
Despite the importance planning for all<br />
eventualities, 84% of UK IT leaders admit that<br />
they are unsure as to whether cloud security is<br />
their responsibility or that of the cloud service<br />
provider. Firms should make sure that they<br />
have a clearly defined responsibility model so<br />
they can adopt a coordinated response<br />
against vulnerabilities. This means should an<br />
incident occur, they can take the necessary<br />
steps to mitigate its impact more effectively.<br />
4. IMPLEMENT MONITORING<br />
SOLUTIONS<br />
The implementation of monitoring tools is<br />
essential for firms managing hybrid cloud<br />
environments. The vast majority (93%) of<br />
businesses use more than one cloud platform,<br />
meaning many may suffer from multi-cloud<br />
complexity. This makes it harder to have<br />
complete visibility across all platforms,<br />
increasing the risk of misconfigurations and<br />
vulnerability exposure.<br />
Implementing monitoring solutions for hybrid<br />
environments gives firms full visibility over their<br />
entire IT infrastructure, enabling them to<br />
manage multiple clouds through a single<br />
pane of glass. In addition to monitoring<br />
solutions, IT teams should also consider<br />
adopting cloud management tools to enable<br />
them to more clearly review the security<br />
settings of tenancies and report back<br />
vulnerabilities. Not only does this help firms<br />
detect incidents faster, but also improves<br />
operational efficiency, cost savings and time.<br />
AHEAD IN THE CLOUD<br />
Cloud computing brings many security benefits<br />
compared to applications hosted on-premise,<br />
but this doesn't mean it is without its own<br />
particular risks. With cloud adoption set to<br />
accelerate in the coming years, following the<br />
above steps can help businesses ensure that<br />
they have the right processes and technology<br />
in place to bolster their cloud security. NC<br />
16 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
EVENT ORGANISERS:<br />
Do you have something coming up that may<br />
interest readers of Network Computing?<br />
Contact dave.bonner@btc.co.uk<br />
FORTHCOMING EVENTS<br />
2024<br />
FORTHCOMING EVENTS<br />
FORTHCOMING EVENTS<br />
4-6<br />
JUNE<br />
13<br />
JUNE<br />
19<br />
SEPT<br />
2-3<br />
OCT<br />
20-21<br />
NOV<br />
INFOSECURITY EUROPE<br />
ExCel London<br />
www.infosecurityeurope.com<br />
2024 CIO/CISO DACH SUMMIT<br />
Frankfurt, Germany<br />
www.cdmmedia.com/events<br />
2024 CIO/CISO IRELAND SUMMIT<br />
Dublin, Ireland<br />
www.cdmmedia.com/events<br />
2024 UC EXPO EUROPE<br />
ExCel, London<br />
https://ucxevents.io/ucexpo/en/page<br />
/ucexpo-home<br />
DATA CENTRES IRELAND<br />
RDS, Dublin<br />
www.datacentres-ireland.com
OPINION: NETWORK DIVERSITY<br />
ADVANCING NETWORK EFFICIENCY<br />
A ONE-STOP APPROACH TO NETWORK DIVERSITY AND<br />
REDUNDANCY IS ONE THAT WORKS, ACCORDING TO RICHARD<br />
PETRIE, CTO, LINX (THE LONDON INTERNET EXCHANGE)<br />
In a more cloud-centric world, network<br />
engineers face the intricate task of<br />
managing escalating data traffic while<br />
conforming to demanding performance<br />
standards and security requirements.<br />
Enterprises are increasingly ready to migrate<br />
data and applications to the cloud, posing<br />
questions about network diversity, control<br />
and redundancy.<br />
The cloud-centric world is complex -<br />
organisations need multiple clouds, have<br />
multiple suppliers and use many different SaaS<br />
applications. In this year's Flexera State of the<br />
Cloud Report, 59% of respondents are using<br />
multiple public clouds. Addressing questions<br />
about network diversity, control, reliability and<br />
security is becoming increasingly important, as<br />
organisations migrate more data and<br />
applications to the cloud.<br />
Financial services is an example of a sector<br />
where institutions have begun to address<br />
concerns about resilient access and security<br />
that have restricted cloud adoption. Even<br />
cloud-native organisations without many<br />
physical locations to support still tend to<br />
overlook the underlying infrastructure necessary<br />
for their business agility and slick user-friendly<br />
processes. In many sectors, the need for<br />
network diversity, control and redundancy has<br />
led organisations to seek out the necessary<br />
skill, innovation and experience.<br />
Aware that the increasing use of AI, the<br />
growth of 5G and IoT, and dispersed, mobile<br />
working patterns will continue to increase<br />
latency, resilience requirements and network<br />
capacity, they are adopting strategies that<br />
enhance redundancy and bolster control,<br />
focusing on advanced aspects of network<br />
architecture. Engineers are transforming<br />
traditional set-ups to meet contemporary<br />
requirements, especially in sectors where<br />
latency is critical.<br />
Network diversity is necessary, and dealing<br />
with multiple providers to achieve it can be a<br />
complicated and drawn-out series of tasks,<br />
resulting in high costs. Using a neutral peering<br />
provider, free of any ties to a specific network,<br />
can simplify the process. A not-for-profit<br />
organisation like LINX strives to resolve many<br />
of these hassles, with more than 950 ASNs<br />
connecting from 80 different countries. It<br />
provides internet exchange points for its<br />
members and is more cost-effective as<br />
organisations use its internet exchange for<br />
ever-greater volumes of data.<br />
Having greater control is another important<br />
aspect of networking strategies. A<br />
conventional approach offers little in the way<br />
of transparency about which alternative route<br />
across the internet the traffic will take, as and<br />
when required.<br />
The danger is that the transit will take longer<br />
than it should, increasing packet loss, cost and<br />
security risk. Peering at an internet exchange<br />
like LINX ensures the route between network<br />
operators is more direct, reducing the number<br />
of hops while keeping traffic closer to the enduser.<br />
The gains for companies that deliver<br />
content, depend on streaming or are involved<br />
in gaming, are significant - reducing lag and<br />
buffering. A network-neutral approach offers<br />
increased network redundancy, giving<br />
companies control over who they peer with,<br />
and the route they take.<br />
With control comes greater security.<br />
Monitoring the end-to-end route taken by<br />
data, and having the approval of the peers it<br />
passes through, minimises the risks of DDoS<br />
and other cyber-attacks. But end-to-end<br />
visibility brings more advantages. It enables<br />
companies to understand the end-to-end<br />
data journey so they have insight into the<br />
user experience.<br />
Another important, but often-overlooked<br />
benefit of a membership organisation is the<br />
access to expertise from fellow professionals<br />
facing similar challenges. The technical aspects<br />
of achieving and maintaining networks can be<br />
substantial as data volumes increase and<br />
company and customer requirements change<br />
quickly, reacting to technical innovations or<br />
switches in market demand. A membership<br />
organisation of fellow network engineers with<br />
masses of experience makes all the difference,<br />
assisting with the rapid resolution of the<br />
difficulties that inevitably occur.<br />
It is vital that as cloud use expands, putting<br />
more pressure on networks, network engineers<br />
have access to the most comprehensive<br />
connectivity solutions to meet their complex<br />
needs. The technical solutions offered by<br />
internet exchange points like LINX are often<br />
overlooked by enterprises; however, they will<br />
be essential for building and maintaining a<br />
resilient network. NC<br />
18 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
PRODUCT REVIEW<br />
Portnox Cloud<br />
PRODUCT REVIEW<br />
PRODUCT<br />
REVIEWPRODUCT RE<br />
Network access control and endpoint<br />
security have a mixed reception in<br />
enterprises as many solutions are<br />
challenging to deploy, complex to manage and<br />
prohibitively expensive. Portnox Cloud avoids all<br />
these pitfalls as an affordable UAC (unified<br />
access control) solution that stands out by being<br />
the first and only cloud-native platform currently<br />
on the market. Unlike most legacy on-premises<br />
and cloud-managed UAC solutions, Portnox<br />
Cloud can use an agentless architecture, doesn't<br />
require any on-site appliances and can be up<br />
and running in as little as 30 minutes.<br />
Transparency in pricing is another compelling<br />
way Portnox brings value, as is only requiring<br />
you to pay for the components you need.<br />
Portnox Cloud comprises four main<br />
components - RADIUS authentication,<br />
TACACS+, Zero Trust NAC and Conditional<br />
Access for Applications. All components are<br />
managed from a single intuitive cloud portal,<br />
which seamlessly combines them to deliver<br />
essential security features such as passwordless<br />
authentication, risk posture assessment, network<br />
device administration, and compliance<br />
enforcement. Onboarding is swift and you can<br />
try it out first as a free 30-day trial with<br />
unrestricted access to all features. Once you<br />
have signed up, you are directed to create cloud<br />
RADIUS server instances for your company.<br />
Portnox uses N+2 redundant clusters for all<br />
wired, wireless and VPN authentication.<br />
The portal furnishes you with unique RADIUS<br />
server IP addresses, authentication and<br />
accounting port numbers plus shared secrets<br />
which you use to configure your network access<br />
servers. Portnox has internet outages covered as<br />
you can optionally deploy its local virtualised<br />
RADIUS servers to avoid any service disruption.<br />
Next, you integrate Portnox Cloud with your<br />
preferred authentication repository. There are<br />
plenty on its guest list including Microsoft Entra<br />
ID, Google Workspace and Okta Workforce plus<br />
local Active Directory and OpenLDAP instances.<br />
A key feature of Portnox Cloud is certificatebased<br />
authentication. This method elevates an<br />
organisation's security posture by preventing<br />
sharing credentials, reused/insecure passwords,<br />
and the ever-present danger of falling victim to a<br />
phishing or social engineering scheme. Standard<br />
credential-based authentication is supported<br />
(along with MFA), but certificate-based<br />
authentication is a superior option. Portnox will<br />
provide each organisation with a root certificate,<br />
or they can import their own. Businesses worried<br />
about the complexity and scale of certificate<br />
deployment to endpoints can rest easy as<br />
Portnox Cloud supports products that leverage<br />
the SCEP (simple certificate enrollment protocol)<br />
such as Microsoft InTune and Jamf.<br />
Portnox places employees and devices in<br />
groups that each have policies assigned to them<br />
to enforce access controls, privileges and<br />
requirements. Policies are highly flexible as they<br />
can, for example, use 802.1x to control wired<br />
network access, assign specific wireless SSIDs to<br />
group members or guests and define VPN access.<br />
Available for Windows, macOS, Linux, iOS and<br />
Android endpoints, Portnox AgentP is a lightweight<br />
software agent that takes access controls to the<br />
next level. It provides streamlined onboarding,<br />
particularly where certificates for user and device<br />
authentication are being used, and can gather a<br />
lot more information about endpoints such as the<br />
OS, user, installed applications, and system<br />
configuration. This extra information allows device<br />
risk policies that cover a plethora of options such<br />
as checking for unauthorised software,<br />
unencrypted disks, out-of-date antivirus, and<br />
more, when determining access. Other major<br />
benefits include automated endpoint remediation<br />
to ensure endpoints meet your criteria for network<br />
access and Portnox's Conditional Access for<br />
Applications service which enables SSO for secure<br />
access to web applications.<br />
Businesses concerned about the cost,<br />
complexity and management overheads<br />
associated with traditional NAC products will<br />
find Portnox Cloud very appealing. This unique<br />
cloud-native solution is simple to deploy and<br />
manage, doesn't require additional<br />
infrastructure investment and is available in a<br />
range of competitively priced subscriptions. NC<br />
Product: Portnox Cloud<br />
Supplier: Portnox<br />
Web site: www.portnox.com<br />
Tel: +1-855-476-7866<br />
Sales: sales@portnox.com<br />
WWW.NETWORKCOMPUTING.CO.UK MAY/JUNE 2024 19<br />
NETWORKcomputing<br />
@NCMagAndAwards
SECURITY UPDATE<br />
YOU SHALL NOT PASS!<br />
IT'S TIME TO EMBRACE THE FUTURE OF AUTHENTICATION AND<br />
MOVE TOWARDS PASSWORDLESS ACCORDING TO DAVID<br />
HIGGINS, EMEA TECHNICAL DIRECTOR AT CYBERARK<br />
Passwords are the<br />
first barrier to<br />
prevent data<br />
breaches, but<br />
individuals<br />
often have bad<br />
habits when it<br />
comes to choosing or<br />
regularly changing their<br />
password. In fact, despite all the<br />
requirements to make passwords truly<br />
secure, research shows that 75% of people<br />
globally don't respect widely-accepted best<br />
practices, with 64% using a weak password<br />
or just changing it slightly when asked to pick<br />
a new one.<br />
Overlooking the security implications of<br />
failing to choose a password that meets the<br />
standards is a real mistake and gives attackers<br />
incredible opportunities to infiltrate systems.<br />
Once they have their hands on valid<br />
password credentials, threat actors can easily<br />
elevate their privileges to an administrator or<br />
a superuser level, bypassing an organisation's<br />
identity security.<br />
Data breaches can severely impact a<br />
company's reputation and lead to major<br />
financial damage, so companies must make it<br />
a priority to improve password hygiene and<br />
implement a robust identity security strategy.<br />
As such, some organisations have started to<br />
adopt multi-factor authentication (MFA) to<br />
reduce the risk of attackers stealing<br />
credentials and gaining unauthorised access.<br />
With MFA, users can log into applications and<br />
access corporate networks and resources if<br />
they provide an additional form of verification,<br />
whether it's a code they received in their<br />
inbox, or a code momentarily displayed on<br />
their phone.<br />
However, companies adopting more secure<br />
approaches to log into applications means<br />
attackers have started to innovate to find<br />
creative ways to bypass MFA protections, such<br />
as stealing cookies, employing social<br />
engineering techniques or performing MFA<br />
fatigue-based attacks. So, while MFA remains<br />
more secure than traditional passwords, it's<br />
important to remember that there's always a<br />
way for attackers to undermine it.<br />
Companies must redouble their efforts to<br />
improve identity security. New attacks are the<br />
opportunity to go one step further and find a<br />
new way to combat the rising threat of data<br />
breaches - and while counterintuitive, a<br />
passwordless approach might be the solution.<br />
ENHANCING IDENTITY SECURITY AND<br />
STREAMLINING AUTHENTICATION<br />
Businesses are slowly starting to give up<br />
traditional passwords to adopt passwordless<br />
approaches. With passwordless<br />
authentication, individuals can confirm their<br />
identity in various ways - whether it's a QR<br />
code displayed at login or an SMS message<br />
with a one-time code - beyond a memorised<br />
password. This type of approach helps reduce<br />
risks of threat actors infiltrating networks, as<br />
private keys are unique and only accessible<br />
from the user's local device. Overall, identity<br />
security is enhanced.<br />
Additionally, it's easier and more convenient<br />
for both users and IT teams to remove<br />
passwords. Users no longer need to<br />
remember their password or change it<br />
20 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
SECURITY UPDATE<br />
regularly, and IT no longer need to spend<br />
time assisting employees with account<br />
unlocks and password resets. A<br />
passwordless approach also has a positive<br />
impact on productivity thanks to a more<br />
seamless sign-in experience.<br />
NAVIGATING THE TRANSITION TO<br />
PASSWORDLESS AUTHENTICATION<br />
It's important to keep in mind that, while<br />
passwordless technology brings significant<br />
benefits, going passwordless can't be done<br />
overnight - and some organisations might<br />
even never be able to adopt a completely<br />
passwordless approach. Removing<br />
passwords is a big commitment, particularly<br />
for businesses managing thousands of<br />
users, countless applications, hybrid and<br />
multi-cloud environments and complex<br />
login flows. There are just too many legacy<br />
systems deeply entrenched in IT<br />
infrastructure that require passwords.<br />
So, it's about finding the best approach for<br />
each company and what works from both<br />
an identity security and a cost point of view.<br />
The journey to passwordless authentication<br />
is unique to the requirements of every<br />
company, and the needs of every user.<br />
There is no one-size-fits-all approach. And<br />
with technology constantly evolving and<br />
user adoption increasing, successfully<br />
achieving an entirely passwordless<br />
environment involves a phased approach.<br />
CONSIDERING IAM SOLUTIONS TO<br />
SUCCESSFULLY MOVE TOWARDS<br />
PASSWORDLESS<br />
While completely eliminating passwords<br />
may pose challenges for some businesses,<br />
they can still reduce their dependence on<br />
them by adopting appropriate identity and<br />
access management (IAM) solutions that<br />
facilitate passwordless functionalities.<br />
When when assessing IAM solutions,<br />
organisations should prioritise specific<br />
capabilities:<br />
1. Zero sign-on (ZSO) uses robust<br />
cryptographic standards such as certificates<br />
and mixes user identities with contextual<br />
information such as device fingerprints and<br />
security posture. It is the first pillar of a true<br />
passwordless solution. With ZSO, users can<br />
smoothly log in to their assigned<br />
applications and services once their devices<br />
have been checked and it's confirmed they<br />
meet security posture requirements. Users<br />
don't need any form of additional<br />
authentication. ZSO can be combined with<br />
other passwordless authentication factors<br />
best suited to the business requirements,<br />
enabling businesses to improve usability<br />
and increase identity security.<br />
2. FIDO2 Web Authentication (WebAuthn)<br />
is widely supported by nearly every identity<br />
vendor and plays a pivotal role in enabling<br />
passwordless authentication for typical end<br />
users. Along with FIDO2, FIDO's passkeys<br />
offer a new approach to achieving<br />
passwordless access across multiple<br />
devices, using users' devices' security<br />
capabilities to further enhance individuals'<br />
experience. These passkeys are also highly<br />
resilient to phishing attempts - in other<br />
words they can effectively mitigate attack<br />
vectors associated with MFA which<br />
necessitate human interaction.<br />
3. With remote work now a prevailing<br />
trend, ensuring secure access for<br />
employees accessing a corporate network<br />
through a VPN is essential. In particular,<br />
using adaptive MFA is recommended as<br />
this adds an extra layer of identity security<br />
to remote access, protecting the company's<br />
corporate network and on-site apps and<br />
resources, while ensuring a seamless login<br />
experience that continuously evaluates and<br />
adjusts as needed with passwordless factors<br />
based on contextual and risk analytics.<br />
Adaptive MFA as an approach is<br />
important and effective because it gives<br />
high-risk users or authorisation requests<br />
additional steps before access is granted<br />
and vice versa.<br />
4. To achieve a true passwordless<br />
experience, it's critical to deploy a solution<br />
that empowers users to self-enrol, replace<br />
and delete passwordless authenticators<br />
under appropriate security protocols, along<br />
with a wide variety of alternative<br />
passwordless authentication methods to<br />
choose from. For example, in the event of<br />
an individual losing their mobile phone, they<br />
should be able to replace the passwordless<br />
authenticator factor from various factors with<br />
the appropriate security controls.<br />
COMBATTING THREATS BY GOING<br />
PASSWORDLESS<br />
Although businesses are increasingly<br />
adopting multi-factor authentication (MFA)<br />
to reduce the risk of threat actors stealing<br />
their passwords, MFA is less of a silver<br />
bullet than originally thought. It seems<br />
passwordless authentication is the ultimate<br />
solution to prevent unauthorised access to<br />
corporate networks - and not only does<br />
this approach help improve identity<br />
security and organisational resilience<br />
against cyber threats, but it also enhances<br />
user experience.<br />
However, no company can go<br />
passwordless from day one. Such an<br />
approach requires strategy, planning,<br />
discipline and employee awareness. This<br />
implies receiving sufficient support from<br />
leadership to make sure all employees are<br />
educated on the best practices for<br />
efficiently and securely implement<br />
passwordless authentication. Additionally,<br />
collaboration with experienced and trusted<br />
vendors is key to a successful<br />
organisational adoption of passwordless<br />
approaches. For companies to be able to<br />
anticipate and prevent the threats, they<br />
must make sure the IAM providers they<br />
work with have the expertise required to<br />
support their security needs. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 21
OPINION: NETWORK INNOVATION<br />
REVOLUTIONISING<br />
YOUR NETWORK FOR<br />
TOMORROW'S<br />
DIGITAL NEEDS<br />
NATHAN ASHBY, SENIOR<br />
SOLUTIONS ARCHITECT AT<br />
CISILION EXPLAINS WHY OUR<br />
NETWORKS NEED TO WORK<br />
HARDER AND MORE<br />
INTELLIGENTLY TO DELIVER<br />
SUCCESSFUL BUSINESS<br />
OUTCOMES<br />
The rapid pace of digital change is<br />
driving network innovation. The question<br />
is now becoming whether your network<br />
can be agile and supportive of the growing<br />
business demands required to run the latest<br />
intelligent business apps. In turn our role as<br />
technology leaders is evolving from focusing<br />
on keeping the lights on to ensuring our<br />
solutions are agile enough to handle the next<br />
phase of digital transformation.<br />
Largely speaking, network architectures have<br />
followed the same blueprints built to move 1's<br />
and 0's around. While technology has evolved<br />
to in networks, it is too common that we build<br />
our networks with a core switch, access<br />
switches and perhaps a distribution layer<br />
depending on the size and the outcomes of the<br />
business. But with the complexities of AI, more<br />
and more sophisticated apps and hybrid<br />
working we need more innovative and<br />
intelligent networks to handle and deliver<br />
successful outcomes.<br />
SO, WHAT DOES INNOVATION IN<br />
THE NETWORK LOOK LIKE?<br />
Before we answer this, it is important to<br />
change our perspectives on what we design<br />
our networks for. One way to look at is to<br />
look at networks in terms of the workforce<br />
(people), workload (applications and tools<br />
the workforce is trying to access) and<br />
workplace (which is where we have seen<br />
most disruption in the last few years). We<br />
can think of these as our three W's.<br />
Networks need to be able to connect all<br />
these elements in different ways to enable<br />
the business to operate effectively.<br />
With this in mind, traditionally networks were<br />
built around everyone being in the same<br />
location with perhaps a little bit of remote<br />
access via a VPN, or to connect the business to<br />
a central DC hosting our business data and<br />
applications. However as our three W's<br />
changed this approach no longer aligns with<br />
our traditional networks.<br />
Even more so, we've moved from keeping the<br />
lights on and building reliable infrastructure to<br />
business transformation. We cannot use the<br />
same mindsets as we once did to ensure the<br />
success of our businesses. As such the<br />
network's driving force now is to enable<br />
business outcomes - which means we need to<br />
reinvent the network approach.<br />
With this in mind, connectivity and security<br />
are now foundational key outcomes, which<br />
must ensure a positive user experience, while<br />
also striving to improve sustainability. During<br />
the pandemic, we realised connectivity could<br />
be better as the workplace element changed.<br />
My workplace is no longer just in the office, it<br />
can be at home or in a coffee shop and so<br />
forth. We must consider how to integrate<br />
home users with our SD-WAN fabric or how to<br />
provide the same level of protection to<br />
someone sitting in a coffee shop as we do in<br />
the office, where we may have previously<br />
invested heavily in firewalls and security tools<br />
such as IPS etc.<br />
Businesses need to be building more dynamic<br />
infrastructures with the use of automation and<br />
better integration to address these changing<br />
needs. The adaptability of the network and the<br />
22 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION: NETWORK INNOVATION<br />
agility we can provide with software-defined<br />
fabrics are helping deal with this change,<br />
whether a change in the location of the<br />
workforce or workload. Automation from a<br />
networking infrastructure perspective drives<br />
change, reducing manpower hours on certain<br />
tasks and reenergising time for other activities.<br />
Automation can vary from Infrastructure-asa-Code<br />
(the managing and provisioning of<br />
infrastructure through code instead of through<br />
manual processes) to an engineer using<br />
simple Python to automate a repetitive task<br />
they would have done manually before. The<br />
value in automation is in automating regular<br />
tasks to save time.<br />
Innovative networks also need better<br />
programmability - the ability to interface<br />
with business software, for example, a<br />
management node for a network solution.<br />
It's about the ability to get data out and<br />
squeeze data in. Automation is about time<br />
saving, but integration is about pulling data<br />
out of one place and putting it in another<br />
place, either bidirectional or one directional,<br />
to improve business processes, for example<br />
SIEM integration.<br />
Programmability is about context and<br />
building a bigger picture too, for example, "I<br />
have observed some poor network conditions<br />
so I'm going to make some policy changes to<br />
improve it." From a security perspective it could<br />
be about providing some additional context<br />
between security solutions that are going to<br />
deliver a better level of threat protection.<br />
By adding Software-as-a-Service (SaaS) onto<br />
the network it can do more for the business; it<br />
is an enabler to drive better business outcomes.<br />
For example, integrating foundational security<br />
with new security layers that ensure security<br />
around home working. The key is to ensure<br />
your network is adaptable enough to be able<br />
to do use these SaaS solutions.<br />
It's not always necessary to build a new<br />
network to cope with today's complexities if<br />
you already have appropriate compute<br />
power available and the flexibility to increase<br />
and decrease workloads when needed. What<br />
is important is to ensure that, when you<br />
update software or try to integrate new<br />
software into the network, it results in a good<br />
user experience.<br />
User experience is critical to the success of<br />
your network. For example, chatbots are in<br />
high demand as a result of ChatGPT and the<br />
like, but there is also a lot you can do with<br />
simple chatbots. People like language driven<br />
results. For example, network engineers want<br />
to receive a message alert when there is an<br />
issue with the network, and they want to query<br />
it back in a chat as it's a more natural way of<br />
working and helps fit into their workload. It's<br />
also simple to get up and running quickly and<br />
doesn't require them to code because its<br />
already been created elsewhere and is<br />
available for wider use.<br />
Containerisation is another technique that<br />
allows for network innovation. It is important<br />
to network innovation because it provides a<br />
consistent runtime environment, enables<br />
continuous integration and continuous<br />
delivery, and is more efficient than virtual<br />
machines. Building virtual firewalls within our<br />
switches or using apps running natively, for<br />
example, can enable our already deployed<br />
infrastucture to drive quicker, more secure<br />
results. Containers use fewer resources and<br />
deliver higher utilisation of compute<br />
resources, which also helps with sustainability.<br />
It also makes it easier to scale applications up<br />
or down as needed, which is essential for<br />
modern network architectures.<br />
For network engineers these new networks<br />
require a move away from coding to working<br />
with scripts, which in turn requires a different<br />
mindset. If they can focus on the benefits that<br />
can be achieved from working in this new<br />
way and see the network as its own software<br />
platform then they don't have to reinvent the<br />
wheel. Lots of the material is already<br />
available off the shelf from vendors and<br />
managed service providers and through<br />
network communities such as the Cisco<br />
DevNet community.<br />
IT teams needs to assess how revolutionising<br />
their network with automation and AI will help<br />
deliver better business outcomes. Showing<br />
ROI is not often easy, which is why working<br />
with a managed service partner can help<br />
demonstrate this.<br />
Once you have a revolutionised the network<br />
using automation and new tools to drive new<br />
outcomes, strong user experience and high<br />
levels of security, what happens next? Plug it<br />
in and off you go, right? No, issues will still<br />
arise even with the best designs in the world,<br />
whether through user error or network<br />
outage. However, by making sure you have a<br />
good assurance plan and appropriate<br />
monitoring tools in place you can pick up on<br />
any issues quickly.<br />
A mature assurance solution, like Cisco's<br />
ThousandEyes, can prioritise and grade issues<br />
in terms of risk and cost. This is achieved by<br />
applying intelligence or machine learning to<br />
help interpret the data that the network spits<br />
out. This kind of visibility of what is happening<br />
across your network is now available to<br />
everyone, and can help change your response<br />
to issues from reactive to proactive. You can<br />
start to predict likely problems that can then<br />
be addressed before they occur - which is the<br />
ideal goal of an intelligent network.<br />
As technology evolves, our networks need to<br />
work harder and be more intelligent to deliver<br />
successful business outcomes. By harnessing<br />
automation and containerisation, and ensuring<br />
assurance across your network, you will be<br />
able to pioneer innovation to ensure continued<br />
business success. By doing so we can drive<br />
innovation in our networks and in turn ensure<br />
the best user and business outcomes, instead<br />
of just moving our 1's and 0's around. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 23
OPINION: WIRELESS NETWORKS<br />
IT'S THE OFFICE, BUT NOT AS WE KNOW IT<br />
IAN WHARTON, PRINCIPLE NETWORKS' TECHNICAL ARCHITECT, CONSIDERS THE FUTURE OF THE<br />
WIRELESS NETWORK - AND WHY THE OFFICE WE ONCE KNEW NO LONGER EXISTS<br />
The office as we know it no longer exists.<br />
Hybrid working has reshaped how we<br />
work and redefined the essence of the<br />
workplace. The modern workspace has<br />
become a multifunctional hub, blending work<br />
with client interactions and social events and<br />
at its core is a fast, reliable and secure<br />
wireless network.<br />
However, the shift to the modern office isn't<br />
as simple as updating old systems. It's a<br />
comprehensive overhaul which demands a<br />
fundamental reimagining of existing<br />
infrastructure and all that underpins it. The<br />
density of traffic travelling through today's<br />
networks is no longer akin to those of the past,<br />
which means on-premise Local Area Networks<br />
(LAN) and clunky, standard guest WiFi<br />
connections are no longer fit for purpose.<br />
Businesses want multifaceted networks that<br />
are about more than just connectivity. They<br />
want to create cloud-based environments that<br />
embody flexibility, adaptability and efficiency.<br />
Perceptions of wireless networks have<br />
changed, and expectations have risen.<br />
WHY IS THERE A DESIRE FOR CHANGE?<br />
For many organisations, the office wireless<br />
network hasn't been a priority. Incorporating<br />
guest Wi-Fi into existing infrastructure was<br />
considered enough. Fast-forward ten years,<br />
those same businesses are attempting to<br />
transition to the cloud and using the same<br />
network connection to host multiple users.<br />
Almost immediately, they found it had limited<br />
bandwidth and couldn't cope with the density<br />
of devices trying to connect.<br />
This approach is hindering innovation for<br />
businesses across the globe. A recent survey<br />
of over 500 IT decision-makers found that<br />
organisations spent an estimated 40% of their<br />
annual IT budget on maintaining legacy<br />
technology. Furthermore, 69% of respondents<br />
acknowledged that technical debt is hindering<br />
their ability to innovate.<br />
There has been a shift in what organisations<br />
need, want and expect from a wireless<br />
network. Why? Hybrid working is one reason,<br />
but another is the fact consumer brands have<br />
transformed our experiences as technology<br />
users. We now expect the same level of instant<br />
service in a working environment as we do<br />
when ordering clothes, food or taxis online.<br />
For example, hybrid working has made it<br />
possible for us to use public spaces such as<br />
coffee shops as a place to work. They offer<br />
instant, fast and secure internet access, which<br />
can be more appealing than going into the<br />
office. It has highlighted flexibility as the<br />
cornerstone of modern network infrastructure.<br />
Organisations need to match this with a<br />
network that seamlessly adapts to the dynamic<br />
24 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION: WIRELESS NETWORKS<br />
nature of the current working environment.<br />
When a new starter joins your organisation,<br />
they or any visitors must connect to your<br />
network. It's a benchmark of a modern<br />
business. It sounds simple. But, doing it right<br />
requires attention to detail and a strategic<br />
approach. Businesses need to create efficient<br />
wireless networks to meet their objectives.<br />
TRANSITIONING TO THE FUTURE<br />
The Department for Science, Innovation and<br />
Technology's (DSIT) Wireless Infrastructure<br />
Strategy, details the government's plan to<br />
deliver world-class wireless infrastructure<br />
across the UK by 2030. But how do we get<br />
there? Organisations need to move away from<br />
simplistic, standard networks and embrace<br />
more secure, user-friendly and cloud-based<br />
infrastructure that reflects the needs of the<br />
modern office. This shift should be a necessity<br />
and is driven by several key factors.<br />
Firstly, modern security concerns require a<br />
more robust network. Standard solutions often<br />
lack the required security measures to<br />
safeguard against a potential cyber-attack.<br />
Any attack could prove extremely costly to<br />
your business, whether financially or<br />
reputationally. The rise of hybrid working and<br />
the handling of sensitive data across dispersed<br />
environments means security protocols are<br />
imperative to maintain data integrity and<br />
minimise the threat of unauthorised access to<br />
a network.<br />
Secondly, scalability and flexibility are central<br />
to organisations' operations. Traditional<br />
networks can struggle to adapt to the evolving<br />
needs of multiple devices and a fluctuating<br />
workforce. Cloud-based infrastructure<br />
provides the required adaptability, scaling up<br />
or down to meet the changing needs without<br />
compromising network performance.<br />
The modern office demands a more intuitive,<br />
user-centric network experience. Cloud-based<br />
systems ensure a hassle-free connection<br />
across various devices and locations. This<br />
accessibility drives productivity and<br />
collaboration, delivering a user experience<br />
that surpasses physical boundaries.<br />
Optimised performance is another crucial<br />
factor when it comes to upgrading wireless<br />
networks. Cloud-based infrastructure can<br />
manage dense environments well. It ensures<br />
speed, latency, and reliability are not<br />
compromised, no matter how busy the<br />
network is. Transitioning to the cloud also<br />
facilitates ongoing innovation. It supports new<br />
technologies and enables the deployment of<br />
updated security measures. This is essential to<br />
businesses trying to stay ahead in a<br />
competitive marketplace.<br />
THE OFFICE WE ONCE KNEW NO<br />
LONGER EXISTS<br />
IT decision-makers can mould what the office<br />
of the future looks like. By prioritising network<br />
upgrades and designing a network<br />
infrastructure that aligns with their business<br />
objectives, they'll create a modern workspace<br />
that enables their business to thrive.<br />
It's about implementing networks that<br />
facilitate change rather than hinder it. The<br />
need to embrace future-ready infrastructure is<br />
imperative. It's time to overhaul legacy<br />
systems, transition to the cloud and build a<br />
secure, reliable and scalable network that<br />
drives success. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 25
OPINION: NTNs<br />
HOW TO OVERCOME THE FIVE CHALLENGES THREATENING NTN SUCCESS<br />
NANCY FRIEDRICH AT<br />
KEYSIGHT TECHNOLOGIES<br />
EXPLAINS HOW WE CAN<br />
EXPAND AEROSPACE AND<br />
DEFENCE CONNECTIVITY BY<br />
MOVING FROM A TERRESTRIAL<br />
TO HYBRID SPACE / GROUND<br />
NETWORK WITH VIRTUAL<br />
SIMULATION, EMULATION,<br />
AND DIGITAL TWIN<br />
TECHNOLOGY<br />
To heighten communications<br />
capabilities and improve situational<br />
awareness, military and government<br />
agencies increasingly leverage<br />
commercially developed technologies.<br />
Many plan to boost their connectivity<br />
capabilities with fifth generation (5G)<br />
non-terrestrial networks (NTNs). An NTN<br />
is a hybrid network, applying satellite<br />
communication (SATCOM) technology to<br />
extend existing 5G technology. 5G NTNs<br />
draw many features from 5G terrestrial<br />
networks and face many of the same<br />
challenges, adding higher reliability<br />
expectations for 5G NTN service<br />
compared to earlier SATCOM networks.<br />
To help assure performance of 5G NTN<br />
deployments, virtual simulation,<br />
emulation, and digital twin technology<br />
use RF system measurement science to<br />
deliver results beyond what is possible<br />
through physical testing alone.<br />
Despite the hype over the commercial<br />
possibilities of 5G NTN, it also promises<br />
to transform capabilities for aerospace<br />
and defence. Potential 5G NTN use cases<br />
for military and government include<br />
coverage for forward battlefields or<br />
focused special operations. NTNs also<br />
will provide coverage to restore<br />
communications in disaster areas<br />
experiencing widespread infrastructure<br />
outages. Among transportation use cases,<br />
NTNs support logistic in-transit tracking<br />
for long-haul trucking routes, rail lines,<br />
and maritime shipping lanes.<br />
FIVE CHALLENGES FACING NTN<br />
1 - More Data, Crowded Spectrum<br />
The hybrid 5G NTN provides obvious<br />
advantages as well as challenges.<br />
Handheld or vehicle-based user<br />
equipment (UE) tends to demand high<br />
volumes of data for video and mapping<br />
services. Additionally, sensor applications<br />
may connect user equipment with lower<br />
data rates. Delivering the required<br />
volumes of data means leveraging 5G<br />
signalling fundamentals for 5G NTN,<br />
including mmWave carrier frequencies and<br />
complex modulation in wide bandwidths.<br />
5G spectrum is already tightly allocated<br />
in terrestrial networks, and an onslaught<br />
of tens of thousands of lower earth orbit<br />
(LEO) satellites and geostationary earth<br />
orbit (GEO), medium earth orbit (MEO),<br />
and high-altitude platform systems (HAPS)<br />
platforms soon operating in 5G NTNs will<br />
add to the spectrum crowding.<br />
2 - The Space Environment<br />
Space is the foremost challenge for NTNs.<br />
Once deployed, equipment is<br />
inaccessible. In addition, systems must<br />
operate in an extremely harsh environment<br />
with extreme temperatures and radiation.<br />
For successful performance, systems also<br />
need to provide consistent power<br />
generation and storage. For all of these<br />
aspects, satellite system providers need to<br />
balance risk versus cost across the lifetime<br />
of the operation.<br />
3 - Size, Weight, Power, and Cost<br />
Another concern is the physical limits of<br />
placing high-frequency RF and computing<br />
resources in the sky. Size, weight, power,<br />
and cost (SWaP-C) become issues when<br />
moving away from the GEO 20 tonners<br />
into more compact LEO satellites and<br />
HAPS platforms, and payloads must<br />
transform accordingly. On the plus side,<br />
placing more satellites into service with<br />
smaller payloads and shorter life cycles is<br />
now feasible and cost-effective. A 5G<br />
NTN might consist of a group of satellites<br />
working together in various orbits.<br />
26 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION: NTNs<br />
4 - Connecting in Motion<br />
5G NTNs put some things, or perhaps<br />
everything in the network, in constant<br />
motion. Satellite and HAPS movements<br />
factor into connection setup, signal quality,<br />
and handovers. gNodeB instances and<br />
parts of the RAN flying aloft add to the<br />
movement of any UE at the surface.<br />
Parameters previously fixed or confined in a<br />
small range in a 5G terrestrial network<br />
suddenly become wide-ranging variables in<br />
a 5G NTN. Tracking areas, bulk delays,<br />
Doppler shifts, signal-to-noise ratios<br />
(SNRs), and more elements take on<br />
dynamic characteristics.<br />
5 - The Payload Question<br />
The introduction of 5G NTNs disrupts the<br />
traditional 5G terrestrial network<br />
architecture and opens up a paradigm shift<br />
in connectivity. Many alternatives exist for<br />
satellites and HAPS participating in gNodeB<br />
and RAN domains, some with multiple<br />
satellites in the chain scattered across miles<br />
of sky. The choice between transparent or<br />
regenerative payloads can completely<br />
change how the network organises and the<br />
resulting signal routing.<br />
With LEO satellites in motion, remember<br />
that all timing relationships are dynamic. At<br />
stake is the quality of service (QoS) user<br />
experience, primarily due to variable delays<br />
and complex handovers that can result in<br />
dropped connections.<br />
Platform kinematics rapidly alter 5G NTN<br />
channel behaviour, and staging fast-moving<br />
platforms in the proper orientation long<br />
enough to gather detailed physical<br />
measurements is not an option. However,<br />
simulations can account for complex orbital<br />
paths and decompose real-time motion into<br />
precise detail with time-correlated analysis.<br />
ADVANCING THE NEXT NTN WAVE<br />
Accurate multi-domain simulation of a 5G<br />
NTN link depends on four elements: an<br />
authentic representation of complex<br />
digital modulation in a 5G waveform with<br />
real-world effects, a complete model of<br />
satellite kinematics, robust modelling of<br />
RF system signal processing, and a timecorrelated<br />
view of 5G protocol decoding.<br />
The critical goal is validating performance<br />
in a simulation before deployment of<br />
orbital hardware. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 27
OPINION: DATA CENTRES<br />
HOLISTIC DATA CENTRE DESIGNS FOR THE AI ERA<br />
SAM BAINBOROUGH, SALES DIRECTOR EMEA-STRATEGIC SEGMENT COLOCATION & HYPERSCALE<br />
AT VERTIV, EXPLORES INNOVATIVE DATA CENTRE STRATEGIES TO NAVIGATE THE COMPLEXITIES OF<br />
THE AI-DRIVEN ERA WHILE PRIORITISING SUSTAINABILITY AND EFFICIENCY<br />
In a landscape dominated by AI, mobile,<br />
and cloud technologies, data centres are<br />
undergoing a transformative evolution.<br />
The exponential growth in AI applications has<br />
triggered an unprecedented demand for<br />
computing power, prompting data centre<br />
operators to reimagine traditional<br />
approaches to design and operation.<br />
RETHINKING SUSTAINABILITY: A CORE<br />
TENET OF DATA CENTRE DESIGN<br />
As the demand for computing power<br />
continues to surge in the era of AI<br />
proliferation, sustainability is a fundamental<br />
pillar of data centre operations. The adoption<br />
of specialised processors tailored for AI tasks<br />
has unleashed a tidal wave of power<br />
requirements, compelling data centre<br />
operators to recalibrate their strategies<br />
towards energy efficiency.<br />
In response to this need, the data centre<br />
industry is tasked with embarking on a quest<br />
for innovative solutions that not only minimise<br />
energy consumption but also amplify overall<br />
performance metrics. This journey towards<br />
sustainability necessitates a holistic approach,<br />
encompassing the integration of energyefficient<br />
hardware and leveraging<br />
advancements in processor technology.<br />
At the heart of this endeavour is a concerted<br />
effort to align data centre operations with<br />
global sustainability initiatives. Beyond<br />
optimising operational efficiency, sustainability<br />
embodies a broader commitment to the<br />
responsible stewardship of precious resources<br />
- making sure renewable and sustainably<br />
sourced energy is utilised, reducing waste and<br />
mitigating the environmental impact of the<br />
industry's activities.<br />
By championing sustainable practices, data<br />
centres assume the mantle of environmental<br />
guardians, transcending their role as mere<br />
infrastructure providers. In doing so, they not<br />
only rise to meet the challenges posed by the<br />
burgeoning demands of AI workloads but<br />
also carve a path towards a more ecoconscious<br />
future for the digital realm.<br />
Ultimately, sustainability becomes more than<br />
just a buzzword; instead it's the guiding<br />
principle that shapes the ethos of data centre<br />
design and operation. Through a dedication to<br />
sustainability, data centres can be leaders in<br />
environmental responsibility, paving the way for<br />
a greener, more sustainable digital ecosystem.<br />
28 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION: DATA CENTRES<br />
complexities of the AI-driven transformation<br />
with agility and foresight. By embracing<br />
collaboration, data centres can leverage<br />
collective expertise to identify innovative<br />
solutions and anticipate emerging trends,<br />
ensuring adaptability in the face of rapid<br />
technological evolution.<br />
NAVIGATING THERMAL COMPLEXITY:<br />
THE EVOLUTION OF LIQUID COOLING<br />
The proliferation of specialised processors has<br />
brought about a new era of thermal<br />
management challenges, characterised by<br />
significantly increased heat generation by the<br />
critical digital infrastructure. Traditional cooling<br />
methods are proving inadequate to contend<br />
with this surge, prompting the data centre<br />
industry to innovate and adapt.<br />
Amidst this upheaval, liquid cooling has<br />
emerged as a frontrunner, offering a promising<br />
route for addressing the escalating heat<br />
dissipation demands. Data centres are at the<br />
forefront of innovation, exploring a spectrum of<br />
liquid cooling solutions ranging from active or<br />
passive rear-door heat exchangers to liquid-toliquid<br />
cooling distribution units (CDU) to<br />
cutting-edge immersion cooling technologies.<br />
However, despite the allure of liquid cooling,<br />
the coexistence of air-cooled and liquid-cooled<br />
solutions underscores the nuanced nature of<br />
thermal management. Each approach brings<br />
its own set of advantages and challenges,<br />
meaning that operators need to strike balance<br />
to optimise performance while minimising<br />
environmental impact.<br />
Efficient cooling practices not only enhance<br />
operational performance but also reinforce<br />
data centres' commitment to sustainable<br />
operations. By harnessing the power of liquid<br />
cooling, data centres can achieve thermal<br />
management precision, ensuring optimal<br />
performance while mitigating their<br />
environmental footprint.<br />
COLLABORATION AND ADAPTABILITY:<br />
KEY PILLARS OF FUTURE-PROOF DESIGN<br />
In the pursuit of future-ready design principles,<br />
collaboration is a vital part of success.<br />
Engaging stakeholders across diverse<br />
disciplines fosters a comprehensive<br />
understanding of data centre requirements,<br />
paving the way for innovation and adaptability.<br />
As data centres embrace denser<br />
configurations and rapid technological<br />
evolution, holistic design extends beyond<br />
technical specifications. It encompasses<br />
streamlined decision-making processes and<br />
proactive engagement with industry experts to<br />
navigate the complexities of the AI-driven<br />
transformation.<br />
The integration of diverse perspectives<br />
enables data centre designers to navigate the<br />
Furthermore, the importance of technology<br />
interchangeability can't be overstated in futureproof<br />
design. With the technological<br />
landscape evolving at an unprecedented<br />
pace, data centres must anticipate diverse<br />
scenarios and prepare for the integration of<br />
new technologies seamlessly.<br />
The ability to strike a delicate balance<br />
between CPU and GPU environments is crucial<br />
to ensuring adaptability over an extended<br />
operational lifespan. By adopting a flexible<br />
architecture that accommodates diverse<br />
technological landscapes, data centres can<br />
future-proof their infrastructure and remain<br />
agile in responding to evolving demands.<br />
CHARTING A COURSE FOR<br />
SUSTAINABLE INNOVATION<br />
In conclusion, the era of AI proliferation<br />
heralds a new frontier in data centre design. By<br />
embracing a holistic approach, data centres<br />
are poised to lead the charge in sustainable<br />
innovation, spearheading progress in an era<br />
defined by unprecedented growth and<br />
technological advancement.<br />
Through strategic alignment with sustainability<br />
principles and a relentless pursuit of efficiency,<br />
data centres not only meet the demands of AI<br />
workloads but also drive progress towards a<br />
more eco-conscious future.<br />
As the custodians of digital infrastructure, data<br />
centres have a responsibility to lead the way in<br />
sustainable innovation. By prioritising<br />
collaboration, adaptability, and responsible<br />
stewardship, data centres are primed to shape<br />
the future of technology and propel sustainable<br />
growth in the AI-driven era and beyond. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 29
OPINION: SOFTWARE TESTING<br />
TESTING TIMES<br />
GUY ARIELI, CO-FOUNDER, CTO, BLINQIO GIVES US AN<br />
OVERVIEW OF SOFTWARE TESTING AUTOMATION - AND<br />
EXPLAINS WHY IT REALLY MATTERS<br />
In the digital age, the lens through<br />
which we view software testing is<br />
evolving, revealing facets of this crucial<br />
process that many people outside the<br />
industry might not be aware of. Software<br />
testing has become an essential<br />
component of organisations and their<br />
digitisation efforts.<br />
Here I will discuss the lesser-known aspects<br />
of testing automation, the unique<br />
challenges British software testers face, the<br />
delicate balance between humans and AI<br />
and the ever-intriguing world of testing bots.<br />
THE HIDDEN LAYERS OF TESTING<br />
AUTOMATION<br />
While there are many benefits of test<br />
automation, such as enhanced efficiency<br />
and broader coverage, implementation<br />
often means there are many pros and<br />
cons that need to be considered. Beyond<br />
speed and repeatability, test automation<br />
introduces a nuanced debate around the<br />
high initial investment in tools and<br />
training, the criticality of test design<br />
quality, and the irreplaceable value of<br />
human insight.<br />
I believe the sophistication of testing<br />
automation lies not just in its ability to<br />
perform tasks, but in the strategic<br />
planning and continuous refinement it<br />
demands from teams to truly reap its<br />
benefits. It is this double-edged sword<br />
that illustrates the intricate balance<br />
organisations must adopt to harness the<br />
full potential of automation without<br />
succumbing to its pitfalls.<br />
THE CHALLENGE: SOFTWARE TESTING<br />
IN THE DIGITAL FAST LANE<br />
In the UK, the velocity of digital transformation<br />
brings to the forefront unique challenges for<br />
software testers. The rapid adoption of AIdriven<br />
tools and advanced testing frameworks<br />
necessitates a higher level of expertise, while<br />
pressure to maintain quality in an accelerated<br />
development timeline exacerbates the existing<br />
backlog of testing tasks.<br />
This scenario is further complicated by the<br />
UK's strict regulatory landscape, demanding a<br />
meticulous approach to ensure compliance<br />
alongside functional excellence. British testers,<br />
therefore, find themselves at the crossroads of<br />
technological advancement and regulatory<br />
rigor, pushing the boundaries of traditional<br />
testing methodologies.<br />
THE WORK-AI BALANCE IN THE<br />
INTERNET OF THINGS ERA<br />
As IoT solutions proliferate, the interplay<br />
between human efforts and AI in testing has<br />
become of critical importance. Automation,<br />
driven by AI, is not just about coding efficiency<br />
but ensuring the reliability and quality of<br />
increasingly complex IoT systems. This<br />
paradigm shift highlights the importance of<br />
sophisticated testing and test automation<br />
frameworks that can adapt to the nuanced<br />
requirements of IoT solutions. In return, I<br />
believe that the emphasis on quality over<br />
quantity, and strategic integration of AI in<br />
testing processes underscores a broader trend<br />
towards achieving a sustainable balance that<br />
supports innovation, whilst preserving the<br />
integrity of digital solutions.<br />
DEMYSTIFYING TESTING BOTS<br />
I believe testing bots, powered by AI, represent<br />
a revolutionary stride in automating the<br />
software testing process. By leveraging artificial<br />
intelligence these bots streamline the initial<br />
phases of test planning and execution, offering<br />
a glimpse into the future where software<br />
30 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION: SOFTWARE TESTING<br />
testing becomes more adaptive and<br />
sophisticated.<br />
The automation of test generation and<br />
execution through these bots not only enhances<br />
efficiency but also fosters a proactive approach<br />
to quality assurance, allowing teams to address<br />
potential issues well before they escalate.<br />
Testing bots, thus, exemplify the innovative<br />
application of AI in refining and advancing the<br />
entire software testing paradigm.<br />
EMBRACING COMPLEXITY: THE PATH<br />
FORWARD IN SOFTWARE TESTING<br />
From experience, it is evident that the future of<br />
software testing lies in embracing<br />
complexity. This means recognising<br />
and effectively dealing with<br />
complex situations and<br />
challenges that arise from<br />
advancements in<br />
technology,<br />
automation, and<br />
digital<br />
transformation. Complexity in this context can<br />
refer to the intricate nature of software being<br />
developed, the introduction of sophisticated<br />
tools and methods for testing, the integration<br />
of AI and automation, and the need to adapt<br />
rapidly to change.<br />
I believe that to thrive in this evolving<br />
landscape, individuals, teams, and<br />
organisations involved in software testing must<br />
be willing to embrace this complexity. This<br />
involves being open to learning new skills and<br />
adopting innovative testing methods. It also<br />
includes leveraging advanced tools, and being<br />
flexible enough to handle increasingly complex<br />
software systems and the dynamic tech industry.<br />
I think that for organisations across the<br />
UK, embracing complexity not only<br />
facilitates effective problem-solving and<br />
innovation but also enhances the quality<br />
improvement of software testing processes.<br />
This, in turn, ensures that all software meets<br />
the ever-growing and changing demands of<br />
users and industries in a rapidly evolving<br />
digital landscape. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 31
OPINION: SECURITY TRAINING<br />
DESIGNING FOR HUMANS<br />
NEIL THACKER, CISO FOR EMEA AT NETSKOPE, EXPLAINS WHY<br />
THE ENTERPRISE SHOULD USE NUDGE THEORY TO EDUCATE<br />
EMPLOYEES<br />
The recent UK cybersecurity breaches<br />
survey found that three quarters of<br />
businesses report that cybersecurity is<br />
a high priority for senior management (up<br />
5% from the previous year). It's no surprise<br />
that business leaders are clocking onto its<br />
significance, given that cyber attacks<br />
continued to hit major UK institutions<br />
across 2023.<br />
The British Library, for example, faced a<br />
major cyber attack in October 2023 and<br />
last month published a full report of the<br />
incident to help drive learnings for<br />
companies across the UK. The report<br />
recommended that cyber-risk awareness<br />
and expertise be instilled in senior<br />
leadership, and it hammered home the<br />
importance of regular staff training.<br />
Certainly, many businesses today roll out<br />
annual cybersecurity training to their<br />
employees. In fact, it's a lucrative industry:<br />
the security awareness training market hit<br />
$5.6 billion last year.<br />
IN ONE EAR, EVERY YEAR?<br />
Last year, social engineering techniques,<br />
where a bad actor targets employees to<br />
gain access to systems or data - and tricks<br />
them into handing over credentials or data<br />
or perform a certain action - were the most<br />
popular form of attacks. It's clear,<br />
therefore, that the people within an<br />
organisation must be encouraged to<br />
continuously identify these social<br />
engineering attempts.<br />
However, there is little evidence that<br />
annual cybersecurity training influences the<br />
day-to-day security awareness and culture<br />
of an organisation. In fact there is growing<br />
recognition that annual cybersecurity<br />
awareness training is not effective.<br />
Businesses need to ensure employees<br />
engage with positive cyber behaviours<br />
regularly, but how is this possible without<br />
exhausting people with training?<br />
A SIMPLE NUDGE<br />
Nudge Theory is a psychological theory<br />
used across industries to help guide<br />
behaviour toward more positive outcomes,<br />
and it's showing traction in cybersecurity.<br />
It's a behavioural science approach that<br />
uses subtle tools to help people make<br />
better decisions in the moment. For<br />
example, public recycling bins in the UK<br />
often have an opening to match the item<br />
they're used for, to help remind people how<br />
to dispose of items correctly (circular holes<br />
for cans and plastic bottles and flat holes<br />
for paper). It streamlines the operation,<br />
making the right decision the easiest one<br />
to follow.<br />
This same approach can be used in<br />
cybersecurity, by designing cybersecurity<br />
training so that the correct way of using a<br />
device, network or cloud application is<br />
also the easiest one so people are less<br />
inclined to bypass rules and subsequently<br />
increase cyber risk.<br />
INVISIBLE GUIDES<br />
Making the right option the easiest path is<br />
a form of transparent nudging, and it's<br />
effective because it does not require the<br />
employee to take any additional steps to<br />
achieve a desired goal. It removes<br />
obstacles that can act as a barrier between<br />
an individual's, or company's, best<br />
intentions. In the world of cybersecurity, a<br />
general enforcement of a cyber hygiene<br />
mandate will not drive behavioural<br />
change, because people simply follow<br />
directions to meet minimum requirements.<br />
32 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK
OPINION: SECURITY TRAINING<br />
If the easiest pathway to achieving a task is<br />
in line with a cyber hygiene mandate, it is<br />
much more likely to be followed.<br />
In other words, if employees can<br />
understand why and how they can impact<br />
the business, and the path to protecting the<br />
business is easy and frictionless, they'll buy<br />
into this positive culture. The enterprise<br />
needs to see the shift as easy, and not<br />
something that introduces extra processes<br />
and steps just to get their job done.<br />
Regular nudges help cybersecurity training<br />
stay top of mind and create lasting<br />
behavioural change.<br />
On the opposite end, an enterprise with<br />
poor network performance will cause<br />
employees to find workarounds, not for<br />
malicious reasons but simply to find an<br />
easier, more efficient way to do their job.<br />
For example, enterprises with poor<br />
performance VPN's that have an impact on<br />
performance may find that many<br />
employees are circumventing these security<br />
controls altogether (by disabling and going<br />
directly to the internet, for example),<br />
bypassing the security control.<br />
DELIBERATE FRICTION<br />
Making the correct pathway seamless and<br />
easy is one side of the coin, but it's also<br />
important to make sure there is a level of<br />
friction when employees start to veer off the<br />
correct path and make high-risk decisions.<br />
Security tools that use friction to<br />
intentionally slow down the decisionmaking<br />
process - forcing an employee to<br />
spend more time considering their options<br />
- can help them make better choices.<br />
Real-time employee coaching is an<br />
example of a mechanism to limit a certain<br />
high-risk behaviour. It's a highly worthwhile<br />
feat because it provides continuous<br />
education and reinforcement in exactly the<br />
way that annual training lacks. It's a<br />
chance for employees to contextualise their<br />
knowledge and prevent their cybersecurity<br />
awareness from being forgotten.<br />
Both transparent and non-transparent<br />
nudges in cybersecurity architecture are<br />
crucial to help guide employees to truly<br />
understand and engage in cyber best<br />
practices and play their part in defending<br />
the enterprise against threats. It's a staple<br />
that should be prioritised above the<br />
limitations of annual cybersecurity training<br />
for organisations to tackle the complex<br />
landscape in an increasingly digital world.<br />
ABOUT NEIL THACKER<br />
Neil holds over 25+ years of experience<br />
within the information security industry,<br />
currently serving as EMEA CISO for<br />
Netskope. He has been recognised by his<br />
peers as a leader in the industry including<br />
being selected in the CSO30 for 2022,<br />
shortlisted for an unsung hero award and<br />
awarded MVP in consecutive years (2021<br />
& 2022) by his Netskope peers.<br />
Neil is advisory board member to the<br />
Cloud Security Alliance (CSA) and former<br />
advisor to ENISA EU agency for<br />
Cybersecurity. He is also co-founder and<br />
board member to the Security Advisor<br />
Alliance (SAA), a non-profit organisation<br />
focused on promoting the industry to the<br />
next generation and ensuring that<br />
students, teachers, and schools have the<br />
resources and mentorship necessary to<br />
foster the cybersecurity professionals of<br />
the future. NC<br />
WWW.NETWORKCOMPUTING.CO.UK @NCMagAndAwards<br />
MAY/JUNE 2024 NETWORKcomputing 33
OPINION: CO-MANAGED IT<br />
CAN YOU MANAGE IT?<br />
BARRY O'DONNELL AT TSG CONSIDERS THE IMPORTANCE OF SOURCING CO-MANAGED IT<br />
SERVICE FROM AN INDEPENDENT PROVIDER<br />
In-house IT teams across every industry can<br />
face all manner of challenges and<br />
disruptions in their day-to-day processes,<br />
and while technology is becoming more<br />
accessible and demystified, it is important to<br />
ensure that you have a team that understands<br />
emerging technology. This is where comanaged<br />
IT services, which offer a<br />
collaborative approach to supporting your<br />
organisation, can act as a solution. Offering a<br />
collaborative approach to IT support with<br />
external resources and expertise for managed<br />
IT, co-managed IT services can remove some<br />
of the strain your in-house team experiences.<br />
But what exactly can they assist with?<br />
EXPERTISE AND SPECIALIST RESOURCES<br />
When you partner with a co-managed IT<br />
services provider, you unlock expertise and<br />
specialised skills that you may not have had<br />
access to previously. Your in-house team will<br />
have knowledge that excels in certain areas<br />
but may not cover all the information<br />
necessary to address every question, query,<br />
and challenge effectively. This is where comanaged<br />
IT services providers are useful, as<br />
they have a deep level of expertise in<br />
various technologies in several sectors. As a<br />
result, your team receives comprehensive<br />
support regardless of their query, issue, or<br />
requirement.<br />
FLEXIBLE AND SCALABLE<br />
Every business has different demands for their<br />
IT infrastructure which can vary throughout the<br />
year, whether that's due to requirements from<br />
the wider business, seasonal trends, or<br />
unexpected dilemmas. Having a co-managed<br />
IT services provider can help your<br />
organisation obtain a level of flexibility<br />
previously unavailable to them.<br />
This means that they're able to scale the<br />
resources available for requirements of all<br />
sizes flexibly, whether you're expanding into<br />
new markets, supporting unexpected user<br />
influxes, or dealing with large-scale software<br />
updates. No matter the significance, comanaged<br />
IT allows for responsive and reactive<br />
processes.<br />
24/7 SUPPORT<br />
IT services rely on being able to respond to<br />
disruptions of all scales to prevent extended<br />
periods of downtime. Not only can downtime<br />
have a significant effect on operations within<br />
businesses, they can also have a knock-on<br />
impact on customer satisfaction. Outsourcing<br />
monitoring and support to co-managed IT<br />
services can be a game-changer and a<br />
proactive approach. Using tools and<br />
resources, they can offer help 24/7,<br />
minimising downtime while increasing system<br />
reliability and improving productivity. This puts<br />
the focus back on achieving your business<br />
goals rather than being concerned with<br />
possible disruptions.<br />
STRATEGIC PLANNING<br />
Co-managed IT service providers can also<br />
support with strategic guidance and planning<br />
ahead for your organisation to achieve longterm<br />
goals. This can be done thorough<br />
examination and assessment of the existing<br />
infrastructure to identify areas of improvement<br />
and offer advice.<br />
These can range from innovative solutions<br />
such as the integration of more modern<br />
technology, to automation and optimising<br />
spending to support operational efficiency.<br />
Co-managed service providers can also help<br />
build out IT roadmaps for the future, meaning<br />
that no matter how quickly the landscape of<br />
technology changes, your in-house team will<br />
be able to adapt fast and stay competitive.<br />
COST-EFFECTIVE<br />
Partnering with a co-managed IT service can<br />
be a cost-effective way to achieve your<br />
operational goals. Using the resources and<br />
expertise of the provider means that the costs<br />
associated with recruitment, training, and<br />
retention of quality in-house employees are<br />
removed completely from the process,<br />
making it a more cost-effective alternative.<br />
They can also offer flexible pricing models<br />
to truly optimise what you're spending to get<br />
the services that you require. Overall, this can<br />
be a cost-saving solution to maintain and<br />
grow your digital infrastructure without<br />
straining your budget. By offering a strategic<br />
partnership that works closely with existing inhouse<br />
IT teams, co-managed IT services offer<br />
a level of assistance that can leverage the<br />
expertise and resources necessary to keep<br />
your business optimal. This also allows<br />
companies to better build strategies for their<br />
future, with the knowledge of what's required<br />
and the flexibility to scale these projects. NC<br />
34 NETWORKcomputing MAY/JUNE 2024 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK