NetEvents Phuket 2013: Day Two blog
The second day of NetEvents opened with a guest speaker presentation by Doug Schultz, VP of Asia Pacific/Japan, FireEye, entitled Proactive strategies against today’s new breed of cyber attacks.
Schulz said that $40 billion is spent every year on IT security but that most of it is spent on signature-based counter-measures. This prevents known attacks but cannot detect unknown attacks which is what most attacks now are. He said that one big US government department found that unknown attacks overtook known attacks in mid-2011 and the ratio was increasingly moving that direction.
He said that there are three main vectors, web browsing, email and infected files, especially in the form of advanced malware that’s gone dormant but is inside the network, residing on file servers.
The main malware actors are, Schulz said, nation states – over 100 of them – plus political activists turned hackers, and criminals, aiming to steal intellectual property or valuable data.
He said that the virtual execution model his company’s products use for protection is dynamic, signature-less, covers known and unknown threats, and is scalable. It sends no data back to base, to another country or to the cloud as banks and governments prefer this for security reasons.
He said that FireEye’s system looks at web and email traffic, and data in a proprietary VM which cannot be detected by malware. He said the company’s customers include large telcos, manufacturers, energy companies and banks, and that in Japan and Australia, some service providers offer FireEye’s benefits as a service.
He was then interviewed on stage by NetEvents Editorial Director Mank Dubash.
Debate IV: “You ain’t seen nothing yet” – new security attacks and how to prepare for them
Panellists: Neeraj Khandelwal, Product Manager, Barracuda Networks; Doug Schultz, VP of Asia Pacific/Japan, FireEye; Craig Skinner, Senior Consultant, Telecommunications, Ovum; Nelson Soon, Senior Regional Sales Manager, IXIA
The debate was introduced and chaired by Dustin Kehoe, Associate Research Director – Telecommunications ANZ, IDC, who opened by saying that cyber-criminalism “is a great business because I can breach and steal in minutes and it will take you weeks or months to find out.”
He said that the motivation for breaches now primarily financial, and this causes the most damage in terms of actual loss, as well as angering customers and suppliers. Yet, he said, only 20% of organisations have a security policy. In future, most attacks will be at the endpoint given the growth of BYOD. “There’s no perimeter any more,” he said.
In the light of this, he asked the panel if traditional anti-virus software was irrelevant.
Doug Schulz said that was no need for AV for remediation.
Neeraj Khandelwal disagreed, saying that you still need that lock on the door for deterrence.
Nelson Soon said that attacks are an increasing trend so you need probes in the network. He added that government agencies and large enterprises are nervous about attacks so they are looking for the ability to simulate attacks such as DDOS in a controlled environment.
Craig Skinner said that you need a suite of solutions to detect prevent and remediate. You need to know where the traffic coming from to help you lower the risks.
Schulz said that there are malware toolkits that allow people to create malware that can’t be detected. “We use a VM for real-time analysis,” he said. “This allows IT to report what an attack was and what happened.” Telcos are a good market channel for FireEye, he said, as they are in touch with customers who need protection against advance persistent threats (APTs).
Other panellists agreed that telcos were a useful route to market.
Asked how governments or enterprises can have any confidence when today’s security is just damage control, Schulz said that FireEye does its best to collaborate within the IT security industry and with governments to home in on malicious attacks.
A question from the floor asked whether this is a never-ending arms race, and whether malware distributors could be prosecuted.
Schulz said: “It takes collaboration to find these people, their hosts and servers.”
Khandelwal said that we need an attack control between nations and that botnets get participation from some governments. He said that malware authors look for sitting ducks and use them as a stepping stones for next target, so security is essential even if you’re not the direct target.
Soon said that Android will be next battleground especially at the application level, such as email and Dropbox. “Mobile threats will be mainstream attacks in future,” he said.
Schulz agreed: “You ain’t seen nothing yet.”
Guest speaker presentation by Robert Kuse, MEF Board Member & Director
Ethernet – bringing the Cloud down to earth
Kuse said that cloud providers are trying to move enterprise applications into publicly managed datacentres. He said the MEF predicted that 80% of bandwidth service connectivity will eventually begin and end in just 1,000 facilities globally – there will be fewer corporate datacentres.
What’s needed to be successful, he asked?
The Internet is the predominant method of cloud services delivery, so large enterprises are reluctant to move mission-critical applications into cloud over the Internet. There’s no security guarantee, no SLA, performance is best-effort only – but it’s global and it works. You can get HD video over the Internet so best effort is pretty good, he noted.
He contrasted this with Carrier Ethernet (CE) for cloud services delivery. It gives predictable performance, is secure, and provides regulatory compliance and data governance. And there’s massive bandwidth between datacentres today, with cloud services delivery a top MEF priority.
Today’s CE removes Internet delivery issues for mission-critical applications, connects cloud providers and their customers, and is an opportunity for service providers to generate supplementary revenue. Carrier Ethernet could fit into the datacentre, Kuse said, adding that the fruits of the MEF’s work on using CE for LTE backhaul will also be found in datacentre connectivity. Use of CE for mobile data backhaul is in its infancy, he said, and it’s still low compared to wire line.
Moving on from CE 2.0, we see the future as a dynamic automated network, Kuse said. He said we want to reduce costs and complexity, and so improve scalability.
Conference Debate Session V: Rock, not sand – laying a solid foundation for 4G networks
Panellists: Craig Easley, Founder, The Carrier Ethernet Academy; Nils Kleeman, Head of Mobile Broadband Solutions for Asia Pacific, Nokia Siemens Networks; Robert Kuse, MEF Board Member & Director; Nelson Soon, Director of Sales for SEA/ANZ and Taiwan, Ixia
Introduced and chaired by Clement Teo, Senior Analyst, Asia Pacific, Forrester Research. Teo said that LTE connections will under 1% of mobile connections this year but that LTE will be 45% of traffic by 2017, and APAC mobile data traffic will grow 21x from 2011-2016.
Teo said that the need to connect mobile devices to business grade networks is critical. He asked the panel if operators have under-invested in mobile backhaul.
Nils Kleeman said that most operators are increasing backhaul capacity.
Robert Kuse said that they are under-invested. “They know it and are managing through, the question is when the bandwidth will grow and how fast. It’s hard to get it right.”
Craig Easley said some areas are over-invested, while some are under-invested. New content-rich applications and video are driving the data tsunami.
Nelson Soon said that last night [at the conference hotel] the power failed, surprising people. Telecommunications is like electricity now, he said, as we expect it to just work, and this is a challenge for service providers.
Teo asked how operators could ensure that applications arrive?
Soon said that LTE is data-centric and people can’t accept downtime.
Kuse said that the MEF’s multi-class of service work was essential.
Easley said that management tools that extend CE provide powerful tools for network monitoring to allow SLAs to be met.
Kuse said that 3.5G builds was the first time operators started purchasing CE backhaul. Also LTE backhaul created the first large commercial implementations of CE that needed SLAs – operators needed to prove that specifications could be met.
Kleeman said that the big picture goes beyond LTE – we still have small cells, 2G, 3G, and LTE doesn’t handle voice so voice applications need a circuit switch fallback. He said that LTE is complex and needs to be managed.
On the role of SDN, Kuse said that automation interfaces were needed. Carriers are looking at incorporating over-subscription, at bursting capabilities, and management of the network. LTE will change traffic patterns dramatically so you need to automate management, he said.
Easley agreed, saying that SDN will help and will be an exciting application for SDN. He added a rider that carrier gear tends to be robust and be designed to work outdoors while SDN equipment might not be there yet.
Conference Debate VI: Cost vs Quality – how wholesale carriers can boost ARPU
Panellists: Andrew Dodsworth, COO, BT Global Telecom Markets; Mr Yulianus, Division Head, Indosat; Nils Kleeman, Head of Mobile Broadband Solutions for Asia Pacific, Nokia Siemens Networks; Passakorn Hongsyok, Department Director, International Business, UIH – United Information Highway Co
Introduced and chaired by Craig Skinner, Senior Consultant, Telecommunications, Ovum. Skinner talked about global communication trends such as the rise in the numbers of connected devices, which are increasing rapidly in most countries. There’s more accessible content online, and the volumes are getting bigger; more outsourcing and horizontal specialisation, and a shift of emphasis by telcos from revenue growth to margin growth.
Along with lots of OTT content, VoIP in the form of Skype etc is on the rise, plus more IP transit and peering although larger ISPs are being more restrictive over whom they’ll peer with.
He asked the panellists whether there was still innovation in the wholesale market.
Andrew Dodsworth said that the voice market is changing, with prices going down – a voice minute costs half a cent or less and has become commoditised so margins are very thin. He noted though that mobile roaming remains very expensive as those minutes are not sold at commodity prices, so mobile operators are making very high margins. “Data roaming is even worse,” he said, “So I use WiFi for data and Skype for voice.”
Mr Yulianus said that in Indonesia, operators’ strategy is to get aggressive. We see demand in IP transit and mobile backhaul and lots of opportunities there, he said. “We have significant revenues from that.”
Nils Kleeman asked what mobile operators are looking for. He said it is the business of the wholesale operator to provide a high quality service and not compete with its telco partners.
Dodsworth said that the term wholesale is broad and can mean a number of things.
Kleeman said it can be just transport or running the whole show.
Dodsworth said that operators get licences based on promises of coverage. In India, he said, operators must share to deliver on their promises as a carrier can’t always go it alone.
Asked how demands are changing, Passakorn Hongsyok said he saw more wholesale in future, though not much margin even if revenue is high. We have become border to border players – some players buy from us, mark up and resell. “That’s OK,” he said.
Asked about how to change the cost of roaming, Dodsworth said that when telcos lose too much market share, the opportunities are gone. The outcome is that higher revenue customers use OTT services so the mobile operator becomes a bit carrier.
“Then nothing happens. There needs be an incentive to change. I’ve had discussions with those players and I see no change likely,” he said. “They protect what they’ve got, not what they’re losing by not changing. How do we convince them they will gain if charges were more reasonable?”
Dodsworth said that high charges mean lost revenues but mobile operators should instead be passing this problem onto OTT providers such as Skype. He cited a hotel in Slovenia where international phone calls are free because they’re passed over Skype.
Quick Fire: Show me the money – What new managed services will be top APAC enterprises’ wishlists in 2013?
This took the form of a presentation each from Nitin M. Jadhav, Associate VP, Trimax IT Infrastructure & Services, and David Rosengrave, Practice Manager, IT Solutions – Global Services, Verizon.
Each presentation from the managed service providers of around 10 minutes covered their overview of the market and their solutions, and was followed by a Q&A conducted by Manek Dubash, Editorial Director, NetEvents.