Day One, 20 November 2013
Keynote Presentation by Greg Bell, Head of Technical Services, Ballarat Grammar
SDN gives malware a caning
Greg Bell explained how he and his team have implemented software-defined networking (SDN) at the school in order to improve security on the 1,400-student school’s network. This is the first real-world case study of SDN technology that NetEvents has seen.
Bell said the school wanted control over students’ devices so as to limit the growth of malware and infections. “The boys at our school go nuts, they install and do everything you can imagine teenagers do, so we need to control malware,” he said.
So over the last two years, the IT team have been working on deploying SDN using HP’s switches and its Sentinel SDN controller.
One of Sentinel’s key advantages is that it works at network layer with no need for a software install on student machines, Bell said. The system uses SDN in hybrid mode and today would take only couple of hours to get running.
The Sentinel helped reduce capital expenditure, provides free software upgrades, and gives increased visibility of threats, Bell said. He said said; “The biggest problem was Facebook which was a huge distraction for many students and was hard to block using a content filter due its use of https. We used DNS to block it during working hours,” he said.
“The system allows the school to offer streaming HD video and a great network experience, it gives a taste of what’s coming with SDN and helps improve productivity,” he said. He said the students had proved very supportive of the IT team’s efforts in removing malware from their devices.
Debate Session I: “Musick hath charms…” datacentre orchestration while playing tunes on SDN
Introduced and chaired by Clive Longbottom, Service Director, Business Process Analysis, Quocirca
Panellists: Gowthaman Manickam, Regional Service Director, BT Advise (Compute); Erik Papir, Worldwide Director of Technical Marketing, HP; Sachin Vasudeva, Director of Product Management & Strategy, Juniper Networks; Amit Sinha Roy, Vice President, Marketing & Strategy, GES, TATA Communications
Longbottom introduced the first debate session, asking his panel who owned the datacentre network.
Vasudeva said the network team needs to own the network, while HP’s Eric Papir said the business owns the datacentre, whose aim is to connect users to applications. Roy said that techies have significant role to play in datacentre design, Manickham said that customers ask for ease of use while business owners drive requirements.
The panel was asked whether SDN is the way forward for the datacentre. Papir said: “Hardware abstraction such as SDN across the board is the future in the datacentre, although it’s still early days for SDN.”
Vasudeva said networks needed to be made simpler: “Simplicity is not free, it means that complexity and analytics required are required but SDN is only one of the tools in your toolbox.” He said that SDN won’t improve performance but does give faster time to service delivery.
Manickam said: “The challenges in the datacentre for a service provider are training and skills.” He said that BT is moving towards tested but open systems.
Discussing openness versus proprietary architectures, all agreed that open was the way forward. Roy said: “If proprietary technology is faster it deserves a look”, while Papir said that HP was committed to using open standards.
Vasudeva said that said that market followers tend be in favour of open systems while market leaders tend not to be.
The debate concluded after a short discussion about the Open Compute project.
Special guest speaker presentation by Nan Chen, President, MEF
The Future of Ethernet
Chen outlined the history of Ethernet and said that for the future, the mission of the MEF is to simplify the network.
He said that 75% of the bandwidth sold by service providers over the next four years will be Ethernet rather than TDM. He outlined the importance of datacentres for the cloud and said the key to the success of that vision is the automated delivery of services on demand. He said that quality of service is another key issue and that the MEF has spent the last decade moving this forward.
NetEvents Content Director Manek Dubash then conducted a brief interview with Nan Chen where they discussed new service provider financial models, and the struggle for new revenues.
Conference Debate Session II—”Between the clouds” – the challenges facing datacentre interconnection
Introduced and chaired by Dustin Kehoe, Associate Research Director – Telecommunications, IDC
Panellists: James Walker, President, Cloud Ethernet Forum; Nan Chen, President, MEF; Executive Vice Chairman, CENX; Syakieb Ahmad, Vice President, PT AXIS Telekom Indonesia; Passakorn Hongsyok, Department Director, International Business, UIH
Introducing the session, Kehoe predicted that 90% of IT growth from 2013 to 2020 will come from mobility, analytics, social business and cloud services. He said that security is a mess with mobile data and that line-of-business managers are calling the shots on IT decisions.
He asked the panellists for their key challenges.
Walker said massive scaling of network bandwidth is needed, especially since enterprises need data-hungry disaster recovery services. Chen said that the MEF is working on interconnects between datacentres. Hongsyok said that data traffic growth in Thailand and natural disasters are both challenges, and noted that there are no top tier datacentres in the Thai region so there is room for growth.
Ahmad said that the challenge for service providers is monetising data growth while for Wade resilience was key. He said that 100Gbps is being adopted by many providers, and that content providers, such as Facebook and Google, are now buying dark fibre for their services.
He said: “We see the growth of those content providers driving networking.”
Walker said that the CEF is trying to bring together the datacentre application and networking teams for better mutual understanding of each others’ problems and approaches. He said that deterministic networks are important, along with application awareness and ability to enable corporate policies on the network. He said that unified interoperable network management is the solution.
Wade said that network layers are converging and collapsing, delivering benefits such as lower cost from greater simplicity. He said that the next step is to open up the network to SDN and OpenFlow.
Walker said that the data growth resulting from mobility implies greater control by the network team over shadow IT, and that packet inspection is delivered by OpenFlow.
Hongsyok said that he found scary from a security perspective the fact that one Thai bank had chosen Google as its email provider.
Walker said:”There are about 400 cloud providers in the US alone who are not top tier players, so it’s not just about Google and Facebook.”
Special guest speaker presentation by Dr Hongwen Zhang, Chief Executive Officer, Wedge Networks
A Vision for Cloud Security
Zhang opened by drawing a parallel between infectious diseases and malware – and the need for immunisation. He said that $60bn is spent annually on IT security but the problem is that SMBs and consumers try to solve the problem individually, by themselves.
What is needed is a solution implemented in the cloud, he said, but that the reason for past failures to solve cloud security is that it was too expensive.
He said his company’s Cloud Managed Security Platform allows service providers to add a security layer to their networks, and the key is to make it affordable. In this way, a cleaner Internet can be achieved, bringing benefits to everyone.
Tim Dillon, Research Director Asia, Current Analysis, interviewed Zhang, who said that his differentiator is that the security problem is very large scale, and SMBs are poorly protected.
Conference Debate Session III— “For every cloud an iron lining” – addressing the security challenge
Introduced and chaired by Tim Dillon, Research Director Asia, Current Analysis.
Panellists: Jatin Dhawan, Senior Consultant, Professional services, BT Global Services; Bryce Boland, Vice President/CTO, Asia Pacific, FireEye; Amit Sinha Roy, Vice President, Marketing & Strategy, GES, TATA Communications; Dr Hongwen Zhang, Chief Executive Officer, Wedge Networks
Dillon noted in his introduction that the motivations for security problems have changed recently and now include governmental or government-sponsored hacking, and hacktivism. He said that research into the BYOD phenomenon shows that the influx of consumer devices in enterprises means more security problems, and that every fifth mobile application auto-update contains security vulnerabilities. Contractors also bring security problems into the organisation.
The next security frontier will be machine-to-machine communications, Dillon said, so cloud security needs a new approach.
The panel responded, starting with Roy, who said that security is an inherent part of his cloud offering. He said that basic cloud security is still important, so that for example, database servers and web servers need to be run in separate virtual machines.
Dharwan said cloud security’s requirements change depending on the application. Boland said he sees the cloud as being great security enabler, and that good cloud security recognises that people – developers, users, operatives etc. – make mistakes. He said that said cloud security is sold as a Band-Aid solution by service providers.
Zhang said that his company’s product can help to grow service providers’ profits by increasing cloud security, which will help increase ARPU (average revenue per user).
Dhawan said service providers need to ensure that security is embedded in their processes and that service providers need to know where the data is to provide effective cloud security.
Calling for enterprises to move their security to the cloud, Roy said that cloud service providers have better security controls than many if not most enterprises. Boland countered that the aggregation of large volumes of valuable data in a single location, such as a datacentre, proves very attractive to hackers, just as banks are to bank robbers because that is where the money is.
Speaking of the challenges to cloud security, Zhang said cloud security needs standards to ensure interoperability but that 53% of mobile users don’t like security apps because they affect battery life and bandwidth. He said protecting against unknown unknowns is about focusing on fundamentals.
Dharwan said end users need to be more aware, while Boland said that information sharing is very effective because while over 90% of malware looks unique because each piece is encrypted with a unique key, underneath it is usually the same code.
With that, Tim Dillon drew the morning’s plenary debate session to a close.
Click here to download press resources from the Cloud Summit including presentations and transcripts.