NetEvents IT Spotlight, Barcelona 2019 – Day 1, 9th May 2019

NetEvents IT Spotlight, Barcelona 2019 – Day 1, 9th May 2019

The first day of the NetEvents IT Spotlight opened with VMware’s EMEA CTO Joe Baguley delivering a keynote speech on the cloud journey and the future of networking and security.

He said the VMware vision has been the same for 5-6 years: to deliver any application from any cloud to any device. “We can run on any cloud”, he said, with VMware’s global operating model.

Bagley talked about how apps are changing, being split into components and the cloud was a model platform, offering a space for those components to run. “Apps today are smeared across a range of platforms and technologies”, he said. “So from a security perspective, does a large edge firewall make sense?”

The old security model no longer functions, as enterprises host citizen developers – known as shadow IT. So security fundamentally changes, he said. The application is the network.

So VMware is working on a distributable platform – VMware Cloud – that works anywhere. The same operations model works across all platforms. We can repeat configurations across premises and clouds, offering a consistent development experience.

He said it means we need to change how we think about security. We think about security as reactive (chasing threats) or preventative (reducing the attack surface). Tech hasn’t changed in 10 years: 80% of security goes into reactive measures, yet preventative measures are much better at reducing attacks.

So for Baguley, the most important security products are not actually security products – most companies use 100+ products – which are very hard to manage and configure. Instead, enterprises should leverage their cloud infrastructure to be more secure. They should not be installing agents in VMs and appliances. They need to reduce the attack surface, secure apps and data, and make security intrinsic.

In this new model, how do firewalls change? When we set up a new application or VM, we know what the known-good configuration looks like and how it behaves. So good security means watching for unusual events – such as an application talks to a box it’s never spoken to before, or encrypts its file system when it’s never done it before.

Baguley pointed out that VMware has this level of security in its hypervisor, which makes it effectively a service-defined firewall because it sees all traffic: CPU, memory, storage, network, and so on.

He finished with three key to-do items: 1. Invest in prevention. 2. Focus on apps. 3. Make security intrinsic.

Following an interview with Joel Stradling, Research Director, GlobalData, NetEvents moved on to the first debate of the day.

Debate I – Global Threat Landscape: How Cyberterrorism Defines Information Security

Chair: Joel Stradling, Research Director, GlobalData

 

Panel

Ray Ottey, Fellow Cybersecurity Practitioner, Verizon Enterprise Solutions

Andrzej Kawalec, European Director of Strategy & Technology, Optiv

Joe Baguley, Vice President and Chief Technology Officer for EMEA, VMware

Roark Pollock, CMO, Ziften Technologies

Joel Stradling introduced the debate session by saying that cyber-terrorism is now about actual physical harm – such as turning off power to hospitals, disrupting supply chains, and attacking medical devices, whose security is poor so patient safety is easily compromised. Attacks on national infrastructure are widespread, he said, remarking that German police shut down one of world’s biggest online dark web markets that was selling bad software and illegal narcotics.

Stradling invited panel members to share thoughts and best practices. Ottey said: “It’s warfare out there.”

Baguley added that finance company Hargreaves Lansdowne was attacked by botnet of online kettles.

Kawalec said: bad actors are moving from geographically based attacks to horizontal cross-border operations.

Pollock said: IoT changes the paradigm – enterprises need to manage their assets

Kawalec said: people get fixated on the things not the apps and the data – on threats not prevention.

Pollock: security is under the CISO not the people in mfring who are responsible for information.

Ottey said: “People who were in charge of security 20 years ago are installing and allowing control systems and devices to run with zero security. And network segmentation not relevant any more as it doesn’t address either the application or the data.”

Pollock said: “On a positive note, we’re more mature – took 20 years – we have mature frameworks for industrial control systems and networks.”

Kawalec said: “We have dozens of security standards – but users are about identity, and IoT devices are also about identity and device classes. We need to think about identity-centric security. There’s a fundamental change required.”

How to define cyberterrorism? Ottey said it’s a subset of wider threat. “We don’t know why some attacks happen. Are they a by-product of another attack? Often we don’t fully know – the main difference between the categories is motive rather than reality.”

Pollock agreed: “Yes, our reaction doesn’t need to change but risk assessment can change depending on who the attacker is and their motive.”

Ottey said: “Attacks may have political aims but the symptoms are the same – but motivations blur which makes it difficult for traditional IT security processes and technologies.”

What are the main challenges in detecting advanced threats? Pollock said: “Industrial networks today are all connected with remote connectivity where before they were air-gapped.” Baguley said the problem is that the focus is on threats not on prevention – we need to focus on how things are built and secured. Ottey said: We need to understand what assets could be compromised and what might happen – then put controls in place and stress the processes and do simulations. Kawalec said: “You need basic visibility of of your assets and what’s happening on them. This is on of companies’ biggest problems. It’s like being in a boxing ring without moving, a blindfold on and hands behind your back – due to government regulations.” Baguley said: “It shows you need to know what known-good is – so that you know when something happens that’s abnormal.”

Debate II – 5G: Forget the Hype, It’s Time To Explore What’s Happening Today

Chair: Ian Keene, Research Vice President, Gartner

Panel

Joel Stradling, Research Director – Global managed and Hosted IT Services, GlobalData

Atchison Frazer, Worldwide Head of Marketing, Versa

Kevin Restivo, Research Manager – European Ent Mobility, IDC

In his opening remarks, Keene said this topic follows on from the last panel as one of the biggest issues around 5G is security, and it’s very political. Expectations of 5G are very high, but it’ll take a few years before we get to that point. Now let’s talk about what’s happening today, he said. He talked through the theoretical benefits of 5G – but noted that a lot of these also apply to 4G. There’s not that many apps that need 5G, he said, and there’s lots of hype. Some apps that could use 5G include edge computing, massive MIMO, and network slicing.

Most interesting for operators is 5G’s lower cost/byte; more new frequency bands; new enterprise services; ability to retain/improve ARPU; and it’s a big hope for IoT. For Keene, the new frequency bands are most interesting – especially the high bands. But there’s big hype about high bands such as 28GHz as in Europe mobile broadband is so cheap that mobile broadband networks aren’t worth building out. In Asia/Africa, citizen’s band radio is being used for this. But biggest problem for mobile operators is that their networks are filling up. New 5G will give much more bandwidth. 5G antennae are 1/3 weight so no need to strengthen masts, less cabling, same range as 4G antennae. So it brings cheaper mobile networking.

Most interesting for equipment vendors: new radio / handset sales, core network equipment, edge computing devices – can bring software defined networking.

Most interesting for consumers: more bandwidth so better mobile gaming; better video apps.

Most interesting for enterprises: custom enterprise services, especially for vertical industries. For example, Boeing and Mercedes-Benz are very disappointed with WiFi for mission-critical apps but they don’t want to be locked into long-term contracts with operators. And WiFi 6 will change things. Oil & gas see opportunities in network slicing. Porting apps onto cellular platforms. Futures – will see private cellular networks from some operators.

Timelines for 5G applications: we’ll see fixed wireless access from 2019, mobile bandwidth from 2020, then enhanced mobile services, IoT, enterprise digital platforms from 2022-ish.

Hopes for 5G? Frazer said: we’re an SD-WAN player and 5G will be huge market. It will give brick & mortar retail outlets some opportunities as you can separate the POS from the ATM network because of the improved network slicing. We see opportunities for enterprises to increase ARPU, he said.

Restivo said: we need to temper expectations – think first about improved bandwidth.

Stradling said: enterprise and consumers will see different things from 5G. Enterprises see 5G as a big fat wireless link.

What about 5G for manufacturing? Stradling said industry wants to go wireless so 5G is a good opportunity. Frazer said: transport diversity – means you can network with 10x more slices, and can handle unpredictable traffic.

What about latency? Frazer said that 5G will lower latency. Keene said: question is will it be worth spending the money since you can lower latency using 4G? And can operators change business model and do it. Non-traditional operators can get in as there’s don’t need to invest billions in licensing.

Biggest hyped application for 5G? Stradling said it’s the timescale as 5G is not happening now.

Debate III – Enterprise Security Considerations for the Cloud – Containers, Perimeters and Access Controls

Chair: Rik Turner, Principal Analyst, Ovum

Panel

Jan Guldentops, Director, BA Labs

Aaron Turner, CEO & Co-Founder, HotShot Technologies

Peter Galvin, Chief Strategy & Marketing Officer, nCipher Security

Philip Griffiths, Head of EMEA Partnerships, NetFoundry

Atchison Frazer, Worldwide Head of Marketing, Versa

Turner’s opening presentation talked about the need for customers to take care of security themselves in the cloud.

What about cloud security challenges? Guldentops said customers are using cloud as an excuse for not worrying about security but it’s a misconception. Security is still a bolt-on not built in. And cloud implementations are messy – there’s no full inventory understanding.

Galvin said: “The main driver for cloud is to lower infrastructure spending. On-prem models are not the same as cloud and developers don’t always understand this.” Griffiths said: “Yes, people move to cloud but they don’t change the application architectures.” Turner said: “Firewalls don’t work – but just going to the cloud is not the solution. We need solutions to protect the least sophisticated against the most sophisticated attackers.” Galvin said people know what they should do in theory do but it looks difficult so they buy a new firewall instead. Griffiths said: “This is why need more education.”

Turner said: Microsoft Exchange in the cloud solved the problem of email management so people thought security could be dealt with the same way. Guldentops said: “We still don’t have security by design.” Griffiths said: “Microsoft says stick with Office365 security – trust us. They have API integration which we use.” Guldentops said: “It’s only a matter of time before someone attacks that.” Galvin said: “That’s right, people need a no-trust environment.” Guldentops said: “Trust is good but control is better.” Griffiths said: “No, not trust with verify, but need to show you can be trusted.” Griffiths said: “This can be done using biometrics.” Guldentops said: “Everything can and will fail – if the prize is big enough.”

Q: How could that work for the average consumer? Griffiths said it’s just a quick download – but enterprises can handle this. Turner said: “The average family can install our products in 30 seconds or less.” Frazer said: “Human error is a key issue – but with SD-WAN you have a central controller that manages all this. The process needs to be automated with complete visibility, and we have a top NSS Labs rating.” Griffiths said: customers want to use blockchain to do immutable transactions.

Q: what about US Cloud Act? Galvin said: “Our customers are encrypting data to protect themselves against subpoena activity. You also need control of the keys.” Turner said: “You need to understand and manage the encryption too – and you need to understand which laws you want to comply with: US, Europe or China.”

Debate IV – Faster, More Scalable, and Easier to Manage: Architectural and Management Trends in Next-Generation Datacentres

Chair: Ksenia Efimova, Senior Research Analyst, EMEA Telecoms and Networking, IDC

Panel

Kevin Deierling, Chief Marketing Officer, Mellanox

Philip Griffiths, Head of EMEA Partnerships, NetFoundry

Joe Baguley, Vice President and Chief Technology Officer for EMEA, VMware

 

Efimova’s presentation talked about the increasing volumes of data which enterprises and operators have to manage. This needs better security and management of data, she said. So it’s about transformation, driven by increased bandwidth and speeds inside the datacentre, especially by hyperscalers.

So what challenges does the datacentre face? Deierling said: “Data paths need to be accelerated, but optimised at the datacentre level – for compute, storage and applications. Baguley said: “Yes, the datacentre is the computer. But people are now moving into other people’s datacentres – not building new ones – such as moving to Google, where everything is done in software. And when people build datacentres, they do it using Lego techniques of layer 2 blocks. This makes more efficient use of hardware, offers better cooling, and means people can upgrade on a rolling basis because you buy more kit on a regular basis, making purchasing less spiky, allowing workloads move onto faster hardware automatically where required.”

What about hyperconvergence? Baguley said: “You can hyperconverge any workload. People just need to understand how to make best use of it. It’s about breaking down barriers between fiefdoms.” Griffiths said: “Virtualisation means the bare metal hardware is rarely required.” Deierling said: “You can even run virtualised edge devices running a hypervisor on ARM. This means you can move a VM anywhere and it carries on working. And you can get rid of the SAN.” Baguley said: “We are seeing ARM at the edge – it becomes v important for the mix.” Griffiths said this means data and storage and networking all live together. Baguley noted that 5G networks are being built out on hyperconverged infrastructure but the challenge is how to put enough compute resource in 5G base stations.

What about the skills gap? Deierling said: “Hyper-scalers and hyper-convergers are different. Hyper-scalers have big degrees, write their own software, and configure to the nth degree. Hyper-convergers are enterprises who are content to spend money to save time. But that is a mistake – they should buy simple hardware and use software-defined systems.”

Baguley said: “Automation is key and should be a fundamental requirement – hyper-scalers know this, hyper-convergers need to understand this and build it in.” Griffiths said: “Yes, the strategy is to make it as simple as possible and automate configuration and management. Baguley added that teams need to converge. “Just creating a VM in pool z of type y allows you to automate security policies, network configuration etc.” He said there was evidence that the real world has not yet caught up, giving as an example one company which still uses paper based approvals to move a virtual machine.

Partnerships – what’s the best approach? Deierling said: multi-vendor solutions can get complex, integration, VARs etc are involved. And I have account for the money I spend on engineer time. Integration is the biggest challenge. Griffiths: Yes, its all based around understanding customers and their priorities and plans. Baguley: I look for breadth of understanding, depending on where the individual comes from – people need a broad viewpoint.