In 2011, we saw the first IPv6 attacks on production networks. As more traffic is transported by IPv6 we can expect more attacks. There are risks right now you should be considering, regardless of whether you have started the transition to IPv6.
You should know most providers have enabled IPv6 in some capacity (often as a default option), so even if you have not started your transition, you likely have it in your network in some fashion. Be mindful your IPv4 only routers and switches in your network are often "blind" to IPv6 attacks hidden in IPv4 traffic.
To get a better understanding of the IPv6 activity going on in your network, you should identify and try to take a closer look at any encapsulated packets in your network. You can also deploy IPv6 enabled devices and see what kind of traffic they get, such as broadcasts from other IPv6 devices and multi-cast sweeps with IPv6 data in it.
The key is to start planning for the transition (if you have not already) to understand the impacts on your network, applications and services and proactively reduce any risks. To smooth the evolution to IPv6 and protect your network the following three common transition traps should be avoided:
1. Assuming Your Security Posture Will Remain the Same Over IPv6 As Over IPv4.
The same attack can present itself differently when running over IPv4 versus IPv6. As when delivered over IPv6, leaving your network and information assets vulnerable.
2. Assuming Your Applications Will Immediately Behave the Same Over IPv6 as Over IPv4.
The change to a new underlying network protocol has far reaching implications; many applications have IP addresses embedded within them, and there are no existing standards for how they should handle this. As a result, applications often widely vary in terms of function, security, and scalability when they go from one transport protocol to the other.
3. Assuming Your Regular Development Processes Will Be Enough.
If you are developing new products, applications and services, you need to be mindful of how IPv6 will impact your functionality and security. When trying to determine what will happen at the system level, as you perform QA testing, it's critical to include security (sending abnormal and unexpected inputs) and scale tests to identify how the device will handle them.
Network bandwidth usage is growing at annual rates of 60 percent or more because of the rapid adoption of video and cloud services. Control plane traffic is increasing even more quickly as the Internet moves from serving fixed locations and fairly static information sources to one characterized by personalized, media-rich applications (app), and mobile services. Service providers that are already concerned with data plane scalability must also add control plane scalability to their list of network planning issues.
ACG Research conducted an analysis of the sources of growth in control plane traffic: increases in end-user connections, device types, apps, app policy and control requirements, and mobility management requirements.
This study projects data and control plane traffic growth at a typical packet core node and analyzes the scalability of the SSR 8020 IP service delivery platform and of a competing service router when configured to serve this traffic growth. The study finds that the SSR 8020 has lower total cost of ownership (TCO) by 66 percent and higher scalability by two to more than three times that of the competitor’s service router.
Service providers need an ecosystem that quickly gets them into the cloud and enables them to offer applications that address their customers' needs.
With market estimates for cloud reaching $50B during the next five years, providers need to react to meet the needs of their customers. In a recent survey ACG Research found that providers are struggling with investment issues related to infrastructure for cloud. One method is to acquire the cloud is through acquisition of other companies (CenturyLink, NTT and Verizon). Another method is to leverage outsourcer companies such as CSC, IBM, HP and Ericsson to build out cloud investments.
However, the provider community is risk adverse and requires that new services address subscribers’ needs, create and increase ARPU and provides stickiness for current customers. Products must offer a value proposition that addresses:
Research and selection of new services through services
Vendor contracts that offer negotiated terms for partners to leverage
Bundles of services and store fronts that offer the ability to set pricing to customers
Sales enablement with full collateral and brochures for each service
Provisioning that offers a full white-label interface
Billing for integration into providers’ billing systems
Upsell and attach for extra add-on services
Services and products must offer a unique way for providers to deliver cloud services that their customers want:
Sales Force Automation
Backup & Recovery
Applications for Business Automation
Customer Relationship Management
Most customers require an easy-to-understand and easy to consume cloud offer. A marketplace approach, such as intY's Cascade, enables service providers to select from a full portfolio of offers to create new services for providers' customers.
Eve Griliches, ACG Research, and Dave Welch, Infinera, discuss the benefits of flexible modulation and OTN integration
Watch Eve Griliches, packet optical analyst at ACG Research and Dave Welch, cofounder and executive vice president at Infinera, explain, using an example, the operational efficiency of super-channels, the benefits of flexible modulation and OTN integration.
Infinera has integrated the OTN fabric into the DTN-X, providing significant operational benefit while meeting power, footprint and bandwidth requirements. With bandwidth outpacing chip development, super-channels are the key technology to enable higher bandwidth deployment today.
Eve and Dave explain why 16-QAM is limited in reach for all vendors and carriers, and what the implementation penalties are. They also discuss the increased spectral efficiency and how it is still a win-win for shorter, highly concentrated routes and how with one line card in the DTN-X, you can configure sub-terrestrial distances and high bandwidth congested routes, which enables a new paradigm for optical networking.
Companies are consolidating as players attempt to add or extend their security expertise and technology to address customers’ demands.
Dell announced it has signed a definitive agreement to acquire SonicWall for an undisclosed price, but which financial analysts estimate has a likely price tag north of $1 billion. Citing cyber security as a top customer pain point, this acquisition makes a lot of sense as a way for Dell to quickly deliver more advanced security technologies to its enterprise customer base.
This acquisition will help the company extend the range of security solutions it can offer, leveraging SonicWall’s unified threat management portfolio: NSA Series, SuperMassive Series, and TZ Series, which includes web security, virtual private networks, anti-virus and malware, intrusion detection and protection, content filtering, application control in an appliance, and next-generation firewall technology.
Enterprises are asking for more comprehensive security to help them protect their operations and intellectual property and address regulatory and compliance demands. Some of today’s security challenges are due to the exponential growth of data, the adoption of cloud-based solutions, and the increased presence of mobile consumer devices in the enterprise (BYOD).
Behind the acquisition
Dell hopes enterprises will turn to Dell to solve their security issues. At first glance, there appears to be good alignment between Dell and SonicWall to address the mid-market. Both have had success there; Dell has six million small business customers and SonicWall has been adding 200,000 new small businesses a year.
With only a little overlap within the channel partners, (15,000, SonicWall; 100,000, Dell), there is the potential for significant growth, if Dell can effectively leverage its brand and global distribution to attain greater penetration for the security technologies. (Note that two-thirds of SonicWall’s $260 million revenue is based in the US.) The challenge may be in getting the channel up to speed selling security; we have seen this take other organizations longer than they anticipated, for example, when Juniper acquired NetScreen or IBM acquired ISS.
Breaking into the big league?
Will Dell be able to effectively move up and into the large enterprise and provider markets? This has traditionally been a struggle for SonicWall, which is hoping its SuperMassive Series will enable the company to finally break through. Dell has a foothold in the data center and has had some recent success with providers, such as US Cellular and Telefonica, but we will have to see if, together, they can expand their footprint.
Competitors are Cisco, Juniper, with whom Dell has a relationship, Check Point and Fortinet. This acquisition is consistent with Dell’s strategy of trying to own more of its intellectual property, so it is fair to say the Juniper relationship is probably in jeopardy.
Dell expects the transaction to close in the second quarter of its 2013 fiscal year. Dave Johnson, SVP, Corporate Strategy for Dell said SonicWall represented a good strategic, cultural and operational fit. Time will tell. One thing we can say for certain is that we will see more consolidation in this market, as players attempt to add or extend their security expertise and technology to address customers’ demands.
Not only did Mobile World Congress 2012 see record attendance, but it also featured topics that generated quite a bit of buzz in the industry. ACG's Chris Nicoll attended the conference and discusses the MWC buzz with other analysts featured in the RCR Wireless Post-Mobile World Congress Editorial Webinar.
To download the wrap up Market Impact, click here.
All major vendors offer some limited to complete outsourcing capabilities in either advanced services or outsourcing of management of the network operations center. The goal of outsourcing is to allow a provider to focus on other priorities like; customer acquisition, increase value to customers and deliver value add services such as cloud computing or other up-sell services.
Service providers are either true telco or a carrier and tend to be very slow to move to a new technology or offerings potentially missing inflections in the market. Their internal silos and sales teams are set up to sell connectivity and access and less able to sell the advanced offers, such as unified communications, cloud offers and video services, demanded by the market.
ACG Research investigated nine companies with unique profiles and ranked them on their ability to address key factors:
Communication and Unified Communication: Offers which build on connectivity and take IP communications and convergence to the next level.
Technology Portfolio: Virtualization end-to-end portfolio and technology that creates value and customer stickiness.
Multivendor: Capabilities to address service providers’ environment to deal with outsourcing all or part of their infrastructures.
Connectivity Capability: Knowing what the outsourcer’s capability is in providing robust connectivity to meet demands of providers as a customer.
Customer Service: The ability to create value for on demand, on time resolution and coverage in the markets the providers do business.
Change Management: What are the processes to change the current do-it-yourself in-house provider IT to outsourcing or out-tasking parts of the network? Does the outsourcer have change management processes tuned to carriers?
SP Specific Offers: The outsourcer’s ability to have a dedicated team and tune multitenancy offers to handle the environment of the providers.
System Integration Skills: The ability for the outsourcer to offer system integration to customers of the providers or to the provider to address gaps in migrating a customer or provider to a virtualized infrastructure or process.
System Integration Experience: What use cases and customer lists can the outsourcer cite?
Cloud Vision: What is the outsourcer’s ability to outline the cloud reference architecture and deliver technology, thought leadership and understanding of the provider’s cloud opportunity?
Cloud Experience: In looking to an outsourcer for quick time to market there are requirements that dictate that the outsourcer has done this before and in many instances. What use cases can the outsourcer cite?
Our Outsourcing report covers the following: Cisco, HP, IBM, Globecomm, Avaya, CSC, Ericsson, Alcatel-Lucent, and NSN. For more information about this document contact ACG Research at firstname.lastname@example.org.
Mobile World Congress 2012, which posted record attendance, featured topics that generated quite a bit of buzz. ACG's Chris Nicoll attended the conference and gives you a recap of the buzz that this year's conference generated. Download his Market Impact to find out what he has to say about Service Provider Wi-Fi, Diameter, and Nokia’s new devices.
The RSA Conference is a forum for an industry trying to keep hacktivism, espionage, and money-driven crime syndicates at bay. Walk the floor and you will see how many facets there are to keeping the network secure, so that more than a third of the world’s seven billion people can use their phones, laptops, tablets, smartphones, etc., to connect to the people and information they need to run their lives, businesses and governments. So what were the main themes at the conference? Cloud, mobility, and management.
Cloud: There is no doubt organizations are migrating to the cloud, whether it’s a public, private or hybrid model, to take advantage of its scale and economies. However, securing that cloud deployment can be tricky as you navigate various migration paths, relationships and control issues. While it seems everyone has a cloud story (which evidently necessitates blue collateral and puffy clouds somewhere in the booth), the reality is most still tend to be more of a repackaging of existing technologies rather than new, innovative solutions. For example, VMware talked about its collaboration with partners to deliver security in the cloud, and Fortinet released a new form factor optimized for data centers for its firewall technology in the FortiGate 5140B/5001B.
Mobility: Anything mobile is a hot security issue especially as the bring your own device (BYOD) trend heats up; the devices, are becoming an increasingly attractive target. We have already seen data traffic rise exponentially on smartphones and tablets. Video is now the leading driver of total data traffic, averaging 50 percent across geographies. Then, there are the apps that contain particularly sensitive information, for example, retail sales through mobile devices is on the rise. According to Internet Retailer, the 300 largest U.S. mobile merchants generated $5.37 billion in sales through mobile devices. Mobile banking app usage is also increasing with nearly 14 percent of U.S. mobile subscribers accessing banking services on their devices.
Depending to whom you talk, the percentage of phones infected with malware is estimated between one and five percent. There are solutions being hyped from Juniper (Pulse) and CheckPoint that focus on encrypting mobile traffic and controlling and optimizing access to applications for the enterprise. Other companies attempt to tackle attack identification and remediation on the device, such as Alcatel-Lucent Kindsight, for end users (as a service for providers).
Management: Visibility into the traffic is one of the hardest things to get; most service providers and enterprises cite visibility and subsequent security identification and event management (SIEM) as one of their hardest problems to solve, which is why almost every booth had some sort of SIEM story to tell. But that is really the problem: different “panes of glass” for different functions, regardless of how helpful that pane is, it doesn’t take the pain away from the time and effort it takes to manage the network and the security of that network. Ultimately, all the logs and information that each of the devices in your network generate turn it into a big data issue. The National Science Foundation puts the “Big Data” market at a $100 billion industry. It’s why we have seen companies such as Oracle, IBM, Microsoft and SAP spend a combined $15 billion+ acquiring technology that can help them with data management and analytics. Of course there are security-specific solutions too, such as NetForensics, HP’s ArcSight and many others.
Ciena has announced it will be delivering the WaveLogic 3 chip set that not only scales to 400G, but delivers on software programmable coherent technology. The general idea behind this technology enhancement is increased capacity and extended economic reach across metro, regional, long haul and submarine networks.
Enhancements to operate with additional capacity over existing submarine cable are also key economic advantages of this new technology. This chip set is more of a technology launch rather than a specific product launch; the WaveLogic 3 chip set will be used across multiple platforms in Ciena and will be available in the second half of 2012.
In this video Ray Mota discusses voice over LTE, mobile cloud, and mobile video. Tune in to get Ray's thoughts about trends, market opportunities, and business models for these technologies. Click here to view.
The hot topic of Day 2 at Mobile World Congress? Service provider Wi-Fi. Listen to Chris Nicoll, mobile infrastructure analyst, discuss announcements (Cisco, Nokia-Siemens, Ericsson, Alcatel-Lucent), acquisitions and strategies. Click here to view.