NETCONF Integration with Net Optics

Net Optics NETCONF IntegrationWhat’s your SDN story? This is a question that I hear more and more recently. Here’s the short version of my answer:

Net Optics NPB devices are located between the network elements and the different monitoring / security tools. As such, they are typically not involved in switching or forwarding decisions. However, we felt that there is a need to change the static nature of configuration and provide a method to respond to networking changes in a better way, by providing SDN integration. That’s the main reason that we added support for NETCONF management protocol in a native way.

Some technical details:

Software-defined networking (SDN) is an approach to computer networking which abstracts the hardware of the system, the control plane and the data plane.

The Open Networking Foundation (ONF) was founded to promote SDN standards and engineering. ONF defines the different protocols and standards that are shared among all vendors and open community/open source projects.

The OpenFlow configuration protocol is defined by OF-CONIFG specification. OF-CONFIG requires that devices supporting OF-CONFIG MUST implement NETCONF protocol as the transport.

NETCONF is protocol for exchanging configuration information from a management platform. YANG is the data modeling language for the format of data used by NETCONF to exchange data. Both NETCONF and YANG are defined by several RFC. Just to list few RFC and standards that we support:

  • RFC 4741 NETCONF Configuration Protocol
  • RFC 4742 Using the NETCONF Configuration Protocol over Secure Shell
  • RFC 6020 YANG – A Data Modeling Language for the Network Configuration Protocol (NETCONF)
  • RFC 6021 Common YANG Data Types
  • RFC 6022 YANG Module for NETCONF Monitoring
  • RFC 6244 An Architecture for Network Management Using NETCONF and YANG

Net Optics xStream products (xStream 10, xStream 40 ) support the NETCONF protocol natively. This is very important, since it means that all future actions and activities that are managed by any SDN enabled management platform can fully manage xStream.

Due to our openness and standard protocol support one can use 3rd party or even community-developed tools to access and manage our devices. We can provide links to simple tools that can be used by any 3rd party to fully access the device.

Thanks to Net Optics for the article.

Halt Hackers with Network Monitoring

Network Instruments

The ominous headlines are incessant. Corporate networks and IT resources are under ever-increasing attacks from those seeking sensitive customer data, employee information, and company IP. Whether the threat is unfriendly governments, criminal organizations, or disgruntled individuals, your critical information system assets are threatened.

The question is not whether your corporate network will be compromised, but what to do when a breach is detected. Once an attack has occurred, it can be difficult to identify and eliminate without deep-packet inspection. Often network and security teams may not realize the value full-featured performance monitoring solutions like GigaStor offer in tracking and eliminating intrusions.

The quickest path to resolving an attack lies in understanding the critical features required. Then you’ll easily see how the capabilities can be leveraged to eliminate malicious activities.

Vital Security Features

An effective solution must offer:

Key Feature

Why

High-speed (10 Gb and 40 Gb) capture Given the volume and speed of traffic—and therefore increase in potential threats—your solution must be faster.
Expert analytics of network activity To find specific illicit events among millions of legitimate packets, you need analysis tools that offer deep-packet inspection to quickly assist in determining when and where a particular breach occurred.
Filtering using Snort or user-defined rules Snort is an open source network intrusion prevention and detection system that is the industry standard. The ability to filter packets against these known threat signatures and alert when detected is critical to resolving many malware events.
Event replay and session reconstruction Rooting out emerging threats means being able to rewind a network to view past events, often down to individual network conversations. Rooting out emerging threats means being able to rewind a network to view past events, often down to individual network conversations.
Storing terabytes of traffic for post-event analysis Since it is often not until after intrusions occur that breaches are detected, it is critical network traffic is maintained for a relevant period of time—at least 24 to 48 hours. This enables the performance monitoring solution to act like a surveillance camera that is always on.

Security Forensics in Action

Consider this customer example: A world-wide Internet marketplace, with more than 15 million unique website visits per month and more than 2000 employees, utilized GigaStor to better manage application performance. Additionally, they used GigaStor’s deep-packet inspection and forensic analysis to identify and eliminate threats their security tools missed.

1) A user complained of slow network and application response time. The network engineer used GigaStor to perform deep-packet forensic analysis on traffic from the user’s workstations. She discovered it was sending a packet to every device on the network; each of these destinations responded in a similar fashion, quickly saturating the network. The desktop support and security teams were notified because an ongoing attack compromising nearly 100 users’ machines appeared to be under way.

Network Instruments GigaStor

2) Security announced the situation was seemingly under control, and when the episode repeated with the network again becoming fully saturated. This caused the network manager to infer that one of the users’ PCs was infected with a backdoor Trojan.

3) GigaStor was used to examine network activity, this time capturing suspicious activity at off-hours on a suspect laptop. With Network Instruments’ Observer’s in-depth expert analysis, it was determined a hacker had created an IRC chat room on the laptop which enabled the network to be re-infected.

Network Instruments Observer

The network manager summarized, “We had implemented a robust, best-in-class enterprise level IDS and DLP solution. Unfortunately, none of these products identified this attack. Only GigaStor with built-in security forensics was able to detect and determine the root cause.”

Firewalls, anti-virus software, IDS and DLP systems are necessary, but are no longer enough to achieve the complete protection or to generate the paper trail for documenting breaches. With the capacity to act like a 24/7 network security camera by storing network traffic for extended periods of time and perform deep packet inspection, full-featured monitoring solutions like GigaStor enable administrators and security personnel to efficiently detect and successfully root out intrusions, malware, and other un-authorized network activities.

Thanks to Network Instruments for the article.

Rogers and Sprint to offer wireless system in vehicles in 2014

Rogers Communications Inc. (TSX:RCI.B) and U.S. wireless carrier Sprint Corp. say they will offer Canadians a high-speed Internet access in their vehicles through a new service announced Thursday.

The cost of the project, pricing for the services and dates for the rollout weren’t included in a joint statement issued by the companies, which have two of North America’s largest telecommunications networks.

They said the service will be available from auto manufacturers that deploy Sprint’s Velocity system in Canada and it will leverage Rogers’ wireless networks to connected vehicles on the road.

Vehicles with Sprint Velocity — which has already been deployed in the United States — will have access to news, sports scores, weather alerts, driving directions and vehicle diagnostics via an in-dash touch screen, they say.

Sprint Velocity also provides connectivity for mobile devices in the car including smartphones and tablets.

Rogers says Canadians “want to be connected from anywhere, at any time.”

And with over 20 million vehicles on the road in Canada, said Rogers vice-president Mansell Nelson, “there is a strong growth opportunity for Rogers in the connected auto segment.”

The connected car market is expected to be a booming business, with research suggesting nearly 100 million connected cars will be on the road by 2016.

Late Wednesday, Rogers announced plans to raise US$1.5 billion to fund its business activities. It didn’t identify specific uses for the money, which will be raised through the sale of 10- and 30-year, interest-bearing notes.

The notes won’t be offered in Canada or to any resident of Canada.

Thanks to Yahoo for the article.

Command Today’s Complex Data Center Challenges

Rapid evolution of the data center is creating boundless new opportunities, but along with those come urgent monitoring and management challenges—multiple devices from many vendors, proliferating threats, soaring costs, scalability needs, 10G/40G/100G transition, environmental and compliance concerns—and more. We offer your data center a growing family of best-in-class solutions to let you access and monitor all traffic at all times and maintain a healthy, secure, and cost-efficient infrastructure.

Net Optics Application LayerEnd-to-End Data Center Access, Control and Management

Net Optics’ has your data center’s needs covered with a total, integrated hardware and software approach, yielding peak performance in network monitoring and security, letting you access, control and manage all your network data and traffic at all times. Our growing family of bestin-class solutions delivers total visibility, reflecting deep customer understanding plus proven technology expertise. From our beginnings 15 years ago as a Tap company, we have dramatically expanded to address changing customer needs. Today, our solutions comprise a robust Monitoring Architecture that sits atop the existing network and provides complete access to your data center and visibility into network traffic from a L2/3 perspective—giving you an early warning system and placing mission-critical information at your fingertips for a secure, well-managed data center.

Intelligent Access Eliminates Blind Spots

As the industry pioneer and leader in Tap technology, Net Optics offers a comprehensive, versatile suite of Taps that covers your network, providing total, transparent visibility of raw packets from the wire in an exceptionally low-cost, low-risk form factor with no points of failure. Simple to deploy anywhere in the network, including your virtual environment, our access solutions completely eliminate blind spots within your data center infrastructure. Plus, our advanced bypass switches support your security with innovative features such as the unique “heartbeat” packet, compact footprint, low power consumption and enterprise-class device management for a total, reliable access solution.

Comprehensive Control Options Raise ProductivityNet Optics Director Pro

Net Optics innovative Director family of switches offers you an industry-leading array of control features that optimize the way you look at the data and speed you to traffic of interest. These powerful, scalable engines aggregate, regenerate, switch, and filter high volumes of traffic delivering exceptional network productivity with unique features like dynamic load balancing, DPI, and the highest port density on the market. By leveraging the capabilities of these high-performance solutions, you gain vital port-mapping capabilities (many2one, one2many, many2many), plus outstanding filtering ability that can dramatically reduce MTTR by more than half.

Centralized Management Streamlines and Simplifies

Net Optics centralized management platform consolidates management into a single, convenient console—vastly simplifying your management tasks. This customizable, easy-to-use interface delivers unparalleled insight and control at a mouse click, with a unified, simplified view of any number of Net Optics devices, anywhere in the world.

Because you can leverage Indigo Pro for monitoring from a L2/L3 perspective, you gain instant access to critical information for running your data center with the utmost security. Easily collect traffic statistics and monitor patterns while sampling traffic at unprecedented speed to resolve issues before they affect the network—while planning intelligently for new capacity, upgrades and services.

Net Optics Automatic Device Discovery

Security and Visibility Reinforce Your Cloud Strategy

With the introduction of Net Optics’ landmark Phantom Virtual Tap, there is now literally no part of the network that cannot be viewed. This extraordinary level of visibility opens up all traffic within the cloud environment and delivers a comprehensive view of your entire data center infrastructure—including every packet traversing a given host and all inter-VM traffic. That means you can be confident of maintaining the integrity of your data and network as you move into cloud computing to create, host and operate applications.

World-Class Partnerships Expand Your Reach

We are dedicated to developing solutions that exceed your expectations as the data center evolves. That’s why we maintain a growing global partnership network that encompasses the best of the best. Our partners capabilities integrate fully with Net Optics solutions as the layers of monitoring increase, so that you can rely on comprehensive monitoring capabilities up to and beyond layer 3. Our enduring relationships with leading device manufacturers are reinforced by multiple service and support options, a total warranty program and unparalleled prompt service call resolution.

Extraordinary New Customer-Driven Solutions
Net Optics Phantom Virutal Tap

Net Optics offers you major resources for virtualizing, securing, managing, and optimizing your data center. Key to these benefits is the ability to monitor data on network links that connect assets both inside and outside the data center.

This vital monitoring access enables:

  • Cost control—Compact, power-sparing solutions reduce CAPEX and help you scale to serve your growing user base and data volumes. The ability to assess data center resources supports ROI, and accurate planning for growth.
  • Low latency—Powerful, high-availability resources optimized for the 10G data center keep you efficient and productive.
  • Security—Handle proliferating threats while preventing data loss and unauthorized use both within and outside your organization while ensuring that monitoring tools receive data of interest.
  • Manageability—New management and configuration capabilities deliver a world’s eye view from a single pane of glass—now with Google Earth integration!
  • Compliance—Enhanced checks and auditing capabilities simplify regulatory reporting, help you find infractions and stay consistent with domestic and global regulations—whatever your line of business.
  • Visibility—unprecedented end-to-end vision, including visibility into traffic passing between virtual machines, lets you access the root causes of anomalies and make informed decisions about equipment purchases and configurations—plus document standards compliance with pinpoint granularity.
  • Reliability—Resolve issues proactively, optimize performance, identify heavy bandwidth users, and fortify your entire data center architecture. With no single point of failure or interference with traffic, Net Optics devices provide the insight, knowledge, and control to maintain a well-managed data center and guard the integrity of your data and applications.

Thanks to Net Optics for the article.

15 applicants for 700MHz licences; all Canadian

Industry Canada has published the list of applicants for the 700MHz 4G mobile broadband spectrum licence auction scheduled for January 2014. Among the 15 all-Canadian applicants who submitted a refundable deposit, the eight most predictable were: Rogers Communications, Telus Communications and Bell Mobility (the three national incumbents, and the only three expected to bid on a nationwide basis); provincial telcos MTS and SaskTel, both expected to bid in their home regions only; cablecos Videotron and Eastlink (registered as Bragg Communications), both aiming to build on their existing mobile presence; and cellco Wind Mobile (registered as Globalive Wireless Management Corp), which had also previously confirmed it would be bidding.

Also on the applicants list is TBayTel (a local full-service telecoms operator in Thunder Bay, Ontario), as is Novus Wireless (which TeleGeography notes was a winner in the 2008 auction of 1700MHz ‘I Band’/1900MHz ‘G-band’ spectrum sold alongside Canada’s 2100MHz AWS spectrum); Novus is associated with Novus Entertainment, a provider of fibre internet, TV and digital phone services in Vancouver and surrounding areas of British Columbia.

Another applicant, BH Wave Acquisition Corporation, is owned by Birch Hill Equity Partners, which was previously linked to potential takeover bids for Canadian cellcos including Wind Mobile.
Communications equipment vendor Vecima Networks, which also placed a refundable deposit, is the parent of YourLink, which currently provides fixed-wireless internet access via a network of 250 towers across the province of Saskatchewan.

An applicant listed as 1770129 Alberta Inc is the 100% owner of Corridor Communication Inc, which holds a minority share in Forty Mile Gas Co-op – a rural high speed internet provider in the province of Alberta, under the CCI Wireless brand.

Also on the list is Feenix Wireless, a 100%-owned company of Mobilicity chairman John Bitove, whose Obelysk investment firm owns a majority voting share and minority equity share in the financially stricken cellco, while rounding out the 15 applicants is private equity firm Catalyst Capital Group, which owns roughly 30% of Mobilicity’s senior secured notes, and therefore stands to acquire a significant slice of the cellco via debt restructuring.

A unit of Catalyst was also previously among a consortium backing rival cellco Public Mobile before the latter’s takeover by Thomvest Seed Capital and Cartesian Capital in June 2013.

Public Mobile – and/or its owners – is perhaps surprisingly missing from the list of applicants, despite its new parents Thomvest (backed by Peter Thomson, chairman of Woodbridge Co which has a 55% stake in news group Thomson Reuters) and Cartesian indicating previously that they aimed to fund a 4G licence bid while looking at a merger with one or more of Public’s rivals, particularly Wind Mobile and Mobilicity. However, TeleGeography adds that a new round of consolidation/takeover talks involving cellcos and private equity firms is likely to start after the January 4G auction as the smaller players look to create a stronger challenge to Rogers, Bell and Telus.

Publication of the list of provisionally qualified bidders will be on 22 October 2013, ahead of a deadline for receipt of the remaining 95% of pre-auction financial deposits by 12:00 noon on 29 October. The publication of the final list of qualified bidders will be on 8 November. Auction bidding opens on 14 January.

Thanks to TeleGeography for the article.

Infosim StableNet Network Configuration & Change Management and Vulnerability & Lifecycle Management

StableNet White Paper video Network infrastructure is evolving at an unprecedented rate and management of those systems has become a labor intensive exercise. Unlike Fault and Performance Management, Network Configuration Change Management and (NCCM) Vulnerability & Lifecycle Management (VLM) has no common harmonized management method or protocols.This White Paper will provide you with an insight on how to adress these mission-critical tasks in your network infrastructure.

“Through 2015, 80% of outages impacting mission-critical services will be caused by people and process issues, and more than 40% of those outages will be caused by change, configuration, release integration and hand-off issues.”

(Source: Gartner Group study on Configuration Management for Virtual and Cloud Infrastructures)

Download your copy here.

Sprint, T-Mobile join Verizon in snub of Canada airwaves

Sprint Corp and T-Mobile US Inc confirmed on Thursday they will not participate in Canada’s upcoming auction of prized wireless spectrum, joining larger rival Verizon Communications Inc in shunning the market.

The decision by the big U.S. wireless operators helped lift shares of BCE Inc, Rogers Communications Inc, and Telus Corp, which together control about 90 percent of the Canadian mobile market.

The three stocks had already rallied earlier this month when Verizon disclosed it would not enter Canada for now, ending months of speculation that it would buy two small Canadian operators and bid for airwaves in the January 2014 auction.

The entry of a foreign giant like Verizon would have sliced into the profits of the Canadian players and forced higher bids at the spectrum auction, analysts said.

AT&T Inc declined to comment on whether it had submitted an application by the Canadian government’s Tuesday deadline for companies to register for the auction.

But Scotia Capital telecom analyst Jeff Fan said in a note to clients that all four major U.S. wireless operators had confirmed they wouldn’t be bidding.

The companies decided not to enter due to a likely unattractive return on investment, regulatory risks on both sides of the border, and a focus on the much larger U.S. market, Fan wrote in the note published late on Wednesday.

Shares in Telus jumped more than 2 percent by midafternoon on the Toronto Stock Exchange, while Rogers gained 1.2 percent and Bell was up 0.3 percent in a declining market.

FOREIGN COMPETITION FEARS

The Canadian government will publish a list of bidders for the 700 megahertz spectrum next Monday, following Tuesday’s deadline to submit an application and a relatively cheap and refundable deposit.

The 700 MHz airwaves are highly valued for their ability to penetrate buildings and travel long distances, and are being used in the United States to build high-speed networks.

Ottawa is hoping to spark more competition in the wireless industry via the auction, by blocking Bell, Telus and Rogers from bidding on more than one prime frequency block in each region.

Telus Corp said on Tuesday it plans to bid in the auction, while BCE Inc’s chief executive told an investor conference earlier this month that the company would be bidding. Rogers declined to comment ahead of the official release of applicants.

Well-funded challengers could still emerge, with private equity groups seen as the most likely consolidators of the three, closely-held small operators that entered the industry after a 2008 wireless spectrum auction: Wind Mobile, Mobilicity and Public Mobile.

“Recent private equity investments have been made in Public Mobile and Mobilicity, while Accelero remains an interested bidder for the Wind assets,” said Macquarie analyst Greg MacDonald. “We have also heard that larger telco-focused private equity firms have remained interested in the event that Verizon does not invest.”

Wind Mobile, an upstart challenger backed by Europe-focused Vimpelcom Ltd, said late on Monday that it intends to participate in the auction.

Telenor ASA, a large minority shareholder in Vimpelcom, had no comment on whether it would bid. A source with knowledge of the company’s plans says they are not interested.

Mobilicity, which is struggling to find a buyer and is bleeding cash, has not said whether it will bid. Privately-held Public Mobile declined to comment.

Privately-held cable company Eastlink, which also bought airwaves in 2008 but didn’t launch service in its Maritimes footprint until this year, declined to comment on a Cartt.ca report it will bid.

Regional operator Manitoba Telecom Services Inc said earlier this month it does not plan to bid outside of its home province.

Quebec-focused Quebecor did not respond to requests for comment.

Thanks to Yahoo for the article.