Friday, January 30, 2015

Weekly news roundup for Security, Cloud and Networking: January 26 - 30

Cloud, Networking, and Security news for the week of January 26th:

  • Amazon will release AWS revenue information in 2015, says Gigaom. "Amazon’s mostly IaaS business generated nearly $4.8 billion in revenue in 2014, up a whopping 50 percent from 2013. Meanwhile, Google and Microsoft, by her tally, generated, $177 million and $188 million respectively, in the IaaS segment."
  • Gartner ranks Red Hat vendors for the first time. Report now freely available on Gartner's website
  • ESG research: "The majority (66%) of organizations are committed to an SDN strategy long-term, and this will be a year in which many of those plans are increasingly put into action. "
  • Regulatory compliance can sometimes be hard to justify on economic grounds alone, but recent hacks are generating meaningful stats. eSecurityPlanet examines the hard-to-quantify aspects of a breach. 
  • Study: financial services and government sectors are the furthest behind in cloud adoption, with 20% of ITDMs saying they had no cloud-based apps in use within their organisations; 24% of financial services ITDMs polled by the firm claimed to have no cloud adoption plans this year.



Cohesive & team members in the news:

Image via TechTarget - Top enterprise IT spending trends and priorities of 2014

Upcoming events Cohesive is hosting and attending:

Tuesday, January 27, 2015

State of Networking - Part 2 : Virtualization Layer

TL;DR

The virtualization layer is where the action has been at for the last couple of years. The ability to configure software defined networks in the hypervisor layer combined with the ability of orchestration systems to reach down into networking hardware through their APIs provides a complete and compelling solution for anybody building a cloud. Of course the big public cloud providers had this stuff figured out some time ago, so what's really happening here is that the technology is becoming more accessible to those building smaller clouds (whether they're public or private).

Background

This is the second post of a three part series looking at the state of networking. Part 1 looked at the hardware layer and part 3 will look at the application layer. The layering concept is taken from the Open Data Center Alliance (ODCARev. 2 Usage Model for Software Defined Networking (SDN) and Network Function Virtualization (NFV)  rather than the traditional OSI model layers (which become somewhat blurry and less significant in a world of SDN and NFV)



Overview


The launch of VMware's NSX in the summer of 2013, which was followed weeks later by the launch of Juniper's OpenContrail, has come to define networking in the virtualization layer. Both platforms offer multi hypervisor capabilities, and both can work with a variety of underlying networking hardware. The key difference is that NSX is aligned to VMware's proprietary ESXi/vSphere/vCenter ecosystem, whilst OpenContrail is aligned to OpenStack (and predominantly the KVM hypervisor).

Hypervisor networking?


Platforms like NSX and OpenContrail are often referred to as hypervisor networking, but it should be noted that they don't install into the hypervisor itself (which remains a thin layer). The networking components go into the resource domain (also known as domain 0) of a type 1 (native or bare metal) hypervisor, or onto the host of a type 2 hypervisor. Since the host or the resource domain are typically Linux (or Linux derivatives) the 'hypervisor' networks can and do make extensive use of networking capabilities in the Linux kernel and associated user space tools.

Layer 2 - it's all about overlays

One of the key limitations of underlying networks that virtualization layer networks aim to deal with is the VLAN. VLANs have often constrained the hosts that VMs run on and the movement of VMs. This can be overcome by using overlay networks implemented in the virtualization layer running protocols such as VXLAN or NVGRE (or the upcoming Geneve). Overlays allow for network containment without physical limitations, which is obviously a good thing when working with virtual machines.

Layer 3 - it's all about East-West (and avoiding hairpins)

Once Layer 2 is properly virtualized the next problem becomes routing between VLANs. Packets shouldn't have to traverse the virtual and physical infrastructure to get to a router only to then turn around and go back to where they came from (another VM on a different VLAN that might be on the same physical host). This is dealt with by implementing routers within the virtual layer - so those packets can be shuffled between VLANs with the minimum of effort.



Overall this approach can lead to dramatic savings in networking equipment, as most of the traffic between applications/services can be passed around within the virtual network rather than having to go out to physical hardware, and the hardware can thus be scaled accordingly smaller.

Which is all great if you're building a cloud

Escaping the limitations of traditional VLANs and associated networking equipment is great if you're building a cloud, and so it's cloud builders (both private and small scale public) that these technologies are aimed at (the large scale public clouds have had their own versions of this stuff for years).

If you're a cloud user then it's likely that you're being given a layer 3 abstraction such as a virtual private cloud (VPC) built on top of the virtualization layer network. The next part of this series will look at what can be done with networks in the application layer.

Conclusion

Virtual LANs (VLANs) were one of the earliest types of virtualization to see mass adoption, but because they're now pretty old there are limitations in terms of scale, configuration and lack of abstraction between physical and logical that make them a poor fit for virtual machine deployments at any significant scale. Virtualization layer networks get around the limitations of VLANs by implementing overlays for containment and virtual routers for efficiency, which makes them a useful tool for building cloud environments.

Friday, January 23, 2015

Weekly news roundup for Cloud, Networking, and Security: January 20 - 23

Before we talk industry news and events, we have some big news:

Introducing Cohesive Networks & VNS3:turret 

On Tuesday we made a big announcement - we've renamed from CohesiveFT to Cohesive Networks, and we released a new cloud network security product, VNS3:turret. To emphasize our focus on network security, we dropped the FT in our name. VNS3:turret is an application security controller that protects cloud applications with unique, encrypted "defense in depth" networks for each data center application. VNS3:turret is now part of our VNS3 product family:

Cloud, Networking, and Security news for the week of January 20th:

  • Amazon aquires a chips firm Annapurna to speed up AWS cloud data centers, via the Register
  • RedMonk's Stephen O'Grady revisits his predictions from 2014 for software, M&A, and cloud technology news
  • "Defending encryption doesn’t mean opposing targeted surveillance" from GigaOm
  • Of the Big Three Cloud Providers AWS Was Most Reliable in 2014
  • According to PwC, the average cost of small business' worst breaches can cost between £65,000 and £115,000 on average; for large firms, the damage is between £600,000 and £1.15m. Reported in the Guardian, the Center for Strategic and International Studies. estimates Cybercrime and cyberspying cost the US economy $100bn a year and the global economy about $300bn annually.
From the PwC study for the Department of Business Innovation & Skills

Upcoming events Cohesive is hosting and attending:


Tuesday, January 20, 2015

Looking back after eight crazy years - Cohesive Networks and VNS3:turret

Ryan Koop: Director of Products and Marketing at Cohesive Networks 


Back in 2006, I helped found Cohesive Flexible Technologies with Patrick Kerpan, Craig Heimark, Dwight Koop, and Alexis Richardson. Together, we (they) had decades of experience working in enterprise IT and financial services management. Patrick Kerpan, always the visionary, saw big changes coming in virtualization, distributed computing, secure networks, and software delivery. Today, most people call it cloud computing. The team saw that virtualization and middleware would present both security challenges and opportunities for large enterprises and a new way to do business for lean startups.

CohesiveFT started in 2006 and originally focused on providing virtual appliance solutions for the financial services industry.  Our backgrounds in financial services lead us to target that industry, naturally. Our technological skills lead us to create a networking solution for enterprise IT that could help the financial industry "grow into cloud" from concept to reality. Hence the letters "FT" in our name.

Our first networking product started as our open source project vCubev in 2007, then we commercialized it as VPNCubed in 2008. The original intent was to help our internal projects connect securely with cloud-based systems. Finally in 2012 we did a final product rename to VNS3.

Customers found us through the early Amazon AWS forums, and word spread about how VNS3 could help connect networks to the cloud for internal and partner solutions.  During this time we broadened our industry focus and realized there was a network security need across industries, from healthcare to retail. We renamed ourselves CohesiveFT - shortening the name to also stand for "flexible technologies."  Today we find a mismatch between our name and our network security focus that needs to be addressed to project the value we provide.


I'm proud to announce that we are changing our name to Cohesive Networks. 


We still like to think of ourselves and the company as “honest Midwesterners.” We are real people who offer real software products.  We never claim to do something we don't, and as part of that we've decided to rename ourselves to better underscore what we always do well: networks.

To celebrate, we're introducing the VNS3 Product Family. 


Our award-winning VNS3 security and networking software is now a product family. VNS3 has been helping enterprises secure and connect critical apps in public and private clouds since 2008.
Choose the product that fits your use case:


The newest addition to the VNS3 family is VNS3:turret, a set of encrypted, clustered software-only virtual instances that create a micro-perimeter around mission critical business systems.

Protection and performance:
VNS3:turret combines the VNS3's connectivity with dataflow and compliance tools to create secure, redundant networks for each data center application. Because VNS3:turret encrypts and manages network traffic while also using adaptive compression, you can avoid any serious network performance penalties.

As always, the VNS3 products are available as software-only virtual appliances, delivered to any public, private, or hybrid cloud. Pricing ranges from free trials to enterprise editions with 24/7 Support.

Cloud and virtual environments that feature VNS3 products include: Amazon EC2 and VPC, VMware, IBM Softlayer, Google Compute Platform, Microsoft AzureHP Helion, ElasticHosts, Verizon Terremark Cloud, Interoute, Abiquo, Rackspace, and Flexiant.

Get in touch with our Chris, Sam or Marcy to find the right VNS3 product for your use case!

- Ryan Koop

Friday, January 9, 2015

Weekly news roundup for Cloud, Networking, and Security: January 5 - 9

Cloud, Networking, and Security news for the week of January 5th:

  • Cisco survey finds that just over half (54%) of IT teams believe it is their responsibility to keep personal and company data safe. A third (39%) expected their company to take care of data security in the workplace for them - via Information Age
  • Cloud Security Alliance: Data Security in the cloud now an executive-level concern
  • Recommended reading for 2015 Cloud IaaS Magic Quadrants from Gartner's Lydia Leong 
  • Wired: A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever >> hackers were able to manipulate and disrupt control systems in German steel mill, causing “massive damage."
  • A Piper Jaffy survey, reported in the Wall Street Journal, ask "Who is your preferred public cloud provider?" Changes from 2014 to 2015 might surprise some...


Cohesive & team members in the news:

  • VNS3 3.5 shortlisted for Digital and Creative Project of the Year in the 2014 TechWorld Awards

Upcoming events Cohesive is hosting and attending:

Share this Post

Related Posts Plugin for WordPress, Blogger...