Cato Networks and Juniper Networks were among the companies that expanded their SASE offerings. Cato announced a cloud access security broker (CASB) capability to its SASE SPACE engine—part of the company’s SASE cloud—and making it accessible to enterprises via the more than 70 points of presence around the world. 

The CASB offering also works with the Cloud Application Catalog the company unveiled in December, offering enterprises a single place to find more than 5,000 common enterprise applications, along with descriptions of each application and a risk score. CASBs can be used on premises or in the cloud to monitor activity and enforce security policies.

A Combination of SD-WAN, Security

SASE is essentially a blending of software-defined WAN (SD-WAN) and such network security capabilities as threat protection, zero-trust features, firewall-as-a-service (FWaaS), and CASB. As the network has become more central to IT operations that now stretch from the central data centers into the cloud and out to the edge—including where many remote workers are located— securing those networks is crucial.

Gartner analysts predict that the global SASE market will grow an average of 42 percent a year through 2024, when it will hit almost $11 billion.

“CASB addresses a critical visibility and control gap created by cloud migration but must be converged into a broad SASE platform to be truly effective across the business,” Cato co-founder and CEO Shlomo Kramer said in a statement. “We’ve done just that with Cato CASB. By building Cato CASB into the Cato SPACE engine, it can leverage the global footprint, rich context, cloud scalability and self-healing and self-maintenance underpinning the Cato SASE Cloud.”

Also read: Transitioning to a SASE Architecture

CASB is Better Used on a Platform

Kramer argued that CASB works best and fastest  via a cloud-based platform rather than as a standalone offering in on-premises environments, noting that it can take months to get legacy SASE solutions up and running. For Cato CASB, it could take less than an hour.

At the same time Cato is rolling out a new Shadow IT dashboard designed to give enterprises a high-level view of their software-as-a-service (SaaS) usage, including such detail as the highest risk applications and the number of users accessing them.

For its part, Juniper said it is adding a FWaaS to its SASE platform. Juniper Secure Edge is a single-stack FWaaS software architecture managed by the vendor’s Security Director Cloud, which was introduced last year.

Work-From-Home Driving SASE

Samantha Madrid, vice president of security business and strategy at Juniper, wrote in a blog post that the new work-from-home model means that “new cloud-based architectures are required to secure the network edge. However, many organizations are hesitant to walk toward SASE for fear of throwing away their existing security investments and policies.”

However, it doesn’t have to be a binary either-or decision, according to Madrid. 

“With the right security architecture, including unbroken visibility from client to workload, security assurance and a single policy framework, organizations can leverage their existing security investments while also seamlessly transitioning to a SASE architecture,” she wrote.

What’s most important is easy management, Madrid wrote, pointing to Security Cloud Director, which ensures that security policies remain with users—and their applications and devices—as they move from one place to another, whether those security policies are delivered as a service or via physical, virtual, or containerized walls.

That also includes if an enterprise is making the shift to a SASE model.

Also read: The Home SD-WAN and SASE Markets are Rapidly Expanding

Secure Network Access

Juniper Secure Edge enables secure access from any location, a single-policy framework that is the same for SRX Series firewalls and applies those policies to remote workers and branch sites, dynamic segmentation based on zero-trust principles, security assurance and the ability for enterprises to transition to SASE on their own timeline

“Juniper customers can use the physical, virtual, containerized—and now cloud-delivered—SRX firewall, completely managed by Security Director Cloud with a single-policy framework, allowing for full visibility and consistent security across both the edge and the data center from one UI,” Madrid wrote.

The FWaaS space is expected to expand an average of 23.9 percent a year, reaching more than $3.9 billion in 2026, according to Verified Market Research. The analysts wrote that the growing importance of the internet has fueled a rise in security threats.

“Cybersecurity threats are worsened by the interdependent and interconnected architecture of recent computing situations,” they wrote. “Hence, firewalls help industries by protecting them from cyber-attacks, which has led to the growth of the firewall-as-a-service market.”

Fast-Growing SASE

The SASE space is among the fastest-growing sectors in the networking field, with the market expected to expand from $1.2 billion last year to $4.1 billion by 2026, according to a report from MarketsandMarkets.

There shouldn’t be any surprise to the expected increase in the SASE market, according to Bob O’Donnell, principal analyst with TECHnalysis Research. It was already expanding when COVID-19 entered the picture. Like other offerings that were on a growth curve, such as cloud collaboration and cloud services, the pandemic accelerated the global demand for SASE.

With the rapid shift to working from home when the pandemic set in in 2020 and the expected continuation of hybrid work environments even after it lifts, greater network security became a larger priority for enterprises.

“You’ve got people all over the place and companies understand the need to have the ability to have very flexible networks, software-defined networks, that can extend to literally all these people’s homes in some cases and work in branch offices or other kinds of situations,” O’Donnell told Enterprise Networking Planet. “At the same time, there are security concerns related to that. It’s kind of a perfect match for addressing the needs that hybrid and distributed workforces have.”

There also is the trend toward dedicated processing and network optimization that also is fueling the need to more tightly mesh networking with security. For example, Cisco Systems has its own networking chip, Network Silicon One, aimed at web-scale provider and service provider networks.

“You’ve got a combination of the technology being stronger [and] the need being more apparent and now it all comes together in a way that makes sense,” he said. “It is kind of a straightforward thing. It’s the kind of thing that people are starting to expect and you’re seeing all the big networking vendors do it.”

Read next: 12 Tips for Mitigating Security Risks in IoT, BYOD-driven Enterprises

The post Juniper, Cato Build Out SASE Platform Offerings appeared first on Enterprise Networking Planet.

Findings in the vendor’s sixth annual 2022 State of the WAN Report showed that the trend toward hybrid work continues to harden in organizations and that in response, businesses are closing more office sites, such as branch offices, and adopting software-as-a-service (SaaS) applications like collaboration offerings, including Microsoft Teams and Zoom.

The accelerated digital transformation efforts driven by the pandemic are resulting in more data centers being shut down as enterprises move more of their business into public clouds, networking budgets are expected to grow and organizations are increasingly adopting cloud-centric and agile strategies, which is fueling a shift to greater convergence.

Rise of SASE

In the networking and security field, that includes adoption of secure access service edge (SASE), which essentially brings together SD-WAN and key security frameworks. In addition, more than two-thirds of the more than 1,600 enterprises that responded to Aryaka’s survey said they will opt for managed SASE to address such issues as complexity and costs.

“We see a movement to what we’re beginning to call the permanent hybrid enterprise,” David Ginsburg, vice president of product and solutions marketing at Aryaka, told Enterprise Networking Planet. “This leads into the acceleration of digital transformation coinciding with accelerating legacy data center decommissioning.”

Organizations also are looking for ways to reduce the complexity that such hybrid environments can create and to have vendors shoulder some of the burden by providing converged offerings in managed services environments for networking and other IT areas.

“There’s always been an issue with observability and control, but this has gone up in mindshare over the last year vs. some of the other considerations,” Ginsburg said. “It’s becoming more and more of an issue in terms of what enterprises are looking for to solve their issues, what we call an all-in-one SD-WAN and SASE offer. They don’t want to go to a bunch of different vendors or providers to try to stitch something together.”

Also read: Transitioning to a SASE Architecture

The Shift to Hybrid Work

The continued transitioning to a more permanent working model shouldn’t come as a surprise. As the pandemic tightened its grip on the world throughout 2020, companies almost overnight sent their employees to work from home, which forced them to rapidly adopt cloud services such as collaboration software to adapt to the new business environment. Since then, many organizations have said they will allow many workers to continue working remotely, at least part of the time.

According to Ayaka’s report, that trend is accelerating. The survey found that almost half of respondents said 25 percent to 50 percent of their workers are remote and that 28 percent said that up to 75 percent of their staff is remote. Going forward, once pandemic-related restrictions are eased, 43 percent of businesses expect as much as half of employees will work remotely, with another 25 percent saying that number could be as much as 75 percent.

Budgets Growing, Sites Closing

The growing adoption of a hybrid workforce also coincides with businesses increasingly closing physical facilities. A quarter of respondents said they have closed 25 percent to 50 percent of office sites. This puts a premium on managing worker movement between sites and ensuring a good experience for employees working from home, which requires dynamic network bandwidth reallocation, which 61 percent of businesses tagged as very important.

Ginsburg said Aryaka had run into this situation. The company has a main office in San Mateo, CA, that is designed to accommodate about 100 workers. 

“We’re a very distributed company anyway,” he said. “Going forward, we don’t necessarily see the need for that number of seats even at our headquarters, and a lot of people are making that same calculus.”

The shift to remote work also puts a premium on collaboration and productivity software and services. Companies like Zoom and Microsoft—with Teams—saw use and revenues rise sharply in the months after the pandemic set in. According to Aryaka’s report, those offerings will continue to play a key role in the hybrid-work world.

Teams and Office 365 saw strong adoption in the survey, at 58 percent and 55 percent, respectively. That was followed by Zoom and Google Docs at 35 percent, Salesforce at 28 percent and SAP HANA at 25 percent.

Application Performance an Issue

That said, performance is still an issue, with 42 percent of businesses saying slow performance for remote and mobile users was a top issue and 37 percent pointing to slow performance at branch offices. This puts a focus on the network and raises the issue of control as the shift to the cloud and services continues.

“This has always been an issue,” Ginsburg said. “You’re implementing your WAN infrastructure, you’re investing, you’re bringing SD-WAN and SASE, but if you don’t have control, if you don’t understand how your applications are performing, you don’t understand what your user experience is. It’s not serving your business objectives. This goes back to things like Teams [and] collaboration applications, where you need to have a very good understanding of how your web infrastructure is actually handling this.”

Aryaka in December announced AppAssure, software designed to provide deep visibility, observability and control to more than 3,500 applications.

A key part of the reshaping of the IT environment is the transformation of the WAN, Ginsburg said. Organizations aren’t just looking for security or for application optimization. They want everything in a single bucket, fully integrated and easy to use. This is where SASE comes in, bringing with it a broad array of capabilities, including WAN—or SD-WAN—security, application optimization, multicloud connectivity, and last-mile management.

It also dovetails with the shift away from Multiprocotol Label Switching (MPLS), which  for years had been the key technology for connecting branch offices with central data centers but has seen its usefulness wane in the wake of greater mobility and cloud adoption. About 46 percent of businesses plan to end some or all of their MPLS contracts over the coming year.

Also read: The Importance of Application Performance Management (APM) for Cloud-based Networks

Transformation Means More Money

Given the rampant change, organizations are expecting to see their networking budgets grow. About 25 percent of respondents anticipate budgets jump by 25 percent or more and three-quarters expect at least a 10 percent bump.

“This ties hand-in-hand into the other statistics that are coming out in terms of enterprises accelerating some of their longer-term digital transformation efforts,” Ginsburg said. “In the pandemic environment, what was originally a five-year project has now been brought inward. … People want to take a step back, understand where they need to invest for the long term and are beginning to do that planning and then beginning to make those investments.”

This also has created a change in priorities, he said. Where once businesses said reducing complexity in connectivity was the top need, they are now putting a greater emphasis on the foundational costs of transformation.

Read next: Democratizing IT for Rapid Digital Transformation

The post Pandemic Leads to Permanent Changes in Workforce, WAN: Aryaka appeared first on Enterprise Networking Planet.

Most recently, Verizon and Google Cloud announced collaboration designed to deliver Google Cloud’s compute and storage services to mobile and connected devices at the edge of Verizon’s network. The plan is to leverage the higher speeds, lower latencies, and greater capacity that 5G networks provide over 4G and LTE networks to support such emerging enterprise fields as autonomous mobile robots, intelligent logistics and automation in factories.

The two will combine Verizon’s private On Site 5G and private 5G Edge networks with Google Cloud’s Distributed Cloud Edge to drive greater productivity, security, and efficiency for a broad array of enterprises in a wide range of markets, from retail to manufacturing.

Reaching Out to the Edge

In a statement, Google Cloud CEO Thomas Kurian—who since joining the company in 2019 has pushed the organization to expand its enterprise customer base—said that “by bringing intelligence from data centers to the network edge, [the companies] will allow customers to build new cross-industry edge solutions, unlock new revenue models, and transform the next generation of customer experiences— from AI-driven in-store operations to live inventory management on the factory floor, the possibilities span multiple industries.”

Verizon and Google Cloud also are developing a public 5G mobile edge computing solution that will enable enterprise developers to build and deploy applications at the edge of Verizon’s wireless networks in multiple locations in the United States. Ericsson will work with Verizon to pilot the 5G Edge with Google Distributed Cloud Edge offering as part of a proof-of-concept at its USA 5G Smart Factory.

The first use case for Ericsson will leverage Verizon’s Sensor Intelligence technology, which will include attaching a camera to an autonomous mobile robot that will scan packages for inventory and location purposes in a warehouse. Using computer vision, the robot will send bar code and shipping label data over the 5G network and mobile edge computing to the inventory management system for real-time analytics.

Also read: Best Practices for Securing Edge Networks

Other 5G-Cloud Partnerships

The Verizon-Google Cloud partnership mirrors similar collaborations that have formed for more than a year as 5G networks have expanded. Cisco Systems is partnering with Dish Network and data center services provider Equinix, Microsoft Azure and AT&T are working together in an alliance with similar goals as those of Verizon and Google Cloud, and Nokia earlier in 2021 said it is partnering with Azure, Google Cloud and Amazon Web Services (AWS), pairing its radio access network (RAN) technologies with cloud services from the world’s three largest providers.

Such partnerships make sense, particularly when the speed, latency and capacity benefits of 5G are factored in, according to Bob O’Donnell, principal analyst with TECHnalysis Research.

“Everybody is talking about 5G and edge and AI [artificial intelligence] all at once,” O’Donnell told Enterprise Networking Planet. “Originally we were talking about all these topics separately, but now it’s really about how to do edge computing leveraging a mobile 5G network because the sense is that’s where the big opportunities are going to happen. … Doing things that are actually different and transformative, the general consensus seems to be you’ve got to do a distributed computing application that leverages low latency, fast network connections and that’s what 5G offers.”

From Centralized to Distributed

In an increasingly multicloud world, what had been a fairly centralized cloud environment—with infrastructure housed in massive data centers and organizations using one cloud for one workload and other clouds for other applications. However, enterprises are pushing to more workloads and data between multiple public and private clouds in a seamless fashion, and now compute, storage, analytics and AI capabilities are extending beyond the cloud and into the rapidly growing edge.

5G networks not only offer 20 times the speed of 4G and more than 30 times the latency, they also provide much greater capacity, enabling more devices to run on the same network, a significant benefit in edge and Internet of Things (IoT) environments.

“The bottom line is there’s a whole bunch of factors that are coming together at the same time,” O’Donnell said. “You’ve got the extension of the cloud to the edge and the edge in this case being mobile networks. You’ve got the re-architecting of mobile networks that can leverage cloud computing. Then there’s this whole idea of figuring out how to leverage the combination of these two things to build entirely new business opportunities and then how and with whom do I bring those to market. It’s really a combination of all those different factors at play. It’s also something I think is going to take a while to play out because there’s so much involved.”

Also read: 5G Drives Collaboration Between Carriers, Cloud Infrastructure Providers

A Wide-Open Market

It’s also in the early stages. O’Donnell that eventually essentially the one-off pairings will end. Enterprises will demand it.

“Right now we’ve had this cloud provider hooking up with this mobile company,” the analyst said. “Realistically, we’re going to end up seeing all cloud providers working with all mobile companies because we live in a multicloud world and we live in a multi-network world, meaning different people have different combinations of cell providers and cloud providers. You’re not going to pick a cloud provider based on your cell provider, nor vice versa. People are going to want to have the option to use whatever cell provider or mobile network in conjunction with whatever the cloud computing provider they have.”

The collaborations between cloud providers and carriers will go even deeper, with each looking to leverage the benefits provided by the other. Google Cloud will want to explore how Verizon extends Google’s points of presence to run the applications and services beyond the cloud and Verizon will look to run portions of its network in the cloud, making Verizon a customer of Google Cloud.

Furthermore, virtual network functions (VNFs) and similar capabilities in software-defined networks (SDNS) will become important for 5G networks, O’Donnell said. That can be seen in such efforts as OpenRAN and vRAN, in which organizations use general-purpose compute hardware to run network tasks that in the past have run on dedicated networking hardware, similar to other software-defined environments, which will drive greater efficiencies and cost savings.

More Competition

The ongoing changes in the enterprise IT world could also lead to greater competition between mobile operators and cloud providers, he said. AWS last month announced a preview of its AWS Private 5G, a fully managed services aimed at helping enterprises deploy and scale their own private 5G networks without having to deal with the long waits and integrations that come with a carrier’s product, CEO Adam Selipsky said during his keynote address at the re:Invent show. The move will put AWS in competition with the mobile operators in the area of enterprise private 5G networks.

“That’s an intriguing potential threat,” O’Donnell said. “A lot of times in the past, you needed a carrier to get access to spectrum to set up a private cellular network. We were all LTE previously. But now that you have the ability to use a CBRS spectrum, which is freely available like a Wi-Fi type of thing that uses cellular connections, you don’t necessarily need a carrier to get access to spectrum. You do need a certain amount of equipment—you have radio antennas and things like that to just transmit and receive cellular signals—but once those signals are sent in or received, the ability to act upon that data could happen in a cloud computing environment. That becomes yet another interesting potential scenario.”

Read next: Going Beyond 5G: What to Expect from a 6G Future

The post Google and Verizon: The Latest Cloud Provider and Mobile Operator Pairing appeared first on Enterprise Networking Planet.

Now the startup, which was founded in 2012, is putting the organizational pieces in place to expand the reach of its switchless network in the highly competitive market and is doing so with another $48 million raised via private funding.

The company this week announced the appointment of Marc Sultzbaugh, a longtime executive with Mellanox Technologies, as its co-CEO alongside founder and co-CEO Doug Carwardine. Sultzbaugh has been on Rockport’s board since December 2020.

Sales and Marketing a Focus

He will be responsible for growing sales of Rockport’s Switchless Network, as well as technology and product management, marketing, manufacturing, and customer relationships. Carwardine will continue overseeing research and development, finance, and people and culture.

Carwardine told Enterprise Networking Planet that after almost a decade getting the switchless architecture built and ready for the market, the demands of the CEO job were continuing to increase. Being able to split duties with someone with Sultzbaugh’s expertise would allow him to continue to focus on what he does best and puts the necessary skills in place at the top at a time of change for Rockport.

“We stayed quiet longer than most organizations will typically do and we did that for a very good reason,” he said. “It’s at the point where the engineering is essentially there and now it’s time to commercialize the business. We’re going to transition from what was really an engineering-focused business to now a commercial opportunity to get this product in the field and let our customers reap the benefits of what we’ve created.”

Also read: 7 Enterprise Networking Trends to Watch in 2022

Great Opportunity

For his part, Sultzbaugh told Enterprise Networking Planet that after spending a year on the Rockport board and seeing the technology the company was pulling together, he was eager to sign on as co-CEO when the opportunity arose. 

“Our premise is that we’ve made complex networking simple,” he said. “That’s an important element. It’s easy for customers to achieve the kind of value proposition that we’re proposing.”

Sultzbaugh, who for more than 19 years helped steer the rise of Mellanox in the high-end networking space until it was bought by GPU maker Nvidia for $7 billion last year, said such trends as the cloud and emerging applications like AI and machine learning are driving rapid change in enterprise IT. In the data center, compute has evolved with the use of GPUs and other accelerators while storage has shifted from spinning disks to solid-state drives (SSDs), which has improved latency and better supports the newer scale-out applications.

New Architecture for Networking

While there also have been changes in networking—for example, the evolution of the standard network interface controller (NIC) into a smartNIC or data processing unit—the fundamental switching architectures have remained stagnant, which has kept performance unpredictable and traffic congested, he said. Those are the kinds of problems the Rockport Switchless Architecture is meant to solve.

Removing the switch from the equation will drive improvements in performance, bandwidth and latency, according to the company. The vendor’s Rockport Network Operating System (rNOS) is designed to navigate data through the best network paths to reduce latency and congestion. It also breaks down packets in small pieces called FLTs to help make the movement through the network more efficient.

Rockport’s NC1225 networking card is housed in servers and storage enclosures and moves the switching tasks normally found in traditional switches to each endpoint, which essentially becomes the network. The NC1225 is not a NIC or smartNIC, which rely on switches to create a fabric. It’s powered by a field-programmable gate array (FPGA) accelerator from Xilinx and it’s a half-height, half-depth PCIe card that includes a standard Ethernet host and enables a 300 Gb/s fabric in each node.

There also is a passive fiber optic cable that connects the card to another component called a SHFL (pronounced “shuffle”) that sits where top-of-rack switches are normally located. There are up to 12 links coming from the NC1225 card that are plugged into the SHFL, creating the connectivity between nodes.

Rockport also offers its Autonomous Network Manager software for monitoring performance, tracking traffic flows and managing settings. The company estimates that its architecture improves workload completion times 28 percent faster than traditional networks and reduces latency under load by 3.5 times. There also are savings in power, heat and cooling (69 percent), space and weight (77 percent) and cables (72 percent).

Also read: Data Center Technology Trends for 2022

A Better Way

“What Rockport is doing is basically breaking that paradigm and saying there’s a better way to architect the switch fabric in data centers that will not only give you more performance, but give you predictable performance,” Sultzbaugh said. “While the network is a relatively small part of the overall IT spend, we’re having an outsized impact on the utilization of all the infrastructure and that has all kinds of goodness.”

Rockport already has some high-profile early adopters, including the Texas Advanced Computer Center (TACC), which houses the Frontera supercomputer, a Dell EMC system powered by Intel Xeon chips and GPUs from Nvidia and interconnected via Mellanox’s IninfiBand. Another early adopter is Durham University in the UK, home to the DiRAC integrated supercomputing facility and the COSMA system. 

Classic Go-to-Market Strategy

The company is adopting what Sultzbaugh calls a “classic multi-tier go-to-market” strategy that includes the early adopters, which gives Rockport proof points that can be referred to with other potential customers. The vendor also will leverage channel partners like value-added resellers and traditional server and storage OEMs.

“We’re going after enterprise HPC [and] AI customers around financial services, life sciences, manufacturing, autonomous vehicles, all of those areas that are heavy users of performance [architectures],” he said. “We’re targeting people looking at 100 gig networks and above. It’s the fastest growing part of the data center Ethernet market.”

Rockport will have direct contact with customers but will fulfill orders exclusively through channels. In the cloud, the company initially will go after second-tier and software-as-a-service (Saas) providers that also are involved with AI, HPC, and machine learning workloads and later will target the hyperscalers.

Funding Will Help

The $48 million in new funding, which brings total investments in Rockport to almost $100 million, will help with all this. The latest round was led by Northern Private Capital, with current investors also participating. The money will be used to accelerate the company’s go-to-market efforts and expand sales and marketing.

“We’ve taken a number of years to build a pretty unique product and we protected the intellectual property, taking that very seriously out of the gate,” Carwardine said, adding that at this point for Rockport, the company could use the money. “We’re just going to market now and so that’s very important to fuel the growth. The fact that we’re getting endorsed to this level by the kinds of investors that we have speaks volumes of the business. These things don’t happen without a lot of diligence.”

Read next: Best Network Monitoring Tools & Software of 2021

The post Networking Startup Rockport Adds Co-CEO, $48 Million in Funding appeared first on Enterprise Networking Planet.

The company’s new EdgeConnect Microbranch is a single access point (AP) that delivers a broad array of connectivity services that are found in on-campus environments, from troubleshooting problems and zero-touch onboarding to software-defined WAN (SD-WAN) capabilities and security features like zero-trust and secure access services edge (SASE) security frameworks.

In addition, like other Remote Access Points (RAPs) from Aruba, the EdgeConnect Microbranch device can be managed via the company’s cloud-based Aruba Central networking management and monitoring solution.

Pandemic Accelerates IT Decentralization

Along with other networking vendors, Aruba, which is owned by Hewlett Packard Enterprise, for more than a decade has been adding to its portfolio of remote work products and has continued that effort since the onset of the COVID-19 pandemic, which forced a dramatic shift to working from home, a change that has cemented the hybrid work model at many businesses since.

“Remote work and work-from-home, which may have been a transitory state a year ago, is no longer that,” Larry Lunetta, vice president of solutions portfolio marketing at Aruba, told Enterprise Networking Planet. “It’s part and parcel of how organizations now execute. More than 50 percent of workers are expected to be in some form of remote work, depending on the industry. Depending on your position, it could be much higher than that.”

This comes at a time when the IT and business worlds already were becoming increasingly decentralized, with the growing adoption of the cloud and the rapidly expanding edge. That already was forcing companies to find tech solutions to enable those working at home or other remote locations to have the tools needed to do their work. The COVID-19 pandemic accelerated all that.

Also read: Home SD-WAN: Networking Vendor Responds to the Pandemic

Aruba’s Expands Edge Services Platform

The EdgeConnect Microbranch is part of Aruba’s larger Edge Services Platform (ESP) that includes not only APs but also a suite of SD-WAN services inherited when HPE last year bought SD-WAN vendor Silver Peak for $925 million and folded it into Aruba, which has become the networking arm for the parent company.

SD-WAN is among the fastest-growing sectors of the larger networking market, driven in large part by rising demand for more performance and better security for applications in the cloud, according to market research firm Futuriom. The analysts noted in a report earlier this year that the market hit a “pandemic pause” in the first half of 2020, but is back on track and is now expected to grow an average of 34 percent a year, from $2.6 billion this year to $4.6 billion by 2023.

“As we move into this true hybrid work environment, where you may be in the office sometimes and you may be working remotely other times, you want as identical an experience as you can get,” Lunetta said. “That applies not just to someone who’s doing Zoom calls or working on Office 365, but those sort of non-remote-friendly types of functions like a call center. A lot of what we’ve built in via the SD-WAN services and SASE facilitates and is intended to enable those kinds of functions to be done remotely as they are in the office.”

Adding SD-WAN and SASE

The addition of SD-WAN and SASE—which essentially combines networking and network security functions—means that EdgeConnect Microbranch enables remote workers now have the same connectivity, identity-based access control, management and analytics features that have gotten from Aruba’s RAPs without having to use additional on-premises hardware or agents on devices.

The new offering ensures that work-from-home employees can run the latency-sensitive applications like unified communications and bandwidth-intensive devices that their in-office counterparts can with the same level of security, according to Aruba officials. Services include policy-based routing to ensure application traffic is optimized, scalability, and improved uptime and reliability.

New features include tunnel and route orchestration to ensure network performance by orchestrating VPN tunnels on demand and automated rerouting of traffic, SASE integration for secure connectivity to such cloud security services as Zscaler through the AP and enhanced WAS visibility.

“One of the things that we’ve done is enable EdgeConnect MicroBranch to run on any access point and that really opens up this idea of performance and scale that we perhaps didn’t have before with the specific access point that sat in the home,” Lunetta said. “Instead of having the need now for multiple access points, you can put in a Wi-Fi 6 or a Wi-Fi 6E Edg Connect MicroBranch and service a lot of endpoints and a lot of devices.”

Also read: The Home SD-WAN and SASE Markets are Rapidly Expanding

Competitive Differentiation

The ability to offer myriad capabilities in its RAPs and EdgeConnect Microbranch is a competitive differentiator for Aruba against its competitors, he said.

“We feel like you have to be good at a number of things here,” Lunetta said. “You have to be good at connectivity, you have to be good at packaging hardware up in a way that can support these kinds of services, you have to be good at the cloud, you have to be good at security. We’ve seen new players come in that maybe are good at one of those, but can’t really cover the waterfront in terms of, how do you mirror the in-office experience in the home?”

The EdgeConnect Microbranch solution is available in early access, with general availability coming in March for any APs running the vendor’s ArubaOS 10 networking operating system with a Foundation AP License. Such licenses are available for $145 per AP and prices for Aruba APs starts at $575 for the Aruba 303H Series.

Read next: Top SD-WAN Providers & Vendors for 2021

The post Aruba Brings SD-WAN, SASE to Home Offices with New Offering appeared first on Enterprise Networking Planet.

During his keynote address at AWS’ re:Invent conference this week, CEO Adam Selipsky introduced the preview of AWS Private 5G, a fully managed service that will enable enterprises to more easily deploy, scale and manage their own private network and set it up in a matter of days instead of months.

The offering gives organizations “all the goodness of mobile technology without the pain of long planning cycles, complex integrations and the high upfront costs. … Once they’re powered on, a private 5G network just simply auto-configures and sets up a mobile network that can span anything from your corporate office to a large campus, the factory floor or a warehouse.”

Also read: What is a Private 5G Network?

Taking WAN to the Cloud

Two days later at the show, AWS officials unveiled the preview of AWS Cloud WAN, which service companies can leverage to build and centrally manage a global private WAN leveraging the cloud provider’s technology and link together on-premises data centers, branch offices, and cloud environments.

“Over the years, we’ve seen a change in how customers use the AWS network,” AWS officials wrote in a blog post. “More than ever, customers are looking to decrease the complexity of their infrastructure so they can focus on their applications and other business priorities, their network is stretched over a global footprint, and customers are using a mix of technologies to make this happen.”

That said, there is complexity in managing all these requirements that can slow users down, they wrote. AWS Cloud WAN gives organizations a global network that’s managed by AWS and offers connectivity options, including VPNs, software-defined WANs (SD-WANs) or fixed lines.

AWS Pushes into Networking

Zeus Kerravala, principal analyst for ZK Research, told Enterprise Networking Planet that AWS muscling its way into the network space is a significant move for the company and the tech industry.

“It signals to the industry how important the network has become,” Kerravala said. “One of the interesting aspects for AWS is now that they have become a full-stack IT provider, they can provide you with everything from the underlying compute platform to the application development tools, the AI [artificial intelligence] tools that go into applications and now the network [and] the storage. You can manage your whole IT environment now conceivably just through the AWS Console.”

In today’s highly distributed IT world that spans from on-premises data centers to the cloud and out to the edge — and is further fueled by the sharp shift to remote work — the network becomes the central technology that ties it all together and through which the data and applications run.

Using AWS’ Backbone

Cloud WAN is designed to help with connectivity within AWS, enabling enterprises to leverage centrally defined policy and automation to create network segments and propagate them across their global WAN. AWS officials said the service will help organizations building virtual private clouds (VCPs) across multiple regions and extending SD-WAN into AWS, as well as those that want to replace or augment parts of their existing networks with AWS’ network backbone.

The service includes a central dashboard for attaching connections to branch offices, data centers, and Amazon VCPs and the central policies enable companies to centrally configure and automate network management and security jobs.

Networking Vendors Tout Integrations

Several vendors from the networking, security and data management fields are working with AWS on Cloud WAN. Cisco Systems is integrating its SD-WAN offerings — including those from its Viptela and Meraki businesses — with WAN Cloud. VMware is doing the same with its SD-WAN technology.

“The solution ensures local presence with VMware SD-WAN services and offers global reach with the integration to AWS Cloud WAN riding over the AWS backbone,” Vivek Archar, senior product line manager at VMware, and Jay Thontakudi, senior product marketing manager, wrote in a blog post. “The solution gives enterprise IT operational simplicity to deploy large numbers of sites with easy on-ramp to the cloud and a rich user experience.”

Other vendors announcing integrations include Aviatrix, Fortinet, Prosimo, and Hewlett Packard Enterprise’s Aruba Networks business, which is integrating its SD-WAN and LAN offerings.

“This integrated solution automates network deployments and removes the complexity of manual, time-consuming, step-by-step configuration and connectivity of individual branch offices to local AWS points of presence (PoPs),” Aruba officials wrote in a blog post. “Enterprise customers can use the Aruba solution to automate the process of connecting branch offices to the AWS cloud in minutes, including one-click automation of any Aruba EdgeConnect instances that must be deployed within customer VPCs to support a given use case.”

Also read: 5G Drives Collaboration Between Carriers, Cloud Infrastructure Providers

Telcos Should Take Heed

ZK’s Kerravala said telcos will have to pay attention to what AWS is offering with Cloud WAN. The service offers a number of features that will be attractive to a wide range of enterprises, including a consumption-based pricing model — like that offered with its compute and storage services — in which the organization pays only for the bandwidth they consume or, if they’re connecting multiple nodes, the throughput they use.

“If you think about traditional telecom services, they’re anything but consumption-based,” the analyst said. “They charge you a flat rate and then if you go over, you’ve got to pay more. But if you go under, you don’t pay less. … It’s an interesting model and a way to redefine the way telecom should be.”

He said that initially enterprises likely will use the AWS service as an alternative connection to their traditional teleco, adding that telcos need to take note of this.

“AWS is going to push innovation in networking now that they’re in it and, let’s face it, the telcos aren’t really known for their innovative capabilities,” Kerravala said. “They tend to be pretty slow moving, so it’s good for the industry. Now that Amazon’s in [the network], they’ll drive up utilization, will drive innovation and the telcos that respond and also innovate will do very well. The ones that don’t [will] get left behind.”

The Private 5G and Cloud WAN services mark an aggressive push into the networking space by AWS. The cloud provider already has network services, “but anybody that really tried to use it as a global WAN would have to cobble it together with their own SD-WAN connections,” he said. “This just makes it easier and it can be managed through that single pane of glass, the AWS Console.”

Also read: Why 5G Isn’t Just For Carriers

AWS Presses Advantage Over Azure, Google

It’s also another differentiator for AWS in the fast-growing public cloud space that also includes such competitors as Microsoft Azure and Google Cloud. In that market, bolstered by its commanding lead, AWS is the one driving much of the innovation, Kerravala said.

In the third quarter, global spending on cloud infrastructure services jumped 37 percent year-over-year, to more than $45 billion, according to market research firm Synergy Research Group. AWS, Azure and Google Cloud accounted for more than half of that spending, with AWS having a market share of 33 percent. Azure had 20 percent followed by Google Cloud, at 10 percent.

AWS Cloud WAN is available as a public preview in 10 regions in the United States, Europe, Asia, Africa and Latin America.

Read next: Going Beyond 5G: What to Expect from a 6G Future

The post AWS Turns its Focus to Cloud WAN, 5G Networking appeared first on Enterprise Networking Planet.

The vendor’s technology is now available in the cloud on Amazon Web Services (AWS) and in the future will be offered in other public cloud environments, including Microsoft Azure and Google Cloud Platform.

Dell and AWS this week announced a partnership that will bring to the AWS Marketplace an air-gapped cyber vault from Dell that will help organizations secure, protect and isolate data from a ransomware attack. The move comes as the IT world becomes increasingly decentralized, with data and applications being housed in data centers, public and private clouds and now at the edge, and moving over networks between these environments.

The announcement came during AWS’ re:Invent conference.

“Many customers see an increase in cyber security concerns based upon the reality of things like remote working, work from anywhere,” Rob Emsley, director of product marketing for data protection at Dell, told Enterprise Networking Planet. “You can expand that out to multicloud [and] out to edge computing. One of the concerns that customers have is they know they need to embrace these new infrastructure choices, but it does increase the attack surface. In general, whether or not you’re implementing edge or multicloud or remote working, customers in general seem to be having a heightened sensitivity to cybercrime.”

Cyber Resilience a Top Concern

A key focus for many enterprises has been the issue of cyber resiliency, Emsley said. When data and workloads were kept in on-premises data centers, they could be protected with such tools as antivirus software and firewalls designed to keep bad actors out. However, those security solutions don’t work as well in a highly distributed environment that includes clouds and the edge, so the ability to recover when an attack occurs has become increasingly important.

Such concerns arose in a survey of 1,000 IT decision makers Dell released in July, which found that 62 percent were concerned that their organizations’ security measures didn’t offer adequate protection against ransomware and similar threats and 74 percent said that, with the growth of remote working, their companies were at greater risk of data loss.

In addition, 67 percent said they struggled with protecting cloud-native applications and 64 percent said that what security they had in place enabled their companies to recover sufficiently from an attack.

Also read: Best Enterprise Cloud Migration Tools & Services 2021

A Shift to the Cloud

Given that, it makes sense for Dell to take its Cyber Recovery Vault technology that has been used for years in on-premises data centers and make it more widely available. The vendor took a step in that direction earlier this year, partnering with multicloud data services provider Faction to make its cybersecurity offerings available in Faction’s colocation facilities. 

A move to make the Cyber Recovery Vault technology available as a service via the cloud was a natural evolution.

“Up until now [the technology] has only been on premises or within a colocation facility,” Emsley said. “Working collaboratively with AWS, we have designed a virtual private cloud configuration that allows a customer to build an isolated recovery environment and immutable data vault within their AWS infrastructure. … What this gives is the ability to stand up the cyber recovery vault infrastructure within the public cloud that you’re using for your production and your backup workloads.”

Available on AWS Infrastructure

Enterprises can run Dell’s Cyber Recovery technology on their AWS infrastructure, buying it from the cloud market and automatically deploying it. The service creates and maintains a backup for an organization’s data that is physically and logically separated from threats through the automated air-gap design.

In the case of a ransomware attack, the Dell service provides an organization with duplicates of its data that can be used to help with a quick recovery. Automated workflows move data to an isolated area within AWS and enterprises can create policies to manage the data and monitor for threats. The “vault” is isolated and can’t be accessed from protection and access is limited and protected within a secure private cloud.

Accessing the backup data requires a multi-factor authentication login. Dell’s PowerProtect Cyber Recovery syncs the data between production systems and the vault.

Also read: What You Need to Know About Cloud Automation: Tools, Benefits, and Use Cases

Automation a Differentiator

Dell’s technology puts automation capabilities within the isolated recovery vault, whether within AWS, in a Faction site or on premises, which Emsley said is a key differentiator with similar offerings. It minimizes the attack surfaces that a bad actor can go after.

“One of the things that we’ve been seeing over the last couple of years is that cybercriminals are not only going after production, but they’re also going after the backup infrastructure that is traditionally protecting production,’ he said. “By separating the cyber recovery from the backup administration logic, it gives us an additional layer of security that customers are able to rely upon.”

Emsley said that data protection is a key use case for many enterprises that are adopting multicloud strategies, noting that Dell is protecting more than 8 exabytes of data within the data protection solutions available through public cloud providers. Dell for most of this year has been offering most of its data protection software as services via AWS, Azure, and Google Cloud.

Shared Responsibility in the Cloud

The amount of data the vendor’s services protects in the cloud also highlights the need for organizations to understand the security responsibilities when migrating business to the cloud.

“It really does go to show that when you think about moving to cloud infrastructure and you think about moving from on premises … there’s one thing that always remains your responsibility, and that’s the data,” he said. “Everything else may shift to be the responsibility of the cloud provider, but the one thing that stays constant is your responsibility for the data. Quite often that’s not always completely understood by clients. 

“As they move to the cloud, with the concept of a shared responsibility model … the cloud provider is responsible for keeping the service available for you to use, but the data within that service still remains your primary responsibility. That’s where data protection becomes not a nice-to-have. It becomes a must-have.”

Read next: The Integration Chasm that is Killing Cloud

The post Dells Delivers Ransomware Data Protection as AWS Service appeared first on Enterprise Networking Planet.

The moves announced this week at the vendor’s Ignite ’21 event puts a spotlight on the vulnerability of applications as more of them migrate to the cloud and puts an emphasis on securing the networks that they run across from the data center to the cloud or between multiple clouds.

Palo Alto officials pointed to a Gartner study that found that by 2023, 70 percent of enterprise workloads will be deployed on cloud infrastructure and platform services, a jump from 40 percent last year. In addition, the company’s Unit 42 threat intelligence researchers said that between April and June 2020, cloud security incidents jumped 188 percent year-over-year, with some industries seeing increases of more than 400 percent.

“The challenge in securing these cloud environments stems from the nature of the cloud itself,” Ankur Shah, senior vice president and general manager of Palo Alto’s Prisma Cloud business, wrote in a blog post. “Workloads and resources in the cloud are broadly distributed and highly ephemeral. One new cloud account connects with workloads, applications and data, where each point presents potential attack vectors. In order to secure cloud native applications and infrastructure, organizations need to adapt to be more agile and integrated.”

Also read: Falco Rocks AWS Cloud Security One Louder

Building Out Prisma Cloud

Helping organizations do that is the aim of Prisma Cloud 3.0, which comes two years after the platform was first launched. It comes with a range of new features that are designed to help enterprises adopt a DevOps mentality, including adding security to infrastructure-as-code (IaC) environments, greater security capabilities for Microsoft’s Azure public cloud, network microsegmentation improvements and faster detection of misconfigurations.

In addition, Palo Alto unveiled its Next-Generation CASB (cloud access security broker) to deliver greater security for software-as-a-service (SaaS) security at a time when the business world has moved to hybrid work models.

“With the en masse shift to a hybrid workforce and rapid adoption of the cloud, the way work gets done has changed,” Lee Klarich, chief product officer for Palo Alto, said in a statement. “SaaS collaboration apps are becoming key to a productive hybrid workforce, but SaaS security has not caught up.”

The new CASB, which is available on Prisma Cloud 3.0, is designed to address that security need, Klarich said.

Changing Needs in Network and Security

The moves by Palo Alto and other vendors are part of a larger evolution of network security that has been going on for years, according to Rob Enderle, principal analyst with The Enderle Group, adding that “over the last two decades, the network has become the greatest exposure companies have for outside attacks and where you need to focus on executing a viable defense.”

Initially everything was air-gapped, which made it difficult to propagate without someone physically enabling the attack, Enderle told Enterprise Networking Planet. That gave way to a premier defense, which worked until tools like VPNs and trusted links made permits excessively porous.

“The current approach is AI [artificial intelligence]-based and looks for unusual traffic or behavior in the enterprise, and much of this activity can be picked up on the network,” he said. “This evolution puts the network provider in a critical role, either responsible for the firm’s vulnerabilities or providing the most vigorous defense against an ever-growing number of vulnerabilities.”

With the move to the cloud, “security solutions have to expand into this new frontier or fail,” Enderle said. “When we first started, there wasn’t a network to secure. Now the network is the area you generally need to focus on for any successful security solution. If a security solution doesn’t include the cloud, it really can’t be called adequate in this hybrid and cloud-native world where we now operate.”

Also read: Google Cloud, Palo Alto Create Threat Detection Service

Focusing on IaC

To address misconfigurations in IaC templates, Prisma Cloud 3.0 offers embedded scanning and code fixes in developer tools that span the application development lifecycle, a key capability at a time when DevOps teams are increasingly using such templates as Amazon Web Services (AWS) CloudFormation and HashiCorp Terraform, Shah wrote.

The Unit 42 group in a recent report found that almost half of CloudFormation templates in use contain misconfigurations.

“If a misconfigured IaC template is used dozens or hundreds of times, it could easily add hundreds or thousands of misconfigurations and alerts for security teams to address later in the process,” he wrote.

Palo Alto earlier this year bought IaC security vendor Bridgecrew, a key acquisition for its larger ambitions around security for the full application lifecycle. Palo Alto has since integrated Bridgecrew’s technology into Prisma Cloud, giving enterprises a single solution for addressing risks associated with IaC and for integrating security into the development pipeline.

The vendor also is making its WildFire cloud-based threat analysis tool a standalone product, which crowd-sources intelligence from more than 80,000 customers. In addition, its Next-Generation CASB was designed to address limitations of current solutions on the market when it comes to SaaS workloads.

The Latest in CASBs

According to Anand Oswal, senior vice president and general manager at Palo Alto, those limitations include not being able to protect most critical applications because they focus on apps accessible via HTTP/S, which doesn’t include SaaS and non-web apps that account for more than half of enterprise traffic. They also use static databases and support requests for app discovery, as well as lack APIs to secure modern collaboration applications.

They also use inaccurate pattern-based detection and rely on third-party sandboxing across HTTP/S traffic as the only method of threat detection, Oswal wrote in a blog post. The vendor’s Next-Generation CASB addresses those issues and is part of a consolidated secure access service edge (SASE) offering.

“SASE must converge best-of-breed security and SD-WAN [software-defined WAN] capabilities in the cloud to deliver exceptional user experiences while reducing security risks,” he wrote. “Prisma SASE … converges network security, SD-WAN, and Autonomous Digital Experience Management into a single cloud-delivered service, without compromises.”

It consolidates such point products as SD-WAN, zero-trust network access, cloud secure web gateway, firewall-as-a-service (FWaaS), and the Next-Generation CASB into a fully integrated service designed to reduce network and security complexity and improving organizational agility, according to Osawal.

Read next: Managing Security Across MultiCloud Environments

The post Palo Alto Networks Addresses Modern Security Demands with Prisma 3.0 appeared first on Enterprise Networking Planet.

Dish Wireless is teaming up with Cisco Systems and data center services provider Equinix to help drive its smart 5G network ambitions, which will be powered by cloud networking and automation software from Cisco and digital infrastructure services from Equinix.

For its part, Microsoft is expanding its partnership with AT&T aimed at combining the telecommunication giant’s 5G capabilities with Microsoft’s Azure cloud to help organizations extend their reach to the edge.

“Today, we find ourselves at a pivotal moment that’s impacting many enterprise customers’ digital transformation needs,” Jason Zander, executive vice president of Azure, wrote in a blog post. “In this place where cloud meets the edge, compute meets mobile, and 5G trends continue to drive innovation—customer demand for advanced network capabilities is surging. For customers, the promise of all these converging technologies is still the ability to create and use innovative solutions and experiences to keep pace with a rapidly evolving digital landscape.”

Also read: Chip Designer Arm Aims for Dominance in 5G Networks

Enterprises Look to the Cloud

As enterprises migrate more mission-critical workloads to the cloud, they are looking for help in delivering services and innovation and expanding what they can do in an increasingly decentralized IT environment, Zander wrote. 

“With new use cases and connected devices becoming ubiquitous, those enterprises are requiring new edge application solutions close to the end users to help them build innovative solutions within industries as diverse as gaming, automotive, healthcare, manufacturing, and more,” he wrote.

5G is key to helping to make all of this happen. 5G includes significant improvements over 4G in speed, latency and capacity, which means enabling more devices to run on the same network, an important advantage for the Internet of Things (IoT). However, it’s more than all that, according to Zeus Kerravala, principal analyst with ZK Research.

Until now, cloud computing has been essentially centralized computing, with organizations using one cloud for one workload and running other workloads on other clouds.

“With 5G, the definition of cloud evolves into something that I’ve been calling ‘distributed cloud,’ in which we can use multiple cloud providers, edge computing, private clouds and make them look like a single compute fabric,” Kerravala told Enterprise Networking Planet. “What 5G does is allow you to put your data in more workloads in more places. The cloud expands from just being a centralized compute model to something that’s distributed and a lot of that will be driven by edge computing. I’m not sure you can really do edge computing without 5G. It brings connectivity to places where you could never have it before.”

5G and Cloud-Native

Another key aspect of 5G is that it’s cloud-native, so services are more agile— easier to spin up and down, based on demand— and it handles application traffic better than 4G, the analyst said. It also will enable a company like Dish to better compete within the 5G ecosystem.

“Dish has always been on the outside looking in when it comes to wireless,” he said. “Because 5G is cloud-native in design, you can build it using Equinix as partners. You don’t have to build your own massive data centers and POPs [points of presence] and things like that. It will create more competitiveness. The winners in the 5G world are the ones that can figure out how to drive a lot of consumer and business innovation on top of the 5G network. Speed is part of it but being cloud-native lets you do a lot more with it.”

Also read: Using Wi-Fi 6 and 5G to Build Advanced Wireless Networks

Dish and Cisco Tie Up

Dish launched a 5G pilot program in Las Vegas this month, with plans to expand it to cover 70 percent of the United States by summer of 2023. The agreements with Cisco and Equinix add to a list of partnerships that include IBM and Amazon Web Services (AWS). Dish will get access to Equinix’s interconnection infrastructure through the International Business Exchange (IBX) data centers Equinix runs in the United States. Equinix in September unveiled its 5G and Edge Technology Development Center, which includes a 5G network from Nokia that organizations can use to test and validate 5G services and use cases.

With Cisco, Dish will create an open, cloud-based and highly automated network that will include Cisco’s XRv9K virtualized routers running on AWS, virtual Cell Tower Routers and other technologies, including its IOS-XR operating system for 5G, NCS series routers, Nexus 9000 series switches with Cisco’s Application Centric Infrastructure (ACI) switching fabric, and Crosswork Network Controller. There also are DevOps and go-to-market aspects of the partnership.

In a statement, Cisco Chairman and CEO Chuck Robbins said the partnership will help enterprises transition to network-as-a-service, support hybrid work models and expand into such markets as IoT.

Microsoft Expands Partnership with AT&T

The latest move by Microsoft and AT&T expands the collaboration between the two companies, which includes AT&T adopting Microsoft cloud technology for its 5G core network workloads to increase productivity and reduce costs. They also are working together to create Azure Edge Zones on AT&T’s 5G network, improving application performance while reducing costs and complexity.

The Azure Edge Zones bring together AT&T Network Edge (ANE) capabilities and the Azure cloud platform.

“A selected set of Azure services deployed at the edge, directly connected to AT&T’s 5G core, enables latency-sensitive enterprise scenarios through optimized routing from the Azure Edge Zones with AT&T to the AT&T mobility network,” Microsoft’s Zander wrote. “This enables developers to innovate richer applications with lower latency, higher throughput, and greater reach.”

The two companies run a proof-of-concept in Los Angeles and this week announced a private preview for another Azure Edge Zone in Atlanta, with others planned for such metro areas as Dallas.

With 5G, enterprises will see telcos being much more responsive to their needs, ZK’s Kerravala said. Historically, when a carrier considered a new telecom service, they had to build out a new network for that service, an expensive and complex process that forced the telcos to take months or years to decide on a service. 5G will enable more agile networks, which will help not only established carriers like AT&T but also companies like Dish that want to expand their capabilities.

“With 5G, because you’re basically running big clouds right as your backend, you can make changes very quickly,” he said. “You can act like a cloud provider, you can throw stuff at the wall and see what sticks and if people don’t like it you get rid of it and try something else. This allows them to experiment a lot more and that’s not something they’ve historically done. If Dish enters this and they’re willing to be a lot more innovative and forward looking, they can capture a big chunk of shared business services.”

Read next: Going Beyond 5G: What to Expect from a 6G Future

The post 5G Drives Collaboration Between Carriers, Cloud Infrastructure Providers appeared first on Enterprise Networking Planet.

At the company’s virtual GTC event, founder and CEO Jensen Huang unveiled Quantum-2, a 400 Gigabit Ethernet InfiniBand networking platform not only will include Nvidia’s Quantum-2 switch, but also software for supporting it and a choice of the vendor’s ConnectX-7 network interface controller (NIC) or upcoming BlueField-3 data processing unit (DPU).

The new networking platform comes as supercomputing facilities increasingly are being accessed by more users—many from outside of their organizations—while CSPs like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud are offering more supercomputing services to organizations, according to Nvidia officials.

“Quantum-2 is the first networking platform to offer the performance of a supercomputer and the shareability of cloud computing,” Huang said during his GTC keynote address. “This has never been possible before. Until Quantum-2, you get either bare-metal high-performance or secure multi-tenancy, never both. With Quantum-2, your valuable supercomputer will be cloud-native and far better utilized.”

Computing Becoming More Distributed

As computing becomes more distributed between on-premises data centers, multiple public clouds and the fast-growing edge, the network becomes the key connectivity tool not only for moving the data around, but also to manage and secure it. 

“In distributed computing, the network is the vital central nervous system of the computer,” Huang said. “The network connects thousands of GPUs into a giant supercomputer, determining its scalability and ultimate performance.”

The Quantum-2 includes a new 7-nanometer InfiniBand switch chip—about the size of Nvidia’s A100 GPU—and 64 ports at 400 Gb/s or 128 ports at 200 Gbp/s, the CEO said. It can connect up to 2,048 ports, a significant jump over the 800 ports in Quantum-1, delivering more than five times the switching capacity. In addition, Quantum-2 can scale to 1 million endpoints within the three-hop Dragonfly interconnect topology, 6.5 times over current generation, he said.

“Nanosecond timing will also allow cloud data centers to become part of the telecommunications network and host software-defined 5G radio services,” Huang said. “If Nvidia’s Selene DGX supercomputer were equipped with Quantum-2 today, the total bandwidth would be 224,000 Gigabytes per second, or roughly one and a half times the total traffic over the internet.”

At 400 Gb/s, Quantum-2 doubles the network speed and triples the number of network ports. It triples the performance and reduces the need for data center fabric switches six-fold, while reducing data center power consumption and data center space by 7 percent each, he said.

Also read: Best DCIM Software for Managing Data Center Infrastructure

Quantum-2’s New Features

Among the key new features is performance isolation that keeps the activity of one tenant from disturbing others and a cloud-native, telemetry-based congestion-control system that ensures that high data-rate senders don’t overwhelm the network and jam traffic. It provides SHARPv3 in-switch processing with 32 times the acceleration engines to speed up AI application training, while a nanosecond precision timing system can synchronize distributed applications, including database processing, which lowers the overhead of waiting and handshaking within the network.

The system provides predictive maintenance capabilities via Nvidia’s UFM Cyber-AI platform.

Nvidia is offering two networking and endpoint options for Quantum-2. ConnectX-7 will come with 8 billion transistors and doubles the rate of ConnectX-6 and doubles the performance of remote direct memory access (RDMA), GPUDirect Storage, GPUDirect RDMA and in-networking computing, according to Nvidia officials. The NIC is sampling in January.

Meanwhile, BlueField-3 InfiniBand will include 22 billion transistors and 16 64-bit Arm CPUs to offload and isolate the data center infrastructure stack. It will sample in May 2022.

Rise of Data Processing Units (DPUs)

A range of semiconductor vendors—not only Nvidia, but also Intel, Broadcom, Marvell, Hewlett Packard Enterprise’s Aruba Networks, and Xilinx (which AMD is trying to buy for $35 billion)—are leveraging such technologies as field-programmable gate arrays (FPGAs) to develop DPUs, which offload networking, storage and other tasks from the CPU to accelerate performance.

Nvidia, which broadened it networking capabilities when it bought interconnect vendor Mellanox for $6.9 billion in 2019, sees the BlueField DPUs as a way to move an array of such tasks from the CPU that Nvidia officials say are eating up as much as 30 percent of a computing chip’s capacity. Huang said there are about 1,400 developers working with BlueField DPUs.

At the show, Nvidia also announced BlueField DOCA 1.2, a collection of cybersecurity capabilities that will enable enterprises to more quickly build a zero-trust architecture by offloading infrastructure software. 

“Protection at the perimeter and workgroup segmentation are no longer sufficient,” Huang said. “Every touch point of applications, data, users and devices are potential attack surfaces. Since BlueField is the networking endpoint, we can secure a data center at virtually every touch point.”

Also read: Steps to Building a Zero Trust Network

Security Concerns Rise

He noted that both cloud computing and machine learning are changing the nature of data centers and that container-based applications enable hyperscalers to rapidly scale out their environments and bring aboard millions of users to take advantage of their services at the same time.

“The ease of scale out and orchestration comes at a cost: east-west network traffic increased incredibly with machine-and-machine message passing and these disaggregated applications open many ports inside the data center that need to be secured from cyberattack,” he said.

The BlueField DOC 1.2, which will into early access a the end of the month is part of a larger zero-trust security platform that also includes Nvidia’s Morpheus, a deep-learning framework that offers a new workflow for creating digital fingerprints to detect and respond to anomalies in the network

The Quantum-2 switch is available from a wide array of infrastructure vendors and system makers, including Dell Technologies, HPE, Lenovo, IBM DataDirect Networks and Inspur.

Read next: Top Zero Trust Networking Solutions for 2021

The post Nvidia’s Quantum-2 Comes with NIC or BlueField-3 DPU appeared first on Enterprise Networking Planet.