Post on 04-Mar-2016
description
COMMENT:DEALING WITH TARGETED ATTACKS – TIME TO LOOK INSIDE THE NETWORKP14
AN ITPTECHNOLOGYPUBL ICATION
MARCH 2013 VOLUME 19
ISSUE 3
COMBATING THE DATA
FLOOD: COMPANIES MUST
START TREATING THEIR DATA AS
AN ASSETP40
ARE YOU PCI COMPLIANT?ALL COMPANIES PROCESSING CREDIT CARDS MUST COMPLYP24
Dubai World Central and Smartworld have installed the region’s fi rst multi telecom vendor network
THINK SMART
We would like to give every business and every resident
the ability to choose the telecom provider
he wants. ”NAJMUL HUSSAIN
P20
Connect to More
Business Solutions
Connect to More
D-Link’s Switching, Wireless, Security, IP Surveillance and Storage Solutions deliver best-in-class performance and extreme value to small and mid-sized businesses, schools, hospitals, government agencies, retail chains and a variety of other organizations around the globe.
www.dlinkmea.com
facebook.com/dlinkmea info.me@dlinkmea.com
+971 4 880 9022
Contents
3 Editor’s letter: PCI compliance
5 Network news: All of the hardest
hitting news from the network industry
8 Fast Lane explains its FL-FLEXPODI
course and how it benefits network
professionals in the regional industry
10 Vendor Profile: Brocade discusses its
successes, challenges and future plans.
12 The Four Steps to IT Consolidation
Nirvana: Philippe Elie, director, business
operations EMEA, Riverbed, says IT
consolidation still meets with scepticism
14: Dealing with targeted attacks:
Strategies for mitigating APTs are lacking,
says Trend Micro
16: Cloud computing is not just about
IT: The real business opportunity for cloud
services lies beyond IT, says Gartner.
18: Where to put your cooling units:
Cannon Technologies explains where to
put your cooling units
51 Network security news: All of the
latest security news this month
56 Last word: Daniel Schmierer, area VP
sales, Middle East & Africa, Polycom
32: Network access controls and identity managementExperts looks at what kinds of
authentication and access controls
enterprises can and should implement
40: Combating the data floodCompanies must start treating their data
as an asset rather than a burden
24: Are you PCI compliant?Any company of any size storing,
transmitting or processing credit card
details must be PCI compliant to ensure
the safety and security of customers’ data,
20: Case Study: DWC implements multi-vendor networkDubai World Central, Smartworld install 10 Gigabit core network
Mar
ch 2
013
Vol.1
9 N
o.03
3
Edito
r’s c
omm
ent
Do you receive Network Middle East every month?To subscribe, please visit www.itp.com/subscriptions
Payment Card Industry
Data Security Standard
(PCI DSS) is a set of
requirements designed to
ensure that every company that
processes, stores or transmits
debit, credit, or pre-paid card
information maintains a secure
environment. Any company
that takes payment using cards
branded with American Express,
Discover, JCB, MasterCard, and
Visa International should be PCI
DSS compliant.
It is also a must-have for any
size of company, whether it
is an SMB, or a company with
thousands of employees.
PCI applies to all organisations
or merchants, regardless of size
or number of transactions, that
accept, transmit or store any
cardholder data. If any customer
of that organisation ever pays
the merchant directly using a
credit card or debit card, then
the PCI DSS requirements apply.
This standard is designed to give
peace of mind to customers and
business partners alike, that the
company has done its utmost
to ensure that its customers
will not have their credit card
details stolen, so why do very few
companies in the UAE comply
with PCI DSS?
Well, at the moment there is no
legislation to force companies to
ensure the security of credit card
data that passes through their
web portals.
In the US, for example,
the payment brands (Visa,
Mastercard, American Express,
Discover, JCB) may, at their
discretion, fi ne an acquiring bank
$5,000 to $100,000 per month for
PCI compliance violations.
Not only this, but no security
standards are currently enforced
in the region, meaning that all
these e-commerce sites that
are popping up in the UAE
and GCC, and all those Middle
East-based enterprises that you
entrust to keep your credit card
information safely are not doing
their utmost to protect your data.
A sobering thought. How many
of us shop online? How many of
us pay our bills online?
Utilising a web portal is the
most convenient way to pay your
bills, and we all know how much
easier it is to grab something we
see in an online store as a gift for
a birthday, Eid present etc, rather
than spending hours trawling
through shops looking for the
perfect gift. But is the ease of
using online portals about to
bite us?
There have been very few
reported major credit card detail
thefts through hacking in the
UAE, but, looking at the lack
of security laws in general and
around PCI DSS implementation
specifi cally, it seems like it may
just be a matter of time before
some cyber-criminal runs off
with thousands of customers’
credit card details.
For those of us who do shop
online frequently, the good
news is that third party payment
channels such as Paypal are PCI
compliant, but merely using a
third-party company does not
exclude a company from PCI
compliance. Although it may cut
down on their risk exposure and
consequently reduce the eff ort
to validate compliance.
However, it does not mean
they can ignore PCI.
So, next time you log on and
spot a nice pair of shoes, or want
to pay your bills, it might be a
good idea to check whether the
service provider has any form of
security in place, and maybe it
is time we, the customers, start
demanding that these Middle
East-based sites implement PCI
DSS for our own protection.
GEORGINA ENZER
Editor
georgina.enzer@itp.com
of security laws in general and
around PCI DSS implementation
specifi cally, it seems like it may
just be a matter of time before
some cyber-criminal runs off
with thousands of customers’
credit card details.
For those of us who do shop
online frequently, the good
news is that third party payment
channels such as Paypal are PCI
compliant, but merely using a
third-party company does not
exclude a company from PCI
compliance. Although it may cut
down on their risk exposure and
consequently reduce the eff ort
to validate compliance.
However, it does not mean
they can ignore PCI.
So, next time you log on and
spot a nice pair of shoes, or want
to pay your bills, it might be a
good idea to check whether the
service provider has any form of
security in place, and maybe it
is time we, the customers, start
demanding that these Middle
East-based sites implement PCI
DSS for our own protection.
GEORGINA ENZER
Editor
georgina.enzer@itp.com
PCI compliance: time to demand security?
Published by and © 2013 ITP Technology Publishing, a division of the ITP Publishing Group Ltd. Registered in the B.V.I. underCompany Number 1402846.
PO Box 500024, Dubai, UAETel: +971 4 444 3000 Fax: +971 4 444 3030
Offices in Dubai and London
Walid Akawi Neil Davies Karam Awad
Matthew SouthwellPeter ConmyDavid Ingham
Georgina EnzerTel: +971 4 444 3316 email: georgina.enzer@itp.com
Mark Sutton
George HojeigeTel: +971 4 444 3193 email: george.hojeige@itp.com
Nayeem DakhwayTel: +971 4 444 3482 email: nayeem.dakhway@itp.com
Dan Prescott
Jovana ObradovicEfraim Evidor,
Isidora Bojovic,
Lester Ali, George Dipin, Murrindie Frew, Shruti Jagdesh, Mosh Lafuente, Ruel Pableo, Rajesh Raghav
Kyle Smith Basel Al Kassem
Patrick Littlejohn Nada Al Alami
Gaurav Gulati
Daniel Fewtrell Michelle Meyrick
Shadia Basravi
Ahmad BashourTel: +971 4 444 3549 email: ahmad.bashour@itp.com
Vedrana JovanovicTel: +971 4 444 3569 email: vedrana.jovanovic@itp.com
Mohammed Affan Meghna Jalnawalla
Andrew Neil Robert Serafin
Toby JayMike Bayman, Neil Davies, Rob
Corder, Robert Serafin, Toby Jay, Walid Akawi
Printed by Royal Printing Press LLC
Controlled Distribution by Blue Truck
Subscribe online at www.itp.com/subscriptions
The publishers regret that they cannot accept liability for error or omissions contained in this publication, however caused. The opinions and views contained in this publication are not necessarily those of the publishers. Readers are advised to seek specialist advice before acting on information contained in this publication which is provided for general use and may not be appropriate for the reader's particular circumstances. The ownership of trademarks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system or transmitted in any form without the permission of the publishers in writing. An exemption is hereby granted for extracts used for the purpose of fair review.
Network Middle East is audited by BPA Worldwide.Average Qualified Circulation
5,174 (6 month audit Jul to Dec 2012)
5
Mar
ch 2
013
Vol.1
9 N
o.03
Brie
fing
ProductsResearch In Motion has launched
its BlackBerry Enterprise Service
10 multiplatform EMM (Enterprise
Mobility Management) solution
to mixed reviews.
The BlackBerry Enterprise
Service 10 is designed to bring
together device management,
security, and mobile applications
management for BlackBerry
smartphones, BlackBerry Play-
Book tablets, and new BlackBerry
10 smartphones in a consolidated
solution. It is also designed to
provide a single console for man-
aging BlackBerry, Android and
iOS devices. BlackBerry Enterprise
Service 10 prepares organisations
for the future of mobile diversity,
as well as integrates with existing
BlackBerry Enterprise Server ver-
sion 5.0 deployments.
Adam Leach, principal analyst
at Ovum said that the user experi-
ence of Blackberry 10 introduces
some nice new features but im-
portantly builds on Blackberry’s
UI heritage and therefore will
certainly appeal to existing Black-
berry users.
“The challenge for the compa-
ny will be to attract new users and
those that have already moved to
alternative smartphones,” he said.
One regional end-user is in
no hurry to upgrade to the new
BlackBerry 10.
“A year ago Masdar replaced
all BB handsets, therefore we will
take some time to assess this new
offering and gradually introduce
it in the organisation after initial
testing,” said Alok Srivastava, act-
ing head of ICT & senior manager,
IT applications.
Nicolai Solling from Help AG
says he is looking forward to
getting his hands on the new
BlackBerry 10.
“I want to see what they are
coming out with. It looks interest-
ing. It is a win or lose game for
them right now, if they don’t
make it with these devices it is go-
ing to be very challenging. If you
look at the core functionality you
need in a business phone, from
our perspective BlackBerry is still
the best option,” he said.
RIM launches BlackBerry 10
ManageEngine extends MDM to AndroidImplementationReal-time IT management
company ManageEngine, has
launched the latest version of its
desktop and mobile device man-
agement (MDM) software, better
known as Desktop Central,.
The solution can now man-
age Android devices. The new
version of Desktop Central is de-
signed to extend mobile device
management support to Android
smartphones and tablets running
Google’s mobile OS as well as
devices running Apple iOS.
“The mobile usage trends will
eventually drive sharp increases
Ovum’s Adam Leach: New OS may keep
existing users, but will it attract new ones?
Siemon begins Middle East, Russia recruitment driveBusinessGlobal infrastructure specialist Siemon is now recruiting for its commercial team in the Middle East and Russia. The company is expanding its activities and investment in both regions.
The expansion also sees promotions for two of Siemon’s global marketing team: Daniel Vout has been promoted to the new role of regional manager for the company’s ‘North East’ area and Lyndsey Parham steps up into the role of marketing communications manager.
Vout’s new role for the North East of EMEA sees him take control of Siemon’s business in Russia, Central Asia, the Baltics and Nordic countries.
WD expands portfolio, includes SMB productsServicesWD, a Western Digital company, has expanded its product portfolio to address small and medium-sized businesses with the addition of network backup software and appliances from Arkeia Software, a data protection company based in California, which was acquired by WD. WD has also announced that the Arkeia Network Backup version 10.0 software, for which a limited release was delivered in December 2012 is now available. Arkeia’s software, appliances and virtual appliances back up data to disk, tape and cloud storage. The company’s Progressive Deduplication technology is designed to speed up hybrid-cloud backup by reducing the bandwidth necessary to replicate backup sets over wide area networks.
when an employee leaves the
company. Mobile application
management, which is designed
to enable IT professionals to
distribute and manage in-house
and Google Play store apps, and
configuring profile/policy, which
is designed to allow IT techni-
cians to create polices that can
restrict users from accessing the
internet (EDGE or packet data).
This is designed to ensure that
data security by preventing users
from exporting corporate data.
Similarly, certain device features
such as camera and Bluetooth
can be disabled.
in demand for enterprise MDM
solutions that embrace BYOD
while ensuring enterprise data
security,” said Mathivanan Ven-
katachalam, director of product
management at ManageEngine.
“The growing Android market
and increasing demand for
Android support among our
customer base encouraged us to
add Android support to Desktop
Central as quickly as possible.”
The solution includes data
wipe, where IT staff can remotely
wipe the data from a stolen or
misplaced device or remove the
corporate data from the device
6
Mar
ch 2
013
Vol.1
9 N
o.03
Brie
fing
ProductsTest equipment rental company
Livingston is now stocking the
latest Optical Time Domain
Reflectometer (OTDR) from Fluke
Networks. The OptiFiber Pro has
added to Livingstone’s range of
rental products supporting next
generation optical networks.
The OptiFiber Pro is the indus-
try’s first OTDR specifically de-
signed to meet the challenges set
by modern fibre optic enterprise
infrastructure, rather than those
of carrier infrastructure.
The OptiFiber Pro is designed
for troubleshooting campus,
data centre and fibre-based
storage networks, as well as
enabling rapid fibre certification
to be carried out. Its integrated
LinkWare software is designed
to assure rapid generation of
highly detailed, standard compli-
ant reports. The EventMap view
depicts fibre events in a way that
means no trace analysis expertise
is required by the operative.
The OTDR’s DataCentre mode is
designed to automate the process
of defining test parameters, such
as wavelength or end-detection
algorithms, shortening set-up
time and operative training. Its
gesture-based user interface,
built on a large format multi-
touch capacitive touchscreen, is
designed to enhance productivity,
with single-touch tap and swipe
control for scrolling menus and
selecting options, plus pinch
zooms for magnification of items
on the display. Weighing 1.28 kg
and with an eight hour battery
life, this device is highly portable.
“With enterprises in need of
ever increasing data storage
resources and the on-going
migration to 40/100Gbit Ether-
net data centre architectures,
maintaining the performance of
optical network is crucial,” states
Reinier Treur, marketing director
at Livingston.
Livingston stocks OptiFiber Pro
Middle East faces big data challengeBusinessThe Middle East is facing a chal-
lenge from big data, which is
posing a big storage challenge
for businesses across the region,
as the race to unlock value from
massive and exponentially grow-
ing datasets heats up.
Market research firm IDC
predicts that the global big data
market will grow 40% per year,
seven times as fast as the rest of
the IT industry.
According to IDC, most of that
cost will come from infrastruc-
ture-investment-calibre storage
projects that are set to drive
spending in the storage market
to above 61% through 2015.
With big data sets growing
NME Award nominations are now openBusinessThe Network Middle East Innovation Awards are now open for nominations. This year there will be 16 categories, including Best Cabling Vendor, Best Data Centre Project of the Year and Best VAD Distributor of the Year. The awards will be judged by a panel of five independent analysts and industry professionals and will be presented to the very best implementations, vendor offerings and key individuals and organisations in the Middle East market. The Network Middle East Awards, which are now in their ninth year, set out to honour the projects, people, suppliers and service providers that have excelled in the regional networking sector over the past twelve months. The deadline for submissions is March 28th 2013.
R&M increases FTTH focusProductsSwiss structured cabling specialist Reichle & De-Massari (R&M) Middle East, Turkey and Africa is increasing its focus on the growing fibre to the home (FTTH) market. Jean-Pierre Labry, EVP of R&M Middle East, Turkey and Africa has confirmed that the company has been working closely with telecom providers in Saudi Arabia, the UAE and Oman for large scale FTTH projects. Labry also said that the company is launching new products to further expand its FTTx portfolio. These include the introduction of the Venus FXXL solution with integrated Single Circuit Management (SCM) and field connectors which offer flexibility when planning building connections.
by an average of 60% per year,
based on IDC figures, business
research specialists Aberdeen
Group suggest that many
companies will have to double
the volume of their data storage
every 2.5 years.
IDC’s 2012 Digital Universe
Study, sponsored by EMC, esti-
mates that the digital universe
will reach 40 zettabytes (ZB) by
2020. The amount exceeds previ-
ous forecasts by 5 ZBs, resulting
in a 50-fold growth from the
beginning of 2010. Machine-
generated data is a key driver
in the growth of the world’s
data – which is projected to
increase 15x by 2020. The study
states that while the investment
in spending on IT hardware,
software, services, telecommu-
nications and staff will grow by
40% per annum between 2012
and 2020, storage management,
security, big data, and cloud
computing will grow faster.
“Whether it is mining social
media sentiment, drawing on
machine sensor readings to oper-
ate in a more sustainable fashion,
forensic search engine trend
analysis to prompt business
decisions – or all of the above –
the ability harness and tap into
power of Big Data is becoming
a must,” said Andrew Calthorpe,
chief executive officer, at Dubai-
based data storage solutions
provider Condo Protego.
The OptiFiber Pro is
designed for trouble
shooting data centre,
campus and fibre-based
storage networks.
7
Mar
ch 2
013
Vol.1
9 N
o.03
Brie
fing
InfrastructureStructured cabling specialist
Reichle & De-Massari Middle East,
Turkey and Africa, is planning
to establish a local presence in
Turkey after it experienced double
digit growth in the Middle East
region during 2012.
“We are deeply committed to
the region and the establishment
of a local presence in Turkey is
testament to this. This year we
plan to bring a number of innova-
tive products to the market which
will be specifically adapted to
healthcare, education, transporta-
tion, utilities, telecom and city
development,” said Jean-Pierre
Labry, EVP, R&M Middle East,
Turkey and Africa.
During 2012, the company
nearly doubled its staff strength,
inaugurated a new regional office
in Saudi Arabia and opened the
region’s first-of-its-kind patch cord
assembly facility at its headquar-
ters in Dubai.
“Over the past four years, in
spite of the global recession and
poor performance of regional
markets, R&M has invested heav-
ily in both staff and technology
in order to develop first level
supports for speed, consultancy
and flexibility in the region. We
customised our portfolio to the
needs of the region and offered
a broad spectrum of products ca-
tering to a wide range of vertical
markets such as residential, office
cabling, industrial, petrochemical,
energy, healthcare, and defense.
The result of these efforts has
been exponential growth even
through the tough financial times
and the Middle East, Turkey and
Africa region is now one of the
fastest growing markets for R&M,”
said Labry.
Labry also highlighted the em-
phasis that will be given to further
development of the company’s
distribution channel, particularly
in markets such as Turkey, Saudi
Arabia, Qatar, Oman and Iraq.
The cabling specialist will re-
main focused on its copper offer-
ings as well, since Cat6A remains a
highly utilised cabling solution for
the structured cabling industry.
R&M to establish presence in Turkey
Internet users want to stop data leakageBusinessAccording to Ovum’s latest
Consumer Insights Survey, 68% of
the internet population across 11
countries would select a ‘do-not-
track’ (DNT) feature if it was easily
available, suggesting that a data
black hole could soon open up
under the internet economy.
This desire to utilise a ‘do-not-
track’ feature has been born as
digital consumers around the
world begin to tire of their per-
sonal data being collected across
the internet. Global industry
analysts paint a threatening sce-
nario for the internet economy,
as consumers seek out new tools
that allow them to remain “invis-
ible” – untraceable and impossible
to target by data means. This
hardening of consumer attitudes,
coupled with tightening regula-
tion, could diminish personal data
supply lines and have a consider-
able impact on targeted advertis-
ing, CRM, big data analytics, and
other digital industries.
Recent data privacy scandals
such as WhatsApp’s use of ad-
dress books, and the continuing
issues over privacy and data use
Jean-Pierre Labry, executive vice
president, R&M Middle East, Turkey
and Africa, says R&M is deeply
committed to the region.
policies on Facebook and Google
websites have fueled consum-
ers’ concerns over the protection
of their personal data. Ovum’s
survey found that only 14% of
respondents believe that internet
companies are honest about their
use of consumers’ personal data,
suggesting it will be a challenge
for online companies to change
consumers’ perceptions. Ovum
believes that internet companies
should introduce new privacy
tools and messaging campaigns
designed to convince consumers
that they can be trusted.
Cloud9 IDE integrates Red Hat OpenShift Online PaaSInfrastructureOpen source solutions provider Red Hat, has announced that Cloud9 IDE has built its online development environment with Red Hat’s OpenShift Online hosted Platform-as-a-Service (PaaS) solution. By integrating OpenShift Online into its original online development environment, Cloud9 IDE is able to deliver more flexibility, security and ease of use to developers.Cloud9 IDE is an online development environment for Javascript and Node.js applications as well as HTML, CSS, PHP, Java, Ruby and 23 other languages.
CommScope shows feasibility of Cat 8 for enterpriseResearchNetwork infrastructure spe-
cialists CommScope, have
demonstrated the techni-
cal feasibility of Category
8 cabling for enterprise
networks. This is a step
along the path towards a
viable 40GBASE-T system
for data centre applications.
CommScope verified a
proof-of-concept solution
for a viable 40 Gigabit per
second Ethernet channel by
utilising prototype Category
8 RJ-45 connectors and cop-
per twisted pair cables. All
components were designed
by engineers in CommScope
labs. The CommScope proof-
of-concept shows that data
centre operators will be able
to extend their preferred
mean of communication
technology for 40G.
According to one-click back-up, recovery and continuity specialists for small to mid-
sized businesses Quorum, the best defence against downtime is ins-talling a disaster recovery solution that ensures the business is opera-tional in minutes, rather than days. This is born out by the results of its Quorum Disaster Recovery Report, Q1 2013, whose findings are taken from Quorum’s hundreds-strong global customer base.
While natural disasters tend to take centre stage when considering
the causes of downtime, hardware and software failures and human error are statistically more com-mon. In fact, hardware failures alone comprise more than one-half of disasters for small to mid-sized businesses, according to the Quorum Disaster Recovery Report. And given it takes an average of 30 hours for recovery (according to IT managers), small to mid-sized businesses are at risk of losing customers, their reputation and hundreds of thousands of dollars in revenue.
hardware failure55%“only 28% of small to mid-sized
businesses have tested their backup”
Symantec SMB Disaster Preparedness Survey 2011
Most back-up solutions today
are based on technology that
is at least 4 deca-des old...
Solutions that enables instant recovery of data, applications and systems along with regular tes-ting, prove critical to avoid costly downtime
quorum disaster recovery report exposes
8 March 2013 Vol.19 No.03
infographic
55“ 28% Mostback upck
infographic
top4Types of Disasters
humanerror22%
18%
5%
“90% of business who experience one
week of downtime go out of business
within six months, and 50% of those
businesses fi le bankruptcy
immediately“
Alpha Technology Group
3.5 Average no of
disaster recovery events per year
3.4daysAverage
downtime per event
$74,000 Average
cost per hour of downtime
DOWNTIME IS COSTLY
natural disaster
softwarefailure
March 2013 Vol.19 No.03 9
Vendor Profile: Brocade
WHO IS BROCADE? Brocade is the pure-play
networking company that
innovates to make high-
performance networks easier
to deploy, manage, and scale
in the world’s most demanding
environments. Through
industry-leading technology and
unmatched expertise, Brocade
delivers resilient networks that
increase agility and efficiency
while helping organisations stay
ahead of change.
From pioneering fabrics to
software-defined networks,
Brocade delivers innovative
solutions for data center, campus,
and service provider networks
that reduce cost and complexity
while facilitating virtualisation and
cloud computing. Headquartered
in San Jose, California, Brocade has
approximately 5000 employees
worldwide and serves a wide
range of industries and customers
in more than 160 countries.
Today, it leads the Storage Area
Network (SAN) market with the
industry’s most powerful and
reliable offerings. In addition,
Brocade provides Ethernet fabric
technology and high-performance
Ethernet networking solutions
as part of a complete switching,
routing, wireless, and application
delivery portfolio.
To meet the increasing
requirements of distributed and
mobile computing, Brocade
is extending its proven data
centre expertise throughout the
entire network. This approach
helps organisations achieve
their most critical consolidation,
mobility, virtualisation, and cloud
computing initiatives.
Brocade combines a proven
history of innovation with
standards leadership and strategic
partnerships with world-class
IT companies. Maintaining the
industry’s most extensive partner
ecosystem facilitates open,
best-in-class solutions for the
broadest range of IT environments.
To help ensure a complete
solution, Brocade delivers a full
range of education, support, and
professional services offerings.
Brocade is the industry leader
in data centre storage networking
solutions with a focus on SAN
switching and server connectivity.
Brocade is a recognised leader in
end-to-end networking solutions
with a focus on LAN switching,
wireless, security, application
delivery, and metro and internet
core routing.
WHAT IS YOUR PRESENCE IN THE MIDDLE EAST? Brocade’s Middle East regional
headquarters is based in Dubai
Internet City in Dubai, UAE. The
company has an office in Saudi
Arabia and Egypt as well as staff
operating out of Kuwait and
Qatar. The company has a unique
two- tier channel approach very
different from competition and
has two key distributors for the
region – Westcon Middle East and
Mindware. Brocade makes it a
point to have a high involvement,
‘direct touch’, sales approach
with end-users and work on
opportunities alongside our
partners, as this helps build the
confidence of clients.
CAN YOU DESCRIBE SOME OF YOUR REGIONAL SUCCESSES? The Middle East contributes
Networking company Brocade explains its history, what it does, and what its plans are in the Middle East region going forward
Sufian Dweik, regional manager, Brocade, says that the company
has an office in Saudi Arabia and Egypt as well as staff operating
out of Kuwait and Qatar.
Mar
ch 2
013
Vol.1
9 N
o.03
Expe
rt’s C
olum
n 10
significantly to Brocade’s EMEA
revenue, which goes to show
how important this market is
strategically for the company. In
the past we have managed to
secure some large and prestigious
projects involving big-name
clients such as Al Nahdi Medical
Company (NMC), Saudi Economic
and Development Holding
Company (SEDCO), UAE University
(UAEU) and a host of other large
enterprise, government and
service provider companies across
the region. Brocade dominates the
Storage Area Networking (SAN)
market in the Middle East, with a
market share of over 70%.
WHAT ARE YOUR REGIONAL GOALS? Our objective for the Middle
East market is to sustain the SAN
dominance along with increasing
our IP Networking market
share. As we have increased our
headcount in the region this past
year we anticipate our growth in
the region to reflect during 2013
and 2014 and as such we will
continue to invest in the region
as well as growing our channel
base. We also plan to continue
leveraging our ‘Executive Briefing
Centres’ located in our Dubai office
as well as our London facilities for
more advanced showcasing of our
complete product portfolio.
“Brocade is the pure-play networking com-pany that innovates to make high-perfor-mance networks easier to deploy, manage, and scale in the world’s most demanding environments.” SUFIAN DWEIK, REGIONAL MANAGER, MEMA AT BROCADE
WHAT IS THE FL-FLEXPODI COURSE?Flexpodi is a course dealing with
the design, implementation
and administration of a Flexpod
solution. Flexpod is a data
centre platform combining
storage, networking and server
components from Cisco & NetApp
and integrating them into a
single fl exible architecture. This
infrastructure building block
integrates the power of Cisco &
NetApp together with VMware
to provide an effi cient data
centre solution. The Fast Lane
designed course explores in-depth
mechanisms of Cisco Unifi ed
Computing Systems hand-in-hand
with NetApp FAS storage systems
and how they integrate into the
FlexPod architecture serving
VMware virtualisation solutions.
Signifi cant content is devoted
to building block technologies
and protocols as well as to the
complete FlexPod solution and
its design. Ample focus is set
to hands-on confi guration and
management of UCS B-Series
servers, NetApp FAS3200
systems and VMware vSphere
environments for deployment as
well as day-to-day operations of a
FlexPod solution.
The course consists of
diff erent modules including,
Cloud Computing and Data
Centre Solutions overview,
Cisco UCS B-Series Hardware &
Architecture, Designing Cisco
UCS Server Deployment Model,
Examining Cisco UCS Solution
Management, Confi guring UCS
Connectivity, The NetApp Storage
Environment, Basic administration
of a NetApp FAS system, NetApp
Physical & Logical Storage,
NetApp in NFS NAS Environment,
NetApp virtualisation solutions,
vSphere Overview, vSphere
FC Connectivity, vSphere iSCSI
Connectivity, vSphere LUN Access,
NetApp FAS/V 3200 for FlexPod,
FlexPod for VMware and FlexPod
Architecture.
WHAT BENEFITS DOES FL-FLEXPODI GIVE THE STUDENT IN THE EMPLOYMENT MARKET?The course takes the student
into the heart of the data centre
platform with latest technologies
that have been consolidated
into a single architecture that
is driving the market. Students
obtain an understanding of cloud
computing and modern data
centre solutions and challenges.
During the course students
also work with the Cisco UCS
solution and learn how to
evaluate and describe the Cisco
UCS solution architecture and
identify diff erent management
options and administration
tasks for Cisco UCS. Students
will also learn how to explain
the connectivity requirements
for the Cisco UCS platform and
explore the dimensions of the
NetApp storage environment.
Successful attendees will also
be able to explore virtualisation
solutions with NetApp, describe
NetApp integration with
vSphere environment, describe
vSphere FC/FCoE connectivity
with NetApp, describe vSphere
iSCSI connectivity with NetApp,
describe vSphere LUN access with
NetApp, understand in depth
NetApp FAS/V 3200 for FlexPod,
build FlexPod solution for VMWare
and explore FlexPod solution
architecture for cloud.
IS IT AN ESSENTIAL QUALIFICATION FOR STORAGE EXPERTS?It is a qualifi cation for storage
experts to excel in the deployment
of advanced data centre solutions.
Storage area networks require
in-depth experience to manage,
deploy, and interconnect multiple
types of data storage devices and
data servers that enterprise users
rely on today. This is a multi-vendor
course taking the student into the
heart of the data centre platform
with the latest technologies that
have been consolidated into a
single architecture driving the
data centre market.
WHO SHOULD ATTEND?This course is intended for the
following audiences:
System administrators
Data Center Systems engineers
Data Center Field Engineers
Data Center technicians or
administrators
12
Mar
ch 2
013
Vol.1
9 N
o.03
Trai
ning
focu
s
FL-FLEXPODI A look at the ‘FLEXPOD Infrastructure for VMWare – Design/Implementation & Administration’ certifi cation
System Operators responsible for
vSphere and vCenter Server
Professionals who need to deploy,
confi gure, and manage the
FlexPod solution
PREREQUISITESThe following prerequisite
skills and knowledge are
recommended:
Understanding of server system
design and architecture
Basic VMWare environment
background
Familiarity with Ethernet and TCP/
IP networking
Familiarity with SANs
HOW MUCH DOES IT COST?
The course price is $3950 for
fi ve days of training including
courseware, professional trainers
and state of the art equipped
training labs.
TRAINING COURSE DATES:28 April – 02 May 2013, Dubai, UAE
30 June – 04 July 2013, Dubai, UAE
08 – 12 September: 2013, Dubai,
United Arab Emirates
HOW DOES THE FLEXPODI COURSE ENHANCE/IMPROVE A STUDENT’S CAREER?The FlexpodI class covers all the modern
technologies involved within modern data
centre; for example, FC, FCoE, UCS, Netapp
FAS, Vmware and Nexus platforms are all
covered in the course. Since Flexpod is the
state of the art solution for modern data
centres, by attending the FlexpodI class
this puts the student in the top of the game
regarding DC technologies and career path.
WHAT ARE THE MOST CHALLENGING PARTS OF THE COURSE FOR STUDENTS?
The most challenging part in the course is
the diversity of information and technologies
covered. Usually in our classes we have either
network engineers or storage engineers or
server admins, the main challenge in the
FlexpodI class that it integrates the three
major areas of the DC together, networking,
storage and server technologies so it is a
bit challenging for the trainer to keep the
audience in sync and the same for the students
to keep up with the diversity of information in
the class.
WHAT IS THE DEMAND FOR THIS COURSE?
If you mean market demand, then it is highly
demanded not just in the Middle East but
worldwide, the three major vendors Cisco,
NetApp and VMware are doing very good
job marketing the solution especially by
developing validated and tested designs
covering major applications like Oracle on
Flexpod, SAP on Flexpod and Hyper-V on
Flexpod. In addition to the unifi ed support
matrix, where an end customer can contact
any of the three vendors regarding any issue
within the Flexpod.
WHAT STANDARD OF KNOWLEDGE DO STUDENTS NEED TO TAKE PART IN THIS COURSE?
The students need to have a solid
understanding of networking and slightly
about virtualisation and storage technologies.
When I developed the course and the lab, I had
in mind that it is very diffi cult to fi nd students
with expert knowledge in the three technical
areas covered in the course (networking,
storage and virtualisation), so the course is
built with this mind and it takes the student
from technology basics, through a deep dive
into the three major technologies we talked
about previously.
DO PEOPLE DO PROPER DATA CENTRE DEPLOYMENTS IN THE REGION?CTOs and Technical decision makers are now
keener in investing in proper and validated
deployments; given current economy any
investor or a decision maker needs to ensure
fast ROI (Return on Invest) and investment
protection on any new technical deployment.
This is only insured if you invest in proper
technology deployments.
Bassem Boshra Senior Cisco/NetApp Certifi ed consultant and teacher of the FlexpodI course discusses the course benefi ts
Josef Miskulnig, CEO of Fast Lane, says
that the FL-FlexpodI course takes the
student into the heart of the data
centre platform with technologies that
have been consolidated into a single
architecture that is driving the market.
The course teacher’s perspective
Targeted attacks or APT-
style threats have been
gaining much publicity
since the watershed
year of 2010, when the world
first heard about the Stuxnet
virus and the Operation Aurora
breach of Google by Chinese
hackers. Awareness of such
threats among security profes-
sionals is now pretty high, but
unfortunately strategies for
mitigating them are in many
cases woefully inadequate.
The main problem is that
organisations are still too outward
focused, unaware that they may
already have been hit by a silent,
persistent and laser-focused
attack. What many people don’t
appreciate is that Advanced
Persistent Threats (APTs) often
do not really contain particularly
sophisticated malware – instead
it is the social engineering
techniques used to make that first
all-important incursion which can
really be called ‘advanced’.
INDIVIDUAL TARGETS Cyber criminals today will
typically target an individual in an
organisation, using information
gleaned from social networks
and elsewhere in crafting their
email to make it appear more
convincing. It’s often a senior
ranking member of the firm,
because there will be more
publicly available information
about these people. Attacks can
also begin in the physical world.
For example, in the US, cyber
gangs left ‘parking tickets’ – on
which were printed URLs – on
selected car windscreens. Those
recipients who subsequently
entered the URLs at their PC in
the hope of paying the fine or
complaining about it, would
have their machine infiltrated
by malware. When the attackers
combine physical world presence
with online attacks they may
gain the trust of even the most
guarded manager. The malware
in question is usually a zero-day
threat, eg one which has the best
chance of evading traditional
defences, but is certainly far from
remarkable or sophisticated.
Once inside, the bad guys will
move laterally in the organisation,
jumping from machine to
machine in search of an admin
password and ultimately the
server where the key data resides.
It’s all very quiet and carried out
over long periods of time in order
to stay under the radar.
The biggest mistake IT teams
make is viewing the perimetre
as an impenetrable wall, which,
if they focus all their efforts on it,
will keep out the bad stuff and
ensure the internal network is safe
Strategies for mitigating advanced persistent threats are woefully lacking, explains Nick Black, technical director at Trend Micro
Nick Black from Trend Micro
says that organisations are still
too outwards focussed.
Mar
ch 2
013
Vol.1
9 N
o.03
Expe
rt’s C
olum
n 14
from harm. They certainly need
to keep investing in perimeter
defences and end user education,
but must view this layer
nowadays as porous, because if
an attacker spends enough time
and money they will eventually
get in.
The perimeter is a noise filter of
sorts but in reality multiple layers
of defence are needed including
around core servers.
Virtual patching is also
essential, shielding from known
vulnerabilities at the network
layer is an important step as it
will send an alert if an attacker
is trying to exploit a known
vulnerability in the organisation.
Also important are tools to
analyse network traffic and
sandbox any suspect threats. If
there’s zero day malware, unique
to that attack, then custom
defences will need to be crafted
to deal with it. In the past your
defences didn’t have to be
spectacular but just better than
the next guy’s, the rationale being
that attackers always go for the
lowest hanging fruit. That logic
has been turned on its head by
cyber gangs laser-focused on
your organisation alone.
Advanced persistent threat (APT) is commonly used to refer
to cyber threats that utilise a variety of intelligence gathering
techniques to access sensitive information. Recognised attack
vectors include infected media, supply chain compromise, and
social engineering. Individuals, such as an individual hacker, are not
usually referred to as an APT as they rarely have the resources to
be both advanced and persistent even if they are intent on gaining
access to, or attacking, a specific target.
What is an APT?
Dealing with targeted attacks – time to look inside the network
Configurations
for any IT space!
Adaptable: Our solutions can be adapted to fi t any IT confi guration at any time — from small IT to data centers! Vendor-neutral enclosures, for example, come in different depths, heights, and widths so you can deploy your IT in whatever space you have available — from small IT or non-dedicated spaces to even large data centers.
Business-wise, Future-driven.™
©2013 Schneider Electric. All Rights Reserved. Schneider Electric, APC, InfraStruxure, and Business-wise, Future-driven are trademarks owned by Schneider Electric Industries SAS or its affiliated
Download any of our White Papers within the next 30 days for FREE and stand a chance to win an iPhone 5!Visit: www.apc.com/promo Key Code: 32203p
Call +9714-7099690 (Arabic) / +9714-7099691 (English) Fax +97147099-650
Simple. Adaptable.Manageable.
Simple:We are committed to making our solutions the easiest to install, configure, and integrate into either existing IT systems or data centers — or new build-outs. We ship our solution as “ready to install” as possible (e.g., tool-less rack PDU installation and standard cable management features). With our easy-to-configure infrastructure, you can focus on more pressing IT concerns such as network threats.
Solution guides for quick
and easy deployment!
Integrated InfraStruxure™ solutions include everything for your IT physical infrastructure deployment: backup power and power distribution, cooling, enclosures, and management software. Adaptable solutions scale from the smallest IT spaces up to multi-megawatt data centers.
Easy-to-deploy IT physical infrastructureSolution guides make it easy to determine what you need to solve today’s challenges. The core of our system, vendor-neutral enclosures and rack PDUs, makes deployment incredibly headache-free. Easily adjustable components, integrated baying brackets, pre-installed leveling feet, and cable management accessories with tool-less mounting facilitate simple and fast installation.
Manageable: Local and remote management are simplifi ed with “out-of-the-box” UPS outlet control, integrated monitoring of the local environment, and energy usage reporting. Manageability over the network and robust reporting capabilities help you prevent IT problems and quickly resolve them when they do occur — from anywhere! What’s more, our life cycle services ensure optimal operations.
Monitor and manage your
IT spaces from anywhere!
Cloud computing is not just about IT
“The move by non-IT organisations to pro-vide non-IT capabilities via the cloud will mean even more technology decisions will be made outside the IT organisation.”
The word ‘cloud’ has been
literally hanging over
executives’ heads for the
past two years — in the
form of massive banners hanging
from the ceilings of almost every
hub airport they travel through. To
date, the focus of cloud has been
on the delivery of IT-related capa-
bilities from IT-related providers,
largely for things that the IT depart-
ment is responsible for managing.
Cloud computing is expected
to grow to 20% or more of the
total IT budget by 2013. Gartner
research shows that there is already
signifi cant non-IT involvement
in decision making about cloud
services, with fi nance, marketing,
HR and other business units acting
as key stakeholders 25 to 30%
of the time and actually funding
cloud services between 10 and
30% of the time. Although largely
a technological development,
many of the pertinent questions
today about the usefulness of
cloud computing as a business
platform are non-technical. We
believe over time businesses will
better understand the principle
that cloud computing is a means to
deliver IT-enabled capabilities, not
just simple IT capabilities.
As this thinking evolves, the
focus of cloud computing will
shift toward exploiting it as a
service delivery mechanism for the
provision of non-IT capabilities,
such as such as payroll, printing,
logistics and e-commerce. In this
context, cloud computing enables
these services to be delivered
from organisations that are not
traditionally seen as IT companies,
nor have any intention of ever
being seen in this way.
By 2015, Gartner predicts that
20% of non-IT sector global 500
companies will be cloud service
providers. We are already seeing
examples of this emerging.
Large retail, fi nancial service,
government and media
organisations have begun to
recognise that supply chain
competencies do not need to be
commercialised solely through
their stores, either physical or
online. As discrete capabilities, they
have their own revenue potential.
We’ve also seen distribution
businesses undertaking the same
strategy. This trend is not being
wholly enabled, or strictly defi ned,
by cloud computing.
There are several related
trends that are actually fuelling
the business mandate behind
this, such as the accelerated
digitisation or ‘hyperdigitisation’
of many industries that are
largely information based, such
as fi nancial services, education,
communications and media,
government and industry-specifi c
intermediaries, such as the travel
and insurance sectors.
These industries deliver
non-physical digital services,
increasingly mostly online.
The real business opportunity for cloud services lies beyond IT, writes Brian Prentice, research vice president at Gartner
Brian Prentice says
that the focus of
cloud computing
will shift toward
exploiting it as a
service delivery
mechanism for the
provision of non-IT
capabilities.
Mar
ch 2
013
Vol.1
9 N
o.03
Expe
rt’s C
olum
n 16
Additionally, many businesses have
been exploring the move toward
process externalisation driven by
activities such as open innovation.
The move by non-IT
organisations to provide non-IT
capabilities via the cloud will mean
even more technology decisions
will be made outside the IT
organisation.
Ultimately these services are
bound to service-level agreements
that will be understood best by the
owner of the specifi c process. Yet,
while the barriers that historically
prohibit these groups from directly
provisioning these services drop,
the need to manage data and
integration requirements remain.
Far from being a problem, this
represents another opportunity
for IT departments to redefi ne
their value proposition as service
enablers — either through
consumption or provision of cloud-
based services.
As non-IT players externalise
business competencies via the
cloud, they will compete directly
with IT organisations that have
traditionally served in this capacity.
Security experts InfoWatch and Sophos
go head-to-head on BYOD security
“It is often a good idea to introduce BYOD in stages rather than throughout the whole company from the offset. BYOD is a learning process which is individual to every organisation. Businesses can look at user segmentation to see who need how much access and what controls are necessary.”
“Often staff fail to use the necessary security tools, such as encryption, on their mobile devices. ”
We see the BYOD trend present-
ing three main challenges to
businesses. The first involves the
loss of mobile devices. According
to InfoWatch Global Data Leakage
Report, H1 2012, 18.2% of all data
leakage incidents in companies occur
because of loss or theft of various mobile
devices containing sensitive corporate data.
Often staff fail to use the necessary security
tools, such as encryption, on their mobile devices
and ‘misplace’ their gadgets in public places. The second
challenge is the vague limit between personal and corporate data on
private mobile devices of employees. This data should be used and stored
separately on a private device, thus companies require special policies
for BYOD regarding personal and corporate data processing. The last
difficulty is intellectual property protection. Employees often regard the
results of their intellectual work as their private property, where as a mat-
ter of fact, it is usually the company’s property.
Personally-owned devices bring consumer
and other untested applications into the
enterprise, which in turn can affect the
enterprise network bandwidth and security.
Android devices in particular have been seen
to be a common target for cyber criminals
who infect applications with malicious code
designed to steal data and cause costs. As the user
is always the administrator of the device, it can be
very hard to forbid applications, or delete them as it is,
after all, a personal device. Users often remove passcodes and
screen-locks from their various mobile devices, which is a risk if a device
is lost or stolen.
BYOD is one of the biggest challenges facing the modern enterprise; experts look at the
biggest threats and how to stop them
Mar
ch 2
013
Vol.1
9 N
o.03
Expe
rt’s C
olum
n 18
ALEXANDER ZAROVSKY, INTERNATIONAL BUSINESS CHIEF, INFOWATCH
BARBARA HUDSON, SOPHOS PRODUCT MARKETING MANAGER
WHAT ARE THE BIGGEST THREATS BYOD BRINGS TO THE ENTERPRISE?
March 2013 Vol.19 No.03 19
In order to protect corporate data on a device which is
lost or stolen, the IT team should use encryption and
Mobile Device Management (MDM) solutions. The
latter allows remotely controlling data on mobile de-
vices including remote data removal - if the gadget
is lost or stolen.To secure private and corporate data
the most appropriate technology is Data Leakage
Prevention (DLP) which provides for scenarios of
using the mobile gadgets as data storages and data
exchange devices (e-mail, Skype services, etc.) If staff
are allowed to use private devices in corporate network, it
would be reasonable to install monitoring agents on each device
and control traffic from these devices on the corporate gateway. Security
policies must include dividing private correspondence from corporate,
access restrictions of private devices to corporate resources and
using encryption.
The practice of allowing corporate access to personal
devices in the Middle East region is among the
highest in the world. However, the majority of em-
ployees expect their companies to grant them cor-
porate mobile gadgets for executing their duties. If
the company requires its employees to be available
24 hours per day, seven days a week, it should invest
in providing him or her with a corporate device. If there
is no such business need, there is then little sense either
providing a corporate gadget or allowing him or her to use
their own device in the network.
The first step would be to introduce a Mobile Device
Management (MDM) solution to manage and control
which devices have access to the enterprise net-
work. This should allow the enforcement of security
policies and ensure devices which are not compli-
ant no longer have access to the network. The
solution should also offer the possibility to deploy a
security solution to protect Android mobile devices
from malicious applications and other threats and
ensure the protection remains installed on the device. A
further step would be to prioritise WiFi bandwidth for busi-
ness applications. And the third would be the ongoing process
of educating users.
It is often a good idea to introduce BYOD in stages
rather than throughout the whole company from the
offset. BYOD is a learning process which is individual
to every organisation. Businesses can look at user
segmentation to see who need how much access
and what controls are necessary. Many companies
also restrict the number of platforms they allow. Mo-
bile Device Management to support BYOD doesn’t have
to be complex and if IT resources or expertise are limited,
then it may be better to look at a hosted SaaS solution, or
purchase from a Managed Service Provider to bridge the gap.
Barbara Hudson, Sophos product marketing managerAlexander Zarovsky, international business chief, InfoWatch
WHAT IS THE BEST WAY TO PROTECT THE ENTERPRISE NETWORK FROM BYOD THREATS?
SHOULD COMPANIES
RESTRICT BYOD TO PROTECT THEIR
NETWORK?
DWC implements a multi-vendor networkDubai World Central and Smartworld have installed the region’s first multi telecom vendor, 10 Gigabit core network in an MPLS service provider model
Cas
e St
udy
Mar
ch 2
013
Vol.1
9 N
o.03
20
Dubai World Central,
Dubai’s aviation and
logistics freezone,
has implemented the
region’s first vendor-neutral
fibre network throughout its
140 square kilometre footprint
utilising Smartworld, a next-gen-
eration service provider formed
as a joint venture between DWC,
Etisalat and du. The network
allows any one of the hundreds
of companies that are based in
the city to access the telecoms
services they want through the
service provider they prefer.
THE PROBLEM:Many of the clients in DWC are,
and are likely to continue to be,
multinationals that will have a lot
of peer-to-peer services, which
will need a lot of bandwidth.
Today, people may talk about
100mBps, but they cannot
utilise it. According to Najmul
Hussain, programme manager
for DWC, it is very possible that
some of the companies in DWC
will go beyond the 100mbps
requirement. This means that
the infrastructure that has been
laid down should accommodate
growth until 2020.
IMPLEMENTATION OBJECTIVE:DWC is a freezone providing
heuristic services to attract
businesses, so keeping this in
mind DWC decided to build the
unique multi-telecom operator
infrastructure to support their
business in DWC and make it dif-
ferent to other areas. This allows
businesses to have access to all
kinds of services with full speeds,
and they can choose between
multiple service providers.
logistics hub for Dubai. The DWC freezone covers 140 square
kilometres of land and is twice the size of Hong Kong.
Dubai World Central is comprised of eight districts: logistics,
aviation, Al Maktoum International Airport, humanitarian,
residential, commercial, leisure, exhibition and commercial.
Currently phase one is under construction and there
are currently over 100 tenants from some of the world’s
largest aviation, logistics, business and freight forwarding
companies including Aramex, RSA, Al Futtaim and National
Air Cargo. The Al Maktoum airport is also currently open
for cargo and will open later this year for business and
passengers.
around the airport containing businesses relating to the
airport.
was given to DWC by HH Sheikh Ahmed bin Saeed
Al Maktoum.
sold, and construction is pending.
Dubai World Central
March 2013 Vol.19 No.03 21
Luai Bahder from Smartworld says that telecoms are a crucial element of DWC.
“Today we have two licensed
operators in the UAE; Etisalat
and du. Services are distributed
in other freezone areas so that
the customer has to go with a
single provider, but in DWC we
can provide the services from
both operators, so this will give
more flexibility to the customer
to choose to have more competi-
tion in terms of services, com-
mercial prices and will be more
attractive to do business. DWC is
the first freezone city that is offer-
ing both service providers,” says
Smartworld’s Bahder.
IMPLEMENTED INFRASTRUCTURE:Smartworld has laid super
fast fibre infrastructure, with
hundreds of kilometres of fibre
cable linking all customers and
plots with the multi 10-Gigabit
core network in an MPLS service
provider model. The network
is capable of delivering up to 1
gigabit of bandwidth capacity to
an individual office.
“It is not like a normal network,
it is service provider MPLS multi
10 Gig core infrastructure, and
also we have built a GigE access
infrastructure so any customer or
tenant in DWC can get GigE fibre
to his premises,” says Bahder.
Smartworld is the next-generation service provider for telecom
services and ICT services for Dubai World Central and is a joint
venture between Etisalat, Dubai World Central and Du. The
company was established four years ago in order to build telecom
infrastructure in DWC and transport telecom services.
“When we began the implementation of this entire
infrastructure we realised that telecoms is a very critical element
and when we agreed on looking at the infrastructure, we decided
as DWC that we will bring in the infrastructure of all telecoms
operators, unlike other areas in the city where it is either Etisalat
or Du that brings in the infrastructure. We agreed that DWC will
have open and equal access to all clients irrespective whether
they want Etisalat or Du. As such we engaged in talks with Etisalat
and Du, out of which Smartworld was born. It is a joint venture
between all three companies and any other telecom company
that may start up in the UAE,” says Luai Bahder, technical director
of Smartworld.
Smartworld
straight away. If a client can bring in the services that he wants,
that makes DWC more attractive from a business point of view.
the infrastructure – benefitting the developer.
network, so maintenance costs are reduced.
satisfies customers - there is always the option available of
moving away from the existing service provider.
operators – it is a technology neutral platform for the business.
Business benefits of the implementation
“Today Google in USA is
building a GigE infrastructure
in Kansas City. Verizon, the
USA’s fastest service provider
gives up to 150 MB/S to the user.
Today Google is building GigE
infrastructure in Kansas to be the
first city in USA to have this for
the end-user. Today we have this
in DWC. We have invested over
Dh100m just in material to cover
the entire network.”
According to Bahder, the rea-
son DWC has implemented GigE
infrastructure when Etisalat and
Du only provide up to 100mb/s is
to cater for future requirements
and to allow customers to imple-
ment services between multiple
service providers.
“Etisalat has just launched 4G
or LTE technology, we are ready
here in Dubai World Central to
host this on our infrastructure
any time,” said Bahder.
IMPLEMENTATION PROBLEMS:TECHNICAL ISSUES:The first problem that
Smartworld had to overcome was
how to build the first open-equal
access network in the region
that would be able to transport
services from a licensed operator
plus transport the Smartworld
community cloud, managed
ICT services to the end-user and
manage customer identities and
the flow of the traffic between
individual customers.
“The technical limitations of
technology, the VLAN IDs is only
4096 IDs while there are about
2,000 plots in DWC, and the
future requirement may be for
thousands of tenants in the com-
mercial city, was another prob-
lem to overcome. We managed
to implement the latest technol-
ogy to fix this which is the QinQ
double tag. We are the first in the
region to have QinQ technology,”
said Bahder.
QinQ is when each data packet
which goes everywhere in DWC,
has two VLAN IDs. 4096 multi-
plied by 4096 equals more than
16 million identities. So DWC can
supply more than 16 million ser-
vices from either Etisalat or Du or
future providers.
22 March 2013 Vol.19 No.03
“In all facilities where we host our equipment we have the
latest technology. We have in row cooling from APC, in
terms of infrastructure. The fibre we have chosen for the
infrastructure and the corridors and manholes we have built
are all as per international standards in terms of containing the
infrastructure.
“The civil infrastructure does play a big role in protecting
the technology. Plus here we have a process which we have
applied across all developers, where we provide our standards
and requirements in terms of facilities that need to be built
within the customer facilities in order to provide a proper
environment for the infrastructure.
We also manage the design of the facilities within the customer
premises. The customer can’t just build what he wants, he
has to take permission from us and follow our guidelines and
designs,” said Bahder.
Overcome environmental challenges
Smartworld has also invested in a community cloud to provide
managed ICT services to customers. This managed ICT services
covers servers, storage, unified communications, security, load
balancing – where it can reach all customers. Any tenant can
get storage over fibre up to what he needs on the cloud. The
capacity of the cloud is multi 10 Gig core.
“Today in the region there is a challenge of providing public
cloud because of the telecoms services. So any customer is
paying back to the telecoms operator to reach the cloud via
an internet or telecom link. Here in DWC we provide our cloud
services with free access charges because it is our network,”
said Bahder.
Any customer that wants storage can buy the service from
the cloud and it is provided up to the customer’s premises
without the need to buy telecoms services.
“Look to any cloud offering in the region, this is a unique
model and it gives attractive offers for the businesses here. If
they want to have not only an office or plot, but their entire
IT infrastructure provided as well, it can be outsourced and
hosted in the cloud with attractive costs because the element
of the telecom is removed,” said Hussain.
Cloud service provider
“For the general technology, each vendor has his own standards,
we are using best of breed in terms of infrastructure and active
equipment. In terms of operation processes we are using the ITL
version three in terms of operation infrastructure and as business
processes we are following ISO standards,” said Bahder.
Standards
BUSINESS BASED ISSUESApprehension by service provid-
ers around sharing a freezone
was another issue that had to be
overcome by DWC and its imple-
mentation partner Smartworld.
“The initial apprehension
by service providers was ‘Why
are you not using what we are
using?’, but then you have to go
back to our concept of open and
equal access. Whether you like it
or not, our services and our busi-
nesses will have best of breed ser-
vices irrespective of the operator.
Today we have Etisalat and du,
hopefully in another couple
of years the TRA will approve
another four, so we would like to
give every business and every
resident to choose what he
wants. So the challenges were
not just technical, the challenges
were business-related as well and
with stakeholders from the oper-
ational side,” said Smartworld’s
Najmul Hussain.
Hardware implemented
RESULTS“Everything has run perfectly
from day one with no issues. We
have even hosted our first event
-
ried this infrastructure and it was
very successful and this year we
will hopefully settle any appre-
hensions anyone has. The provi-
sioning is apt for the amount of
people we expect,” said Hussain.
“As the landlord, I would like
to stress the fact that this is the
best network that we have in the
is very important that the mar-
ket understands the capacity
and potential of this network,
because from a telecom point of
view this is probably the only area
that has this kind of network.
“We would like to welcome any
one who would like to see this
and test the network and see the
services we have to offer from a
technical point of view.”
Najmul Hussain from Dubai World Central says that DWC is offering a unique cloud model to clients, in which they do not have to pay a telecoms operator to utilise and access cloud services.
“The initial apprehension by service providers was ‘Why are you not using what we are using?’, but then you have to go back to our concept of open and equal access.”Najmul Hussain, programme manager for DWC.
With Siemonmonitoring your network...
...doesn’t have to be difficult
Next Generation Intelligent Infrastructure Management
www.s iemon.com/midd leeast/MapITG2
24 March 2013 Vol.19 No.0324 March 2013 Vol.19 No.03
Any company of any size storing, transmitting or processing credit card details must be PCI compliant to ensure the safety and security of customers’ data, according to regional experts
Are you PCI compliant?
PCI Compliance
March 2013 Vol.19 No.03 25
T he Payment Card Industry
Data Security Standard,
or PCI DSS is a set of
requirements designed to
ensure that every company that
processes, transmits or stores
credit card data does so in a
secure environment.
The Payment Card Industry
Security Standards Council,
featuring five major global pay-
ment brands; American Express,
MasterCard Worldwide, Visa Inc,
Discover Financial Services and
JCB International, was launched
on September 7, 2006 to man-
age the ongoing evolution of
the Payment Card Industry (PCI)
security standards with focus
on improving payment account
security throughout the transac-
tion process.
The idea behind PCI compli-
ance is to ensure that companies
have improved security in cases
where credit card details are
stored or processed.
“We have seen a lot of cases in
the world where the storage and
processing of credit card details
have been compromised and
obviously more security is neces-
sary and in turn, any organisa-
tion, any company, any non-
profit organisation, it does not
matter who, anyone who stores
or processes credit card details
would need to comply with PCI
DSS,” explains Dr Angelika Plate,
director of Strategic Security
Consulting at help AG.
PCI compliance applies to al-
most everybody in the payment
industry, whether it is a merchant
doing a transaction, or a bank
providing financial services.
Anything to do with finance by
any channel, PCI is relevant.
“As of today PCI has mandated
the hardware manufacturers
with a certain level of compli-
ance depending on region,” says
Niranj Sangal, Group CEO, at card
payment specialists OMA Emir-
ates LLC.
COMPLIANCE LEVELSThere are four different levels of
– and data encryption. This is
all there to protect cardholder
information. We restrict informa-
tion to only those required to see
it. Then we look at the physical,
logical security of the premises
where the data is stored,” ex-
plains Sangal.
There are twelve different
standards that a bank must look
at or that Visa or MasterCard
would assess the bank on. If you
look at a merchant, for example
Carrefour; it is an entity that is
not a bank but has all the finan-
cial obligations in terms of a card
used in its setup.
“When you look at the compli-
ance level of a bank it must
adhere to all the 12 standards,
but when it comes to Carrefour,
there are certain features that
are not applied to them because
they are a merchant. But in terms
of the data transmission from
the location to the bank, it needs
to be secure, so we look at data
encryption and decryption,”
states Sangal.
“If you look at Duty Free, you
need not do a compliance level
for them because they have their
own infrastructure. The banks
do not force them to go with PCI
standards because they have
their own standards. All their
applications are secure, which
means if I go to a Duty Free setup
I cannot use any USB or an ex-
ternal hard drive to download or
upload data. So they are partially
compliant when it comes to
credit card transactions.”
The most important thing for
a card used in a retail outlet or
an SMB, is the card holder name,
then CVV2 – card verification
value: the security code on the
back of the card – and then the
track-one and track-two data
which is on the magnetic strip.
It is not required that everybody
uses a chip card; today the US is
still running mag-stripe cards or
contactless cards.
“Today we are required to be
fully EMV-compliant [Europay,
MasterCard and Visa, also known
“We have seen a lot of cases in the world where the storage and process-ing of credit card details have been compromised and obviously more security is necessary and in turn, any organisation, any company, any non-profit organisation, it does not matter who, anyone who stores or processes credit card details would need to com-ply with PCI DSS.”Dr Angelika Plate, director of Strategic Security Con-sulting at IT security consultant help AG.
Dr Angelika Plate from help AG says that every
company regardless of size must be PCI
compliant if it deals with credit card details.
PCI compliance and depending
on which level you are on, you
have certain rights.
According to Martin Walden-
strom CEO of online payment
gateway cashU, on the differ-
ent levels there are different
requirements depending on
whether you are a processor or
merchant. If you are a processor
you process for hundreds and
even thousands of merchants
but if you are a merchant it’s just
for yourself.
The different levels are defined
based on services provided by
different financial organisations.
“Let’s take a bank; for a bank
we have 12 different standards of
compliance. We look at the secu-
rity, including networks – which
have to have a secure firewall
Level 1: the highest and the only one that allows you to store
credit card details. It requires you to have an external PCI auditor
to audit at least once a month. You need to have a compliance
officer dedicated to this. Level 1 is merchants that process over six
million Visa or MasterCard transactions per year.
Level 2: Level 2 are merchants processing from 150,000 to six
million Visa or MasterCard transactions per year.
Level 3: Level 3 are merchants processing from 20,000 to 150,000
Visa or MasterCard transactions per year.
Level 4: Level 4 are all merchants not included in Levels 1, 2 or 3.
PCI compliance levels
March 2013 Vol.19 No.03 27
as “chip and PIN”; a chip standard
is already applicable, since 2006
in the Middle East. Today in the
region about 80% of provid-
ers are still implementing chip;
practical acceptance is still 60%,”
explains Sangal.
There are a lot of standards
that people can comply with and
those standards that are build
for compliance always have a
set of requirements, PCI DSS has
around 200 different require-
ments and sub-requirements.
“Very often I am asked ‘is one
requirement more important
than another?’. Whilst maybe
people feel like it is, for example
when there is a requirement to
make sure that credit card details
like the transaction numbers, and
things like that, are stored in a
secretive way. That looks more
important than to have a writ-
ten information security policy.
However, on the compliance
level it it does not make a blind
bit of difference. A requirement is
a requirement and non-compli-
ance with one requirement will
not lead to certification, as much
as non-compliance with any of
the other requirements,” states
Dr Plate.
many people claiming all sorts of
compliance, it is one of the most
mis-used words I have ever seen
and everybody who can think of
it claims compliance with all sorts
of things and in many cases it is
not relevant at all. I have seen
organisations who have said they
are compliant because they use
PCI compliant products, which
is simply not good enough,”
explains Dr Plate.
COMPLIANCE DEADLINEAt the moment the deadline to
be PCI compliant is in 2014. Be-
ing PCI compliant is recommend-
ed but there are no penalties for
not abiding by it.
“At the moment PCI is applied
by each merchant in different
ways because the processor may
be PCI compliant. However there
are some merchants who accept
credit card details over the tele-
phone or via fax and are not PCI
compliant, which is not recom-
mended,” says Waldenstrom.
“There is an avenue to report
a website breach that may affect
credit card details, one can report
it to the e-crime department at
the police or the central bank.
But here in the UAE there is no
action that will be taken.”
In the GCC the number of PCI
compliant firms is much higher
that for the UAE, OMA Emir-
ates says that PCI compliance
is a mandate so all institutions
should be PCI compliant other-
wise Visa, MasterCard and other
schemes won’t certify them.
“I would say about 80% of
Niranj Sangal from OMA Emirates says that about 80% of regional GCC institutions are fully PCI compliant.
“When you look at the compliance level of a bank it must adhere to all the 12 standards, but when it comes to Carrefour, there are certain features that are not applied to them because they are a merchant.”Niranj Sangal, Group CEO, OMA Emirates LLC.
PCI COMPLIANCE IN UAECurrently there are no laws or
regulations in the UAE around
PCI compliance, at the moment it
at the discretion of the organisa-
tion whether they want to be
certified or not.
“As long as there is no regula-
tory aspect around it, like maybe
a decree from the central bank or
some piece of legislation, compli-
ance is only something that
applies to people who want to
claim compliance and any body
wishing to claim compliance
has to go through certification.
What we have at the moment is
a sheer mixture of some banks
have it, some don’t. I think from
any organisation, aside from
banks, I don’t think anyone has
really looked into it in the UAE,”
says Dr Plate.
While PCI DSS certification
is nice for companies to have,
because it gives customers inde-
pendent accreditation that the
company is certified to protect
their data, the only drawback
is that it is very difficult for an
organisation to prove that they
are secure. Companies who are
PCI compliant can let customers
know through a badge on their
website. Any certification helps
to demonstrate to business part-
ners, customers and the general
public that they are operating
completely securely.
“It is always good for any
customer to double check if pos-
sible or get some additional cred-
ibility to make sure the payment
gateway is secure. I have seen so
Does your fibre system tick all the boxes?
40G
LANmark-OF : Competitive Fibre Optic Solutions
100GAccelerate business at the speed of light
LANmark-OF brings the best fibre technologies together to ensure maximum reliability and lowest operational cost.
Micro-Bundle cables save up to 50% trunk spaceSlimflex cords offer 7,5mm bend radius saving 30% space in patching areasPre-terminated assemblies reduce installation timeMPO connectivity enables cost efficient migration to 40/100G
OF brochure
www.nexans.com/LANsystems info.ncs@nexans.comG l o b a l e x p e r t i n c a b l e s
a n d c a b l i n g s y s t e m s
Top 10 tips to ensure PCI compliance
March 2013 Vol.19 No.03 29
Martin Waldenstrom from
cashU says that the different
PCI compliance levels
are defined based on the
services provided by different
financial organisations.
“There is an avenue to report a web-site breach that may affect credit card details; one can report it to the e-crime department at the police or the central bank. But here in the UAE there is no action that will be taken.”Martin Waldenstrom CEO of cashU.
Today the majority of credit
card transactions go through
COMTRUST, says Niranj Sangal
from OMA Emirates.
PCI compliance is now mandated by nearly every credit card scheme.
30 March 2013 Vol.19 No.03
have lower and so there is no so-
lution that fits all. At the moment
at least, nobody has come up
with a decent scheme that helps
to reduce the amount of require-
ments for SMBs, as sorry as I am
to say that,” says Dr Plate. “I am
the member of the ISO commit-
tee where ISO27001 is devel-
oped, which is one for the inputs
into PCI DSS and even there we
keep discussing whether we can
do something for SMEs and how
can we help them.”
PCI compliance is all about
security, so an SMB company will
be assessed on: qualifications of
staff, access rights, where a com-
pany hosts its system, auditing of
the physical access to data rooms
and IT department, companies
are even assessed on whether
they leave confidential docu-
ments in an easy to reach place,
according to Waldenstrom.
PCI COMPLIANCE REQUIREMENTSThere are a lot of requirements
around PCI compliance covering
the protection of the credit card
data in storage, transmission, or
as a process.
There is not as much consider-
ation of integrity or availability,
which are also very important
aspects.
“I would recommend ev-
erybody considers availability.
Nicely protected data does not
mean anything if you don’t have
availability,” states DrPlate.
Then there are a set of techni-
cal requirements related to the
network that is processing the
data, any applications that are
used for this processing, and
all the IT devices used for this
process. These all go through a
separate product certification for
PCI compliance.
“The PCI DSS certification
for organisations is always an
organisation certification, that
means that the organisation
with its people, its processes,
its IT, its technology, its policies
and everything is assessed and
tors who were not up to the level
of doing PCI audits, and that
was why you had professional
companies charging $100,000
or $120,000 just to do an audit.
To save this cost the banks have
been hiring their own people to
do PCI audits,” Sangal explains.
There was an incident in Alge-
ria a couple of weeks ago, where
Visa had certified a site and a
fraud still occurred. In such cases
the schemes are liable, but since
2006 most of the liability share is
on the financial bodies.
PCI compliance is now man-
dated by nearly every scheme.
There are audits a company must
go through before it starts taking
payments. There is an application
form that must be filled in, on
which they ask about Payment
Card Industry compliance.
Without that compliance they
won’t certify the premises.
“MasterCard has started
working with four organisations
locally [in the UAE] and Visa has
been working with around 30
companies. These companies do
the audits for Visa and Master-
Card; they look at the compliance
level of the site and the compli-
ance level of the applications
used. We call the applications
compliance level PA-DSS [Pay-
ment Application Data Security
Standard]. The auditors scrutinise
the whole application in terms of
the way the data is stored on it.
For example, do they have some
stored procedures that store data
and then release it?” says Sangal.
In the last three years OMA
Emirates has found that banks
are starting to have PCI audit de-
partments. About 80% of these
banks are already compliant. Re-
cently most of them have been
working towards compliance
because Visa and MasterCard
have got a mandate to ensure
these standards are followed.
Hardware manufacturers are
also being certified because
without the hardware you can-
not run an application.
SMBS AND COMPLIANCENone of the PCI compliance
standards downsize well, accord-
ing to Dr Plate, and the number
and complexity of standards that
must be adhered to to become
compliant can be prohibitive for
small and medium businesses.
“It is very difficult because the
SME world is so diverse and some
have higher security and some
Security breaches can be hard to detect, but there are signs that can appear when a security breach has occurred:
headquarter locations
logs are being deleted)
*By Visa Inc Fraud Control and Investigations Procedures
Version 3.0 (Global)
Detecting security breaches
March 2013 Vol.19 No.03 31
depends entirely on where the
card transaction process and
is how good or bad the organisa
products in their processing to
THE HUMAN ELEMENT
tion, policies and processes, the people in the organisation need to be brought alongside in the
bring people on board and tell
hat they are brought alongside in
The weakest link in any
company is the human being;
that is why PCI compliance
also deals with processes and
policies for the employee.
There are between 12 and 15
steps that a company needs to
go through to comply with PCI
standards.
32 March 2013 Vol.19 No.03
Access controls and identity management experts look at what kinds of authentication and access controls enterprises can and should implement, how they work and how they protect the network against unauthorised intrusions.
If you are a network manager who has not implemented identity
management (IDM) and network access controls (NAC), then
you will be a network manager who is looking for a new job,
according to digital security experts Gemalto.
“If you do not implement identity management and network
access controls, you are really setting yourself up for a problem be-
cause even though a username and password has been considered
good enough security, that is changing. We are getting to a place
where the demand, especially for sensitive areas of a corporate
network, is for stronger authentication credentials,” explains Ray
Wizbowski, vice president of strategic marketing, Security Business
Unit, at Gemalto.
IDM and NAC is the management of individual identifiers, their
authentication, authorisation, and privileges within or across system
and enterprise boundaries with the goal of increasing security and
productivity while decreasing cost, downtime and repetitive tasks.
Who accesses what in a corporate network is an essential tool in the
battle to maintain network security.
IDM can be extended to physical access, to buildings and access
control systems in general. A good example of this is the Emirates ID
card, which potentially could be used for identity management or
to identify the individual.
“In the future you might have public services which will use the
certificate store that we have on the Emirates ID to identify the indi-
vidual against those services. There is nothing that stops the Emir-
ates ID project from also having commercial access for enterprises
to identify employees, visitors etc,” says Nicolai Solling, director of
technology services at help AG Middle East.
Network access controls and identity management: What you need to know
Access control
Who accesses what in a corporate network is an essential tool in the battle to maintain network security.
March 2013 Vol.19 No.03 33
March 2013 Vol.19 No.03 35
CONTROLSWhen enterprises looking at IDM
and NAC for the typical uses that
exist within the organisation and
the access that they need, they
need to keep in mind how privi-
leged users are controlled within
the organisation.
“As part of an overall access
governance programme, people
should look to put the right
controls in place that actually
improve the ability for people to
do their jobs, but also take away
the risk from the business. So
being able to control the sharing
and use of privileged passwords,
being able to record sessions
if an external consultant is ac-
cessing systems and being in a
position where you haven’t got
large number of administrators
who are using and sharing sys-
tem or administrator passwords,”
says Phil Allen, director, Identity
and Access Management, EMEA
at access control and identity
management experts Dell Quest
One Identity Solutions.
The average American
enterprise environment any
user will have up to 25 different
identities they have to remember
within the environment and at
any point in time they will have
username and password that is
expiring or about to expire and
the user has to remember all of
these, says Wizbowski.
“From a management perspec-
Ray Wizbowski from Gemalto says that network access controls and identity
management are business critical.
“If you do not implement identity management and network access controls, you are really setting yourself up for a problem because even though a username and password has been considered good enough security, that is changing.”Ray Wizbowski, vice president of strategic marketing,
Security Business Unit, Gemalto.
tive that is a huge overhead. Ev-
ery time that you lose a password
as a user, some of the research
shows that it costs the company
$25 is in loss of productivity
because the person cant log it,
it is the fact that you have to call
support etc,” he explains.
IMPORTANCE OF IDENTITY, ACCESS MANAGEMENTData is the crown jewel of any
organisation; the intellectual
property and the data of the
business, whether that is
financial data, mergers and
acquisition data, and all of that is
now connected to the internet.
In today’s environment there
needs to be a new way of
looking at enterprise security.
In the past, NAC and IDM were
focused on keeping the bad
guys out and letting the good
guys in. Enterprises handled
this by putting up a strong
perimeter security strategy. NAC
and IDM were put in place to
essentially offer keys to the right
people to let them in through
this hardened perimeter while
keeping those without the keys
out of the network.
“This was a decent strategy
when the enterprise controlled
their data centre, the applica-
tions sat within that data centre,
and the organisation could easily
control who to let in and who to
keep out,” says Marc Lee, director
EMEA, at identity and access
Denmark has an advanced form of identity management called the NemID, which means easy ID, every single person in Denmark who has a social security number has this ID. You can use it for e-government services and on top of that they have a commercial arm which allows people to identify the individual using that. So if you go to services like the Danish eBay, one of the big issues they had on the website was that they could not identify the individual that was putting stuff up for sale. What they are now doing is they are actually subscribing to this government-based identity service, the NemID, which means that as an individual I have one card that identifies me against these services. The same thing happens with banks, another place where identity is very important. When we log onto our e-banking, there is a project called Easy ID, which is a government service, run by the same company which does all our money transfers between banks in Denmark. The banks use this service to identify users on e-banking environments. One card does everything. There is nothing that stops a large enterprise to go and access the identity service on its applications.
According to Nat Pisupati from HID Global, the Emirates ID is going to be able to be used as a payment device.
Nicolai Solling: HelpAG: talks NemID
In the average American enterprise environment, any user will have up to 25 different identities.
36 March 2013 Vol.19 No.3
Phil Allen from Dell Quest One Identity Solutions says that putting the right controls in place makes is easier for
employees to do their jobs.
strong authentication devices
in place in the ID cards and one
can also log onto their laptop
with the same ID card, providing
logical security for their laptops.
These companies in oil & gas and
government, they really don’t
want their facilities or employee
IDs to be compromised and no
one can blame them for that,”
explains Nat Pisupati, regional
sales director for secure identity
solutions provider HID Global.
HOW DOES IT WORK?Most software systems use NAC
or IDM software in one form or
another. User identity is authen-
ticated and verified to ensure
that the user has the correct
provisions to access information.
Vendors that provide access
management systems provide an
application residing on a server
that accepts authentication re-
quests and uses standards-based
policies to verify the request.
“The identity used in the
request contains attributes and
credentials that are used in the
verification step. Additional
software uses the identity infor-
mation that is also indexed with
application or system entitle-
ments to determine whether the
requestor is authorised to access
the application or system. There
are specific entitlements for each
application. These entitlements
are identified and stored in an
entitlement catalog during the
construction of the identity man-
agement system,” explains Earl
Perkins, research vice president
in Systems, Security and Risk, at
market research firm Gartner.
Access management solutions
bring together authentication
and authorisation services to
verify identities and enforce the
entitlements associated with
them. Audit software serves as
a foundation for analysis and
alerting, recording activity and
recognising patterns of user be-
haviour. If there is an anomaly or
“As part of an overall access governance programme, people should look to put the right controls in place that actually improve the ability for people to do their jobs, but also take away the risk from the business.”Phil Allen, director, Identity and Access Management, EMEA, Dell Quest One Identity Solutions.
management leaders Courion.
Enterprises now have travelling
executives who have unlimited
access to the data on the corpo-
rate network and are carrying
it with them on their laptops,
so that data becomes the most
precious asset within a company.
Controlling who gets access to
what is critical and having strong
authentication is essential.
“Identity and access manage-
ment is beyond a nice to have
thing. I would call it business
critical, mission critical, whatever
term you want to use,” states
Gemalto’s Wizbowski.
Implementing a way to ensure
a high level of assurance that the
employee that is accessing that
data is the correct person has
become essential.
“If it is not in place it is a case
of not if you will get compro-
mised, it is when you will get
compromised, because if you
are blocking access by using a
username and password that is
easily bypassed by cyber thieves,”
states Wizbowski.
Today, the extended enter-
prise is all about ensuring that
employees, contractors, partners
and even customers can access
critical data and applications
from anywhere, anytime. The
applications and data are often
cloud based and accessed by
mobile devices. This hardened
perimeter of keeping everyone
out no longer applies; the new
perimeter is policy based and the
key ingredient to that policy is
identity and access.
“Because of the huge entrance
of the new devices to the
network, mainly from tablet
computers, smartphones etc, ad-
ditional security is needed now,
included network access control,”
says Ammar Enaya, general
manager for the Middle East at
network access solution provider,
Aruba Networks.
Identity intelligence is required
to immediately identify when
user access or activity is suspi-
cious, identify the risk associated
with this, and immediately alert
and notify the proper people
and provide them ability to
remediate. It provides the ability
to define policy, enforce policy,
verify policy compliance, and
immediately identify risky access
and user behaviour to take im-
mediate action to remedy.
“We work with Aramco and
Qatar Petroleum and they have
very, very secure premises, very
secure facilities and they don’t
want the security in these build-
ing to be compromised, so we
provide an ID card. For example
in Qatar where you can not only
enter the building, but security
guard can authenticate your
identity because your photo is on
the ID. It is difficult to compro-
mise because we have some very
March 2013 Vol.19 No.03 37
Nicolai Solling from HelpAG says there is no reason why commercial ID applications cannot be integrated into the Emirates ID card.
“There is nothing that stops the Emir-ates ID project from also having com-mercial access for enterprises to identify employees, visitors etc”Nicolai Solling, director of technology services, HelpAG Middle East.
abnormality, Identity and Access
Management systems can alert IT
staff, enabling the identification
of potential risk areas before any
real threats occur.
“The authorisation decision
of ‘should you get access to this
resource’ or ‘can you perform this
operation’ is then made using
identity and provisioning infor-
mation. The software is used to
detect whether more informa-
tion or stronger authentication
is required to provide access,
or whether access should be
granted to the user,” explains Lee.
Access control software
controls who goes to what part
of a complex or building, for
example in Qatar petroleum they
have virtual cities, and they can
control movements of people
where they want based on how
senior they are.
“We allow the IT managers
to define roles, because in an
organisation a particular user
might need access to certain
programmes, so we allow them
to define what a person’s role is,
what they are allowed to do and
we allow them to implement
that role based approach,” says
Prasanna Kumar Singh, senior
technical expert, ADManager
Plus at ManageEngine.
According to Allen, from Dell
Quest One Identity Solutions he
typically sees organisations still
using the in-built authentication
processes that exist within ap-
plications like Microsoft systems
and Unix systems that exist on
their infrastructure.
“However, if people are access-
ing the network externally from
we are seeing a rise in enterprises
using strong authentication pro-
cesses, such as software based
tokens, hardware based tokens,
people using one time tokens on
mobile devices,” he says.
NFC for use in network access and identity management is in its very early
stages. In the ID market NFC technology is primarily being used to open
doors. Near Field Communications is a young, evolving technology, and so
are the technologies that will secure it as well as the role that NFC may play in
security.
“We have a pilot project in Goodyear Arizona, state university where
students were given mobile phones like BlackBerry’s or iPhones and a lot of
these kids seem to be losing their room keys, but most of them will not use
their phone, so we are using a programme right now where these kids can access
the library, the entrance to different college buildings, they can access their
dormitory rooms by putting their mobile phone in front of a card reader and
the door automatically opens,” says Pisupati.
Nicolai Solling from HelpAG says that he has seen authentication methods
whereby the user places their phone on a physical reader device next to their
computer. Your phone then identifies you and that you are close to your
computer and opens the machine. When you are not at your computer you
take your phone with you and the computer locks. That proximity information
can also be used by IT applications that can then forward calls when the user is
away from his desk, for example.
When it comes to using NFC within a data infrastructure, this is still very,
very early technology, according to Ray Wizbowski from Gemalto.
“There are some reports that say NFC are about 10% of the phone market
right now, I think that may be a bit high, but even at 10% you are still talking
a very small number that would be able to be used for access or identity
management,” he says.
While it is possible that NFC may serve as a foundation for delivering
improved means of authentication and/or authorisation, it is too early to tell at
this stage. Interesting development work continues, explains Earl Perkins from
Gartner.
NFC in identity management:
38 March 2013 Vol.19 No.03
THE BURDEN ON ITAn effective IDM and NAC system
brings an enterprise better assur-
ance of access, more transpar-
ency for access and identity
administration, and account-
ability of that access for all users,
according to Gartner.
In such an environment,
audit for compliance purposes is
easier and more thorough, and
automation of many manual
processes associated with identi-
802.1X Web-based Proprietary clientPros Highest security; standards based; multiprotocol;
most transparent; scales;built-into modern operating
systems
Very familiar model to
end-users; broadest
platform support; handles
guest users best.
Tight integration between
client and security policy;
broad range of topology
support.
Cons 802.1X supplicants have a “bad reputation” (although
this is not supported in our testing); weak guest support;
poor support for nonmainstream platforms such
as Linux, Palm, Symbian, and embedded devices.
Onerous and slow for all
users; only supports IP;
requires web browser;
security model weaker
Platform support not broad
(usually Windows-only);
requires vendor lock-in; weak guest
support.
Pros and cons of NAC Authentication:
An effective IDM and NAC system brings an enterprise better assurance of access, says Earl Perkins from Gartner.
“To build an effective system, there is a burden placed upon key support pro-viders like network managers to con-struct an effective identity data model, to ensure that systems are configured and supported properly, and to ensure the ongoing maintenance of that envi-ronment”Earl Perkins, Research Vice President in Systems, Security and
Risk, Gartner.
manager varies widely based
upon the degree and scale of
implementation,” says Perkins.
According to HID global, there
is a lot of work involved when
it comes to implementation of
access controls and network
authentication software.
“You are looking at thou-
sands and thousands of people,
different ID numbers and one
person at a time and each one
has to be given different access
to various points in a building or
buildings in a complex and that
does place a lot of burden on
the IT managers as well as on the
infrastructure because in some
instances you are managing hun-
dreds of thousands of people.
A big petroleum company has
200-300,000 employees as well
as contract workers that come in
every day and every one of these
people has to be managed and
given access and permission and
every time new vendor comes
into a building, all their details
have to be put into the system,”
says Pisupati.
Wizbowski says that in most
cases there is no downtime for
the organisation when they
move into access and identity
management, it is just a simple
switch over. However, the biggest
challenge is getting hardware
devices, such as an OTP token in
people’s hands.
“The easiest way to provide
enterprise employees with access
controls is for them to download
an application and then switch to
using it, so it really is a back end
change,” he explains.
This change can be done in
as little as a couple of weeks
for small organisations or as
a phased approach, or where
different groups are phased into
the access change over a couple
of months. Another advantage of
the latest IAM technology is that
it allows IT managers to better
align business risk to access risk
by providing a clear view of the
most problematic security areas.
This enables organisations to
allocate their security budgets
more effectively to the most criti-
ties is established and helps to
streamline the process of identity
management and use.
“To build an effective system,
there is a burden placed upon
key support providers like
network managers to construct
an effective identity data model,
to ensure that systems are con-
figured and supported properly,
and to ensure the ongoing main-
tenance of that environment.
The overall level of effort by the
March 2013 Vol.19 No.03 39
Sector Premise Questions to be answeredPolicy What is your security
policy?
What are you trying to accomplish? What type of users and
devices will the NAC deployment focus on?
Authentication What authentication
method will you use?
How will user identity affect security policy and access
control?
Environment What end-point
security features do
you want?
What types of devices will have their security checked? What
is the associated policy? How will you handle users and
devices that cannot be checked, such as guests or printers?
Will you be running continual security checks, or just at login
time?
Enforcement What enforcement
strategy will you use?
Where in the network will you enforce? Will you mix different
types of enforcement, or use a single consistent strategy?
Integration How is NAC going to
integrate into your
existing network?
How will physical integration be done? What
steps can you take to ensure that integration goes
smoothly and without unnecessary disruption?
How will it integrate organisationally?
Key questions to answer when deploying NAC
Access and identity management is fast becoming a must-have for enterprises.
cal areas that pose significant risk
to their business.
In terms of actual dollar costs,
Perkins from Gartner says that
at a guess, if we assume an
“average” enterprise of 10,000
users with at least 10 major ap-
plications and requirements for
different classes of access, such
an organisation might require
$250,000 to $500,000 in software
costs and another $200,000 to
$400,000 in implementation
costs. This means such a use case
might cost between $450,000
to $900,000. Such projects often
take anywhere from six months
to a year to implement depend-
ing upon complexity.
These costs also include train-
ing and education.
Big data
40 March 2013 Vol.19 No.03
March 2013 Vol.19 No.03 41
Companies must start treating their data as an asset rather than a burden, writes Piers Ford
WEDNESDAY 29TH MAY 2013, JUMEIRAH EMIRATES TOWERS, DUBAI
THE MOST CELEBRATED EVENT FOR MIDDLE EAST NETWORKING PROFESSIONALS
w w w. i t p . n e t / e v e n t s / n m e - a w a r d s
NOW IN THEIR 9TH YEAR, THE NETWORK MIDDLE EAST INNOVATION AWARDS
BRINGS TOGETHER THE REGION’S IT COMMUNITY TO RECOGNISE THE LEADING
PROJECTS, VENDORS AND INDIVIDUALS IN THE NETWORKING SECTOR
Do not miss your opportunity be part of the 9th Network Middle East Innovation Awards.Visit www.itp.net/events/nme-awards or contact one of our team today
For sponsorship enquiries please contact:
Nayeem DakhwaySales ManagerTel: +971 4 444 3482Email: nayeem.dakhway@itp.com
George HojeigeSales DirectorTel: +971 4 444 3203Email: george.hojeige@itp.com
For nomination enquiries please contact:
Georgina EnzerEditor, Network Middle EastTel: +971 4 444 3723Email: georgina.enzer@itp.com
For any other enquiries please contact:
Michelle MeyrickEvents ManagerTel: +971 4 444 3328Email: michelle.meyrick@itp.com
Silver Sponsor
ONE MONTH LEFT TO NOMINATE
NOMINATION DEADLINETHURSDAY 28 MARCH, 2013
Haritha Ramachandran, programme manager, information
and communication technologies practice at analyst Frost &
Sullivan, said businesses should choose big data processes that
suit the size and scale of analysis they aspire to.
“Initially, they could start with a collaborative business
intelligence solution that gets data real-time from social media,
then scale up to a full-blown analytical system with tiered
storage management and the like,” she said.
“Globally, big data is gaining interest among enterprises that
deal with huge data sets – banking and telecoms, for example.
Over 85% of the Fortune 500 companies are planning to
implement the technology in the next two years.
“Comparatively, the Middle East is still in its infancy.
Although there is much discussion, little implementation is
seen as yet. Vendors are still marketing the advantages of big
data to companies. However, budgets, manpower and risk
seem to be deterrents. Verticals such as healthcare are veering
towards managing data effectively to provide better service to
the citizens; big data is an enabler for electronic medical and
health records, and so on.”
How to manage Big Data
March 2013 Vol.19 No.03 43
If data was water, we’d need
more than a fleet of arks to
save us from the flood. The
volumes being bandied
around– take your pick from exa-
bytes, terabytes and petabytes
– defy comprehension for most
of us. But digital data is spilling
out of its traditional home in
the corporate database, crying
out for analysis, integration and
above all, use.
And with analysts like Gartner
and IDC predicting that the
digital universe will double in
size every year between now
and 2020, resistance is futile.
Instead, it’s time for enterprises
to embrace the phenomenon of
big data and acknowledge the
opportunity it represents: to find
innovative, cost-effective ways
to manage and store informa-
tion, and build applications that
will exploit it in increasingly
creative ways.
If the infrastructure is not
to buckle under the pressure,
organisations must start treating
their data as a dynamic asset
rather than an overwhelming
by-product requiring expensive
storage just to hold it at bay.
DEFINING BIG DATAWhat is big data? Definitions
abound, but a broad consen-
sus is that it is the deluge of
unstructured data generated by
what might loosely be called ‘life
in the 21st century’: everything
from multimedia traffic to
mobile devices, surveillance
networks and social media.
The list is endless. The smallest
transaction creates its own wave
of data, adding another layer to
the information pool.
“Organisations are producing
more data than ever before from
various internal and external
sources, thereby making it critical
for them to manage and analyse
this enormous volume,” explains
Boby Joseph, chief executive of-
ficer at StorIT Distribution.
“Although there is no exact
definition of big data, most re-
search firms define it as the mas-
sive volumes of complex, high
velocity and variable data that an
organisation collects over time
and which it is difficult to analyse
and handle using traditional da-
tabase management tools. Such
large volumes of unstructured
data require advanced technolo-
gies and techniques to capture,
store, analyse, distribute and
manage this information.”
Joseph says that simply ac-
knowledging the phenomenon
and trying to apply traditional
management tools to accom-
modate this bewildering array of
data sets is not the answer. Busi-
nesses need to interact with big
data in real time so that they
can react quickly and make fast
business changes in response
to the live situation it repre-
sents. The wealth of informa-
tion can only yield its true value
if there is a shift in attitude.
“To address the big data
problem, organisations need to
change their mindset in addition
to upgrading their technology,”
states Joseph. “To use big data
Boby Joseph from StorIT says that
organisations are producing more
data than ever before.
“Although there is no exact defini-tion of big data, most research firms define it as the massive volumes of complex, high velocity and variable data that an organisation collects over time and which it is difficult to analyse and handle using traditional database management tools.”Boby Joseph, CEO, StorIT Distribution.
While big data is much-discussed at board level, it requires
commitment and investment throughout the business.
Analysts say that in order to realise the benefits of cost
effectiveness that big data could ultimately deliver, CIOs might
run into opposition because of the big price tag on the storage
infrastructure technologies pitched at meeting the challenge.
“Due to the fact that most big data projects today are
funded by the business, it is becoming imperative for CIOs to
demonstrate the cost effectiveness of a proposed big data
project,” said Sid Deshpande, senior research analyst at Gartner.
“In order to leverage and deploy some of the emerging
storage architectures, CIOs and IT managers need to hire
employees with the correct business level exposure, in addition
to the technology skill sets: Java and functional programming,
data mining and statistics, open source code management,
custom ETL exploiting MapReduce methods, Hadoop, and
open source data analytics.”
The value of big data
44 March 2013 Vol.19 No.03
effectively, organisations need
to choose from a number of
advanced technologies and new
platforms that will help them tap
into internal systems, silos, ware-
houses and external systems.
They also need to add resources
with skills to use this massive
volume of data optimally. This
means that the organisation’s
infrastructure, operations and
development team need to work
together to tap the full potential
of big data.”
So it’s a challenge for every-
one. And there are some impor-
tant questions to consider.
“Big data is becoming a par-
ticular problem for IT, because
more of the budget is going to
data storage and the volume of
data is causing traditional mod-
els to break,” says John Rollason,
EMEA director, product, solutions
& alliances marketing at network
storage vendor NetApp.
“We need to get people to
think of data as something that’s
more of an asset, and help them
find different ways to manage
and store it.”
THE CLOUDSofocles Socratous, regional sales
director at storage specialist
Seagate, says the fundamental
challenges of data management,
information security, infrastruc-
ture investment and operational
control, are increasingly ag-
gravated by the need to reduce
the complexity and cost of
enterprise data storage.
“Some of the key questions
that I think big enterprise will
have to face now include: how
do enterprises store lots of
data in a limited physical space?
How do they offer reliable and
consistent data access to their
ever-growing customer base
while avoiding network conges-
tion? And how can they deal with
shrinking budgets yet offer a
sustainable storage platform that
they won’t outgrow tomorrow?”
Socratous asks.
He says that more businesses
in the Middle East are looking
at IT virtualisation, outsourcing
their data to the cloud – which
negates the problems of over-
and under-provisioning storage
Sofocles Socratous from Seagate says that more and more
businesses are looking to outsource their big data to the cloud.
“Some of the key questions that I think enterprise will have to face now include: how do they store lots of data in a lim-ited physical space? How do they offer reliable and consistent data access to their ever-growing customer base while avoiding network congestion?”Sofocles Socratous, regional sales director, Seagate.
46 March 2013 Vol.19 No.03
Analysts such as Gartner and IDC predict that the digital universe will double in size every year between now and 2020.
“Using distributed infrastructure and software to deliver solutions over different geographic territories creates its own challenges – for example, within some EMEA countries, legislation requires data relating to individuals to be identified on individual disk drive spindles.”Andrew Logie, chief technology officer, DrPete.
Mervyn Kelly from Ciena says that there is a need to upgrade
current data warehouse models.
resources, and theoretically
liberates the business to focus on
data analysis and exploitation.
And to do that, they need the
right tools.
“The fact that most enterprises
are being forced to address big
data is in itself an opportunity to
lower their network’s total cost of
ownership through the deploy-
ment of more modern and more
efficient information technology
solutions,” explains Socratous.
“With large enterprises
expanding their current data
centres and building new
virtual networks, deploying new
physical-layer infrastructure is
becoming more recognised as a
business priority, as it can serve
to handle the deluge of new data
while improving system perfor-
mance, scalability and future
network congestion.”
The cloud does not necessarily
contain all the answers, however.
According to Andrew Logie, chief
technology officer at IT strategy
consultant DrPete, which has
undertaken a number of projects
across the region, big data-savvy
enterprises are turning to major
technology and social media
providers for their tools. Compa-
nies like Amazon and Google are,
after all, in the vanguard of the
big data phenomenon.
“For instance, Google utilises
PEOPLE. POWER. PROFITS.NOW ON YOUR iPAD
Search for Arabian Business in the App store
In-depth news, expert views, big name interviews andexclusive videos now on the Arabian Business iPad App.
Download your FREE App today.
www.arabianbusiness.com
48 March 2013 Vol.19 No.03
a proprietary technology called
‘Big Table’ and possibly other
open software source solutions
such as Hadoop and Cassandra,”
says Logie. “While Amazon pro-
vides hosted database solutions
built on its noSQL ‘DynamoDB’
solution, based on distributed
datastores where the emphasis is
on predictable Input/Output per
second and scaling on demand,
rather than just storage used.
“Solutions always work more
effectively when they are near
users,” counsels Logie. “The
challenge with collecting and
reporting on big data is that
users can be anywhere, and in
huge numbers.
“Using distributed infrastruc-
ture and software to deliver
solutions over different geo-
graphic territories creates its own
challenges – for example, within
some EMEA countries, legislation
requires data relating to individu-
als to be identified on individual
disk drive spindles. This scenario
makes using cloud-based infra-
structure challenging. Amazon,
at least, allows organisations to
pin their data to any regional
data centre.”
“This is implemented on fast
flash-based disk arrays, with as
much distributed computing
resource as is sufficient to handle
the request specified by the
customer application and the
data stored.”
However, organisations should
be cautious about implementing
a cloud-based big data strategy
which takes the data too far from
their own domain.
Yet adhering to traditional,
localised data management
practices could compromise
the ability to scale quickly and
be reactive in data analysis. It’s
a dilemma that information
technology managers will need
to resolve with care.
EASE-OF-USE IS IMPORTANTAt data analysis software special-
ist CommVault, MENA senior
technical account manager Allen
Mitchell says it will be essential
for the IT function to make avail-
able analysis tools that are easy
to work with and well-integrated
with business processes.
“Using Storage Resource
Management (SRM) software is a
“Agent-less SRM makes rollout a non-issue and it can really help you to organise data for the best access/cost compromise.” Allen Mitchell, MENA senior technical account manager, CommVault.
Allen Mitchell from CommVault says it will be
essential for the IT function to make available
analysis tools that are easy to work with and
well-integrated with business processes.
Big data requires big changes in infrastructure and data
analysis. At high-performance network specialist Ciena, EMEA
marketing director Mervyn Kelly said there are three main areas
of opportunities and challenges for the enterprise.
Firstly, the combination of high-speed cameras, 1- and
10-gigabit Ethernet networks and sophisticated analytical
software has enabled new big data applications. In the US,
for example, baseball stadiums are being fitted with cameras
and software that tracks players and ball flight in real time,
to develop precise performance metrics. That’s one million
records per game.
“The potential to develop similar, totally new applications
using big data analysis cuts across almost every business,” said
Kelly.
There will also be the need to upgrade current data
warehouse models – to make better sense of supply chain
information, for example.
“An upgrade project might include integrating a new data
source by connecting to a subsidiary’s data centre,” said Kelly
“Or maybe adding a new network connection to a cloud facility
with more compute-intensive platforms enables the ability
to economically shift big data workloads that demand peak
processing.”
Finally, research and education institutions have the
opportunity to exploit very high performance applications in
the areas of computational bioinformatics, weather and climate
simulation, brain simulations and other ‘peta-scale’ research.
“The ability to scale to 100 Gbps networking is key to moving
these huge data sets between data centres,” he said.
Strategies for coping with Big Data
March 2013 Vol.19 No.03 49
Haritha Ramachandran from Frost & Sullivan says that big
data management in the Middle East is still in its infancy.
“Globally, big data is gaining interest among enterprises that deal with huge data sets – banking and telecoms, for example. Over 85% of the Fortune 500 companies are planning to implement the technology in the next two years.” Haritha Ramachandran, programme manager, Frost & Sullivan.
good start,” he said. “Agent-less
SRM makes rollout a non-issue
and it can really help you to
organise data for the best access
or cost compromise. Not only
will the trending warn you that
you’re heading down the big
data path, but it can also help
drive archive policies for effective
long-term storage and keep
costs under control.”
On the enterprise storage
front, in a non-cloud environ-
ment, a flexible approach com-
bining multidirectional scalability
and multiple data centre support
will be crucial, said Andrew
Childs, senior business develop-
ment management at Huawei
Enterprise Middle East.
Multidirectional scalability and
the flexibility to use a variety of
storage methods – Distributed
File System, Scale-out, Network
Attached Storage and Object-
based storage – will be instru-
mental in successful big data
management, said Childs.
“Availability is also impor-
tant in being able to manage
big data for a company,” he
added. “Should a data centre, for
example, go down due to some
natural calamity the data will
still be accessible with multiple
data centres. While companies
in the region are quite a long
way behind the western world
in terms of having solutions to
support the growing big data
trend, we are seeing companies
in the Middle East moving slowly
itowards providing these data
centre solutions.
“They are planning ahead,
realising that enormous amounts
and various types of data can be
capitalised on market intelli-
gence to drive their market share
and stay ahead of the curve.”
Mar
ch 2
013
Vol.1
9 N
o.03
50
Secu
rity
focu
s
What makes the BlackBerry 10 platform a better option for enterprises when compared to Android or iOS?We’ve been in the device
management business for over
10 years and we offer a secure,
manageable and cost effective
solution that organisations can
definitely trust.
BlackBerry 10 smartphones will
be managed on the BlackBerry
Enterprise Service 10 (BES
10), which is BlackBerry’s new
enterprise mobility management
solution. With BES10, we are
giving businesses a cost-efficient
and industry leading secure,
reliable and scalable solution that
consolidates the management of
smartphones and tablets running
BlackBerry and PlayBook OS, as
well as Android and iOS. No other
mobile device management
(MDM) vendor manages more
devices than BlackBerry.
We are also supporting
the consumerisation of IT
through BES 10’s BlackBerry
Balance feature for BlackBerry
10 smartphones, which offers
separation of work and personal
data. Personal apps and
information are kept separate
from work data, and customers
can switch from their Personal
Space to their Work Space
to ‘lock down’ the BlackBerry
10 platform capabilities. This
provides CIOs with the trusted
end-to-end BlackBerry security
model, and enables users to use
the work and personal BlackBerry
10 features they want, without
circumventing IT, or sacrificing
any functionality.
Many analysts have said that BlackBerry 10 is the make or break for BlackBerry; what would you say to this?
BlackBerry 10: The safe option for enterprises?
Khaled Kefel from BlackBerry says that the BlackBerry workspace is fully encrypted and fully secure.
BlackBerry Balance: This system allows users to separate
professional communications and applications from music,
photographs and other personal items.
Application permissions: This feature lets you see, control, and
customise what each application can access and allows you to
manage and protect your privacy.
BlackBerry Protect: This can help you remotely locate your
BlackBerry smartphone, set a password, and even wipe it from
anywhere with an internet connection. It is integrated into every
BlackBerry 10 smartphone..
FIPS Certification: BlackBerry 10 is Federal Information
Processing Standard certified. This is a US government computer
security standard used to accredit cryptographic modules.
End-to-end data encryption: BlackBerry products and solutions
are protected by best-in-class AES 256-bit encryption, a highly
secure, internationally recognised data protection standard.
Key security features of BlackBerry 10with a simple gesture on the
BlackBerry 10. The Work Space
is fully encrypted and secure,
enabling organisations to protect
their content and applications,
while at the same time letting
employees get the most out of
their smartphone experience for
their personal use
Can you describe the new security enhancements and how these protect the enterprise better than previous versions?BlackBerry is the gold standard
for secure end-to-end mobility.
Security is built into the
BlackBerry DNA and that is why
BlackBerry 10 and BES10 were
FIPS certified before launch.
BES 10 ensures end-to-end data
encryption provides protection
and assures employees of their
privacy and freedom with
features like BlackBerry Balance.
We’ve also supported protection
against unauthorised devices
accessing corporate assets and
prevent data leakage. By creating
a single outbound port for all
communications, there is no need
for additional VPNs.
With BlackBerry Balance, IT
organisations have the ability to
segment and control work data
on the device, without having
We’re confident BlackBerry 10
will succeed. Since our global
launch across six cities, including
Dubai here in the Middle East, we
have had a fantastic response for
our BlackBerry Z10 smartphone.
We are building a new, seamless
customer experience and
partnering for success with
customers, developers and
carriers. Consumers and
enterprises are excited about our
re-designed, re-engineered, and
re-invented BlackBerry platform.
Khaled Kefel, senior country director, Saudi Arabia at BlackBerry, explains the security benefits of the new enterprise platform
Mar
ch 2
013
Vol.1
9 N
o.03
52
Secu
rity
focu
s
Trend Micro. Through an integrated
approach that is designed to
protect data, promote flexible work
styles, and simplify the path to the
cloud, Microsoft Windows Server
2012 Essentials a central server
that can automate important
activities like online data backup
and protection of computers;
allow teams to share and organise
business documents; provide
a platform for running line-of-
The role and importance of
information security continues
to evolve within the Gulf
Cooperation Council (GCC) block
of countries, and this evolution
is only expected to intensify over
the next few years, according to
the newly released “Gulf States
Security Software Market 2012-
2016 Forecast and 2011 Vendor
Shares” study from International
Data Corporation (IDC).
The Gulf security software
market generated $143.34 million
in license and maintenance
revenue in 2011, with IDC’s
research showing that large
enterprises, particularly those
from the banking, government,
and telecommunications sectors
were the primary drivers of this
expenditure. The IDC expects
spending on IT security in the
GCC to continue growing over the
coming five years, as the region is
witnessing an increasing level of
cyber warfare.
Indeed, it is believed that
the spate of recent attacks on
energy and media companies in
countries such as Saudi Arabia
and Qatar were only the first in
a series that are likely to grow in
complexity and in frequency.
“Companies and governments
must assess all possible risk
vectors and IT security threats,
and reevaluate their security
strategies accordingly,” says
Megha Kumar a research
manager at IDC Middle East,
Africa, and Turkey.
“We expect companies, and
even governments, to rebuild
their business continuity
strategies in order to effectively
manage the eventuality of further
complex cyber attacks. We also
expect organisations to become
more stringent when evaluating
prospective vendors out of
concern that they may not be
doing enough to remain ahead of
the threats.”
The UAE accounted for the
largest proportion of spending
on security software in the Gulf,
with 41.5% share, followed by
Saudi Arabia and the other GCC
countries of Kuwait, Bahrain,
Oman, and Qatar. The market
continues to be dominated by
Symantec, which garnered 22.2%
share in 2011, while McAfee
placed second with 12.5% share
and Kaspersky rose to third with
10.8% share. The top three sectors
of finance, government, and
telecommunications together
contributed to 58.2% of total
security software spending in
the GCC in 2011. The series of
cyber attacks that struck the
energy sector in 2012 will cause
companies to reevaluate their
security strategies and show
greater interest in business
continuity planning, fueling
security spending throughout
2013 and 2014.
Cloud security leader Trend
Micro has announced Worry-Free
Business Security solutions in the
Windows Server 2012 Essentials
dashboard and Trend Micro
Worry-Free Business Security 8,
which supports Windows 8. These
solutions are designed to protect
small business in the face of the
growing BYOD and cloud trends.
“Trend Micro is committed to
delivering products that best serve
small businesses. By working
with Microsoft to integrate
Trend Micro Worry-Free Business
Security Services and Windows
Server 2012 Essentials, Trend
Micro small business customers
benefit from cloud computing and
mobile applications while feeling
confident that their information
is safe. It’s the must-have security
for small businesses,” said Magi
Diego, director, SMB Marketing at
business applications; and provide
remote access to data from any
internet-connected location or
connected device.
“Trend Micro is taking advantage
of the built-in ability to include
their offerings in the single
management console in Microsoft
Windows Server 2012 Essentials,”
said David Fabritius, Product
marketing manager, Server and
Tools, at Microsoft.
Trend Micro releases SMB security solutions
Regional companies are set to re-evaluate protection measures in wake
of the Aramco attack, according to IDC.
GCC cyber security spend to surge
Mar
ch 2
013
Vol.1
9 N
o.03
54
Secu
rity
focu
s
As part of its managed services
offerings, du – the UAE’s
integrated telecommunications
service provider, has announced
the launch of Mobile Device
Management, offering both
on-premise and cloud based
solutions for businesses to
manage corporate data on their
employees’ personal mobile
devices. The solution is built on
MobileIron, a leading platform for
securing and managing mobile
apps, documents, and devices.
Du’s MDM solution is designed
to provides a secure gateway
that connects the end-user to
the organisation to retrieve and
share corporate data, to back-
end enterprise resources like
Exchange, app and web servers
and SharePoint. MDM permits
employees to securely view
email attachments, secure access
to SharePoint docs and secure
on-device storage. In addition,
there is no ‘Open in’ access for
rogue apps and organisational
data can be deleted in the case of a
lost device.
Du MDM is designed to provide
a one stop, highly configurable,
cross-platform solution that is
compatible with any mobile
device used by an employee.
Offered in collaboration with
MobileIron, the MDM solution
provided by du is purpose-built
for Mobile IT providing end-
to-end integrated security for
multiple operating systems,
data loss prevention controls for
email attachments, certificate-
based identity, application and
document containerisation,
Bring Your Own Device privacy
protection, and automated
closed-loop compliance.
“More and more companies
realise, that in the fast paced lives
of employees today, they prefer
the convenience of using their
personal mobile devices for work
which would entail organisations
monitoring their devices, without
compromising any employee’s
privacy. Additionally, this proves to
be a challenge for an organisations
IT department to maintain
control of sensitive information.
Our MDM is the ideal solution to
maintaining the privacy of each
employee, while also maintaining
security and control over which
individuals are able to access these
files. All the data is encrypted
prior to transfer with MobileIron
providing delivery, configuration,
data-in-motion, and data-at-rest
protection for email, applications,
documents and web services,” said
Farid Faraidooni, chief commercial
officer, du.
The solution is available on the
cloud as well as on an on-premise
MDM model..
Du launches MDM solution
Analysis: Security-relevant data,
including full network packets,
logs, and threat intelligence, are
captured and quickly analysed to
speed up threat detection.
High Powered Analytics:
Designed to enable much larger-
scale collection of data and
empower new analysis methods
over that of traditional SIEM-based
approaches to security.
Integrated Threat
Intelligence: Helps organisations
operationalise the use of threat
intelligence feeds to accelerate
detection and investigations
RSA, has announced the release
of RSA Security Analytics – a
transformational security
monitoring and investigative
solution designed to help
organisations defend their digital
assets against today’s internal
and external threats. Built on
RSA NetWitness technology, RSA
Security Analytics fuses SIEM,
Network Forensics, and Big Data
analytics into a security platform.
By providing security
professionals with the visibility to
see and understand vulnerabilities
and attacks, RSA Security
Analytics is designed to enable
the discovery of risks as they occur.
Furthermore, by helping security
professionals understand digital
risks originating from both inside
and outside their enterprise,
organisations can better defend
business assets, including
intellectual property and other
sensitive data, while reducing
the time and cost associated
with threat management and
compliance-focused reporting.
The RSA Security Analytics
Unified Platform is designed
to deliver: Quick Capture and
of potential attack tools and
techniques.
Context for Threats: Through
integrations with the RSA Archer
GRC platform and RSA Data Loss
Prevention suite, and by fusing
data produced by other products,
analysts can use business context
to prioritise and allocate resources
to the threats which pose the
greatest risk.
Malware Identification:
Using a variety of investigative
techniques, the solution identifies
a much wider range of malware-
based attacks.
RSA announces release of RSA Security Analytics
Farid Faraidooni from du says that more and more companies are realising that employees want to use their own devices.
Mar
ch 2
013
Vol.1
9 N
o.03Last
wor
d56
Can you tell us how you began working
in the IT industry?
In 1984, after fi nishing my studies,
the personal computer started to
spread in enterprises and I decided I
wanted to be in the industry. I joined
Texas Instruments Computer Division
and a few years later I joined Digital
Equipment Corporation, the second
largest IT company after IBM at the
time, and I have continued to work in
the technology industry since.
What is the best and worst thing about
the networking industry?
The best thing is the creativity, energy
and capacity to change how the
world is communicating and coming
together. Working now for Polycom,
the leader in video communication and
collaboration, we are bringing people
from all over the world to communicate
with each other and breaking through
the distance.
Talk us through what you do on
a daily basis...
My days are a mixture of
activities, encompassing
customer and reseller visits,
meetings and sales reviews
with my team, internal meetings
on project advancements,
analysing and planning the
business, economic and
competitive environment, along
with being continuously trained
on our ever-evolving portfolio.
What has been your proudest
achievement in your career so far?
What keeps me proud and fuels my
professional passion is Polycom’s
success as a winning team. I feel
particularly rewarded by the fantastic
personal relationships I have with
my colleagues, be it at Polycom, and
throughout my career.
What IT product or innovation should
the IT industry watch out for this year?
Mobility and cloud are really the areas
to watch this year. People want to
connect, work, be entertained, and see
each other from anywhere at any time.
Millions of smartphones and tablets are
spreading at light speed, and mobility
applications and related cloud access
are a major trend.
Comparing the IT industry to other
countries, do you think it measures up
or is lacking and why?
The UAE is moving very fast in
adopting leading edge technologies.
We have very advanced and forward
thinking customers in the region
adopting Polycom solutions.
What IT company, other than your own
do you admire and why?
Companies like Apple, Microsoft and
IBM all have an incredible power in
developing applications with great
human interface, whilst renewing
and adapting their strategies in a fast
changing competitive environment,
and have maintained that for more
than 30 years.
Who do you look up to in your career
and why?
I have written many books regarding
sales and management and there are
too many great mentors out there to
name one specifi cally. Watching great
CEOs or inspirational presenters is
always a good reference point.
What do you do for fun?
I play and watch football, I like
photography and I recently started
learning to play the acoustic guitar.
Communication championDaniel Schmierer, area sales vice president for Middle East & Africa, Polycom, talks IT innovations
What is your favourite fi lm:
Many are great, let’s say ‘The Good the
Bad and the Ugly’.
iOS, BlackBerry or Android?
iOS
What is your favourite gadget?
None
Who is your favourite band/musician?
Stevie Ray Vaughan
What is your favourite book?
The 7 habits of highly effi cient people
from John Covey
Favourite things
Open the Door to Energy Savings
Opportunity is Knocking
Find out more at www.chatsworthproducts.co.uk/aisle-containment
www.chatsworthproducts.co.uk Middle East Sales Office +971-4-2602125
Just as no two data centres are the same, the solutionsneeded to keep your energy costs down are rarely thesame either. Whether you’re looking for free cooling orneed to support higher heat densities, Chatsworth Products, Inc. (CPI) can create the perfect Aisle Containment Solution for you. CPI’s stock of racks, cabinets, cable management and containment doorshave helped create some of the industry’s most innovative containment solutions from the floor up – literally. Now, with Aisle Containment Solutions that areunmatched on the custom market and sealing solutionsthat are proven to be 200% more efficient than any similar product, CPI is proud to introduce its new pre-engineered Aisle Containment System.
Features & Benefits• Available as either Hot or Cold Aisle Containment• Architectural aluminum sliding doors with auto-closing
mechanism• Designed for ease-of-assembly and maximum sealing
performance • Work with our application engineers to create unique
design solutions• Broadens air temperature envelope with 4x higher heat
and power densities