BUILDING THE INFRASTRUCTURE TO ENABLE THE CHANGING FACE OF IT

F E B R U A R Y 2 0 1 7 \ V O L . 8 \ N 0 . 1

T E A M C H AT S E C U R I T Y

Team Chat Apps: We Need to Talk … About Security

N ET W O R K I N N O VAT I O N AWA R D

Nyansa

E D I T O R’ S D E S K

Lots of Talk About SD-WAN, but Action Too

k

k

kk

k I N F O G R A P H I C S

Data Mine

k

O V E R T H E W I R E

Advanced Machine Learning Lends a Hand to Network Security

k

k O P E N S O U R C E

Open Sesame: Open Source Set to Trans-form Networking

I N F O G R A P H I C S

Pulse Check

T H E S U B N ET

Networking Careers: Making the Leap From Vendor to Enterprise

NEW YEAR, NEW WANConsidering an SD-WAN deployment? You’re not alone.

2 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

subnet and packets: slug is blue and bold

edit name is sidebar color

delete the “XX” part on ed letter

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

Satisfied

software-defined

WAN customers

share their de-

ployment stories.

EDITOR’S DESK | ALISSA IREI

Lots of Talk About SD-WAN, but Action Too

When it comes to software-defined networking in the data center, I sometimes think of the Toby Keith song, “A Little Less Talk and a Lot More Action.” While research indicates deployments are growing, user stories still seem a bit thin. And as engineer Jor-dan Martin wrote on the Gestalt IT blog, no vendor pitch can ever pack the punch of a customer testi-monial. When many of us are reluctant to try a new restaurant without checking Yelp, it makes sense that network managers want to hear about others’ experiences before sitting down at the SDN table.

Well, as Toby sang, “I knew somewhere amid all this distraction was a little less talk and a lot more action”—which brings us to the wide area network. IDC predicts the software-defined WAN market will swell 90% a year through 2020, and anecdotal evidence supports that narrative of exponential growth. At the Open Networking User Group’s most recent conference, for example, a slew of customers

discussed their experiences with SD-WAN.In this edition of Network Evolution, we share de-

ployment stories from three of these users, ranging from a garden equipment manufacturer to a ma-jor oil company (“SD-WAN Is the New Black”). We hope these case studies will help you weigh the pos-sibility of employing SDN principles in your WAN.

We also look at open source’s progress (“Open Ses-ame: Open Source Set to Transform Networking”) and consider security issues of messaging apps like Slack and Unify Circuit (“Team Chat Apps: We Need to Talk … About Security”).

It’s fair to say 2016 was the year of SD-WAN, and it looks like 2017 will be too. So in the words of Mr. Keith, “Let’s get on down to the main attraction, with a little less talk … and a lot more action.” n

ALISSA IREIFeatures and E-zine Editor, Networking Media Group

3 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

feature 1 yellowfeature 2 magentafeature 3 cyan

on turn pages of features the color of the rules match the opener color

hard return after each line of deck.

two body text returns above first paragraph

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

CREDIT: AIKIDO/ISTOCK

BY ALISSA IREI

SD-WAN

SD-WAN Is the New Black

Ω Three real-world case studiesshow software-defined WAN in action.

When the Pantone Color Institute selected the shade officially known as 15-0343 as its latest Color of the Year—predicting the vibrant green would be the “it” hue of 2017—reactions among tastemakers were decidedly mixed. Fortunately for networking professionals, predicting the hot technology du jour poses relatively little challenge: In the network, software-defined WAN is indisputably the new black.

SD-WAN—the technology that applies software-defined networking principles to the wide area network—abstracts network intelligence into a control plane, allowing enterprises to create dy-namic, responsive and programmable networks. While current adoption rates are still low, top ana-lysts generally agree the technology’s imminent fu-ture is bright—almost as bright as Pantone 15-0343.

4 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

According to Gartner, less than 2% of today’s WAN edge infrastructure refreshes are based on software-defined WAN, but it expects that number to exceed 50% by 2020. IDC recently predicted the total value of the SD-WAN market will reach $6 billion within that same period.

The emergence of a growing number of SD-WAN customer stories seems to support such projections. Indeed, software-defined WAN was the darling of the Open Networking User Group (ONUG) confer-ence last fall, with several users taking the stage to share their deployment experiences. To illustrate the changes, we explore three of these examples of SD-WAN in action from ONUG.

EXXON MOBIL AND CYBERASeveral years ago, Exxon Mobil Corp., based in Ir-ving, Texas, found it needed to replace its entire VSAT wide area network with secure broadband connectivity to meet revised Payment Card Indus-try Data Security Standards (PCI DSS)—a consider-able task. With 10,000 locations in North America, the Exxon Mobil network was vast and diverse. In addition to its typical retail sites, the company also

needed to connect about 450 wholesalers, some of which had up to 100 branch sites of their own.

Chris Curington, Exxon Mobil’s North American card security and fraud coordinator, said his team wanted to enforce company security policies at the site level, while allowing retail owners to use the net-work for more than just processing card payments. They also wanted to implement a “Bring Your Own Broadband” option, allowing retail and wholesale partners to access Exxon Mobil’s wide area network via their existing connections if they choose, with 3G or 4G backup connectivity in case of failure.

Curington and his team eventually settled on software-defined WAN technology from startup Cybera, which he said allowed them to meet each of the above use cases. Cost was also a major consider-ation, with plug-and-play provisioning minimizing, if not eliminating, the need to send technicians out to individual sites.

“Going to wholesalers and saying, ‘We’d like the clerk behind the counter to be able to install this,’—that was a paradigm shift,” Cybera founder and president Cliff Duffey said. “A lot of the wholesalers didn’t believe it until they tried it.”

Cybera deploys virtual networks on an

5 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

application-by-application basis. In the case of Exxon Mobil, Duffey said they spun up a network specifically for payments, with security features tailored to meet PCI DSS. They also created several other dedicated networks for applications like video surveillance, fuel management and customer loyalty programs.

According to Cybera, separating networks by ap-plication allows greater flexibility, with managers able to tailor network requirements. For example, a point-of-sale app could prioritize security while a guest Wi-Fi network puts performance first. In the case of a breach, this approach could also contain a security threat, preventing it from spreading from app to app.

In 2015, when American Express Co. launched its Plenti rewards program with Exxon Mobil as its official fuel partner, the company needed to create yet another network connection that could com-municate with the Plenti pro-gram’s third-party partners without compromising the se-curity of customer data.

“Exxon Mobil came to us saying, ‘We need to get this program launched quickly,’” Duffey said. “But it had complex requirements.”

Nevertheless, he said Cybera quickly spun up a new virtual network design, rolling out the changes to more than 6,000 stores in just a few days.

MTD PRODUCTS AND CISCO IWAN Like many enterprises, home and garden equipment manufacturer MTD Products, based in Valley City, Ohio, found itself struggling to meet user bandwidth demands without breaking the bank. With about 70 global locations, 6,700 employees and more than 450 network nodes, MTD Products is growing, along with its WAN needs.

Another challenge: Senior network engineer Chris Bregar said MTD Products’ unreliable DSL and cable backup circuits required hands-on work in the event of a failover. Sometimes that meant call-ing someone in, in the middle of the night.

“Because of the consumer-grade router on the cable side, we have to reboot the cable modem for it to function as a backup circuit,” Bregar said. “Not really scalable.”

500-1,000Estimated number of organizations

currently deploying SD-WAN products.SOURCE: “NETWORKING HYPE CYCLE,”

GARTNER RESEARCH, JULY 2016

CREDIT: MACROVECTOR/ISTOCK

6 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

The company decided to move forward with Cisco IWAN, recently completing a proof-of-concept (POC) phase in which they deployed hybrid WAN technology at a handful of branch locations. Bregar said they have seen huge improvements in perfor-mance, cost and employee productivity.

One POC site in Mississippi, for example, has en-joyed 40% circuit savings and an increase in band-width of more than 400%. Eventually, Bregar said they plan to get rid of the expensive MPLS link en-tirely and transition to a dual-internet model. He added that he understands his fellow engineers’ reluctance to abandon guaranteed bandwidth and service-level agreements, but believes it is time for a paradigm shift.

“As good as the internet has be-come these days, it’s beneficial to go that route,” he said, adding that they will get each link from a different last-mile provider to minimize risk.

Since completing the proof-of-concept phase in 2016, Bregar said MTD Products plans to roll out Cisco IWAN across all company sites this year. In 2018, they hope to

ditch their MPLS link and move to a dual-internet SD-WAN deployment.

KINDRED HEALTHCARE AND VIPTELAWith nearly 100,000 employees, facilities in 46 states and multiple large acquisitions each year, Kindred Healthcare’s network needs are vast, complex and constantly evolving. Former Kindred Healthcare network engineer Eric Murray said he became interested in SD-WAN as a way to improve performance while cutting costs.

“Our CIO had been on us for years, ‘Eric, why can’t I use that broadband connection to route You-Tube traffic and training videos?’” Murray said. “We wanted to have policy-based, application-aware net-work routing over multiple connections.”

The ability to microsegment traffic using software was also attractive, he added. For example, isolating connected HVAC or clinical equipment in a network overlay can help protect the main corporate net-work from third-party security vulnerabilities.

Finally, Kindred wanted an SD-WAN deploy-ment with centralized management capabilities and zero-touch provisioning, to ease the burden on the

90%+Projected annual growth in

SD-WAN market to 2020.SOURCE: “DATA CENTER & ENTERPRISE SDN HARDWARE &

SOFTWARE MARKET TRACKER,” IHS, NOVEMBER 2016

7 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

company’s small engineering team, which consisted of just seven people.

Ultimately, Kindred decided to deploy Viptela technology, after calculating that, across a 700-site deployment, the company could save as much as $4 million in just five years while increasing bandwidth up to 700%. Murray said he was amazed at the speed and ease with which Viptela allowed them to make major improvements to the network. He recounted

how he added two new overlays and made a slew of policy adjustments for a new use case in a matter of minutes.

“It was immediately clear when we started de-ploying this just how easy it was to add new features, such as another overlay to meet a specific use case, without any disruption,” Murray said. “Any engineer on our team could quickly adjust policy, put it in ac-tion, and it just worked.” n

Data Mine

8 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

n  SMALL OR MEDIUM-SIZED BUSINESS

n LARGE ENTERPRISE

k Who you gonna call? Room video conferencing support

SOURCE: “CISCO GLOBAL CLOUD INDEX: FORECAST AND METHODOLOGY, 2015-2020,” CISCO, NOVEMBER 2016. CREDIT: CSA-ARCHIVE/ISTOCK

SOURCE: “2016 VIDEO CONFERENCING END USER SURVEY,” WAINHOUSE RESEARCH, SEPTEMBER 2016, N=311 NUMBERS HAVE BEEN ROUNDED AND MAY NOT EQUAL 100.

430MNumber of anticipated global Wi-Fi hotspots and homespots by 2020. SOURCE: “CISCO VISUAL NETWORKING INDEX (VNI) COMPLETE FORECAST, 2015-2020,” CISCO, JUNE 2016

k Crystal ball: Predicted growth in SDN/NFV’s percent share of data center traffic

70

60

50

40

30

20

10

0

Self-support Our equipment provider

Managed services

Don’t know

62%

43%

24%30%

11%

27%

4% 0%

9 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

feature 1 yellowfeature 2 magentafeature 3 cyan

on turn pages of features the color of the rules match the opener color

hard return after each line of deck.

two body text returns above first paragraph

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

CREDIT: ISTOCK

Ω Open source promises radical industry disruption—the question isn’t if enterpriseswill use it, but how.

When it comes to open source network soft-ware, emotions run high. The topic has caused a fair amount of hand-wringing and any number of gut-wrenching conversations in recent months, as well as excited commentary from analysts and ven-ture capitalists predicting imminent industrywide disruption.

The stakes are also high, with thousands of jobs and millions of dollars up for grabs, and industry gi-ants like Cisco are feeling the heat. The vendor re-cently experienced steep layoffs, and according to a 2016 poll by JPMorgan Chase & Co., its standing as a key network infrastructure supplier to enterprises has slipped. Peter Levine, a partner at venture capital firm Andreessen Horowitz, said the slide came partly from the rise of open source startups

BY STEVE ZURIER

Open Source

Open Sesame: Open Source Set to Transform Networking

10 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

delivering network services via the cloud. “I am a believer that we can disrupt the network-

ing industry through open source,” he told TechTar-get at the time.

Nobody wants to be on the wrong side of the tech-nology curve, the way BlackBerry and Nokia were in the cellphone business. Now, Cisco, Juniper and the other networking giants seem to be scrambling to figure out how open source fits into their strategies.

Open source’s champions argue it accelerates in-novation, cuts costs, decreases vendor lock-in and increases flexibility and efficiency. For Jason For-rester, founder and CEO of SnapRoute and former head of networking at Apple, his motivation for cre-

ating an open source startup was simple: He wanted a full night’s sleep.

“I was spending so many nights doing mundane man-agement tasks that I just started thinking there had to be a better way,” he said.

Forrester wanted to cre-ate an open software stan-dard for basic switches and

routers—streamlining those management tasks that used to keep him awake into the wee hours.

Andrew Lerner, a Gartner research vice president who covers the networking industry, added that the networking field is one of the last branches of tech-nology to embrace open source.

“When you think about it, the server and storage side have gone through this with Linux for servers and Hadoop for storage and big data,” Lerner said. “So today, it’s not a matter of if your networking or-ganization will leverage open source; it’s merely a matter of how it will leverage open source.”

Lerner said companies offering open source net-working products—such as SnapRoute, which fo-cuses on enterprise networks, and NGINX, which sells software-based load balancers—opted to begin with specific applications because each only had the resources to focus on one aspect of the open source puzzle. They also had to find ways to commercialize their open source products.

“Just because a product is open source doesn’t mean there won’t be a certain level of lock-in,” Le-rner said. “All of the open source companies require a licensing agreement; they have to so they can sus-tain themselves.”

125%Increase in revenue in open networking

bare-metal switch market between second half of 2015 and first half of 2016.

SOURCE: “DATA CENTER & ENTERPRISE SDN HARDWARE & SOFTWARE MARKET TRACKER,” IHS, NOVEMBER 2016

11 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

BY MANAGERS, FOR MANAGERS Like other open source networking startups, SnapRoute claims to provide several key features that solve specific technical issues enterprise net-work managers face using traditional offerings:

1. Customized switching. SnapRoute’s Forrester said switches from the incumbents include numerous bonus features that many companies don’t need or even use. Sometimes features that lie dormant can get corrupted, slowing down performance or even taking down the network. So with SnapRoute, For-rester said if network managers want a switch to run just the Border Gateway Protocol and the Spanning Tree Protocol, they can build that operating system on inexpensive white-box switches. SnapRoute’s goal is to let network managers build switches from scratch the way power users build PCs or servers.

2. Automated task management. In the world of pro-prietary switches, Forrester said network manag-ers spend several hours inserting firewall rules and writing access control lists. A Methods of Procedure manual could be up to 40 pages of rules and com-mands. Most networks deploy multiple switches, so

each vendor has its own way of automating tasks, a situation that has added to the complexity. With SnapRoute, once the network manager installs the firmware, many of these tasks are automated. Net-work managers can automate tasks according to one method and do it on any piece of hardware.

3. Visibility into the source code. Forrester main-tained that incumbent vendors don’t allow access into their source code, so network managers can never really know how packets are traversing a switch. Using open source networking, however, managers can see precisely what’s going on in their networks and fix problems that in the past would have taken hours or days to figure out.

4. Ability to do risk assessment. By offering visibility into the source code, SnapRoute found that its cus-tomers can run vulnerability scans, allowing them to do a risk assessment and catch security bugs. For example, by running a scan, one customer found a memory management vulnerability that they wouldn’t have normally discovered as easily.

Similarly, Owen Garrett, head of products for NGINX, said, in the past, proprietary load balancer

12 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

vendors had full control over the ecosystem. Net-work managers had to work with the products as they were shipped out of the factory, were limited to deploying them in-house and often had to wait for several weeks or months for upgrades and patches.

Now, with an open source product like NGINX, network managers have the flexibility to run NGINX on a server, over a cloud service such as Am-azon Web Services or Microsoft Azure, or on a con-tainer or virtual machine. And upgrades and patches are routinely developed and made readily available by the open source community.

“The flexibility doesn’t force the network

manager into any one deployment model,” Garrett explained. “Plus, companies can take advantage of the open source community; it can build services more quickly.”

Network managers can get started by accessing the open source version of NGINX and then pay for tech support or other professional services.

INCUMBENTS RESPONDIncumbents like Cisco and Juniper also have vari-ous open source projects underway. Juniper’s Open Contrail offers a way for network managers to spin

SOURCE:”OPENDAYLIGHT USER SURVEYS,” OPENDAYLIGHT FOUNDATION, FEBRUARY 2016, N=149

Open-minded: OpenDaylight platform use cases expand

0 100%

Network functions virtualization and cloud

Network monitoring, management and analytics

Traffic engineering New service creation

28% 27% 26% 19%

13 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

up virtual networks in cloud environments, some-thing similar to how Aviatrix operates.

And Cisco has any number of open source proj-ects in the works.

Ed Warnicke, distinguished consulting engi-neer, said Cisco has been involved for many years with the OpenDaylight Project. OpenDaylight is an open source controller that gives network man-agers visibility into the network—for example, an ability to set global network policies or build a ser-vice function chain. Cisco also works with PaNDA for analytics, Open Platform for network functions virtualization for network integration and testing,

and Fido for forwarding packets across an enter-prise network.

Neela Jacques, ex-ecutive director of the OpenDaylight Project, said open source will become prevalent in all aspects of computing and networking. He said the same way technology

people found value in open source Linux and Ha-doop, they will create communities that build more efficient networking applications.

“In some ways I understand it, the incum-bents are caught between a rock and a hard place,” Jacques said. “They know that the days of propri-etary networking are passing, but they don’t know how they can neatly make the transition.”

Jacques pointed out that switches leveraging open source operating systems like SnapRoute are gaining share, but still represent a relatively small, albeit fast-growing, segment of the networking equipment market.

That may be true. But Forrester’s quest to make life easier for network managers at SnapRoute rings true. Again, it’s unclear how all of this will flush out. SnapRoute may get bolted on to all the incumbents’ switches. Or maybe SnapRoute will get scooped up; we just don’t know yet.

But for small organizations, large enterprises, and carrier-class and major provider networks, expect open source networking to play a growing role. The incumbents had a good run for about three decades, but it seems a new era has dawned. n

“They know that the days of proprietary networking are passing,

but they don’t know how they can neatly make the transition.”

–Neela Jacques, executive director, OpenDaylight Project

Pulse Check

14 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

k Break it down: Total enterprise spending on hosting and cloud services

k Wish list: Which possible outcomes of your internet of things project(s) are most important?

SOURCE: “VOICE OF THE ENTERPRISE: HOSTING AND CLOUD MANAGED SERVICES,” 451 RESEARCH, OCTOBER 2016, N=456. NUMBERS HAVE BEEN ROUNDED AND MAY NOT EQUAL 100.

SOURCE: “INTERNET OF THINGS PULSE SURVEY,” TECHTARGET, SEPTEMBER 2016, N=208. NUMBERS HAVE BEEN ROUNDED. RESPONDENTS COULD CHOOSE TWO ANSWERS.

$23M Branded bare-metal switch revenue in first half of 2016, worldwide. SOURCE: “DATA CENTER & ENTERPRISE SDN HARDWARE & SOFTWARE MARKET TRACKER,” IHS, NOVEMBER 2016

Better customer experience

Increased operational/logistical efficiency

Development of new products

Predictive management and maintenance

Better use of IT infrastructure

Increased security

Keeping current products competitive

48%

38%

24%

20%

19%

16%

14%

9%Security services

Managed services

Application services

42%

31%14%

Infrastructure services

5%Professional

services

15 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

feature 1 yellowfeature 2 magentafeature 3 cyan

on turn pages of features the color of the rules match the opener color

hard return after each line of deck.

two body text returns above first paragraph

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

CREDIT: VECTORSTOCK

Ω Team collaboration applications such as Slack and Unify Circuit can make lifeeasier for enterprises. But is the risk worth the reward?

At charity: water, a nonprofit that provides clean drinking water to developing communities around the world, the team-based messaging ap-plication Slack has become instrumental in creating efficient workflows. But Slack’s headline-grabbing security incidents prompted charity: water’s head of IT, Ian Cook, to deploy extra precautions.

“One of my worries is that people get too com-fortable communicating over chat and—with hack-ing being a constant battle for these applications—I needed to know the policies we set could be en-forced,” Cook said.

Slack, along with Unify Circuit, HipChat and a slew of others, is among a generation of persistent

BY SANDRA GITTLEN

Team Chat Security

Team Chat Apps: We Need to Talk … About Security

16 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

team workspaces—platforms that preserve ongo-ing, topic-specific collaboration sessions—that busi-ness units are adopting to boost collaboration. Many are doing so without involvement from IT, opening their organizations up to significant risk. In April 2016, for example, security expert and white hat hacker David Vieira-Kurz discovered a vulnerability in Slack that would allow hackers to hijack user ac-counts. Slack has since fixed the bug.

To minimize charity: water’s risk, Cook decided to participate in Slack’s beta of GreatHorn, a web-based security tool that “wraps around” the team chat app. Using GreatHorn, Cook matches accept-able use policies to filters that alert him when se-curity rules might have been violated. For instance, if a user puts language related to tax forms or wire

transfers into Slack, he receives an immediate notification and can contact the user.

“We’ve been lucky so far. We haven’t had any serious threats via Slack,” Cook said. “But I am stay-ing vigilant to protect the organi-zation and to make sure we stay in compliance.”

CLEAR BENEFITSAlthough many enterprise-level unified commu-nications vendors like Cisco and Microsoft have offerings in this space, stand-alone or freemium persistent workspace applications are still popular among businesses, according to Irwin Lazar, vice president and service director at Nemertes Re-search. A third of companies he recently surveyed officially allow the use of these kinds of applications.

Business units, which consider these tools a path-way to agility, tend to foot the bill, Lazar said, but IT ends up having to support the applications.

Lazar added that IT should be proactive and un-derstand that people find a lot of value in this form of communication. Nemertes itself uses Slack, af-ter the application won an internal bake-off against HipChat. In fact, the firm just launched a hook be-tween its website and Slack that enables the Ne-mertes team to respond quickly to broken links and new logins.

Charity: water’s Cook said the benefits of team-based messaging make the security and support tasks worthwhile. Usage at the nonprofit started with the engineering team, but today, all 80 staff members, as well as contractors and interns, have

1.25MNumber of paid Slack subscribers

in October 2016. SOURCE: “WE LOVE IT WHEN THE NUMBERS TURN

OVER,” SLACK, OCTOBER 2016

17 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

Slack access. Cook has vetted the application, mak-ing sure messages can be encrypted in transit and at rest and that it supports two-factor authentica-tion. He hopes to soon use Slack’s security assertion markup language support to tie the application into the organization’s Okta single sign-on tool.

The company currently has more than 108 Slack channels or ongoing collaboration sessions. Users rely on them for everything from discussing poten-tial new hires to recognizing co-workers for excel-lent work.

Cook aims to whittle the total number of chan-nels down to 50 or 60 for tighter security. He and his team have begun an internal Slack audit, identifying

orphaned sessions that they can ar-chive or delete.

Cook said the most important team chat app channel is for the emergency response program. When a massive crane collapsed in February in front of the organiza-tion’s New York City headquarters, employees knew exactly where to share their status on Slack.

“We heard back from all of our

staff within two hours and knew they were safe,” Cook said.

RISKY BUSINESS Despite the benefits that many team chat app users cite, some experts say the rewards aren’t necessarily worth the risk. David King, senior manager of the internal audit, risk and compliance practice at pro-fessional services firm UHY Advisors, said he prob-ably would not have allowed Slack in his previous position as a CIO at a hedge fund.

“I know people are trying to modernize email and make it more dynamic, but they also are giving up control,” King said.

He added that the new, stand-alone team messag-ing apps don’t yet compare to traditional enterprise-level services in terms of maturity and security, and suggested most organizations can use their existing products to meet internal communication needs.

“You have to know how the messages are being protected and retained,” King said. “None of these team-based applications have focused on that as part of their service. It just doesn’t feel like we are there yet.”

194%Increase in number of enterprises

using or evaluating team chat apps between 2015 and 2016.

SOURCE: “2016-17 ENTERPRISE TECHNOLOGY BENCHMARK: UNIFIED COMMUNICATIONS AND COLLABORATION,”

NEMERTES RESEARCH, SEPTEMBER 2016, N=40

18 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

He worries about scenarios like quarterly results being shared over an unsanctioned Slack channel ahead of a data breach, calling the likelihood of such a scenario unfolding “high.”

If a CTO does decide to consider a team chat app, King recommended putting the platform through its paces on the risk management side—building a use case and subjecting it to the regular channels of due diligence.

“Once it is deployed, IT should have a way to turn off access to the application when employees leave and to stop unauthorized use on the network,” he said.

Lysa Myers, security researcher at security soft-ware company ESET, worries that as these messag-ing applications get more popular, they’ll become a bigger target for hackers. And she added users them-selves are the biggest problem.

“Are they talking about things that they shouldn’t be talking about on an unencrypted channel? Most

people will not go the extra step of turning on en-cryption,” she said.

Myers encouraged IT to get specific about policies and what can and cannot be discussed over team chat app channels. For instance, hospital workers should never share any information protected un-der Health Insurance Portability and Accountability Act privacy rules, in case the platform is hacked.

“Users have to understand these are not the most secure venues, as well as the consequences if they break the rules,” she said.

Like King, Myers urged IT managers to weigh a given messaging platform’s approach to secu-rity, conducting a thorough risk assessment before adoption.

She hopes that team chat app vendors will start to enact more secure coding practices, but until then, enterprise IT departments must stay attentive.

“You don’t want to open the door and let all your company’s information flow out,” she said. n

Network Innovation Award

19 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

Nyansa: Voyance Platform

k W H AT I T I S

A user experience tools platform

k W H AT I T D O E S

Monitors network activity, providing enterprises with information they can use to pinpoint where application performance problems may exist.

k H O W I T W O R K S

Uses a blend of cloud-based analytics and real-time deep packet inspection to identify potential network issues.

k W H Y W E L I K E I T

Voyance doesn’t just capture data—it also analyzes and presents it in actionable ways, with the ultimate goal of improving the end user’s experience. The console is also easy to use and understand.

To learn more about why Nyansa is our latest Network Innovation Award winner, read the whole story on SearchNetworking.

20 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

subnet and packets: slug is blue and bold

edit name is sidebar color

delete the “XX” part on ed letter

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

Advanced

machine learning

can help distin-

guish between

false alarms

and real threats,

but challenges

remain.

OVER THE WIRE | LEARNING MACHINE | AMY LARSEN DECARLO

Advanced Machine Learning Lends a Hand to Network Security

The enterprise’s absolute reliance on its network to run its business puts the onus on IT to ensure the availability, reliability and security of that infrastructure. But defending the network against what is an increasingly virulent and sophis-ticated threat environment can be an extreme chal-lenge. IT has a wealth of tools to use in this fight, including those that capture volumes of data that can point to any number of potential threats. Huge volumes of data can completely overwhelm an IT staff, however, making it difficult to discern a real threat from a harmless anomaly. That’s where ad-vanced machine learning can help.

The Ponemon Institute estimated, in total, secu-rity analysts waste 21,000 hours a year researching false positives that lead them nowhere. These are hours that would be far better used thwarting ac-tual attacks. Manually trying to distinguish between

actual threats and unusual patterns when so much information exists, however, can be nearly impos-sible. For this reason, more organizations are be-ginning to explore the use of machine learning as a means to more quickly and accurately identify threats.

Machine learning—a discipline that emerged from research into pattern recognition and com-putational learning theory—applies algorithms to data culled from systems and networks to make predictions about potential outcomes. In network security, it’s used to profile traffic to recognize po-tentially dangerous threats.

Machine learning has been around for decades, but it has been prohibitively expensive because of its intensive computational requirements. Now, however, the relative decline in processing costs and vast improvements in the algorithms used to spot

CREDIT: FILO/ISTOCK

21 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

trends are making it a much more viable option for businesses.

APPLIED SCIENCEA number of security vendors—including Cylance Inc., FireEye Inc. and Carbon Black Inc., as well as managed service providers such as Masergy Com-munications—are leveraging advanced machine learning as a mechanism to accelerate threat identi-fication for a number of uses beyond network traffic profiling and anomaly detection. Advanced machine learning can be applied to analyze user behavior and detect insider threats. The technology can also be used for spam filtering, malware identification and

detection.With respect to net-

work profiling, advanced machine learning can be used to recognize pat-terns in network flow, dig through historical data to identify trends and spot issues indicative of a potential threat. The

most comprehensive tools ingest data from multiple sources, including network flow, log analysis, sig-nature detection, vulnerability analysis and threat intelligence.

Conceptually, one of the major advantages to us-ing advanced machine learning for security is its ability to process and analyze huge volumes of data collected over time—much faster than humanly possible. In an era where almost all businesses suf-fer from a shortage of human security resources, this can be a tremendous help in ferreting out the issues that should command the highest-priority attention.

CHALLENGES STILL EXISTThat said, machine learning needs some fine-tuning before it can accurately detect the most urgent network security problems. First off, establishing a baseline of what is normal on a network is next to impossible in environments where virtually every network is already compromised. Then, there is the ongoing challenge of constantly shifting user behav-ior and ongoing changes in system-produced traffic. These changes are likely to produce red flags where

The most comprehensive tools ingest data from multiple sources,

including net work flow, log analysis, signature detection, vulner ability

analysis and threat intelligence.

22 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

there really are no significant issues. So, again, IT must sort out more false positives and spend time away from shutting down the real threats.

Clearly, there is enough progress—and promise—in using advanced machine learning to find the proverbial needle in the network haystack. It is worth exploring as an option, provided organi-

zations understand its current limitations. It is critical to know, like all things security-related, there is no silver-bullet cure for what ails the enter-prise. Instead, organizations need to use machine learning in conjunction with multiple tools and hu-man resources. There is, after all, no substitute for experience. n  

23 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

subnet and packets: slug is blue and bold

edit name is sidebar color

delete the “XX” part on ed letter

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

n Sneha Puri

n  Network Engineer

n  Suffolk Construction

n Boston

THE SUBNET | Q&A | ALISSA IREI

Networking Careers: Make the Leap From Vendor to Enterprise

Sneha Puri had a good job as a network design consultant at a major vendor. But a desire to work directly with the end user and an appetite for pro-fessional growth spurred her to seek out a new posi-tion in the enterprise. We spoke with Puri to learn how she navigated this career transition, ultimately landing in her current role as a network engineer at national building firm Suffolk Construction. Here, she shares her story, as well as advice for other net-working professionals contemplating similar leaps in their careers.

Editor’s note: This interview has been lightly edited for length and clarity.

How did you become an enterprise network engineer?I did my undergraduate degree in electronics and telecommunication in India before enrolling at

Rochester Institute of Technology (RIT) in upstate New York. By the time I finished my first year at RIT, I got an internship with Alcatel-Lucent. As soon as I finished my master’s degree, Alcatel offered me a full-time job in network engineering.

At Alcatel, I used to work with a lot of senior ar-chitects, and that’s where I fell in love with network design. Some of my clients were University of Pitts-burgh Medical Center (UPMC), Verizon and Time Warner Cable, just to name a few.

I left Alcatel in 2014. One of the biggest reasons I wanted a change: As a design consultant you don’t get to see how your network impacts the actual end user. You don’t get to fix issues that could come down the line; you just put a network in place. And that was something I realized that I wanted to un-derstand more about: how my network impacts the end user. So that is why I made the move to Suffolk.

24 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

Tell me about your transition from design consultant to enterprise network engineer.It was very scary at the beginning, because I knew network design; I knew network engineering; I knew vendors; I knew Alcatel in and out. But if you lifted me out of that field, I had no idea what I was going to do. I had no idea about wireless technolo-gies or how to react to a customer when he said, ‘My network’s not working.’ That was very scary.

I did a lot of research, and I spoke to a lot of my colleagues at Alcatel. I spoke to people at UPMC because they were in the enterprise domain. And I don’t remember exactly what compelled me to just get out there, but I just started interviewing for en-terprise network engineer positions.

I remember I got a couple of calls from Cisco and other third-party vendors, but I didn’t want to just play it safe at that point. It would have been easy for me to jump from one vendor to another. You’re still sitting in the back—nobody looks at you, nobody knows who you are. I didn’t want that anymore; I wanted to go out and see exactly what I was doing and how it was making a difference. I thought if I could see what issues the users are going through, I could probably manipulate or change my design

based on that, and it would make me a better net-work engineer in the end.

And has that been your experience as an enterprise network engineer at Suffolk? Do you feel like you’ve grown?Yes, oh, tremendously. I have touched fields I did not imagine touching, and I have owned fields I did not imagine owning. I have an amazing manager; I have amazing folks around me, and that just pushes you to learn more. I think I have more responsibilities over here, as opposed to what I was doing in consult-ing. It’s just very different. Tell me about a project you’ve worked on since transitioning to your position as an enterprise network engineer.Shortly after I first came to Suffolk, we rearchitected the entire core network. My manager and I say, ‘You actually take out the bones of the body. You fix the bones of the body, you put the bones back and you make sure the body still walks.’ So, that is basically what we did over a weekend. I think that was my big-gest project and one of the projects I’m most proud of at this point.

25 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

HOME SD -WAN DATA MINE OPEN SOURCE PULSE CHECKTEAM

CHAT SECURITY NYANSA OVER THE WIRE THE SUBNET

What was the impetus for that project and why was it so important? Suffolk as a company had expanded quite a bit over the previous couple of years. Once I came in with my current team, we sat down and said, ‘Okay, the num-ber of people we have on board and the number of projects we have are growing like crazy. This is what we’re going to look like 10 years down the line, and this is what we need to fix today to make sure we get there.’

We had to make sure that we had security and redundancy, so that in case something goes wrong, we’re not down in the water. We still have the abil-ity to go onto the internet and access our resources at job sites and construction sites. That is extremely important.

What advice would you give a design consultant who would also like to transition to an enterprise network engineer role? Take risks and don’t be afraid. It’s not an easy thing to do, but it’s very, very rewarding. There’s a lot more work involved. There are going be some sleepless

nights, but I think the biggest thing is just take that risk. It pays off at the end. And what advice would you give to someone just beginning their networking career? You need to study. You need to put in those long days and long nights. Go that extra mile with every project that you do, because a project is not just something to put on your resume—you can learn so much from it. Ask questions. People love to answer them. Engineers especially, we love to teach, we love to show other people that we know this and we know that, so ask questions. However stupid you think you look, it doesn’t matter. You will always come out better at the end.

Also, when you first get into the field, certifica-tions are a very, very big deal. I remember I got my internship based on the fact that I had a Cisco Certi-fied Networking Associate certification. They told me later, ‘One of the reasons we chose your resume was because you had a CCNA over the other appli-cants.’ So that is definitely something I recommend to newcomers. n

26 N E T W O R K E V O L U T I O N, F E B R U A R Y 2 0 1 7

CONTRIBUTORS

AMY LARSEN DECARLO has worked in the IT industry for over 17 years and is a principal analyst at Current Analy-sis for their security and data center services. DeCarlo as-sesses the managed IT services sector, with an emphasis on security and data center solutions delivered through the cloud, including on-demand applications, unified com-munications and collaboration, and managed storage offerings.

SANDRA GITTLEN is a freelance journalist in the greater Boston area. A former editor at Network World, Gittlen now writes about technology, business and lifestyle for an array of industry publications, including StateTech Maga-zine, Computerworld and Wharton Magazine.

ALISSA IREI is features and e-zine editor of Network Evo-lution in TechTarget’s Networking Media Group. Irei was previously the site editor for SearchSDN. Prior to joining TechTarget, she worked as a news anchor, producer and re-porter at NBC affiliates in Montana, and as a lead editor at a Boston-based content marketing firm.

STEVE ZURIER is a freelance technology journalist based in Columbia, Md., with more than 30 years of journalism and publishing experience. Zurier worked as features edi-tor at Government Computer News and InternetWeek.

Network Evolution is a SearchNetworking.com e-publication.

Kate Gerwig, Editorial Director

Alissa Irei, Features and E-zine Editor

Kara Gattine, Executive Managing Editor

Chuck Moozakis, Executive Editor

Antone Gonsalves, Director of News

Linda Koury, Director of Online Design

Anita Koury, Graphic Designer

Nick Arena, Associate Managing Editor, E-Products

FOR SALES INQUIRIES, PLEASE CONTACT:

Doug Olender, Senior Vice President/Group Publisher dolender@techtarget.com

STAY CONNECTEDFollow

@NetworkingTT today.

TechTarget, 275 Grove Street, Newton, MA 02466

© 2017 TechTarget Inc. No part of this publication may be transmitted or reproduced in any form or by any means without written permission from the publisher. TechTarget reprints are available through The YGS Group.

About TechTarget: TechTarget publishes media for information technology profession-als. More than 100 focused websites enable quick access to a deep store of news, advice and analysis about the technologies, products and processes crucial to your job. Our live and virtual events give you direct access to independent expert commentary and advice. At IT Knowledge Exchange, our social community, you can get advice and share solutions with peers and experts.

EMAIL Contact us

@WEBSITE Visit us