Networking

Pretty, isn’t it?
Screenshot by ZDNet
Occasionally, you just have to admit why you did something you never thought you’d do.

more Technically Incorrect

Here, then, is what happened.I happened upon the tale of Google telling a European court something it thought was embarrassing. Embarrassing for Microsoft, that is.Google’s lawyer, Alfonso Lamadrid told the court: “We have submitted evidence showing that the most common search query on Bing is, by far, ‘Google,'” He added: “People use Google because they choose to, not because they are forced to.””Oh, ho, ho,” I snorted to myself. “Well, how archly arrogant of Google.”This was closely followed by: “Bing? Bing? I wonder what Bing’s like these days.”

Google is, of course, a verb and a habit. You go there because you go there, because that’s what you do, because that’s what everyone does.Whereas Bing incites the thought: “I can’t even remember the last time I looked at Bing.”I had to look it up. You can do that when you write columns. It was January 2020, when I asked both Google and Bing whether Google was better than Bing. (Answer: Shruggy-shouldered emoji.)So when Google’s lawyer came over all haughty-taughty I thought I’d take another look at Microsoft’s search engine.And what a peculiar sight. Or site.Where Google’s home page is pale tending toward Ted Williams, here was an enticing explosion of color. This was actually moving. This was welcoming. This made me want to search for things. But first, though, it made me utter a deeply felt sound that was somewhere between a hiccup and an expectoration.For there on the page was an instruction from Microsoft: “Switch to the latest browser recommended by Microsoft.”Regular readers will know that Microsoft’s constant nagging to download its every product suffocates. It’s like going out with someone on just one date and they keep texting you to wonder if you should move in together.It’s even worse when you’ve already downloaded the particular Microsoft product and like it, yet the company keeps nagging you to download it.Oh, do stop.
Screenshot by ZDNet
What was curious, though, about the latest Binged nag was that it had the Edge logo, but didn’t mention the name. Could it be that some users might think Microsoft was recommending Firefox?In any case, can you just give it a rest, Microsoft? Can you let me decide whether I even like Bing before you start to pester me with more of your desperate entreaties? (I know the answer is no, but I can still ask, surely.)Still, I quickly filled in the search box and discovered that the results were, in large part, much more recent that I’d previously associated with Bing. In some cases they were more recent than a simultaneous, comparable search on Google. In some cases Google was appreciably badder than Bing. (Oh, come on. I had to.)

I drifted away heartened by Bing’s look, yet annoyed by Microsoft’s pestering.A few days later, I went back to Bing. Again, the attractive home page welcome. As well as a peculiar display of stories, with headlines such as “Clipboard hits fan,” “Files defamation suit” and “Alaska’s fattest bear.”Is this what Microsoft thinks moves me? Silly sports stories, lawsuits and fat animals? It seems so.Naturally, I clicked on the fattest bear story. Naturally, Microsoft began to annoy me again. This was so, so petty. But once I’d looked at the search results for Alaska’s fattest bear, the back button didn’t work. It was clear Microsoft wanted me to search some more, instead of going back to the home page to look at the gorgeous scenery. This was so utterly pointless and something Google doesn’t do.I got back to the pretty home page by clicking on the Bing logo. I scrolled down some more and it really was quite absorbing. For example, stories from that particular day in history. Not one included a fat animal, though one was about a blackballed billy goat that cursed the Chicago Cubs in 1945. It could have been a large goat, I suppose.Yet scroll to the bottom and what do you find? Another nag: “Make Bing your homepage.” This was accompanied by the tender words: “Experience beauty every day.”I want to do that. I do. This is my goal in life. But not in this context: “Never miss a moment and keep search at your fingertips. Just set Bing as your browser’s homepage with a few easy steps!”Please, Bing, let me like you first. Please let’s go on a third date. Then a fourth. One day, I might fall in love with you. One day. More

AIOps (AI for IT operations) adoption is on the rise as organizations invest in AI to make their IT ops smarter, faster, and more secure. Those who have adopted AIOps view the technology as no longer a nice-to-have but a necessity in the post-pandemic, work-from-home era. In this new era, IT leaders are tasked with managing third-party cloud applications from devices and remote workers scattered across numerous locations.The insights come from a recently published State of AIOps Study, conducted by ZK Research, sponsored by Masergy, a software-defined networking (SD-WAN) services company. In August 2021, ZK Research surveyed more than 500 IT decision-makers in the U.S. across seven industries. IT decision-makers believe AIOps offers their organization several business benefits, including improved productivity, cloud application performance, and security. The majority (94%) of the respondents believe it’s important or very important for AIOps to manage network and cloud-app performance.AIOps continuously monitors app performance using ML algorithms by assessing bandwidth usage patterns, identifying anomalies, and predicting outages. Masergy, for example, has embedded AIOps directly in the application layer of its newly enhanced AIOps platform to help IT teams improve cloud app performance on global networks. AIOps starting to reach the massesAIOps adoption is starting to reach the masses, with network and security automation as the key drivers. One of the more interesting findings is that 64% of organizations claim to be already using AIOps. This number first seemed high to me, but I believe that’s because a number of organizations are using tools that claim to be AIOps but are simply rules-based engines. It’s important to understand that AIOps is not an upgraded management console or fancy SIEM (Security Information and Event Management). It’s a data-driven application or service that goes through a training process and then is restrained over time. It’s critical that buyers do their due diligence and ensure they are using a true AIOps tool and not one that’s just branded AI.Another interesting data point is that 55% of organizations are using AIOps across both network and security, meaning more than half of companies want to bring security and networking together. This is a trend the industry has been watching for a decade or more, and it hasn’t come to fruition yet. Now that digital businesses are network-centric, securing an organization should be done at the network level. It would have been nice to see this number higher, but 55% is certainly moving the industry in the right direction. 

Also, 84% see AIOps as the path to a fully automated network environment, and 86% expect to have a completely automated network within five years. It’s good to see respondents understand that today AIOps can’t deliver a fully self-driving network, but it’s a step along the way. A good analogy is to think of AI in automobiles. Today, there are loads of AI features, such as lane change alert and autopilot, that make driving safer, but a fully autonomous vehicle remains a vision. IT pros need to think of AIOps as a tool that makes their jobs easier today, but they still should plan for automation. Start with SD-WAN and work toward AIOpsThe best way for organizations to fully benefit from AIOps is to invest in SD-WAN and secure access service edge (SASE), which combines elements of SD-WAN and network security into a single cloud-based service. When organizations adopt SD-WAN, and ultimately SASE, they gain virtualization and orchestration capabilities that are necessary for managing distributed networks and security policies. Also, SD-WAN and SASE combine network and security data, making it easier to coordinate security changes with network updates. Legacy networks aren’t designed for AI or centralized intelligence. AIOps is only as smart as the data it is fed, so it can’t become fully automated when used on a network that’s not managed using software. SASE provides a single converged platform where AIOps can access data across both the network and security to automate IT processes. Most (77%) organizations agree that AIOps performs better with a SASE architecture, in which SD-WAN and security are combined in one platform.More than two-thirds (73%) of the study participants believe IT should be investing in SD-WAN modernization and virtualization tools in preparation for AIOps. The other top two investments required to become AI-ready are cloud migration (67%) and training for AI models (61%).However, AIOps migration involves more than just deploying tools. Half of organizations cite eliminating system fragmentation as a major AIOps challenge. AI shouldn’t be fragmented across multiple tools, but rather AIOps and SASE should work together to provide overarching insights. The good news is organizations trust AIOps tools to create fully automated systems. The majority (97%) of the respondents are confident in these tools. For 65% of organizations buying and implementing solutions, AIOps features drive their selection. Meanwhile, 50% deploy AIOps using a fully managed or co-managed service.As is the case with any type of automation, AIOps requires reframing of processes, roles, and responsibilities. Organizations should create their own IT operations playbooks to train an AIOps engine. When choosing a solution, ZK Research recommends asking vendors — preferably not incumbents — for AI efficacy rates and how those are increasing over time. Every organization should have an AIOps strategy to avoid being left behind. More

Dell Technology has announced the introduction of its Bare Metal Orchestrator, which is software it boasts will help telecoms solve the complexities associated with deploying and managing servers across various geographic locations.As the first software to be released from Project Metalweaver, which was announced in June, Dell said the Bare Metal Orchestrator will offer communication service providers (CSPs) the tools to automatically discover, deploy, and manage their servers. “With Bare Metal Orchestrator, cloud communication service providers are going to be able to keep costs in control, while they build out their edge,” Dell Technologies edge and telecom VP Aaron Chaisson told media. “As an example, if you look at all of the hyperscale clouds in the world, the total number of points of presence is only about 600. In the telecom space, there’s over 7 billion points of presence, globally,” he added. “Managing that type of scale is a major challenge for the telecom providers, so they need to solve this ability to address day-to-day virtual network tasks across their entire core edge and RAN environment at scale, across a highly distributed and geographical set of locations.”Chaisson claimed the software could save CSPs “up to 57% in operational costs”. To be globally available from November, the first release will support VMware, with future releases to also include RedHat and Wind River.

Dell added it is expanding its open partner ecosystem by making its reference architecture, initially available for VMware and Red Hat, now available for Wind River Studio. The company is also introducing from early 2022 validated solution for Mavenir Open vRAN and VMware Telco Cloud Platform to accelerate the shift to ORAN technologies.  The tech giant first flagged its foray into the telecom space during Dell World in May, before it announced a slew of hardware and software to build out its cloud-native telecom ecosystem.At the time, Dell’s Telecom Systems Business senior VP and general manager said the “5G era is really the ‘enterprise G’.””It’s the era in which the next set of those kinds of transformational services are going to take place throughout the economy,” he said.”Three things have to happen in order to do that. First, they (telecom companies) need to be able to build and monetize edge computing. Second, they need to modernize network architectures — the legacy network isn’t as agile as it needs to be. It isn’t software-defined — it’s fundamentally not cloud-native. That really gets to the last piece, which is cloud-native operations need to become the principal mechanism by which a communication service provider operates,” Hoffman continued.More From Dell More

ZTE has widened a bug bounty scheme to plug security vulnerabilities in its products, especially potential holes brought about by the launch of commercial 5G networks and services. The Chinese networking equipment vendor is working with bug bounty platform YesWeHack to test a range of products, including smartphones as well as cloud computing and database management systems. More than 30,000 researchers in YesWeHack’s global network have been invited to participate in the bounty, which offers up to $2,000 for each bug uncovered, with the final amount awarded depending on the level of severity. When ZDNet spoke with its Asia-Pacific managing director Kevin Gallerin in July, the bug bounty platform worked with 10,000 security researchers in this region. In a statement Monday, YesWeHack said the deployment of 5G networks had further underscored the importance of cybersecurity in the telecoms industry, with such rollouts increasing potential attack surfaces and introducing new technologies and techniques into the threat landscape. 

Blocking China can lead to fragmented 5G market

With China-US trade relations still tense, efforts to cut out Chinese vendors such as Huawei from 5G implementations may create separate ecosystems and consumers could lose out on benefits from the wide adoption of global standards, as demonstrated with 4G.

Read More

“In addition, the ability of 5G to support massive Internet of Things (IoT) connectivity introduces many times more devices connected to the network, presenting a wide-reaching and increased attack surface,” it said. ZTE’s product portfolio spans handsets, mobile broadband, terminal chipset modules, and peripheral products. The bug bounty would enable the Shenzhen-based vendor build “a sound cybersecurity governance structure” and “security assurance mechanism” across the entire product lifecycle, YesWeHack said.  ZTE’s chief security officer Zhong Hong said in the statement: “Through openness and transparency, we try to give our customers confidence by letting them see what we do and how we provide end-to-end security. Our partnership with YesWeHack will help to enhance the security of ZTE’s products and confront new challenges brought by the 5G network commercialisation.”The ZTE bug bounty covers product categories such as the vendor’s 5G Common Core fixed networking systems, 5G NR (New Radio) equipment, smart home and video IoT systems, and Axon and Blade smartphone series. 

ZTE has remained on the list of telecoms equipment barred from being purchased using the US Federal Communications Commission’s (FCC) Universal Service Fund, after the US government agency rejected the Chinese vendor’s request to be removed as a national security threat. The FCC last month set out its conditions for small carriers looking to be reimbursed for ripping out and replacing network equipment and services from ZTE and Huawei. Amongst the conditions it listed for access to the designated $1.9 billion in funds, the commission said eligible expenses included the cost of removing, replacing, and disposing ZTE and Huawei equipment and services obtained on or before June 30 last year.  The reimbursement scheme had been been in the works for two years, after the FCC officially labelled the two Chinese networking equipment vendor as national security threats in July 2020. GSMA has projected Asia-Pacific to be the world’s largest 5G region by 2025, hitting 675 million connections–or more than half of the global volume. The industry group, though, revised its 2020 projection of 5G connections to be 20% lower than its previous forecast, due to the global pandemic.  It said the region’s growth would be led by markets such as China, Japan, and South Korea, with mobile operators investing $331 billion building out their 5G networks. GSMA further estimated that 24 markets across Asia-Pacific would have launched 5G by 2025, including China where 28% of mobile connections would run on 5G networks and account for a third of the world’s 5G connections. RELATED COVERAGE More

Facebook Connectivity has handed a contract to NEC to build a subsea cable that will link the US to Europe. NEC boasted it would be the world’s first 24 fibre-pair subsea cable, and would be capable of carrying 500Tbps. It is the first transatlantic cable for Facebook, which said it was capable of delivering 200 times more capacity than the cables laid in the 2000s. Last year, the social media giant announced it was part of expanding the 2Africa cable system to include the Pearl branch that would add landing stations on the Indian Ocean and Persian Gulf at Oman, UAE, Qatar, Bahrain, Kuwait, Iraq, Pakistan, India, and Saudi Arabia. The extension makes the total length of 2Africa 45,000 kilometres, which Facebook says is the “longest subsea cable system ever deployed”, and would triple the cable capacity serving Africa. Facebook added it was looking at new ways to power subsea cables. “Consider, for instance, a transatlantic cable that runs between Europe and the United States at over 7,000 kilometres in length, and all those repeaters getting their electricity through the cable from shore. This makes the cable a very long power cord,” the company said.

“To solve this challenge, engineers are working on buoys that can deliver power to the repeaters from the middle of the ocean. We’re exploring more sustainable ways to do this, harnessing a combination of wave energy converters and solar panels.”In March, Facebook was part of a group announcing the laying of two cables to connect Singapore, Indonesia, and North America. The first, named Echo and to be completed in 2023, will be built by Google and XL Axiata, while the second to be completed in 2024, dubbed Bifrost, would involve Telin and Keppel. Related Coverage More

Singapore has tweaked its cybersecurity strategy to beef up its focus on operational technology (OT), offering a new competency framework to provide guidance on skillsets and technical competencies required for OT industry sectors. The revised national cybersecurity roadmap also looks to bolster the overall cybersecurity posture and foster international cyber cooperation. The 2021 cybersecurity strategy also would build on efforts to safeguard Singapore’s critical information infrastructure (CII) and other digital infrastructure, said Cyber Security Agency (CSA). The government organization said it would work with CII operators to beef up the cybersecurity of OT systems where cyber attacks could pose physical and economic risks.CSA defines OT systems to include industrial control, building management, and traffic light control systems that encompass monitoring or changing “the physical state of a system”, such as controlling railway systems. 

“Many OT systems are historically designed to be standalone and not connected to the Internet or external networks. However, with the introduction of new digital solutions in OT systems to increase automation and facilitate data collection and analysis, this has introduced new cybersecurity risks to what used to be a relatively ‘safe’ air-gapped operating environment,” it said. To address such risks, enterprises needed a framework from which they could get guidance on processes, structures, and skills required to manage their OT cybersecurity. Called the OT Cybersecurity Competency Framework, it is touted to provide a “more granular breakdown” and reference of cybersecurity skills and technical competencies required for OT industry sectors. It aims to plug existing gaps in OT cybersecurity training, CSA said. Before, OT systems owners including those in CII sectors would take guidance from the Skills Framework for ICT, parked under SkillsFuture Singapore, to identify skills gaps and develop training plans.

Jointly developed with Mercer Singapore, the new OT security framework offered roadmaps of various job roles and the corresponding technical skills and core competencies required. Both OT and IT systems owners could refer to reference guide to provide adequate training and plot employees’ career progression, while training providers could use it to identify technical competencies and certifications needed to support local training needs.In addition, the CSA Academy would host roadshows to help organisations on adopting the OT security framework based on their business requirements. The increased focus on OT cybersecurity was in line with Singapore’s updated cybersecurity strategy, which detailed efforts to assume a more proactive stance in addressing digital threats, drive the nation’s cybersecurity posture, and push international norms and standards on cybersecurity. Adjusted focus needed to address growing cyber threatsThese were essential amidst increased connectivity, digitalisation, and complexity in cyber threats, said Senior Minister and Coordinating Minister for National Security Teo Chee Hean, at the opening of the conference Tuesday night.Telecommuting, video calls, online shopping, and digital payment had become the “new normal”, as populations worldwide turned to online technologies to cope with physical restrictions around the global pandemic. These provided benefits and opportunities, and impact on businesses, jobs, and lives would be permanent, Teo said. He added that, each day, more companies and people were engaging in the digital space and such interactions were becoming more pervasive. New apps and services were launched every day, and technologies such as 5G, cloud, Internet of Things (IoT), artificial intelligence (AI), and data analytics were taking digitalisation to a new level. “But connecting more people, bringing in new services, and rolling them out fast, bring added risks. They open up a wider attack surface, and raise the likelihood, impact and cost of a breach,” Teo said. “Strategies to enhance security, on the other hand, are inherently aimed at stability, conservatism, and reducing risk. Instinctively, the two seem mutually exclusive. These are real dilemmas that all of us face.”

Geopolitical tensions further compounded this growing landscape, threatening to bifurcate the technology world and increase digital risks, the minister said. Pointing to Operation HAECHI-I, a transnational joint operation targeting five types of cyber-enabled financial crimes, including voice phishing and money laundering, he said more than 1,600 bank accounts linked to these crimes were frozen, and $83 million intercepted. More than 585 individuals were arrested and at least 890 cases solved, he said, noting that the successful operation demonstrated what was possible if the global community worked together to make the cyber space safer and more secure. According to the Interpol, Operation HAECHI-I involved specialist law enforcement officers across nine Asian economies including Singapore, China, Indonesia, South Korea, and Thailand. Recent supply chain attacks including the SolarWinds and Kaseya breach also underscored the urgency for Singapore to invest in its capabilities and bolster the “trust, but verify” approach in its digital systems, said Teo. The need to continuously verify and validate all activity on the country’s networks would provide greater confidence to trust its digital technologies and devices, he said.These considerations drove Singapore’s updated cybersecurity strategy, which outlined its approach to safeguarding its wider cyberspace in an increasingly complex environment, the minister said. Amongst such requirements were the need to develop and roll out cybersecurity standards on a national level, to raise the minimum standard of cybersecurity in ICT products and services the country used.Teo said: “One key element of the revised strategy is going beyond protecting merely our critical information infrastructure, and working to secure our wider cyberspace given the increasingly widespread and interconnected use of digital technology in all domains,” he noted. “This needs to be underpinned by building organisational capability and talent development.”Singapore’s 2021 cybersecurity strategy further recognised the need to build consensus and deepen collaboration, in which it would look to advocate for a rules-based multilateral order in cyberspace and an interoperable ICT environment. Teo said: “Difficult as it may seem, we should work to reach consensus on rules, norms, principles, and standards. Given the borderless nature of the digital domain–some have likened it to a digital global commons–we need to aspire for global consensus. Singapore supports the creation of such a multilateral order in cyberspace. Countries need to work together to develop new governance principles, frameworks, and standards for the digital commons to preserve trust and confidence, and for it to work well, safely and securely for all of us.”Consensus-building is crucial to maintain an open, secure, and interoperable digital domain,” he added.Currently the chair of United Nations’ (UN) Open-Ended Working Group on Security, from 2021 to 2026, Singapore said it would contribute and drive discussions on international cyber norms as well as support global efforts to augment nations’ capacities to protect themselves against cyber threats. Here, CSA added, Singapore would call on the development and adoption of cybersecurity standards so a minimum level of cybersecurity was implemented in ICT products and services used by citizens and businesses. Earlier this week, Singapore inked an agreement with Finland to mutually recognise each country’s cybersecurity labels for IoT devices, and help consumers assess the level of security in such products. Touting it as the first of such bilateral recognition, Singapore said the partnership aims to reduce the need for duplicated testing. Asean also was the first regional group to subscribe, in principle, to the UN’s 11 voluntary, non-binding norms of responsible state behaviour in cyberspace, Teo noted. Asean member states currently were working to implement these norms and translate principles into tangible outcomes, he said, adding that cooperation at such regional level was an important building block and stepping stone towards global consensus. “Cyberspace transcends physical boundaries and many systems span different countries and jurisdictions,” he said. “Countries, therefore, need to collaborate closely to align our policy approaches to deal with and police cross-border cyber threats. We also need to collaborate at the operational level to respond to cyber threats rapidly and in a coordinated manner.”Singapore’s revised 2021 cybersecurity strategy comes five years after its first such plan was introduced in 2016. Moving forward, CSA said it would “explore expanding” regulations under the country’s Cybersecurity Act to include entities and systems beyond CIIs.RELATED COVERAGE More

Not so fast, potential NBN user
Image: TPG Telecom
TPG has entered the 5G fixed wireless game in Australia, with the telco declaring 5G as its “fast alternative to the NBN” to those at “approved addresses”. The telco is offering two plans, the first is AU$70 a month and has unlimited data with speeds up to 100/20Mbps, and the second removes the speed cap for an extra AU$10 a month. Customers who already have an existing TPG service can knock AU$5 a month off the plan prices.If users stay connected for 36 months, the AU$612 charge for the modem is removed, otherwise the modem is paid off at a rate of AU$17 per month, with those leaving before three years to pay the difference. TPG is putting its 5G fixed wireless users behind carrier-grade NAT, and said if users want port forwarding to host servers or to access their lines remotely, then the service “won’t be the right fit for you”. Similarly, it has warned gamers that 5G does not provide ultra-low latency. The telco also warned users that even though it uses 5G, they cannot use the modem at an address other than the one it is registered to. “The service will be disconnected if we identify that you have moved to another location,” TPG said. Last month, stablemate Vodafone Australia launched its 5G fixed wireless service, and charges AU$5 more than TPG does. Vodafone’s 5G coverage in Sydney is patchy at best.
Image: Vodafone

The current 5G footprint of TPG Telecom is best described as patchy, at best. Customers in Sydney, for instance, will need to be in the blue bits in the image above. As for how the TPG plans stack up to its NBN offerings, the telco normally charges AU$90 a month for its NBN100 plan that gets 90Mbps in busy hours, and AU$70 a month for the 50Mbps tier. Related Coverage More

Telstra has spent much of 2021 working with Microsoft and Ericsson on its Branch Offload managed service that will be offered to businesses akin to IaaS. Branch Offload will use Azure Stack Edge, be capable of using 5G and fixed line connectivity, and arrive with SD-WAN and service orchestration capability. The service is expected to be rolled out before the end of the 2022 fiscal year. Head of Telstra Purple Chris Smith said the solution gives the flexibility of public, but allows it to be closer to where applications run. “It’s the performance of on-premises, without having to put anything on premise,” he said. Smith added that half of Purple customers were looking to the edge for cost benefits, and Branch Offload would allow for customers to increase resiliency by having real-time failover to an adjacent site or have workloads in multiple sites across Telstra’s network. “We think that over time applications will be rewritten so that a component of it runs in the cloud, there’ll be a component written specifically to run at the edge, and it’ll interwork together as well,” Telstra executive of technology development and solutions Channa Seneviratne said. Seneviratne said Telstra could easily deploy Edge Offload into its exchanges, but it would not do so without use cases and customers.

“We’re not going to just deploy this willy-nilly,” he said. “It’s got to be somewhere where it makes sense.” Elsewhere on Wednesday, Telstra spoke about how it used AWS Snowball to help the AFL digitise its match library. The telco said each match takes up 120GB of storage, and means over 1TB of data is created each week. Telstra and AWS signed an edge computing agreement in January. Related Coverage More