|By James Carlini||
|December 13, 2015 02:30 PM EST||
Iron-Clad Cloud Networks and Defending Against Nanokrieg©
Today, most enterprises have some type of cloud-based solutions or are looking at cloud-based infrastructure for some of their enterprise applications. What is lacking in many organizations is the strategic design focus and sophisticated implementation for very secure infrastructure which not susceptible to cyberattacks.
Hardening data centers as well as enterprise networks (and clouds) is a critical step to ensure an organization's business continuity. Forget "disaster recovery" as it is a dated term and dated concept. Disaster recovery refers to the organized shutdown of systems and then when the disaster (event) is over, a systematic restart of the total application is initiated.
In today's business environment, many organizations cannot survive if their applications are out-of-service for a couple of days. Business continuity, where enterprise operations continue through the episode of the disaster, is a more robust design approach to system and network resiliency.
Disaster recovery is a dated term like data processing. More resilient systems, which are not susceptible to disasters and outages, are what should be planned and designed, especially for any organization's mission critical applications.
The Internet of Things (IoT) Is Only as Good as the Internet of Reality
I have said this in previous columns, "The Internet of Things is only as good as the Internet of Reality: the Network Infrastructure." Too many IT executives buy off on glossy brochures and catchy buzz-phrases about the "Internet of Things" spun out by the "P.T. Barnum-like", vendor evangelists in their corporate-logo golf shirts.
IT execs, who are not asking hard questions as to the "resiliency and robustness" of some of the inter-workings these cloud products, will be the first ones suffering when their organizations is exposed as having a data leak, a network failure, or a loss of all customer records and credit card information due to a cyberattack. Of course, this also applies to government systems and networks as well.
If the corporate (or government) network infrastructure is not fully protected or resilient from cyberattacks and other threats, the functionality of its cloud will be compromised whether it is a public or private cloud.
Why is this so important? If you are looking at any cloud-based computing, it better be bulletproof especially if it is carrying time-sensitive mission critical applications for your enterprise or information deemed private and confidential (like customer credit card information or health records).
One cloud feature missing in financial networks which I have pointed out in the past is Cloud Transaction Synchronicity ©. Basically, this is the total traffic synchronization of ALL transactions being sent across within a cloud. This should be a traffic monitoring service available in any cloud application.
This would guarantee a much higher and comprehensive level of compliance within the boundaries of the SEC (Securities and Exchange Commission), FINRA (Financial Industry Regulatory Authority) as well as other regulatory bodies within the financial and brokerage area. By having this timing synchronization embedded into the total network infrastructure of a cloud, it would guarantee the ability to re-construct the transaction sequence in any major drop or jump in the velocity and value of transactions processed. It would be able to provide exact sequencing of transactions and where they originated from, which in today's cloud networks is not a functional capability of any network utilizing HFT servers (High Frequency Trading).
Without having this type of diagnostic capability, no cloud network offers what is really needed to be able to re-construct and diagnose the sequence of transactions occurred in a market crash scenario like the one that happened in 2010. (The 1000 Point Drop of the Dow)
Testing the Design for Resiliency: Have You Really Thought It Out?
Many senior executives talk about building network clouds and using them to offer various applications to users in both closed networks (private clouds) and open networks (public clouds).
Have these clouds been thoroughly tested and thought through? One of the major networks being discussed today is the First Responder Network, FirstNet. It is supposed to be a government network that has many capabilities for municipalities. One of its flaws that I see is there is no mention of being EMP-proof throughout the network. They need to incorporate that capability into their RFP and the design spec.
EMP attacks are a real possibility. With the rise in terrorist attacks and a country's national economy viewed as a viable target, it makes sense to harden both data centers and their networks to a standard where EMP attacks are nullified (http://www.thefederalistpapers.org/us/emp-attack-on-us-power-grid-could-kill-9-in-10-americans):
As the Heritage Foundation has reported, an EMP attack with a warhead detonated 25 to 300 miles above the U.S. mainland "would fundamentally change the world:"
"Airplanes would fall from the sky; most cars would be inoperable; electrical devices would fail. Water, sewer and electrical networks would fail simultaneously. Systems of banking, energy, transportation, food production and delivery, water, emergency services and even cyberspace would collapse."
Is your data center susceptible to an EMP attack? (Electro-Mechanical Pulse bomb) Are your network EMP-proof? If you are dealing with a third party supplying a data center capability and/or a private cloud, are they EMP proof?
These are questions to have fully answered before you embark on building out any enterprise or third party-supplied, cloud network or data center supporting any mission critical application.
Carlini's upcoming book on Military Infrastructure, Strategies & Tactics for the War on Terrorism, Nanokrieg Beyond Blitzkrieg, will be out in 2016.
His visionary book, Location Location Connectivity is available on AMAZON.
Follow daily Carlini-isms at www.TWITTER.com/JAMESCARLINI
Copyright 2015 - James Carlini
DevOps and microservices are permeating software engineering teams broadly, whether these teams are in pure software shops but happen to run a business, such Uber and Airbnb, or in companies that rely heavily on software to run more traditional business, such as financial firms or high-end manufacturers. Microservices and DevOps have created software development and therefore business speed and agility benefits, but they have also created problems; specifically, they have created software securi...
Feb. 22, 2017 11:00 AM EST Reads: 3,236
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of Soli...
Feb. 22, 2017 10:45 AM EST Reads: 338
Almost two-thirds of companies either have or soon will have IoT as the backbone of their business. Though, IoT is far more complex than most firms expected with a majority of IoT projects having failed. How can you not get trapped in the pitfalls? In his session at @ThingsExpo, Tony Shan, Chief IoTologist at Wipro, will introduce a holistic method of IoTification, which is the process of IoTifying the existing technology portfolios and business models to adopt and leverage IoT. He will delve in...
Feb. 22, 2017 10:00 AM EST Reads: 1,499
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Feb. 22, 2017 09:45 AM EST Reads: 796
Cloud Expo, Inc. has announced today that Aruna Ravichandran, vice president of DevOps Product and Solutions Marketing at CA Technologies, has been named co-conference chair of DevOps at Cloud Expo 2017. The @DevOpsSummit at Cloud Expo New York will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and @DevOpsSummit at Cloud Expo Silicon Valley will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Feb. 22, 2017 09:45 AM EST Reads: 1,322
In his session at @ThingsExpo, Steve Wilkes, CTO and founder of Striim, will delve into four enterprise-scale, business-critical case studies where streaming analytics serves as the key to enabling real-time data integration and right-time insights in hybrid cloud, IoT, and fog computing environments. As part of this discussion, he will also present a demo based on its partnership with Fujitsu, highlighting their technologies in a healthcare IoT use-case. The demo showcases the tracking of pati...
Feb. 22, 2017 09:29 AM EST Reads: 143
Tricky charts and visually deceptive graphs often make a case for the impact IT performance has on business. The debate isn't around the obvious; of course, IT performance metrics like website load time influence business metrics such as conversions and revenue. Rather, this presentation will explore various data analysis concepts to understand how, and how not to, assert such correlations. In his session at 20th Cloud Expo, Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Sys...
Feb. 22, 2017 09:15 AM EST Reads: 1,378
Stratoscale, the software company developing the next generation data center operating system, exhibited at SYS-CON's 18th International Cloud Expo®, which took place at the Javits Center in New York City, NY, in June 2016.Stratoscale is revolutionizing the data center with a zero-to-cloud-in-minutes solution. With Stratoscale’s hardware-agnostic, Software Defined Data Center (SDDC) solution to store everything, run anything and scale everywhere, IT is empowered to take control of their data ce...
Feb. 22, 2017 08:30 AM EST Reads: 848
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
Feb. 22, 2017 08:30 AM EST Reads: 832
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his Day 2 Keynote at @ThingsExpo, Henrik Kenani Dahlgren, Portfolio Marketing Manager at Ericsson, discussed how to plan to cooperate, partner, and form lasting all-star teams to change the...
Feb. 22, 2017 08:15 AM EST Reads: 4,654
For organizations that have amassed large sums of software complexity, taking a microservices approach is the first step toward DevOps and continuous improvement / development. Integrating system-level analysis with microservices makes it easier to change and add functionality to applications at any time without the increase of risk. Before you start big transformation projects or a cloud migration, make sure these changes won’t take down your entire organization.
Feb. 22, 2017 08:00 AM EST Reads: 669
What are the new priorities for the connected business? First: businesses need to think differently about the types of connections they will need to make – these span well beyond the traditional app to app into more modern forms of integration including SaaS integrations, mobile integrations, APIs, device integration and Big Data integration. It’s important these are unified together vs. doing them all piecemeal. Second, these types of connections need to be simple to design, adapt and configure...
Feb. 22, 2017 07:00 AM EST Reads: 2,936
To manage complex web services with lots of calls to the cloud, many businesses have invested in Application Performance Management (APM) and Network Performance Management (NPM) tools. Together APM and NPM tools are essential aids in improving a business's infrastructure required to support an effective web experience... but they are missing a critical component - Internet visibility.
Feb. 22, 2017 06:45 AM EST Reads: 1,639
Microservices are a very exciting architectural approach that many organizations are looking to as a way to accelerate innovation. Microservices promise to allow teams to move away from monolithic "ball of mud" systems, but the reality is that, in the vast majority of organizations, different projects and technologies will continue to be developed at different speeds. How to handle the dependencies between these disparate systems with different iteration cycles? Consider the "canoncial problem" ...
Feb. 22, 2017 06:00 AM EST Reads: 5,264
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
Feb. 22, 2017 06:00 AM EST Reads: 1,851
“We're a global managed hosting provider. Our core customer set is a U.S.-based customer that is looking to go global,” explained Adam Rogers, Managing Director at ANEXIA, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Feb. 22, 2017 05:45 AM EST Reads: 1,701
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, explained the best practices of continuous testing at high scale, which is rele...
Feb. 22, 2017 03:15 AM EST Reads: 5,534
Hardware virtualization and cloud computing allowed us to increase resource utilization and increase our flexibility to respond to business demand. Docker Containers are the next quantum leap - Are they?! Databases always represented an additional set of challenges unique to running workloads requiring a maximum of I/O, network, CPU resources combined with data locality.
Feb. 22, 2017 02:45 AM EST Reads: 2,052
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Feb. 22, 2017 02:00 AM EST Reads: 13,011
"A lot of times people will come to us and have a very diverse set of requirements or very customized need and we'll help them to implement it in a fashion that you can't just buy off of the shelf," explained Nick Rose, CTO of Enzu, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Feb. 22, 2017 01:45 AM EST Reads: 6,082