Top 10 Networking Myths

This Avaya CONNECTED Blog
is also available as an MP3 Audio File


Whether your building out a corporate network, or a brand new ESINet for Public Safety, you need to understand networking, and there are some common myths that will leave you with a poor deployment and huge amounts of capitol investment rusting away in the data center while you try to figure out how to save your career.

10)Cisco continues to be the undisputed leader in networking innovation

It is time to stop living in the 90’s, while I won’t spend time to argue that statement, it is time to look at technology and where the market is heading TODAY. I hate to answer a question with questions, but let me ask:

  • Q: Who was first in delivering Resilient Stacking technology?
  • A: AVAYA
  • Q: Who changed the resiliency model from Active/Standby to Active/Active?
  • A: AVAYA
  • Q: Who introduced Split-Plane technology first to market?
  • A: AVAYA
  • Q: Who introduced hardware based 20ms resiliency?
  • A: AVAYA
  • Q: Who has delivered end to end Ethernet Fabric technology AND drove its standardization with IEEE/IETF?
  • A: AVAYA
  • Q: Who has delivered the most scalable 2 Tier Data Center architecture with lower latency?
  • A: AVAYA
  • Q: Who has delivered Layer 2 and Layer 3 Virtual Services Networks with its Ethernet Fabric Technology?
  • A: AVAYA
  • Q: Who has delivered innovative, scalable, resilient and fast registration for Multicast applications?
  • A: AVAYA
Myth 10

Remember, Innovation does NOT EQUATE TO acquisition, so exactly who is the Innovator and who is the follower?

9)Juniper seems to be the logical alternative to Cisco

Due to the unfortunate situation with Nortel Enterprise, many customers and partners were given no choice but to consider alternative vendors. While it’s clear Avaya has heavily invested in Networking, is Juniper still a logical alternative to Cisco? To me at least, it seems their QFABRIC Data Center strategy was a failure, now it’s based on SDN promises?

It’s time for customers to look back at Avaya’s portfolio and the technological maturity it brings from the heritage of Wellfleet, Synoptics, Bay Networks and Nortel. The technology train never stopped, and they are in the lead for Campus and Fabric architecture…time to reconsider Avaya? Yes indeed as Avaya solves REAL IT CHALLENGES TODAY and is in a unique position for many quarters to come…

8)There’s no different between proprietary and standards-based Fabric solutions

While some may think proprietary Fabric Architecture is ok for the Data Center, aren’t we living in an open system architecture world where best of breed technology should be selected?
How will you extend or leverage your Ethernet Fabric if it is proprietary? The world knows better and there happens to be an IEEE and IETF standard out there, known as SPB (Shortest Path Bridging) or if you prefer IEEE 802.1aq or IETF RFC 6329.

Inter-operabiltiy with other vendors has already been proved and the recent flawless performance of the Core at InterNet 2013 in Las Vegas, demonstrates the maturity and stability of this technology. Avaya is leading, time to look at solving your IT challenges once and for all

7)Wecannot eliminate Spanning Tree

Do people use a bus to try winning a Formula 1 race?

Do people fly airplanes with one of the two engines on standby?

None of this seems logical, does it?

So why is it customers tolerate building a network infrastructure utilizing a protocol that wasn’t built to deliver resiliency?

The market has clearly endorsed Active/Active as the defacto design model now, and it is time for customers to stop accepting sub-optimal solutions for their network and ensure failures won’t be business impacting. Avaya has 12+ years of maturity implementing Active/Active resiliency, and while other vendors are trying to catch up, Avaya keeps moving the dial further ahead, and maintains its position as the undisputed leader of Active/Active resiliency.

6)MPLS is the solution to all of our problems

Customers that wanted to deploy a multi-tenant and multi-services business solution, had no other choice but to eventually consider MPLS as the solution in order to provide Layer 2 and Layer 3 virtualization.

While that might be powerful and scalable, its level of complexity just made it extremely difficult for IT departments to retain the skill set required to build and maintain it.

What if there was, today, an alternative provide Layer 2 and Layer 3 Virtualization for both unicast and multicast based services? What if MPLS level scalability was achievable without its associated level of complexity?

What if that same solution gave you network behavior flexibility too, so you no longer have to guess how the network is behaving? What if Avaya was once again in the lead, helping you solve these challenges

5)Deploying services must involve weeks of planning and hours of implementation

Today it takes hours, weeks, months of preparation to deploy a new service across your Enterprise. Why? Simply because of the level of complexity associated with extending a service using existing legacy technology such as VLANs’ to extend such services. This translates into nodal configuration, which despite the qualification of your IT staff, requires proper planning and change management control. There is so much business risk associated with such a deployment, nobody will take a chance on doing it without proper testing and configuration validation.

What if you could, today, provision end to end services, but only have to touch the edge of your network?
Basically provision where the service is to be used, and where its being offered and VOILA, you are done. Let the network SERVICE your application needs.

4)Equipment maintenance and upgrade must be business-impacting

“Sorry Folks! Park’s Closed. The moose out front should have told ya’.”

Myth5.jpgIn the past most applications ran in a non-geo redundant or even in a single data center non-resilient deployment model. Now, you can easily deploy every application in an active/active model and woouldn’t it be even more powerful if you take advantage of various hypervisors virtualization solutions?
The combination of Virtualization, applications running in an Active/Active deployment model, as well as having a Data Center architecture that can extend Layer 2 domains where you need to, gives you the utmost flexibility and agility that your IT staff, and more importantly, your applications were looking for, and needed. Well, you don’t have to wait anymore, it’s here….

3)Multicast is becoming mandatory, but it’s complex, unreliable, and doesn’t scale

Everyone has been suffering through Multicast deployments over the last 15 to 20 years. The level of complexity and limited scalability, often gave no choice but to limit its utilization and size of deployment to known logical limits that did not meet the business needs.

What if you could finally scale multicast to new levels, while also addressing the design complexity?

What if you could no longer have to say “NO” when you are requested to deploy a multicast based application because your multicast network scalability is already saturated?

What if you didn’t have to build a separate infrastructure because the one you have is running at maximum capacity and scalability for multicast?

What if you didn’t have to force usage of unicast anymore? Or, what if you didn’t have application failures or business impacting situations due to the lethargic, slow recovery of multicast applications?

Well, there is a solution to your challenges, It’s called Native Multicast over SPB, and it comes to the rescue to deliver a never-before achieved level of scalability, while delivering 500 milliseconds recovery and 100ms or less registration, and delivering all this without the need for PIM!
That is innovation at its best, while still supporting inter-connectivity to PIM domains.

2)Avaya is a Voice company and doesn’t bring anything to Networking

While Avaya continues to be a leader in Unified Communications, Contact Center and Video conferencing, it is important to note its level of competiveness in the Networking area. Not only do they provide cost effective Ethernet connectivity with or without PoE, they also led the way by solving some complex IT challenges such as E911 location reporting, regardless of the mode of connectivity being used (wired and wireless).

While Avaya has a very strong Voice heritage, it also understands the networking requirement and has focused on delivering best in class innovative solutions which customers and partners need to pay special attention too.
Avaya is about innovative Real Time Collaborations, UC, CC, Video and highly reliable and scalable network.

From Data Center edge all the way to your Branch Edge, Avaya can help you solve these challenges TODAY using industry standard protocols and best practices. How many other competitors can say that? Let me help you out with that one. . . .

Pick a number between ZERO and NONE.

1)The future is all aboutSDN, so you have to wait….

SDN Is gaining momentum in the market, it is like a Tsunami hitting all the IT personnel trying to understand if this is the technology that will finally solve their IT challenges?

While SDN seems to focus on solving relevant IT problems, the question is more “What IT problems is the industry trying to solve, more importantly, what are YOUR business IT challenges”.

What if Avaya was able to solve these problems for you, TODAY with products, solutions, protocols, etc..that exist NOW in an open system architecture that does not require the wait for some new SDN Protocol to be supported by ALL vendors?

What if Avaya endorsed the SDN concept in addressing key IT business challenges?

What if Avaya offered Orchestration and simplification of Applications Provisioning today?

And more importantly….would you be interested in chatting with one of our Experts?

Avaya continues to innovate, but more importantly, Avaya can solve real IT challenges today by changing the way Networks are being built, without waiting for all sorts of promises to be delivered in the next few years. Giving Avaya an opportunity to show you what we can do TODAY, will be a worth while investment, and we promise not to disappoint you.

Related Articles:

Less Maintenance, More Innovation: How to (Finally) Fill the IT Skills Gap

If you take a good look at how the business ecosystem is evolving, you’ll find that it’s being redefined by five key market trends:

You’d be hard pressed to find research that doesn’t indicate the takeover of these five megatrends.

Forrester, for instance, predicts that machine learning and automation will replace 7% of all U.S. jobs by 2025. According to the Economist Intelligence Unit, almost 80% of companies identified digital transformation as their top strategic priority last year. Gartner believes that 70% of all newly deployed apps will run on open source databases by 2018; meanwhile, research continues to show that some 20 to 30 billion objects could be connected to the IoT by 2020.

As these technologies shape our smart digital world, so too do they raise the stakes in terms of customer expectations. Next-generation consumers demand nothing short of a sophisticated digital experience marked by greater quality, agility, speed and contextualization.

The Need to Transform NOW

Driven by these trends, organizations have no choice but to consider how they can adapt to grow and thrive. Competitors are moving at rapid new paces and blazing unforeseen trails. We’re seeing this disruption industry-wide, from companies like Uber and Lyft that have revolutionized the taxi industry (taxi trips have fallen by as much as 30% in cities like L.A.) to Airbnb, which turned the hospitality industry on its head by introducing the concept of an end-to-end digital homestay experience.

Look around and you’ll see just how much your own industry is changing. Do you realize how much new ground is ready to be broken? How much unexplored territory there is to seize? The organizations that thrive will be the first to not only see the possibilities, but successfully execute them. To do so, however, companies must undergo some level of transformation—and IT must be a central part of that transformation.

Elevating IT to Accelerate Business

To enable business to move at a pace that maintains a competitive edge, leaders must ask themselves how they’re empowering their IT staff. As it currently stands, something needs to be done about today’s IT skills gap. What we’re seeing is too many departments tied down to costly, archaic systems that hinder performance and productivity. There are too many people doing the same things and expecting different results. In a world where IT maintenance and innovation must be expertly balanced, teams are working to keep the lights on and not spending enough time learning new technologies and strategies or becoming part of the solution. This has been an ongoing problem that needs to be talked about less and acted on more.

The bottom line is that organizations will only truly accelerate in the digital era if IT spends enough time on strategic initiatives. Consider that 60% of top-performing companies engage IT to gather ideas for innovation, and 49% collect ideas through business unit workshops facilitated by IT. Without question, IT should be factored as a critical part of business innovation.

So, how can businesses free their IT teams to begin innovating? The right technology here is key—specifically, it has to be a combination of business process automation over an automated, end-to-end, meshed networking architecture. Let’s first focus on networking—this open, agile and integrated platform liberates IT by substantially reducing the level of complexity associated with traditional network maintenance, allowing teams to spend more time on high-level strategic initiatives. I’d like to take a look at how such a platform helps fill the IT skills gap from a traditional networking standpoint and outline some of the security benefits this architecture can bring.

Networking

Traditional legacy architecture, often referred to as “client-server” is becoming near obsolete thanks to the proliferation of automation and M2M. But before we jump too quickly, you may remember the resistance from peer-to-peer communication where IT in fact won the battle and for the most part didn’t allow it—simply put, the legacy architecture couldn’t sustain it. As manual processes continue to be replaced by smarter, automated processes, it’s imperative that organizations start thinking differently in terms of networking.

This may mean, for example, seamlessly integrating AI and machine learning into their communications strategy to engage customers with flexible new touch points. This will also likely require the integration of services from several vendors with different capabilities, versus one single provider, hence the importance of having an open ecosystem with standards as much as possible.

Regardless of how organizations go about it, the fact is that they must begin moving their networks in a new direction if they wish to progress at the pace their business needs to. Fully-meshed, end-to-end architecture offers an open ecosystem in which businesses can begin freely automating, integrating and reinventing traditional processes without a high level of complexity. This time freedom enables IT to begin reimagining business outcomes. The use of open, integrated, future-proof technology opens new doors of opportunity to do so.

Security

With billions of IoT devices directly communicating and sharing data, organizations are now operating in an essentially borderless network—or as I like to call it, the everywhere perimeter. While this everywhere perimeter enables organizations to operate with unmatched agility and ease, it can also destroy companies if left unprotected. As one can imagine, the strategy and technology needed to protect a virtually borderless network look drastically different than those protected by a traditional firewall or legacy network architecture (Static VLANs, ACLs). This is exactly why IT needs to flex its strategic muscles and identify a stronger security approach, one that safeguards the organization with a near impenetrable network that significantly minimizes security risks and reduces exposure.

An end-to-end meshed networking architecture lets organizations quickly and securely enable services across the network anywhere they are consumed (i.e., personal mobile device, Wi-Fi hotspot, corporate campus). This is done through end-to-end network segmentation, which is widely considered to be the holy grail of network security today. Comprised of three core components—hyper-segmentation, native stealth and automated elasticity—this solution ensures organizations have the necessary framework for next-generation cybersecurity defense. By minimizing security risks in this way, organizations can ensure they are maximizing the value of IT. Lay the foundation right first, then focus on business process workflow automation. Doing the opposite or simply ignoring the foundation will cause pain and slow down your business transformation while making it extremely difficult to maximize the benefits of, for example, IOT.

In the end, every important business initiative requires time. Organizations won’t be able to reinvent themselves if their IT department has none to spare.

2017 Avaya Customer Innovation Awards Honor Five Companies Leading the Way in Digital Transformation

Every year, Avaya and IAUG recognize a handful of customers who are innovators. These customers are recognized with Customer Innovation Awards. Last year’s award winners included a number of technology firms. This year’s five award winners, recognized on stage at Avaya Engage in Las Vegas, include three customers in the financial services sector, a leading global retailer, and a leader in the film production industry.

Each of these customers is benefiting from the latest Avaya solutions to meet business goals—whether the goals are growth, customer experience, cost management, or risk mitigation.

BECU

BECU, which began life 80 years ago as the Boeing Employee Credit Union, today is the fourth largest credit union in the US, with over $12 billion in assets and over a million credit union members. In 2016, BECU embarked on a digital transformation journey focused on the customer experience. BECU relies on Avaya Elite Multichannel running on an Avaya Pod Fx™ infrastructure.

BECU engineer Rick Webb says, “BECU is rapidly expanding and needed a technology partner that could support that expansion and keep our members happy. The Avaya Elite Multichannel infrastructure does just that, while providing increased flexibility and allowing BECU to better meet the expectations of our more than 1 million members.”

Green Shield Canada (GSC)

Green Shield Canada (GSC) is a one of the leading health and dental benefit carriers in Canada, with over 850 employees across seven locations. Starting last year, GSC is deploying the Avaya Equinox™ Experience and seeing strong results. Competing with larger players in its industry, GSC sees strong collaboration among its workforce as a key ingredient for success.

Jim Mastronardi, GSC Director for Enterprise Infrastructure says, “Green Shield Canada has over 850 employees across seven offices in Canada—from Montreal to Vancouver. We saw an opportunity to explore technology upgrades that would enhance company-wide communications and bring our teams across Canada closer together. With just a single training session, employees have hit the ground running with the Avaya Equinox tools. The video conferencing option has provided a solution to overbooked meeting rooms, and the instant messaging feature is already cutting down on the number of emails being sent.”

Scotiabank

Scotiabank prides itself on “being a technology company providing financial services.” As a long-time Avaya customer—and a beta customer for Avaya Oceana™ and Avaya Oceanalytics™—Scotiabank is on a digital transformation journey to better serve bank customers worldwide. Scotiabank contact centers located in Canada and the Caribbean & Latin America region have benefited from a next-gen centralized architecture leveraging the latest Avaya solutions to better serve customers.

Scotiabank has already developed and deployed Avaya Oceana and Avaya Breeze™ apps, and continues to innovate in an ongoing drive to improve customer service and meet customer needs in a competitive market. The success of Scotiabank’s transformation program has enabled the bank to move with greater agility, improved reliability, and speed to market. This has changed the framework for deployment from months/years to days/weeks while improving the overall ROI/TCO.

The Crossing Studios

The Crossing Studios is one of Vancouver’s largest and fastest growing full-service studios and production facilities for film. The firm caters to companies like Fox, Nickelodeon, Showtime, and Netflix. The Crossing Studios were unhappy with the stability and quality of the disparate systems previously in place across their seven studio locations. In 2016, The Crossing Studios deployed a Powered by Avaya IP Office solution offered by local provider Unity Connected Solutions.

Powered by Avaya IP Office has improved stability, reduced TCO and provided the advanced features that the business needs to serve a very demanding film industry client base, including high scale audio conferencing, extensive web collaboration, and rich multi-vendor HD video conferencing. CTO Mark Herrman says, “We needed something that would support our rapid growth, support our clients, and support our bottom line. Thanks to IP Office and the hosted cloud model, we’re able to keep pace with dynamic, fast-moving film productions, staying as flexible as our clients need us to be.” Estimated savings are in the six figures for the first year alone.

Walgreens

Walgreens is using custom Avaya Snap-ins to bring centralized contact center reporting capabilities to local branch sites, for compliance purposes and to help improve the overall customer experience. Avaya Professional Services were instrumental with the deployment, which relies on an Avaya Pod Fx infrastructure.

These companies are each leaders in their respective industries. As part of their digital transformation journeys, they recognize that when it comes to selecting a trusted technology advisor, “experience is everything.” #ExperienceAvaya.

APTs Part 4: How Do You Detect an Advanced Persistent Threat in Your Network?

Here in part four of my APT series, we’re looking at how to detect Advanced Persistent Threats in your network. The key is to know what to look for and how to spot it.

Look for patterns of behavior that are unusual from a historical standpoint. Some things to look for are unusual patterns of session activity. Port scanning and the use of discovery methods should be monitored as well. Look for unusual TCP connections, particularly lateral or outbound encrypted connections.

Remember that there is a theory to all types of intrusion. An attacker needs to compromise the perimeter. Unless the attacker is very lucky, they will not be where they need or want to be. This means that a series of lateral and northbound moves will be required to establish a foothold. In order for any information to leave your organization there has to be an outbound exfiltration channel. This is another area where APTs have to diverge from the normal behavior of a user.

Here’s what to look for:

  • Logon Activity:

    Logons to new or unusual systems can be a flag. New or unusual session types are also a flag to watch for, particularly outbound encrypted sessions or unusual time of day or location. Watch for jumps in activity or velocity.

  • Program execution:

    Look for new or unusual program executions at unusual times of the day or from unusual locations. Execution of the program from a privileged account status rather than a normal user account should also be alarming.

  • File access:

    Look for unusually high volume access to file servers or unusual file access patterns. Also be sure to monitor cloud-based sharing uploads as these are a very good way to hide in the flurry of other activity.

  • Network activity:

    New IP addresses or secondary addresses can be a flag. Unusual DNS queries should be looked into, particularly those with a bad or no reputation. Look for the correlation between the above points and new or unusual network connection activity. Many C2 channels are established in this fashion.

  • Database access:

    Most users do not have access to the database directly. But also look for manipulated applications calls doing sensitive table access, modifications or deletions. Be sure to lock down the database environment by disabling many of the added options that most modern databases provide. An application proxy service should be implemented to prevent direct access in a general fashion.

     

    The goal is to arrive at a risk score based on the aggregate of the above. This involves the session serialization of hosts as they access resources. The problem with us as humans is this: if we’re barraged with tons of data and forced to do the picking out of significant data, we are woefully inefficient. First of all, we have a propensity for missing certain data sets. How often have you heard the saying, “Another set of eyes”? Never manually analyze data alone, always have another set of eyes go over it.

     

    At Avaya we’ve developed a shortest path bridging networking fabric we refer to as SDN Fx™ Architecture that is based on three basic self-complimentary security principles:

    • Hyper-segmentation: This is a new term that we’ve coined to indicate the primary deltas of this new approach to traditional network micro-segmentation. First, hyper-segments are extremely dynamic and lend themselves well to automation and dynamic service chaining, as is often required with software-defined networks. Second, they are not based on IP routing and therefore do not require traditional route policies or access control lists to constrict access to the micro-segment. These two traits create a service that is well suited for security automation.
    • Stealth: Due to the fact that SDN Fx is not based on IP, it is dark from an IP discovery perspective. Many of the topological aspects to the network, which are of key importance to APTs, simply cannot be discovered by traditional port scanning and discovery techniques. So the hyper-segment holds the user or intruder in a narrow and dark community that has little or no communications capability with the outside world, except through well-defined security analytic inspection points.
    • Elasticity: Because we are not dependent on IP routing to establish service paths, we can extend or retract certain secure hyper-segments based on authentication and proper authorization. Just as easily however, SDN FX can retract a hyper-segment, perhaps based on an alert from security analytics that something is amiss with the suspect system. There may even be the desire to redirect them into Honey pot environments where a whole network can be replicated in SDN Fx for little or no cost from a networking perspective.

In the End

Hardly a day goes by without hearing about a data breach somewhere in the world. To combat these breaches, it’s imperative to understand how APTs work and how you can detect them. Remember—prevention is ideal, but detection is a must!

With this blog series, I hope I’ve helped you see how to limit the impact of APTs on your enterprise. If you missed a blog post, here’s the whole series:

APTs Part 1: Protection Against Advanced Persistent Threats to Your Data

APTs Part 2: How the Advanced Persistent Threat Works

APTs Part 3: Prevention is Ideal, But Detection is a Must

APTs Part 4: How Do You Detect an Advanced Persistent Threat in Your Network?