Wednesday, November 20, 2013

Internet on the high seas a requirement for cruise line

Uplogix provides automated device control and recovery
that is especially useful for maintaining satellite
connectivity and network uptime aboard cruise ships.
Spanish cruise line Pullmantur Cruises recently signed a new deal with Uplogix customer MTN Communications to enhance connectivity options for passengers ad crew onboard its fleet of ships. The expansion of broadband satellite services is just the latest in the 11 year relationship between satellite services provider and cruise line.

The deal is becoming more common in the cruise industry, where passengers are demanding connectivity not as a nice-to-have on their vacations, but as a requirement.

“While satellite technology is important, it is the services around the technology which will be key. Some vendors think we are only focused on technology but this is not true," said Juan Manuel Cabellero Patón, IT and business process director for Grupo Pullmantur. "We want to improve speeds, as well as access to apps like Facebook, for example. People need to think about the services that customers want.”

Improvements in shipboard connectivity include satellite infrastructure, like moving from C-band to Ku-band technology, as well as more mainstream network connectivity like wireless access points, routers and switches. For Pullmantur, their goal is wi-fi coverage across 85% of all their ships. These floating hotspots aren't cheap. Patón says their estimate is that improvements will run $1 million per ship to deliver customers the Internet experience they expect. 

One option for limiting satellite costs is for the ships to pick up land-based wi-fi when they are close to the coast, reserving the more expensive satellite access for times at sea. Such hybrid network systems mean more gear to manage aboard the ship.

This is an ideal use case for Uplogix. With local network monitoring, critical communications gear is always being managed. The Uplogix rules engine has been configured for hybrid situations where the change-over from one pathway (say the satellite connection) can be automatically transferred to another (a land-based wi-fi connection) when a signal is not only detected, but verified as reliable enough to support the ship's traffic.

For an example of how this works, see the video, Rules-based antenna retargeting with Uplogix. 

Monday, November 18, 2013

NIST cybersecurity framework development continues

NIST, the National Institute of Standards and Technology, held its fifth public workshop last week in Raleigh, North Carolina on a comprehensive cybersecurity framework mandated in a February 2012 executive order.

The framework is designed to improve cybersecurity across sixteen critical infrastructure industries and build up from a basic core of functions based around the structure of Identify, Protect, Detect, Respond and Recover. From there, the framework gets more specific in categories, subcategories and finally informative references, which are standards, guidelines and practices common among critical infrastructure sectors that illustrate how to meet the guidelines in each category.

The preliminary framework defines "critical infrastructure" as:
“systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
The most recent workshop solicited more feedback from a diverse group of cybersecurity specialists, lawyers and federal employees and policymakers, as well as provided guidance on what lies ahead as the framework moves from development to application.

A common concern expressed by industry experts about the framework is how much of challenge it will be for small and medium-sized businesses to implement.

"There are twenty-two categories and ninety-seven subcategories. That's a lot for small and medium-sized businesses," said Cox Communications CISO Phil Agcaoili during a panel discussion at the workshop. 

Uplogix is a part of securing critical network infrastructure. From maintaining and enforcing AAA (authentication, authorization and accounting), regardless of the state of the network to eliminating modem security issues by "dialing-out" instead of accepting in-bound requests, Uplogix provides a secure platform for device administration. 

In the Recover function described in the NIST framework, Uplogix provides detailed audit and compliance reporting, so you will always be able to know who, did what, and with what effect to your critical network and communications devices.

Thursday, November 14, 2013

How BYOD Can Benefit IT Departments

Bringing your own device to work is increasingly becoming not just an option, but a requirement. Gartner predicts by 2016, 38 percent of companies will no longer supply devices to workers, and by 2017, half of employers will expect employees to bring their own equipment.

IT departments, however, have been slower to adopt BYOD due to concerns over security and other issues, with a Robert Half survey finding only one third of CIOs allowed employees to bring their own devices as of last May. However, that number is rising, as BYOD momentum grows and mobile vendors take steps to address enterprise security concerns with innovations such as LG Gate, which insulates business applications from personal activity by running two operating systems on a single device. As the security objections to BYOD are answered, IT departments stand to gain from looking more closely at the benefits of letting employees bring their own devices.

It's Happening Anyway

EMC Corporation Chief Security Office Dave Martin says he's learned through experience trying to block BYOD outright is an ineffective and counterproductive policy. Martin says when companies prohibit BYOD, what happens is employees begin using their own devices covertly, making it harder to monitor risks and take preventive measures. For instance, if a mobile phone vishing attack compromised an employee's unmonitored device, their employer might never know it happened, leaving the gate open for follow-up attacks on the network.

On the other hand, Martin adds, companies that lack any BYOD policies leave themselves open to data loss. A better balance between these two extremes is a transparent approach, where employers communicate policies to employees and cooperate to ensure good security procedures are followed and breaches can be monitored.


Cutting costs gives IT departments another potential reason to adopt BYOD. Cisco’s Internet Business Solutions Group has estimated American businesses can save up to $3,150 per worker annually by allowing employees to use their own mobile devices. These gains stem from decreased company expenditures on devices, as well as increased worker productivity.
In a comprehensive cost-benefit analysis, these gains need to be weighed against potential cost increases from the added demands BYOD places on telecommunications bills, security, networking, development, and technical support. Cisco's analysis factored some of these elements in, but BYOD cost benefits will vary from one enterprise to another. Each company should do its own analysis to gain an objective foundation for evaluation.


Cisco also found BYOD adoption translated into 81 minutes per week of increased productivity among U.S. employees, and an average of 37 minutes weekly among all countries surveyed. IBM suggests these productivity gains stem from factors such as technical proficiency with familiar devices, and a tendency for personal devices to be maintained closer to the cutting edge of current technology.

In order to see such productivity benefits, it is vital for companies to develop policies and follow best practices for effective BYOD usage. These include using notification systems for effective time management; segregating company email and social media accounts from personal accounts so extracurricular conversations do not eat into work time; and setting up effective cloud-based collaboration systems for project management and file sharing. Disaster recovery policies can further help ensure minimal productivity is lost in the event of a network breach.

Development Benefits

For IT teams, BYOD brings other potential benefits beyond cost cutting and productivity gains. With Web design shifting to a mobile-oriented, responsive paradigm, it has become imperative for developers and designers to work with mobile users in mind. BYOD facilitates this by putting IT teams into the mobile UX environment. This makes it easier for developers to think from the user's perspective, identify usability problems, and troubleshoot solutions. Similarly, it helps designers experience the look and feel of a site from a mobile user's perspective.

BYOD can be used to deliver more efficient cloud resources. For instance, Intel has found implementing bidirectional communication between the cloud and BYOD devices enables network servers to customize employee usage of virtual resources for optimum efficiency.

Another advantage BYOD offers is supporting cross-platform development, one of the biggest challenges facing developers today. Cross-platform development is, in a sense, the flip side of BYOD, seeking to serve the universal user regardless of the individual device. While trying to support a multiplicity of devices creates a challenge of cross-platform development, BYOD simultaneously helps promote the solution by letting Web and content developers access apps beyond those supported by a single device and operating system. This can reduce the time and considerable expense that would be required to develop native apps, enabling developers to more quickly and cost-efficiently design solutions to serve a wide range of platforms and devices.

Wednesday, November 13, 2013

That's our point, entirely

Incremental improvements to traditional network
monitoring tools would really be like putting lipstick
on a pig - you would still have a flawed solution. 
A recent article on The Register entitled "What's wrong with network monitoring tools? Where do I start..." was all about incremental improvements to traditional network management methods. These improvements just point out how necessary a solution like Local Management really is.

The author's main question is why there aren't solutions that actually monitor what you care about and let you know when you need to know it. He starts off with an accurate assessment of SNMP.
"SNMP (the Simple Network Management Protocol – though frankly there's nothing simple about it) is unwieldy and clunky to use, but we're stuck with it because its longevity has made it ubiquitous. Let's face it, nobody with any sense is about to try to produce an alternative because the barriers to entry into the market are insurmountable."
Well, here at Uplogix, we wouldn't say that the barriers are insurmountable. The key is that you need to look at the bigger picture -- trying to monitor and manage network devices over the very network they are enabling isn't smart. When everything is working, you are sending lots of management traffic back and forth across your network, and at moments when you need monitoring information the most - during an outage, SNMP goes silent, your dashboard turns red, and time continues to tick.

The answer is to remove the network dependence by putting the intelligence, storage, horsepower, and out-of-band connections in the rack with the the network and communications devices you care about. Connect directly over a console port and monitor the devices directly.

The benefits are numerous - more frequent, higher resolution monitoring, and you can go beyond monitoring to managing that gear automatically. In the past, this was something done from a crash cart, or in the dark of night to avoid breaking the network, but with local management you have that same crash cart accessibility over the console port. And with intelligent automation, if there is a configuration problem, Uplogix will automatically roll it back to the previous working configuration.

We can go on and on, but the real solution here isn't designing improvements to a weak solution from the old days of networking -- as they say down here in Texas, that's like putting lipstick on a pig. The real solution is to think locally, implementing a whole new animal for your network monitoring... and management.