Tag Archives: Networks

Juniper-Ericsson partnership aimed at 5G market

Juniper Networks has partnered with Ericsson to offer carriers a collection of products for moving 4G and 5G traffic from a cell site to the network core. The deal marks an important win for Juniper, which is filling the void left by the nearly dead partnership between rival Cisco and Ericsson.

The Juniper-Ericsson alliance combines routers and software from both companies to build an optical transport for a mobile network that carriers can manage through a single software console, according to the vendors. The partners’ combined routers include Juniper’s MX and PTX series and Ericsson’s 6000 hardware.

Juniper and Ericsson have partnered on technology for almost 20 years. But the latest deal is a “significant win” for Juniper, because it improves the company’s chances of winning deals, as service providers build out their network infrastructure to deliver 5G wireless services to consumers and businesses, said Rajesh Ghai, an analyst at IDC.

For example, the partnership could provide Juniper with access to the many service providers that use Ericsson’s radio access technology to connect customers’ mobile devices to the carriers’ core networks, Ghai said. Ericsson has a 40% share of the radio access market.

Also, of the three top carrier suppliers, Ericsson is the only one without an extensive routing portfolio — a void Juniper can fill. The other two suppliers are Nokia and Huawei.

“It was critical that Juniper get aligned with Ericsson,” Ghai said. “It remains to be seen how exclusive Ericsson can keep the relationship.”

Meanwhile, Juniper’s biggest rival, Cisco, is more focused on selling its routers directly to service providers, rather than through Ericsson, Ghai said. Also, Cisco and Ericsson compete with products for the packet core, which has created “suspicion between the two partners.”

Cisco and Ericsson announced a wide-ranging partnership in 2015, but financial troubles pushed Ericsson into an extensive reorganization that prevented the company from following through on the deal. Nevertheless, Cisco has never declared the partnership dead, despite its failure to reach sales goals.

“Where we need to partner with Ericsson, we will continue to do that. And where we’re working directly with SPs [service providers], we’ll continue to do that,” said Sumeet Arora, general manager of service provider network systems at Cisco.

Juniper, Ericsson combined products for service providers

The Juniper-Ericsson partnership includes Juniper’s MX Series 5G Universal Routing Platform and its PTX Series Packet Transport Routers. The hardware supports mobile infrastructure for 10 Gb, 100 Gb and 400 Gb optical transport.

Juniper has aimed the MX at the service provider’s WAN edge, which could include routing traffic from a cell site onto the service provider’s core network. The PTX Series can handle traffic on the service provider’s backbone. Juniper has also designed the hardware to handle internet peering and data center interconnects.

Juniper’s MX and PTX routers are interoperable with Ericsson’s Router 6000 mobile backhaul and fronthaul portfolio. A wireless backhaul router connects mobile device traffic to a network node, such as the internet or a proprietary network. A fronthaul device sits at the access layer of the network and aggregates traffic from IoT devices.

Other hardware covered in the partnership includes Ericsson’s MINI-LINK microwave radio backhaul device. The partners are also offering software such as Juniper’s firewall, called the SRX Series Services Gateway, and Ericsson’s management and orchestration technology for controlling all the partners’ products.

In general, analysts do not expect service providers to take 5G infrastructure technology into production until next year, with businesses unlikely to buy 5G services until 2020 at the earliest. Industry observers expect IoT to be an initial driver of the 5G commercial market.

Misconfigured Tor sites leave public IP addresses exposed

The Tor network’s degree of anonymity has come under increased questioning over recent years, and new research found public IP addresses can be connected to misconfigured Tor sites.

Yonathan Klijnsma, lead threat researcher at RiskIQ, a cyber threat intelligence company based in San Francisco, said he found out about the misconfigured Tor sites when crawling the web to associate SSL certificates with the host IP address for the site.

Klijnsma found misconfigured Tor servers that were listening to requests on public IP addresses instead of on the localhost IP address, 127.0.0.1, which is the default address for traffic originating on the same system. Tor servers must listen only on localhost in order to preserve the anonymity users expect from the Tor network and to keep anonymized Tor network traffic off of the public internet.

If correctly configured, an SSL certificate for a Tor site would only be associated with the dark web onion address of that site. But if a misconfigured Tor site listens on a public IP address, the certificate will also become associated with that address. However, it is unclear whether the issue is widespread.

Klijnsma did not respond to requests for comment at the time of this post.

Klijnsma began tweeting about the issue in July in order to make Tor administrators and users aware that sites they expected to be anonymous may not be. And he has even gotten pushback on his research.

Klijnsma’s research isn’t the first to find ways to deanonymize Tor. Researchers previously found that domain-name-system monitoring could be used to identify Tor users. And the FBI notably chose not to disclose a Tor vulnerability it used to find a suspect in a child porn case, leading to the case being dismissed.

Talari SD-WAN targets mobile with Meta Networks integration

Talari Networks’ customers can now combine their software-defined WAN service with a network-as-a-service platform from Meta Networks.

The platform offered by Meta Networks, an Israel-based NaaS startup, targets remote and mobile users who need to access data center and cloud applications. While SD-WAN technology offers remote connectivity to an extent, it is limited in its flexibility to connect individual remote and mobile BYOD users, as most can’t deploy a physical or virtual SD-WAN appliance. With Talari’s support for Meta Networks’ NaaS software, Talari customers located outside the software-defined WAN perimeter can connect using one of Meta’s multiple points of presence (POP) worldwide.

With the platform, user devices connect to the closest Meta POP to access corporate resources. Instead of applying policies based on site location, Meta Networks takes a user-centric approach by specifying policies and application authentication based on individual user permissions. Network administrators, for example, can create policies that deny mobile users access to certain websites or cloud applications.

The integrated offering is now available for Talari SD-WAN customers.

Versa Networks adds managed SD-WAN partner

Versa Networks added another service provider to its managed SD-WAN partner list. California Telecom, headquartered in Chino, Calif., joins existing Versa Networks partners CenturyLink, China Telecom Global, Comcast Business and Verizon in adding managed SD-WAN services to its portfolio.

California Telecom customers can choose from three available purchasing options: SD-WAN standard, SD-WAN advanced and SD-WAN secured. Load balancing, automated failover, error correction and circuit monitoring, among other features, are included in all three options. Customers can add additional features, such as firewalls, antivirus and content filtering and advanced routing.

“We spent over a year looking for an SD-WAN platform we could integrate into our existing MPLS infrastructure that could offer all the features that were being promoted in the industry,” said Jim Gurol, California Telecom’s CEO, in a statement. Versa’s Cloud IP Platform paired well with California Telecom’s infrastructure, he added, allowing the service provider to go to market immediately.

Customers can deploy California Telecom’s managed SD-WAN service to create various WAN designs, including hybrid MPLS, cloud-based SD-WAN and security-focused models, Gurol said.

SD-WAN adoption impeded by available options

Enterprises are investigating SD-WAN, but the technology is still being adopted relatively slowly, according to a report conducted by Sapio Research at the request of Teneo, a consulting firm and technology integrator.

While almost half of the 200 senior IT and networking managers surveyed said they were investigating SD-WAN in some form, only 20% said they’ve deployed the technology. A third of the respondents hadn’t yet evaluated SD-WAN technology. Part of the reason for SD-WAN’s slow adoption is the large number of available SD-WAN options and variants, according to Marc Sollars, CTO of Teneo, based in Dulles, Va.

“Many firms are clearly putting a toe in the water on SD-WAN or doing a proof of concept, but it’s still very hard to say when this test phase will start to translate into enterprise-level implementations,” Sollars said in a statement. “In many ways, the broad range of choice that SD-WAN brings is what’s causing companies to hesitate over their decisions.”

Respondents indicated the primary driver to consider SD-WAN deployment is to help address the growing complexity of network infrastructure and performance tasks. Cutting network costs and better infrastructure management followed behind.

Cambium Networks certified in Express Wi-Fi by Facebook program

Wi-Fi vendor Cambium Networks, based in Rolling Meadows, Ill., has been certified in a Facebook Wi-Fi program that looks to expand internet connectivity to underserved locations around the world. Express Wi-Fi by Facebook works with carriers, internet service providers and local entrepreneurs to provide affordable internet access in public yet remote places.

Currently, Express Wi-Fi by Facebook is live in India, Nigeria, Kenya, Tanzania and Indonesia. The program allows access point (AP) manufacturers like Cambium to build Wi-Fi hardware that’s compatible with Express Wi-Fi by Facebook.

Cambium, a global provider of wireless network services, is one of the first Wi-Fi vendors to join Facebook’s Express Wi-Fi certified ecosystem, Cambium said in a statement this week. Cambium works with service providers and enterprise network operators to build edge connectivity. It specializes in providing end-to-end wireless fabric of cloud-managed platforms.

In the Facebook partnership, Cambium is enabling network deployment with its Frictionless Wi-Fi cnPilot enterprise-access service, Cambium president and CEO Atul Bhatnagar said in a statement. The cnPilot Wi-Fi products feature indoor and outdoor APs that can be installed in new or existing wireless local area networks.

The Express Wi-Fi network requires Wi-Fi vendors to support specific communications protocols to enable Facebook internet service provider partners to deploy Express Wi-Fi networks, according to Chetan Hebbalae, senior director of product management at Cambium. Facebook approves only Wi-Fi vendors that have passed its interoperability qualifications, he added.

As the goal of the Express Wi-Fi by Facebook program is to provide internet access to remote places, Bhatnagar noted approximately 3.8 billion people are unconnected around the world.

Nyansa provides free network insights

Network analytics vendor Nyansa Inc., based in Palo Alto, Calif., is making worldwide network data freely available. The data has been collected by Nyansa’s Voyance software-as-a-service platform that monitors hundreds of business networks with millions of end-user client devices. 

The free and public dashboard, called Voyance Live, is the first and only repository of network analytics, Nyansa said in a statement. The service was developed to help network professionals gain insight into the behavior of business networks that are not their own.

Voyance Live updates continually and provides insights into various network issues, service performance and client incidents. The aggregated network insights include the top Wi-Fi APs, best and worst performing applications, a breakdown of enterprise client devices in use by operating system, as well as the top issues affecting network performance.

Voyance Live does not share customer data but gleans anonymous insights and analytics from enterprise networks. The service can provide organizations with quantifiable answers to network issues by using real network data.

Voyance Live uses wired and wireless network data from more than 12 million client devices and hundreds of thousands of Wi-Fi APs under observation within Voyance, Nyansa’s commercial network analytics service. By using cloud sourcing, Voyance Live collects and processes petabytes of network data, analyzing billions of client events and detecting tens of thousands of incidents.

SevOne to add support for VMware NSX SD-WAN

SevOne, a Boston-based network and infrastructure management services provider, said its SevOne SD-WAN Monitoring Solution will support VMware NSX SD-WAN by VeloCloud. SevOne’s SD-WAN monitoring tool, released earlier this year, is designed to help managed service providers (MSPs) that offer network services over multi-tenant, multivendor networks.

The SevOne SD-WAN Monitoring Solution supports WAN infrastructures from Cisco, Huawei, Juniper, Nokia and others. It also supports Cisco SD-WAN. VMware NSX SD-WAN by VeloCloud provides bandwidth expansion, as well as access to data and enterprise and cloud applications.

MSPs need to view and access network performance data from the complex services running across their MPLS-based services, as well as hybrid WAN services, SevOne said in a statement.

The latest SevOne SD-WAN service, scheduled for release later this year, will provide real-time and historical insight into enterprise and service provider networks with customizable dashboards for network operations and engineering, product owners and business executives. MSPs can use SevOne’s SD-WAN monitoring tool for visibility across their entire service delivery path, including enterprise Wi-Fi from campus to branch and software-defined data centers.

Arista CloudVision gets multi-cloud, NSX security features

Arista Networks has added to its CloudVision management console the ability to apply security policies across virtualized switching fabrics running on Amazon Web Services, Google Cloud and Microsoft Azure.

Arista also introduced this week an integration between Arista CloudVision and NSX, VMware’s software for provisioning virtualized networks. The combination lets engineers take security policies created in NSX and apply them to Arista switches running in the data center.

The latest features come about a year after Arista introduced a virtualized version of its network operating system, called vEOS, for AWS, Google and Azure. At the time, Arista added some vEOS controls to CloudVision, which competes with Cisco CloudCenter.

The new multi-cloud feature within Arista CloudVision lets engineers modify the access control lists (ACLs) in vEOS switches, said Jeff Raymond, vice president of EOS product management. The capability, which the vendor calls Zone Segmentation Security, eliminates having to worry about the unique security mechanisms in each of the three public clouds.

Companies often create virtual networks in the public clouds to deliver security, load balancing and other services to applications. Amazon and Google call the networks Virtual Private Clouds (VPCs) while Microsoft refers to them as virtual networks (VNet).

Arista has integrated its Zone Segmentation feature with Zscaler’s cloud-based web gateway. The integration lets companies use Zscaler to apply security policies for traffic heading from a campus network or remote office to the cloud provider. Arista CloudVision applies policies to traffic flowing between and within virtual networks.

Overall, Arista is using CloudVision to address a trend toward more collaboration between corporate networking and security teams, said Shamus McGillicuddy, an analyst at Enterprise Management Associates, based in Boulder, Colo. A recent EMA survey found that 91% of security and network infrastructure teams were working together using shared or integrated tools.

The latest Arista offerings also show the vendor recognizes its customers need security that stretches from the private data center to the public cloud, said Bob Laliberte, an analyst at Enterprise Strategy Group, based in Milford, Mass. “Building out a strong security ecosystem will be critical, and delivering a capable management platform for hybrid cloud environments will be important for its customers to effectively manage those hybrid environments.”

VMware NSX integration with Arista CloudVision

The NSX integration bridges the gap between VMware virtual networks and Arista physical switches in the data center. With CloudVision, engineers will be able to take security policies created for NSX environments and apply them to workloads running on the hardware.

NSX policies define the network resources accessible to groups of workloads and applications running on the virtual network. CloudVision applies those policies to an Arista fabric by converting them into a format that can become a part of the switch’s ACL.

As a result, engineers can save time by using just NSX for creating security policies, according to Raymond.

New hardware-based encryption in Arista routers

Finally, Arista plans to release four routers with built-in support for encryption standards. For the enterprise WAN, Arista embedded hardware-based IPSec in the 7020SRG for site-to-site virtual private networks. The router is a 10 GbE platform.

For the data center interconnect, Arista will provide MACsec encryption in the new 7280CR2M and the 7280SRAM. Both routers offer wire-speed encryption with 10 GbE and 100 GbE for up to 100 kilometers. For MACsec encryption up to 2,500 km, Arista introduced the 7280SRM, which has 200 GbE Coherent interfaces for metro and long-haul links.

Arista plans to release all the new technology by the end of September.

Arista sells its products primarily to tier-one and tier-two service providers, financial institutions and high-tech companies, including Microsoft, Amazon and Facebook.

Recently, however, the company has aimed some new hardware at enterprises with more mainstream data centers. In May, for example, the company introduced switches for the campus LAN.

Array bolsters throughput, security in NFV appliance

Array Networks Inc. has introduced an upgrade of its network functions virtualization hardware. New features in the AVX NFV appliance, which provides application delivery, security and other networking operations, include support for 40 GbE interfaces and higher throughput for encrypted traffic.

Array, based in Milpitas, Calif., launched the AVX5800, AVX7800 and AVX9800 appliances this week. Along with support for optional 40 GbE network interface cards (NICs), the latest hardware provides a significant improvement in elliptic curve cryptography (ECC) processing over a Secure Sockets Layer virtual private network (SSL VPN).

The new NFV appliances include Array’s latest software release, AVX 2.7. The upgrade provides better fine-tuning of system resources for virtualized network functions running on the platform. Other improvements include the ability to back up and restore AVX configurations and images via USB and an online image repository for software running on AVX appliances.

Array has also added enhancements for companies using the NFV appliance with OpenStack environments. The company has introduced a hypervisor driver that lets the AVX platform serve as an OpenStack compute node.

The AVX NFV platform, launched in May 2017, comprises a series of virtualized servers for running Array and third-party applications, such as Fortinet’s FortiGate next-generation firewall and Positive Technologies’ PT AF web application firewall.

A10 Harmony Controller Update

A10 has launched an upgrade to its Harmony Controller, an application delivery controller, or ADC, that is also a cloud management, orchestration and analytics engine.

A10, based in San Jose, Calif., released Harmony version 4.1 last week, adding improvements to the product’s ability to configure and manage policies across A10’s line of Thunder security appliances.

New features in Harmony include preloaded Thunder ADC services. Also added to the controller is a self-service app for Thunder SSL inspection, which decrypts traffic, so security devices can analyze it.

AVX9800
Array Networks’ AVX9800 NFV appliance

Other improvements include extending Harmony’s analytics history to 12 months, so network operators and security pros can go further back in time when investigating events.

Harmony is a cloud-optimized ADC that can spin up specific services anywhere in a hybrid cloud environment. The software also incorporates per-application analytics and centrally manages and orchestrates application services.

Aviatrix improves its AWS security

Aviatrix has added to its AVX network security software better control over traffic leaving Amazon Web Services. The enhancements provide customers with stronger protection against internal threats and external attacks.

The new AVX capability announced last week focuses on filtering egress data from an AWS virtual private cloud (VPC). An AWS VPC provides a private cloud computing environment on the infrastructure-as-a-service provider’s platform. The benefit of a VPC is the granular control a company can get over a virtual network service serving sensitive workloads.

AVX for AWS VPCs verifies the traffic destination’s IP address, hostname or website, the vendor, based in Palo Alto, Calif., said. An inline, software-controlled AVX Gateway does the VPC filtering and prevents traffic from going to unauthorized locations.

The Aviatrix platform, which comprises a controller and gateway, operates over a network overlay that spans cloud and data center environments. The new VPC egress security feature is available as part of the platform, which is available only as software.

Companies can deploy the Aviatrix product through the AWS marketplace. Aviatrix also has versions of its technology for Microsoft Azure and Google Cloud.

Mist Systems gives VMware NSX SD-WAN a boost

Arista Networks and VMware, both recent entrants in campus and branch office networking, have made significant moves to add cloud-based Wi-Fi management and analytics to their respective software portfolios.

VMware launched this week interoperability between its NSX SD-WAN and Mist Systems’ machine learning engine for maintaining Wi-Fi performance. Meanwhile, Arista acquired Mojo Networks for the startup’s analytics, which it calls Cognitive WiFi.

Arista’s purchase of Mojo shows the former vendor taking control over its Wi-Fi offering, rather than depend solely on its current deal to offer Aruba wireless products from Hewlett Packard Enterprise, said Bill Menezes, an analyst at Gartner. “[They’re] going to have much more input and control over the pace of tech development.”

The VMware-Mist collaboration, on the other hand, reflects an industry trend of connecting the wireless access layer in remote offices to an SD-WAN product, Menezes said.

“That’s something that most of the major vendors are looking at in one way or another,” he said. “Some of them, like Cisco and Aruba, are developing that capability in-house.”

Mist is providing interoperability between its products and NSX SD-WAN through open APIs. As a result, the combined products deliver to IT administrators “end-to-end visibility and insight into users, application and network performance for LAN and WAN,” the companies said in a statement. Other features include trend detection and recommendations to avoid problems, and event correlation and anomaly detection for fault isolation and remediation.

Mist combines big data and machine learning to track user behavior on Wi-Fi and ensure network performance. The company’s machine learning engine will help NSX SD-WAN analytics by gathering more than 100 different user states from access points (APs).

Metrics gathered by Mist technology include the time it takes an AP to connect to devices and the number of failed attempts. The system can also collect roaming data, such as when a mobile device switches APs to take advantage of a stronger signal or leaves an AP that’s dropping too much data.

Mist will also add to NSX SD-WAN anomaly detection for APs, mobile devices, operating systems and applications connecting to Wi-Fi. Mist and VMware will sell their products separately through joint channel partners.

In 2017, VMware entered the market for branch-office networking with the acquisition of software-defined WAN vendor VeloCloud. In May, VMware extended its virtual networking software, NSX, to remote offices through integration with VeloCloud, which the company renamed NSX SD-WAN. Combining the technologies made it possible for VMware customers to use NSX for policy-based network management across the data center and branch.

Arista acquires Mojo

The VMware-Mist collaboration came nearly a week after Arista said it would acquire Mojo for its cloud-based software focused on network analytics and management. The acquisition, which Arista expects to close by the end of September, is the company’s first. Arista did not release financial details.

Arista announced the Mojo acquisition roughly three months after introducing its first switches for the campus LAN. Available in the fall, the 7300X3 and 7050X3 spline switches are 10/25/40/50/100 Gigabit Ethernet gear equipped with telemetry and monitoring features designed to help network operators  diagnose performance problems.

Arista acquired Mojo for its machine learning and big data platform. The Cognitive WiFi system tracks more than 300 key performance indicators, Gartner said in its latest Magic Quadrant for the Wired and Wireless LAN Access Infrastructure. The research firm listed Mist and Mojo in the visionary quadrant of the report.

As a campus network supplier, Arista needed more than just technology for the wired LAN, Arista CEO Jayshree Ullal told financial analysts during a recent conference call. That’s because a growing number of Arista customers are turning to Wi-Fi as it approaches multigigabit speeds.

“What we bought Mojo for was their Wi-Fi, their Cognitive WiFi, and the software capabilities associated with the access points [Mojo provides],” Ullal told analysts, according to a transcript on the financial site Seeking Alpha.

Arista plans to  merge Mojo technology with its CloudVision network management software that combines cloud computing, big data and machine learning. The product collects and archives network state and runs a suite of applications against the data to provide visibility, automate the deployment of network components, and analyze and report on incidents.

Juniper boosting performance of SRX5000 firewall for IoT, 5G

Juniper Networks has introduced a security acceleration card that boosts the performance of the company’s SRX5000 line of firewalls to future-proof the data centers of service providers, cloud providers and large enterprises.

Juniper designed the services processing card, SPC3, for organizations anticipating large data flows from upcoming multi-cloud, internet-of-things and 5G applications. Besides meeting future demand, the SPC3 can also accommodate current traffic increases due to video conferencing, media streaming and other data-intensive applications.

The SPC3 multiplies performance up to a factor of 11 across key metrics for the SRX5000 line, Juniper said. Organizations using the Juniper SPC2 can upgrade to the SPC3 without service interruptions.

What’s in the SRX5000 line?

The SRX5000 line’s security services include a stateful firewall, an intrusion prevention system, unified threat management and a virtual private network. Network operators manage security policies for SRX5000 hardware through Juniper’s Junos Space Security Director.

With the addition of an SPC, the SRX5000 line can support up to 2 Tbps of firewall throughput. The line’s I/O cards offer a range of connectivity options, including 1 Gigabit Ethernet, 10 GbE, 40 GbE and 100 GbE interfaces.

Security is one area Juniper has reported quarterly revenue growth while overall sales have declined. For the quarter ended June 30, Juniper reported last month revenue from its security business increased to $79.5 million from $68.7 million a year ago.

However, overall revenue fell 8% to $1.2 billion, and the company said sales in the current quarter would also be down. Nevertheless, the company expects to return to quarterly revenue growth in the fourth quarter.

Avi load balancer gets tighter with Cisco products

Avi Networks, a maker of software to improve application performance and security, has introduced version 18.1 of its Vantage Platform, which provides better integration with several Cisco products.

The upgrade offers “enhanced integrations” with Cisco AppDynamics, Tetration and its software-defined networking architecture, called Application Centric Infrastructure (ACI), according to Avi, based in Santa Clara, Calif. The ACI integration simplifies the process of placing application services, such as the Avi load balancer, on ACI networks.

Avi, which doesn’t sell physical hardware, provides software companies can deploy on premises or in the cloud. The Vantage Platform offers elastic load balancing and web application security on a per-application basis. The company also makes an application delivery controller that provides Layer 4-7 services to containerized applications running in cloud environments. The Avi load balancer and other services compete with products from F5 and Citrix.

The latest version of Vantage Platform provides integration between the Avi Controller and Cisco’s Application Policy Infrastructure Controller. Avi connects the controllers through REST APIs.

The Vantage upgrade also delivers telemetry from its Layer 4-7 services to the AppDynamics application performance management suite and the Tetration network analytics engine for the data center.

In June, Cisco Investments joined a $60 million round of funding for Avi, which brought its total funding to $115 million. Other investors included DAG Ventures, Greylock Partners, Lightspeed Venture Partners and Menlo Ventures.

LiveAction intros LiveNX Server Appliance

LiveAction plans to release on Aug. 1 its LiveNX Server Appliance, a network performance monitor developed with the help of Savvius, a packet monitor maker LiveAction acquired in June.

The latest product provides LiveAction customers with a hardware option for deploying the company’s technology. Previously, deployment options were limited to a public cloud or a virtualized server within a data center.

Savvius’ “extensive hardware tuning experience” made it possible for LiveAction to deliver the LiveNX hardware quickly, the company said. LiveAction plans to release other acquisition-related products in the future.

Flow monitoring is a core feature in LiveNX, which taps into the NetFlow data-collection component built into routers and switches from Cisco and other manufacturers. The software uses the data to determine packet loss, delay and round-trip time, while also showing network administrators how well the network is delivering application services.

Analysts expect LiveAction, based in Palo Alto, Calif., to combine its network performance monitor with Savvius’ packet monitor into a single product. Today, companies often buy those types of technologies separately, using a performance monitor for spotting problems and a packet monitor for performing in-depth analyses to pinpoint causes.

Corvil launches Intelligence Hub

Network analytics vendor Corvil plans to release this summer Intelligence Hub, a product designed to deliver intelligence to business operations, as well as network performance data to IT departments.

Intelligence Hub applies machine learning and predictive analytics to packet data to spot changes in business activity related to the total number of transactions, individual orders and products, conversion rates and response times. The software sends change alerts to business teams.

For network operators, the software provides many of the features contained in Corvil’s appliances, such as identifying and alerting on network anomalies, including packet loss, a dip in network performance or an increase in latency.

In general, Corvil products capture, timestamp and forward network packets to a separate capture appliance, where they are analyzed. Corvil can provide the hardware, or, in the case of Intelligence Hub, the software can run on a third-party device.

Corvil products can send customized streams of network data to big data sources, such as ElasticsearchHadoopMongoDB and Splunk, so IT departments can draw more targeted information from the tools.

Corvil, headquartered in Dublin, competes with ExtraHop, ThousandEyes, Riverbed and NetScout.

Tintri acquisition proposal leaves customers in limbo

While DataDirect Networks awaits the outcome of its proposed acquisition of Tintri assets, Tintri customers wonder what it all means for them.

High-performance computing (HPC) storage specialist DataDirect Networks (DDN) believes the Tintri acquisition is a way to appeal to mainstream enterprise IT shops. DDN made a bid to acquire Tintri’s assets for an undisclosed sum after Tintri filed for bankruptcy in early July — barely a year after going public on the Nasdaq.

DDN sees a way to broaden its appeal with Tintri’s flash-based, analytics-driven storage arrays, but the acquisition isn’t yet certain. The two vendors have signed a letter of intent, but the proposed sale won’t be finalized until the completion of a court-ordered bidding process. That means bidders could emerge to challenge DDN.

Users react to planned Tintri acquisition

The uncertainly of the Tintri acquisition affects its customers, who remain unsure of what it means for their maintenance contracts. DDN declined to estimate how long the bidding process might take.

That leaves Tintri customers bracing for what comes next. The city of Lewiston, Idaho, used Tintri arrays to replace legacy storage. Systems administrator Danny Santiago said the hybrid storage was a “magic cure-all” for labor-intensive management. Lewiston’s storage includes a Tintri T620 and two T820 hybrid arrays for primary storage, backup and replication.

“I spent about half my day fighting LUN management. When we got the Tintri, I got that time back,” Santiago said. “I can go six months and never have to touch the Tintri storage. The interface is beautiful. It gives you metrics to let you know if a problem is [tied to] storage, the network or on the Windows OS side.”

Now, Santiago said he doesn’t know what to expect. His agency is in year one of an extended three-year Tintri support contract for the T620.

“Financially, we’re not in a position to change our storage,” he said. “We put a lot of money into these Tintri boxes, and we need to get the life expectancy out of them.”

The Fay Jones School of Architecture and Design at the University of Arkansas installed Tintri several years ago to replace aging EMC Clariion storage — the forerunner to the Dell EMC VNX SAN array. Scott Zemke, the Fayetteville, Ark., school’s director of technology, said Tintri competitors have already started knocking on his door.

“Quite honestly, we rarely have issues with the Tintri arrays. But, of course, we’re looking at contingency plans if we have to do a refresh. One vendor is offering ridiculously stupid deals to trade in our Tintri storage, so it will be an interesting next couple of months,” Zemke said.

“I know Tintri really wanted the business to work, but it seems like they have just had management problem after management problem. Hopefully, DDN will continue to support the stuff. We have DDN arrays in our HPC data center, and they’re a great company to work with, too,” Zemke said.

Is predictive analytics key to Tintri acquisition?

According to Tintri’s securities filings, DDN’s bid would encompass most of Tintri’s assets, including all-flash and hybrid virtualization arrays. But the predictive Tintri Analytics platform may have a greater impact on DDN’s business. The SaaS-based data lake provides real-time analytics and preventive maintenance. Customers can automate capacity and performance requirements for each virtual machine.

Predictive analytics is considered a valuable feature for modern storage arrays. Hewlett Packard Enterprise considered Nimble Storage’s InfoSight analytics a key driver of its $1.2 billion acquisition of Nimble in 2017, and HPE has since integrated InfoSight into its flagship 3PAR arrays. DDN could follow the same playbook by incorporating Tintri Analytics into its other products.

Financially, we’re not in a position to change our storage. We put a lot of money into these Tintri boxes, and we need to get the life expectancy out of them.
Danny Santiagosystem administrator for the city of Lewiston, Idaho

Tintri’s technology would help DDN serve mainstream enterprises seeking to implement AI and machine learning, said Kurt Kuckein, senior director of marketing at DDN, based in Chatsworth, Calif.

“We have plenty of organizations where we work with data scientists or the analytics team, but we really haven’t had a product for enterprise IT shops. Adding Tintri gives us a well-baked technology and a large installed base,” Kuckein said.

In the near term, DDN plans to maintain the Tintri brand as a separate engineering division. Real-time Tintri analytics eventually could wind up in branded AI ExaScaler turnkey appliances, he said.

Tintri Analytics is part of the Tintri Global Center management portal. The intelligence can predict hardware failures and automate support tickets. Tintri typically shipped replacement parts to customers by the next business day.

According to George Crump, president of IT analyst firm Storage Switzerland, Tintri’s analytics are “as good, if not better,” than Nimble’s InfoSight.

“DDN is probably the perfect acquirer for Tintri,” Crump said. “It’s profitable. It has a massive amount of storage experience. And there’s almost no overlap between the DDN and Tintri product. All the Tintri stuff would be net-new business.”

Will DDN breathe new life into Tintri storage?

The proposed Tintri acquisition follows a rocky period for the vendor. Tintri filed for Chapter 11 protection this month — just weeks after the one-year anniversary of its initial public offering (IPO). Some experts saw going public as a desperation move after Tintri failed to secure additional private investment. Tintri also went through two CEOs between April and June.

Tintri initially hoped for a share price in the range of $11.50 to raise about $109 million in June 2017, but its IPO opened at $7 and raised only $60 million. Shares rose no higher than $7.75, and Nasdaq eventually delisted Tintri after its shares dropped to below $1 for 30 consecutive trading sessions.

Aside from investors’ lukewarm reception, several strategic missteps conspired to doom Tintri. Crump said the company undercut its key differentiators of analytics and quality of service (QoS) when it launched an all-flash array in 2015.

“Tintri’s marketing message should have been, ‘Don’t buy an all-flash array, and here’s why,'” Crump said. “DDN should get rid of the all-flash model and just focus on selling the hybrid arrays. When your system is faster than all of your workloads combined, then you don’t really need QoS. That would get people’s attention.”