Tag Archives: vendors

Salesforce Interaction Studio unveiled at Connections 2018

Salesforce Interaction Studio appears to be the latest major launch in the vendor’s push to enable users to capture a more complete picture of their customers — where they choose to spend their time online, how they like vendors to market to them and which ways they prefer to communicate.

Salesforce has spent billions of dollars on acquisitions, integrations and marketing to achieve that goal. And while it’s not there yet — the targets tend to move in the rapidly changing technology landscape — Salesforce is hoping its latest integrations and new products help its customers find a more complete customer journey.

Toward that end of more smoothly guiding customers through the stages of interacting with an organization, Salesforce unveiled several new product integrations, partner integrations and new applications, including Salesforce Interaction Studio. The CRM giant made the product announcements on June 13 at its Connections 2018 conference in Chicago.

Ray Wang, a Salesforce watcher and principal analyst and founder of Constellation Research Inc., said Salesforce Interaction Studio is an effective response to the fast-increasing importance of customer experience in CRM.

“CRM is actually dead. It’s about how can you craft mass personalization at scale,” Wang said. “It’s about building that experience and journey, which has become a lot more important than CRM.”

CRM vendors such as Salesforce are moving beyond customer management and working toward improving the customer experience and journey — the process of customers interacting with a company. That progression is where Salesforce Interaction Studio comes into play.

Built out of an OEM partnership with software company Thunderhead, Salesforce Interaction Studio enables companies to analyze and manage consumer experiences. Additionally, it can recommend the next-best action for customers, depending on how they interact with that brand.

“It allows you to look at cross-channel consumer insight and see next-best action and optimize customer journey,” Wang said.

Marketing Cloud and Google Analytics 360

Salesforce Interaction Studio was just one of the products unveiled at Connections, a conference focusing on marketing, commerce and service.

Building off a partnership announced at Dreamforce last year, Salesforce Marketing Cloud and Google Analytics 360 are generally available for integration for Marketing Cloud customers. According to Wang, the alliance is a blow to one of Salesforce’s chief competitors, Adobe.

“The battle of analytics has been Adobe Omniture versus Google Analytics,” Wang said. “As Microsoft and Adobe have come close together, it’s natural for Salesforce and Google to become allies.”

The partnership will enable customers to merge insight from Marketing Cloud and Google Analytics 360 into a single dashboard within Marketing Cloud, while campaign data will be available within Google Analytics 360 to provide tailored web content.

Another feature, which won’t be available in beta until July, will allow users to create an audience in Google Analytics 360, activate it outside the Google platform and allow users to continue building that audience within Marketing Cloud.

While nothing prevented Marketing Cloud customers from using Google Analytics 360 to track web analytics, the lack of a deep integration with Marketing Cloud made it difficult for users of both to tie that information back to campaigns. By combining Google Analytics 360 with Salesforce’s inward-facing Einstein Analytics, a company can see a more holistic view of a customer’s data.

It’s not personalization — we haven’t gotten to that point yet. But it allows you to think about the type of journeys you’re creating for customers.
Ray Wangprincipal analyst and founder, Constellation Research

“Einstein takes the data inside the Salesforce platform and helps users find insights, while Google Analytics 360 component is based on web analytics,” Bobby Jania, vice president of product marketing for Marketing Cloud, said in a release. “It looks at how consumers are behaving, pages they visit [and] how long they are on there for.”

Combining those analytics insights to the insights from Salesforce Interaction Studio can go a long way in helping customers track consumers’ campaigns, according to Wang.

“It’s a huge void in Marketing Cloud and most other clouds,” Wang said. “It’s about crafting the right experience and understanding where a customer is — it takes context into account.”

While personalization is the ultimate goal for Salesforce and similar companies focused on customer journeys, that pie-in-the-sky objective is still off on the horizon.

“It’s not personalization — we haven’t gotten to that point yet,” Wang said. “But it allows you to think about the type of journeys you’re creating for customers.”

B2B Commerce Cloud

Beyond Marketing Cloud and Salesforce Interaction Studio, Salesforce officially released its B2B Commerce Cloud product, formerly known as CloudCraze. Salesforce acquired the B2B e-commerce product earlier this year, having been originally built on top of Salesforce software using Force.com.

“It will make it easier to see what a user is doing on a commerce site and connect it to Marketing Cloud,” Jania said. “B2B commerce for Salesforce will make that complex order have the same UI as B2C commerce.”

The Salesforce Interaction Studio release continues Salesforce’s long-term campaign to unify sales and marketing departments within organizations.

“You have a stack at Salesforce where marketing and commerce are a lot tighter than they were before,” Wang said.

Salesforce also unveiled Integrations between Commerce Cloud and Service Cloud, allowing service reps to see customers’ buying histories during service calls, opening up the opportunities to up-sell or cross-sell other products.

Pricing information for Salesforce Interaction Studio, B2B Commerce Cloud and the Marketing Cloud-Google Analytics 360 integration wasn’t immediately available.

Pure Storage cloud plan gets warm reception from end users

After hearing the Pure Storage cloud message, customers at the vendor’s Accelerate annual user conference said they were eager to expand their use cases for the vendor’s all-flash storage portfolio.

Pure executives preached simplicity, security and scalability during keynotes at last week’s San Francisco gathering. Customers said they would like to deploy the flash vendor’s revamped products for legacy and emerging AI applications, as well as in public clouds and expanded private clouds.

Charles Giancarlo, CEO of the Mountain View, Calif., company, conjured images of the San Francisco gold rush, likening storage customers to modern-day forty-niners. On average, about half of an organization’s data is never analyzed, because legacy storage infrastructure isn’t equipped to support it, he said.

“We’re moving into the zettabyte era. There’s a huge opportunity to pull that ore out of the ground, and we give you the picks and shovels to do it,” Giancarlo said.

Mining for medical gold

Benjamin Nathan, CIO at the University of California, Los Angeles’ David Geffen School of Medicine, is among those mining for gold in reams of data. Pure Storage FlashBlade scale-out NAS is on his wish list, Nathan said. Although he has no timetable for deploying FlashBlade, Nathan said scale-out NAS is a natural complement to a large FlashArray virtualization cluster.

Pure Storage cloud support for Amazon S3 is attractive, Nathan said, but his Microsoft shop would also like to see Pure integration with Azure.

Nathan became a Pure customer when serving in IT leadership jobs at Cornell University’s Weill Cornell Medical College in New York City before heading west. At UCLA, Nathan said he installed Pure Storage FlashArray to replace roughly 500 physical servers and provided centralized shared storage for more than two dozen IT teams.

“The thing that interests me about FlashBlade, beyond just the performance and scalability, is you can use it to provide storage-like workspaces from Amazon S3 and, hopefully, eventually, Azure,” he said. “I want to seamlessly be able to incorporate our on-premises and cloud storage in one offering that I can manage on the back end.”

When uptime matters

Robert Green, CTO of virtual desktop infrastructure specialist Dizzion, said he was initially skeptical of Pure’s claims it could scale performance to handle any workload. Dizzion, based in Denver, provides desktop as a service to organizations that need continuous uptime.

“I told them, ‘OK, we’ll throw our most challenging workloads at it,'” Green said. “We have one customer that always red-lines our storage, and they can’t have any downtime. I put that workload on the Pure, and it didn’t miss a beat.”

Dizzion’s Pure Storage cloud consists of dense “pods” of compute and storage, Green said. Each pod has 42 server nodes atop 6U of FlashArray storage and can support 3,000 desktops. Dizzion has scaled to nine pods.

“It cost us less to buy the Pure Storage than to keep building our own servers and flash-based storage devices every year,” Green said.

Some Pure Storage cloud customers — such as Workday — are moving slowly to adopt a multi-cloud architecture. Workday provides financial services and human resources software via its private cloud.

Workday replicates mission-critical data among its own data centers, using the cloud selectively, said Job Simon, the Pleasanton, Calif., company’s vice president of IT strategy and architecture.

Workday deploys a Pure Storage cloud environment on FlashArray//M systems to send fast reads and writes in memory to disk. Pure Storage is enormously helpful in managing the throughput for mixed workloads, Simon said.

Data reduction results

Frost Bank, based in San Antonio, switched to Pure Storage after years as a Hitachi Vantara customer. As a financial services firm, Frost Bank avoids placing data beyond its internal firewall, said Dan King, Frost’s vice president of IT operations.

“One of the interesting things I heard during this conference is that people still think of Pure as an array for point-in-time use cases, and that’s not how we use it at all,” King said. “We use Pure to replace entire Hitachi VSPs [Virtual Storage Platforms]. We run 90% of our workloads on the Pure.”

King said he is most impressed by the high data reduction Pure delivers to his highly virtualized storage.

“We had about 150 TB of VMware, but after data deduplication and compression, that equaled 12 TB of actual storage,” he said. “That’s amazing. I would have bought and paid for all of that [capacity] with any other vendor.”

Call center chatbots draw skepticism from leaders

ORLANDO, Fla. — Artificial intelligence chatbot vendors may hype machine learning tools to enhance customer service, but call center leaders aren’t necessarily ready to trust them in the real world.

Part of the reason is call centers are judged by hard-to-achieve performance metrics based on volume, efficiency and customer satisfaction. Once a call center performs successfully against those expectations set by management, it’s hard to convince leaders to entrust call center chatbots with the hard-fought, quality customer relations programs they’ve built with humans.

“I don’t anticipate them having any kind of utility here,” said Jason Baker, senior vice president of operations for Entertainment Benefits Group (EBG), which manages discount tickets and other promotions for 61 million employees at 40,000 client companies. Baker oversees EBG customer service spanning multiple call centers.

“We strive for creating personalized and memorable experiences,” Baker said. “A chatbot — I understand the reason behind it, and, depending upon the type of environment, it might make sense — but in the travel and entertainment industry, you have to have the personalized touch with all interactions.”

Artificial intelligence chatbots were the most-talked-about technology at the ICMI Contact Center Expo, with a mix of trepidation and interest.

Navy Federal Credit Union employs “a few bots” for fielding very basic customer questions, such as balance inquiries, said Georgia Adams, social care supervisor at credit union, based in Vienna, Va.

Her active social media team publishes tens of thousands of posts and comments annually on Twitter, Instagram and Facebook without the help of artificial intelligence chatbots, but “they’re on the horizon.” She stressed that call center chatbots must be transparent — identifying themselves as a bot — and be empowered to transfer customers to human customer service agents quickly to be effective.

“It’s coming, whether you want it or not,” Adams said. “We’re strategizing [and] looking at it. I certainly think they have a lot of value, especially when it comes to things that are basically self-service … but if I’m talking to a bot, I want to know I’m talking to a bot.”

Call center chatbots not gunning for humans’ jobs — yet

Another part of the reason call center personnel might be wary of chatbots — true or not, fair or unfair — is robotic automation will eventually take the humans’ jobs. This idea was dismissed by neutral industry experts such as ICMI founding partner Brad Cleveland, who said alternative customer service channels such as interactive voice response (IVR), email, social media and live chat each caused similar panic in the call center world when they were new. But none of them significantly affected call volumes.

“We hear predictions that artificial intelligence will replace all the jobs out there,” Cleveland said, not just in customer service. “If it does, we’re definitely going to be the last ones standing in customer service. But I don’t think it’s going to happen that way at all.”

Cleveland said he believes artificial intelligence chatbots will likely have utility in the near future, as technology advances and call centers find appropriate uses for them. Machine learning tools that aren’t chatbots, too, will make a difference, he said.

One example on display was an AI tool that can be trained to find — and adapt on the fly — pre-worded answers to common, or complex and time-consuming, customer queries that a human agent can paste into a chat window after a quick edit for sense and perhaps personalization. The idea is they get smarter and more on point over months of use.

But even live chat channels have their limits when they’re run by humans, let alone artificial intelligence chatbots. Frankie Littleford, vice president of customer support at JetBlue, based in Long Island City, N.Y., said during a breakout session here that her agents have to develop a sixth sense about when to stop typing and pick up the phone.

“You know in your gut when to take it out of email or whatever channel that isn’t person-to-person,” Littleford said. “You just continue to make someone angrier when you’re going back and forth — and let’s face it, a lot of people are really brave when they’re not face-to-face or on the phone … If your agents are skilled to speak with those customers, you can allow them to climb their mountain of anger and then de-escalate.”

AI chatbot benefits illustration
ICMI commissioned an artist for select Call Center Expo sessions by whiteboard artist Heather Klar. Here, she illustrated high points from a pro-AI chatbot lecture.

Vendors hold out hope

ICMI attendees weren’t fully buying into the promise of AI chatbots, but undeterred software vendors kept up the full-court press, attempting to sell the benefits of automation and allay fears that chatbots will eventually replace attendees’ jobs.

“We don’t use [AI] to replace human work,” said Mark Bloom, Salesforce Service Cloud senior director of strategy and operations, during his keynote, adding that organizations that attempt to replace people with AI tools haven’t been successful. “We want to augment the work our people are doing and make them more intelligent. That is how we are moving forward.”

You could train a new employee, and they could leave tomorrow. A bot is not going to give up and leave, it’s not going to get sick, and it’s so scalable.
Kaye Chapmancontent and client training manager, Comm100

Setting up call center chatbots will require extensive training in test environments — just like human agents do. Once they’re trained, they require maintenance and updating, but they will solve another vexing problem for call center managers — employee turnover, said Kaye Chapman, content and client training manager for chatbot vendor Comm100, based in Vancouver, B.C.

“You could train a new employee, and they could leave tomorrow,” Chapman said. “A bot is not going to give up and leave, it’s not going to get sick, and it’s so scalable.”

Bob Furniss, vice president at Bluewolf, an IBM subsidiary known for Salesforce automation integrations that’s based in New York, said he believes artificial intelligence chatbots are coming, and AI in general will change both our personal and work lives. He said the potential is there for AI to help ease call center agents’ workload — up to 30% of the simplest customer queries — similar to the promises of IVR and the other channels when they came online in the industry.

Just like all other call center systems, Furniss warned that anything AI-powered will require attention and maintenance to attenuate its actions and keep abreast of changing workflow and updated customer relations strategies.

“This is just like any other technology we have in the contact center,” Furniss said. “You don’t set it and leave it, just like workforce management [applications]. There’s an art and a skill to it.”

Intelligent information management the next wave for ECM

The introductions of AI, automation and an abundance of vendors have caused a seismic shift in content management — so much so that, in 2017, Gartner rebranded the space as content services, a term that covers content services applications, platforms and components.

Content management company M-Files hopes its evolution toward intelligent information management is where the content services industry is heading. The thought being that, as information finds itself in more silos, there’s more importance on what the content is, rather than where it resides.

“What M-Files is doing is interesting, as it’s consistent with what I see in the industry now,” said John Mancini, chief evangelist at AIIM, a nonprofit research and education firm in Silver Spring, Md., focusing on information management. “Everyone is trying to figure out how to leverage its existing content and how to push as much as possible in the direction of the user so that content management becomes more user-defined, rather than a top-down approach.”

Focus on content type, not new thinking

The concept of focusing on what content is, rather than where it resides, isn’t unique to 2018. Intelligent information management is gaining in importance, however, as information is scattered across clouds, on-premises systems and mobile devices.

We spent 15 years trying to convince people to care about what repository something is in, but they still don’t.
John Mancinichief evangelist, AIIM

“We spent 15 years trying to convince people to care about what repository something is in, but they still don’t,” Mancini said. “But they do care if it’s a contract or a proposal or an internal document.”

It’s with that in mind that M-Files released M-Files 2018, which connects to market leaders in content storage — ranging from other content management services, like OpenText and Laserfiche, to more classical repositories, like on-premises network folders or SharePoint, and expanding out to systems of record, like Salesforce and Dynamics 365.

“There’s this trend of consumerization — the idea that the way you’ll be most productive is by allowing users to work the way they want to work,” said Greg Milliken, vice president of marketing at M-Files, based in Plano, Texas. “There’s the OpenText or Laserfiche type, where the structure is defined, and this is how we’re going to work. But everyone works a little bit differently.”

Finding content wherever it’s stored

What M-Files is touting is, with its intelligent information management platform, users will be able to natively search for content based on its metadata and locate and view any content no matter where it may be stored.

“It speaks to the trend we’re going toward, which is away from static silos and one-size-fits-all approach to something where content can be anywhere and it comes to you like a service,” Milliken said. “You can look into these repositories with a common lens.”

Being repository-agnostic requires some form of AI, and M-Files hopes its partnership with ABBYY will prove fruitful in building out its intelligent information management software.

“The way I think about it sometimes is upside-down content management,” Mancini said, referring to the repository-agnostic approach — and not a reference to Stranger Things. “Content management used to be a very top-down, orchestrated process. That colored how we all thought about the tools that individual knowledge workers used. And in that process, we tended to overcomplicate that from an end-user perspective.”

A list of the various vendors to which M-Files 2018 is connected includes other content management players, on-premises share folders and CRM systems. The connectors vary in price, according to M-Files.
A list of the various vendors to which M-Files 2018 is connected includes other content management players, on-premises share folders and CRM systems. The connectors vary in price, according to M-Files.

Partnership adds AI to content management

Last year’s partnership between M-Files and ABBYY brought AI functionality to the vendor, which M-Files hopes benefits its users by automatically classifying and tagging documents and other content with the correct metadata, saving users time and minimizing human error.

“Where you put something comes down to the company or even the individual,” Milliken said. “Someone might put a document in a customer folder; someone else might put it in a specific project folder — now, it’s derived automatically. The idea of applying AI to a meta-driven approach is what we’ve been striving for.”

Mancini sees a metadata-driven, repository-agnostic approach as a potential transition for the content management market.

“What’s happened in the last couple of years and in surveys we’ve done, people and companies with long-term ECM [enterprise content management], the primary challenge they come back to us with is usability,” Mancini said. “The metadata-centric approach of M-Files is an attempt to do this through the prism of a knowledge worker and to see if that redefines content management.”

M-Files 2018, currently available for download, is a platform upgrade for existing customers. The AI metadata layer is an additional cost for new and existing customers, starting at $10,000 per year and varies depending on the size and scope of the company. The connectors to various repositories are also an additional cost, depending on the connector.

Video conference tools spread among buyers and sellers

Video conference tools are becoming more versatile. As a result, video conferencing vendors are expected to support more features and high definition across multiple endpoints, including mobile devices, desktops and conference rooms. Buyers, too, need to assess more options, as use cases have expanded.

New video conferencing use cases are making visual collaboration a strategic imperative for enterprises, according to a recent report from Aragon Research Inc., an advisory firm based in Morgan Hill, Calif. Aragon views video conference use cases as part of the larger unified communications and collaboration landscape.

More and more, enterprises are trying to align collaboration investments with business outcomes, the report found. As a result, Aragon said it expects to see further growth in video conference tools. For enterprises, video conference use cases — along with quality and reliability — will be key buying criteria. As is the case with most technology purchases, video conference use cases will dictate vendor selection.

“Our advice to enterprise buyers is to first consider what your core requirements are with regard to web and video conferencing,” the report reads. “We encourage buyers to consider which capabilities and products best fit the required use cases that pertain to your enterprise.”

For example, if an enterprise has internal and external-facing use cases for a large number of people, then webcasting tools may be the best fit. In the near future, Aragon added, expect new video conference use cases to arise in 2018 as endpoints become fully mobile, with cars and drones playing a larger role.

Video conference tools across modalities

For video conference vendors, mobility is the new competitive frontier, Aragon said, as vendors look to enable video meetings from anywhere on any device. But buyers beware, as video experiences on mobile devices and the ease of accessing meetings can vary.

The Aragon report advised buyers to carefully evaluate providers for ease of connectivity. For instance, the mobile application should automatically connect to the meeting via voice over IP or dial-in. Additionally, the mobile app should not require a passcode and provide one-click connectivity.

“Ease of use is not optional, no matter the device or the environment,” the report stated. “Albeit there are still providers today who are not optimized for mobile.”

In addition to mobile, video conference vendors are expected to support desktop and room-based meetings to allow seamless switching among devices.

Conference rooms get video upgrades

Because of cloud technology and lower hardware prices, Aragon predicted fivefold growth in video-enabled conference rooms from 2017 to 2022. In five years, 65% of conference rooms will be video-enabled, Aragon said.

Enterprises need to digitize conference rooms, open workspaces and smaller huddle areas, Aragon advised, as employees face new work demands, including increased collaboration across groups, distances and affiliations.

Collaboration providers that fail to support business process and application integration will miss this wave and be left behind.

Aragon also cited the importance of “intelligent” video rooms, where meetings can be automated and employ artificial intelligence to gain a deeper understanding of meeting activity and the devices and users involved. Many providers have also looked to enhance meetings by using HD video with auto-zoom and HD audio with auto-muting of background noise.

As video conference tools evolve, businesses are demanding high-quality, high-resolution meetings. To date, Avaya, Cisco, Google and Vidyo offer 4K video support, Aragon said. The research firm said it expects to see more support for 4K video in 2018 and beyond.

In addition to HD quality, video conference vendors are now expected to integrate with other business applications. Collaboration providers that fail to support business process and application integration will miss this wave and be left behind, Aragon said.

Chart vendor roadmaps

Overall, as video conference tools evolve — thanks to cloud technology — vendors and buyers are also expected to evolve to stay competitive and enhance collaboration workflows. The cloud is one of the key reasons for the widespread video conference tools today.  

The wide-ranging Aragon report, written by Aragon CEO and lead analyst Jim Lundy, highlights the convergence of web and video conferencing services and examines 22 providers in the market. The report, released this month, stated real-time video conference tools bring together geographically dispersed teams visually, which can improve collaboration.

“Enterprises need to realize visual collaboration can help speed up internal employee and external customer journeys to get to faster business outcomes,” Lundy said in a statement. “The enterprises who are leveraging visual collaboration have a competitive advantage because they’re supporting how their people and customers need and want to work.”

The report advised enterprises to ask for detailed roadmaps from providers to ensure they mesh with enterprise technology and business direction.

Recapping 2017’s biggest trends in networking technology

Editor’s note: Cisco accelerated its shift to software, vendors launched new tools for managing data centers, and analytics, fueled by machine learning, stole the spotlight. Here, a recap of some of the most significant 2017 trends in networking technology.

Data center infrastructure trends in networking

In February, Cisco joined Microsoft to offer Azure Stack services in its UCS server. Throughout the early months of the year, Cisco revenues continued to fall, dropping for a fifth consecutive quarter because of declining sales of routers and switches.

Cisco attracted a lot of attention for its Digital Network Architecture (DNA) software initiative, which included a new line of Catalyst campus switches engineered to pave the way for a more intuitive way to program the network. DNA eliminates the need to program devices manually through the command-line interface; instead engineers use a policy-based approach to determine network behavior. Later that summer, Cisco said it would acquire SD-WAN vendor Viptela for $610 million in a bid to consolidate its WAN offerings.

In the fall, Cisco launched Intersight, a software-as-a-service initiative slated to become a management option for the vendor’s Unified Computing System and HyperFlex, a hyper-converged infrastructure platform. It also bolstered its Application Centric Infrastructure SDN software by enabling it to run across multiple data centers.

Other data center news included Juniper’s work on a switch fabric intended for multiple data centers, with a single set of management tools and higher spending on public cloud services. Juniper also made a series of announcements in December that included the release of bot software aimed at automating certain network functions.

Additionally, Dell EMC made its NOS standard on new open networking switches and Arista expanded its spine-leaf architecture for hyperscale data centers. Dell followed up its NOS announcement by releasing a line of high-speed switches for data centers and carriers in the fall.

Vendor consolidation gained traction, with Extreme Networks purchasing the data center business of Brocade, as well as the networking assets of Avaya.

Wireless LAN technology trends

The past 12 months were relatively quiet in WLAN trends in networking, as enterprises worked to deploy systems based on the 802.11ac Wave 2 specification.

One important technological development took place, however, as vendors began to release switches and other components capable of supporting the 2.5 and 5 GbE standard, which was ratified by the IEEE in late 2016. Toward that end, Dell EMC, among others, released multigigabit campus switches for both wired and WLAN deployments.

In February, Arris International said it would purchase WLAN vendor Ruckus Wireless Inc. for $800 million. Arris said Ruckus would continue to operate as an independent unit as it targets its technology to service providers and the hospitality market.

That acquisition was followed by a similar move by Riverbed Technology, which bought wireless LAN vendor Xirrus to complement its SD-WAN portfolio.

In June, Aruba released a core switch, aimed at large campus networks and internet of things applications. The 8400X switch also supports Aruba’s WLAN portfolio of products and software.

Extreme Networks announced plans in July to embed its recently acquired Avaya fabric technology in switches and management software to centralize control of large campus wired and wireless networks. And Aerohive, one of the last remaining independent Wi-Fi vendors, said it would add SD-WAN features to its cloud-based wireless controller in a bid to offer a more comprehensive service package to its customers. It also released a low-cost version of its Connect management platform for smaller deployments.

Network performance management and monitoring

In February, Cisco added policy-enforcement capabilities to its Tetration Analytics engine. The upgrade included a cheaper version for midsize companies. Following on the Tetration update, the vendor also launched cloud management for hyper-converged infrastructure in early March, providing enterprises with more choices in how they oversee the vendor’s  HyperFlex product.

VeloCloud beefed up its SD-WAN software with policy options to make it more responsive to network performance problems. The new capabilities let enterprises dedicate segments of the network to specific traffic. In the event of glitches, the software reroutes traffic to alternative routes.

Intent-based networking (IBN) — policy-based software that tells the network what you want instead of telling it what to do — was one of the biggest trends in networking technology. Cisco said IBN would reshape much of its network management efforts, while startup Apstra Inc. upgraded its software that lets companies configure and troubleshoot network devices from multiple vendors.

The addition of analytics — fueled by machine learning — within network management and monitoring applications also gained steam. ExtraHop Networks added machine learning as a service to its Discover packet capture appliances.

In November, Nyansa upgraded its Voyance remediation engine to flag potential sources of network trouble, improve analytics and recommend fixes.

Return of Bleichenbacher: ROBOT attack means trouble for TLS

A team of security researchers discovered eight leading vendors and open source projects whose implementations of the Transport Layer Security protocol are vulnerable to the Bleichenbacher oracle attack, a well-known flaw that was first described in 1998.

The Bleichenbacher attack has been referenced in all IETF specifications for the Transport Layer Security (TLS) protocol since version 1.0 in 1999, and implementers of TLS versions through 1.2 were warned to take steps to avoid the Bleichenbacher attack. However, the researchers noted that, based on the ease with which they were able to exploit the vulnerability, it appears that many implementers ignored the warnings.

The attack is named after its discoverer, Daniel Bleichenbacher, a Swiss cryptographer who was working for Bell Laboratories in 1998 when his research on the vulnerability was first published. The TLS protocol, which was meant to replace the Secure Sockets Layer, is widely used for encryption and the authentication of web servers.

The research team  included Hanno Bock, information security researcher; Juraj Somorovsky, research associate at the Horst Görtz Institute for IT Security at the Ruhr-Universität Bochum in Germany; and Craig Young, , computer security researcher with Tripwire’s Vulnerability and Exposures Research Team (VERT). “Perhaps the most surprising fact about our research is that it was very straightforward,” the researchers wrote. “We took a very old and widely known attack and were able to perform it with very minor modifications on current implementations. One might assume that vendors test their TLS stacks for known vulnerabilities. However, as our research shows in the case of Bleichenbacher attacks, several vendors have not done this.”

The researchers said many web hosts are still vulnerable to the ROBOT attack and that nearly a third of the top 100 sites in the Alexa Top 1 Million list are vulnerable. The team identified vulnerable products from F5, Citrix, Radware, Cisco, Erlang, and others, and “demonstrated practical exploitation by signing a message with the private key of facebook.com’s HTTPS certificate.”

The researchers described their work as the “Return Of Bleichenbacher’s Oracle Threat” (ROBOT) and published it in a paper of the same title, as well as on a branded vulnerability website. The team also published a capture the flag contest, posting an encrypted message and challenging the public to decrypt the message using the strategies described in the paper.

TLS protocol designers at fault

The researchers placed the blame for the ease of their exploits squarely on the shoulders of TLS protocol designers. The ROBOT attack is made possible by the behavior of servers implementing TLS using the RSA Public-Key Cryptography Standards (PKCS) #1 v1.5 specification; the issues that enable the Bleichenbacher attack are fixed in later versions of PKCS. TLS 1.3, which is expected to be finalized soon, deprecates the use of PKCS #1 v1.5 and specifies use of PKCS #1 v2.2.

The TLS protocol designers absolutely should have been more proactive about replacing PKCS#1 v1.5.
Craig Youngcomputer security researcher, Tripwire VERT

“The TLS protocol designers absolutely should have been more proactive about replacing PKCS#1 v1.5. There is an unfortunate trend in TLS protocol design to continue using technology after it should have been deprecated,” Young told SearchSecurity by email. He added that vendors also “should have been having their code audited by firms who specialize in breaking cryptography since most software companies do not have in-house expertise for doing so.”

TLS as currently deployed ignores improperly formatted data, and as described in 1999 in RFC 2246. “The TLS Protocol Version 1.0,” the original specification for TLS 1.0, the ROBOT attack “takes advantage of the fact that by failing in different ways, a TLS server can be coerced into revealing whether a particular message, when decrypted, is properly PKCS #1 formatted or not,” the RFC 2246 document states.

The solution proposed in that specification for avoiding “vulnerability to this attack is to treat incorrectly formatted messages in a manner indistinguishable from correctly formatted RSA blocks. Thus, when it receives an incorrectly formatted RSA block, a server should generate a random 48-byte value and proceed using it as the premaster secret. Thus, the server will act identically whether the received RSA block is correctly encoded or not.”

Potential for attacks, detection and remediation

The researchers noted in the paper that the ROBOT flaw could lead to very serious attacks. “For hosts that are vulnerable and only support RSA encryption key exchanges it’s pretty bad. It means an attacker can passively record traffic and later decrypt it,” the team wrote on the ROBOT website, adding that “For hosts that usually use forward secrecy, but still support a vulnerable RSA encryption key exchange the risk depends on how fast an attacker is able to perform the attack. We believe that a server impersonation or man in the middle attack is possible, but it is more challenging.”

Young said that it might be possible to detect attempts to abuse the Bleichenbacher vulnerability, but it would not be easy. “This attack definitely triggers identifiable traffic patterns. Servers would observe a high volume of failed connections as well as a smaller number of connections with successful handshakes and then little to no data on the connection,” he told SearchSecurity. “Unfortunately, I am unaware of anybody actually doing this. Logging the information needed to detect this can be cumbersome and for a site receiving a billion connections a second, it could be quite difficult to notice 10-100 thousand failed connections.”

As for other, ongoing risks, Young said that while “PKCS#1 v1.5 is not being used in TLS 1.3 but it is still used in other systems like XML encryption. Whether or not it can be disabled through configuration is highly application specific.”

Salesforce small-business customers can tap into AI, too

Salesforce competes against numerous boutique CRM, marketing and service-oriented cloud vendors catering to SMBs that don’t have the overhead Salesforce requires to do business. It might be argued that many SMBs don’t need all the bells and whistles Salesforce has to offer.

Marie Rosecrans, Salesforce’s senior vice president who leads SMB outreach, discussed at Dreamforce 2017 how SMBs can capitalize on the rich app and feature choices, as well as free training materials, that only Salesforce small-business customers can access.

What are the main challenges Salesforce small-business customers face that you’re trying to help solve?

Marie Rosecrans: One of the biggest challenges is just … time. They don’t have a lot of time. One of the things that we look to do as a technology vendor is save time by creating solutions that are easy to set up, easy to use and easy to scale. We get a lot of feedback from customers saying they want something they can set up immediately because they are so time- and resource-constrained.

With that simplicity in mind, and knowing that AI requires large data sets to derive usable insights, how can small businesses use Einstein, which is a complicated technology under the hood?

Rosecrans: One of the best tools we make available to all of our customers — but is most valuable to SMBs — is Trailhead. It’s a fun, easy, interactive way to learn. It gives everyone access to a lot of information and knowledge, and I would use that as a starting point to get educated around what you need as a small business. It’s not just for Salesforce; it’s, ‘What should I be considering as a small business around investing in CRM?’

Marie Rosecrans, Salesforce small-business leadMarie Rosecrans

Artificial intelligence is a topic that is getting a lot of momentum these days. I think small businesses feel daunted by the whole notion of AI. We launched a product called Essentials for folks just dipping their toe into CRM. We have incorporated elements of artificial intelligence directly into Essentials to help SMBs realize the benefits of that. As our customers work in email and calendars, all of that info is being captured into their CRM without data entry. That’s AI at work for them, right away.

There have been some low-code/no-code do-it-yourself Salesforce app-building tools released earlier this year and more announcements here. Is that feasible for Salesforce small-business customers? At the same time, might that cut into longtime partnerships Salesforce has with app developers who connect with SMBs?

As our customers work in email and calendars, all of that info is being captured into their CRM without data entry. That’s AI at work.
Marie Rosecranssenior vice president for SMB outreach at Salesforce

Rosecrans: Salesforce started as an SMB. SMBs have been core to our company, and so we keep that user experience top of mind. I absolutely agree that small businesses should be looking at low-code/no-code, declarative programing as a solution to accelerate their technology investments.

No two small businesses are alike. Each has its unique business challenges that they are looking to solve. One of the things that we look to make available to all of our customers is the AppExchange, the world’s largest business applications marketplace.

Finding, winning and keeping customers aren’t the only business challenges that small businesses have. So, by making the AppExchange available, we know there are going to be partner solutions out there that may more specifically fix or solve [those] business challenges. We want small businesses to use or embrace technology, because that will set them along that growth path.

Peering into the future of enterprise storage for 2018

As the end of the year approaches, analysts, vendors, consultants and anybody else who has some time on their hands are turning their attention to that age-old annual rite of making predictions about what tech to expect in the coming year.

Although I’ve ridiculed these prognostications in the past, I am not above making predictions of my own about the future of enterprise storage. Hopefully, you’ll find my prophecies a bit more fun, even if they do skimp on the facts. But, you know what, those of us who are bold enough to look into the future and tell the world what we see — no matter how silly or creepy that vision may be — can hardly be encumbered by the limitations of truth, reality and, well, sanity.

So, here it goes …

Toshiba enters a new dimension

As I peer into my SAN-attached crystal ball, I see Toshiba stumbling over a nuclear power plant to, almost literally, cause billions of IT dollars to atomize into thin air, leaving the company no choice but to sell off its most profitable, and least scary, business — it’s solid-state labs and fabs. Oh wait, that already happened, didn’t it? We’ve been reading about the sale of that business for what seems like six or seven years now.

My real prediction is we will finally find out that 4D flash is the reason why Western Digital has so desperately clung to its joint development deal with Toshiba. Already bored with run-of-the-mill 2D and 3D flash, Toshiba’s scientists have invented a new dimension where flash cells can be lined up left and right, stacked up and down, and spun out into alternate universes in the future of enterprise storage. With its infinite capacity and endless scalability, 4D has no need for wear leveling or program erase or any of those old-fashioned techniques used to extend the lives of chips stuck in a mere three dimensions.

Dell EMC splits

By about Q2 2018, Michael Dell will realize the honeymoon is over, and the venerable Dell EMC brand is in need of a shake-up that will have a profound effect on storage technology trends. With no shareholders to confer or contend with, Dell will hold long, animated conversations with himself — captured by the webcam on his Dell XPS 15 laptop (with 8 GB of RAM and a 256 GB SSD).

After weeks of negotiations, during which Dell storms out in a huff on more than one occasion, he announces that Dell EMC will split into two publicly traded companies. Dell will sell laptops and servers, and buy storage companies that few have heard of (and fewer have bought from). EMC will focus on storage hardware, diversifying by buying up so many smaller companies they have to create a team just to keep track of acquisitions.

Nutanix’s super-extra-mega-hyper-converged system

Each new Nutanix HCI system will include a living, breathing admin, sandwiched somewhere between the storage, servers and networking gear.

Nutanix, a pioneer of the hyper-converged infrastructure craze that has dominated storage and systems discussions for the last couple of years, will one-up the growing ranks of competitors by adding a new service to its HCI product line. Move over Acropolis, Prism and Enterprise Cloud and make room for Norman. While combining storage, servers, networking and virtualization in a single product helped revolutionize data center infrastructure, Norman promises to turn that on its ear in 2018.

Stuffing all that infrastructure into a single package was pretty cool and oh so convenient, but Nutanix engineers realized something was missing: someone to run the whole thing and treat users with disdain when they request a new virtual machine or some disk capacity. Enter Norman. Each new Nutanix HCI system will include a living, breathing admin, sandwiched somewhere between the storage, servers and networking gear. By the second half of 2018, expect Nutanix’s competitors to play catch-up, doing their best to erase the line that separates the man-machine interface with their own versions of the ultimate converged solution.

LTO-142 debuts

Faced with higher and higher HDD capacities and flash systems that can store the entire world’s knowledge on a single PCIe card, the LTO Consortium decided to speed up product development to keep pace with the competing media. Thus, instead of following up the recent rollout of LTO-8 with LTO-9, the consortium — anchored by IBM, Hewlett Packard Enterprise and Quantum — will take the bold step of shortcutting its previously laid out LTO product development roadmap, accelerating the program with the release of LTO-142 products.

The LTO-142 specs will include capacities of up to 12 yottabytes compressed (3 YB native) and transfer speeds too damned fast to measure. It remains to be seen what effect these radical developments in tape technology will have on the future of enterprise storage or if they’ll even be noticed.

Future of enterprise storage closer to home

In 2018, you will need more capacity and have less money to spend. When you start shopping for more storage, you will have a dizzying array (pun intended) of storage choices, ranging from traditional shared systems to hyper-converged gear to object to cloud and so on.

It looks like you’ll have your hands full even if my fearless forecasts about the future of enterprise storage don’t come to fruition. Happy New Year!

CEO: How SOTI software shoots to stand out

Technology vendors are distancing themselves from the term enterprise mobility management.

Earlier this month, BlackBerry CEO John Chen called enterprise mobility management (EMM) a “lousy market.” Meanwhile, SOTI Inc., in Mississauga, Ont., is aiming to become more of a household name in enterprise mobility by expanding into new areas.

“Anybody selling just EMM these days is a dinosaur,” SOTI CEO Carl Rodrigues said.

SOTI, which has 17,000 enterprise customers, offers products designed to address businesses’ various mobile needs, from managing and securing devices to building and supporting applications. SOTI software includes MobiControl for EMM, MobiAssist remote help desk software and SOTI Snap for mobile app development.

Here, Rodrigues discusses his company’s push into new areas, as well as changes in the EMM market.

What do mobile-minded organizations need to focus on besides EMM nowadays?

Rodrigues: In the first wave of companies needing EMM, they were just trying to manage office devices. We’re way past that. Mobile is becoming mission-critical to companies’ operations. Many are running completely on mobile, and they need to be able to create apps that run on mobile devices effectively and support remote workers.

Who can deliver a disruptive business with just EMM? You need to buy 10 other pieces of technology. To create an app, that can cost $800,000 to create one on an Android platform; then you need to do it again on Apple. RMAD [rapid mobile app development] tools eliminate that barrier. If companies know they don’t have to spend millions to get started, mobile becomes more accessible.

How has the EMM market changed, and how has SOTI software evolved to address that?

Customers [leveraging mobile] have many more problems than EMM.

Rodrigues: Customers have many more problems than EMM. Our platform tackles the core problems that our customers and IT have, from app generation to how to support your people out in the field.

SOTI software has some major competition in the EMM market. What sets you apart?

Rodrigues: There are other EMM solutions out there, but [those customers] need to buy a separate help desk solution. That’s not designed for the modern era. We can remote in to the mobile device and see what’s happening from the desktop.

What about joining forces with one of bigger players as the EMM market consolidates?

Rodrigues: They’ve all come to us and tried to purchase us. [Rodrigues declined to disclose which companies.] But why partner up when we have the better product?

If SOTI has the better product, why are other vendors doing better, and why isn’t SOTI ranked higher in market reports?

Rodrigues: Traditional analyst and market reports speak to outdated ways of evaluating businesses. Profitability is overlooked, with market share [valued] over profitability. The traditional way of looking at the EMM market is quickly becoming outdated and irrelevant.

But SOTI’s market-leading position has been validated by top analyst firms.

What is your favorite movie?

Rodrigues: The Spider-Man movies — the classic ones, with just Spider-Man. Now they have 95 other superheroes in one movie.

What is the best dish you cook?

Rodrigues: My family is from the Portuguese colony of Goa in India. One of the things I make is this special tea with cardamom and dark pepper. You use loose-leaf tea and cook it with the milk.

If you could travel anywhere in the world, where would you go?

Rodrigues: After university, I visited Santorini in Greece. It’s a beautiful place. The food is amazing.