Wedge Networks Inc.

Joint demo at Interop Las Vegas 2014 showcases cloud-based virtual lab environment for SDN/NFV testing

SUNNYVALE, Calif.–(BUSINESS WIRE)–March 31, 2014–
Spirent Communications, a provider of networks, device and applications testing products, today announced that it is collaborating with Wedge Networks to demonstrate the new Spirent Velocity virtual lab environment. Selected as a Best of Interop 2014 Finalist, Spirent Velocity is a unique cloud-based virtual lab environment that enables testing of Software Defined Networks (SDN) and Network Function Virtualization (NFV).

Highlights of the Demonstration

The joint demonstration, featured at Spirent’s booth #727, showcases how NFV providers can easily setup and run tests to quickly bring high-performance virtual appliances and applications to market. In this demonstration, Spirent Velocity will enable the provisioning of virtual devices-under-test, such as the Wedge Networks NFV-based security solution, dramatically reducing the capital expenditure associated with physical labs. Spirent Velocity will showcase how rapid test setup and execution with packaged methodologies from Spirent TestCenter Virtual and Spirent Avalanche Virtual lets users quickly gauge performance and security in a stressed cloud. Furthermore, the demo will highlight Spirent Velocity’s ability to orchestrate Spirent TestCenter Virtual on OpenStack.

Solutions in the Demonstration

Spirent Velocity helps accelerate time to market and reduce CAPEX and OPEX associated with traditional test beds. This virtual test lab allows users to set-up a virtualized test fabric that emulates their desired deployment architecture including choice of hypervisors, guest operating systems, reference server setup, NFV and other technologies such as SDN controllers and switches.

Wedge Networks will be providing the first-ever demonstration of NFV for Security (NFV-S) solution. NFV-S is a new paradigm in providing network security for the ISP and Data Center markets being launched by Wedge Networks that brings advanced network security capabilities into virtualized functions – all in a complete, real-time and elastic solution. The WedgeOS(TM) powered Wedge Networks Cloud Security Platform(TM) provides an elastic, embedded and on-demand solution to deliver a security capability independent of physical network topology and hardware networking systems.

Supporting Executive Quotes

“As providers start evaluating network function virtualization solutions and deploying NFV in their networks, they need to know that on-demand security services can be layered over the virtualized network,” said Jeff Wilson, principal analyst for security at Infonetics Research. “The NFV-S solution is the type of forward-looking solution that providers need if they want to deploy NFV-compatible security services – no matter the location, service, or bandwidth.”

“Wedge Network’s NFV-based security solution will be deployed in the cloud, so it makes absolute sense to test our solution in the cloud as well,” said Dr. Hongwen Zhang, CEO of Wedge Networks. “Spirent Velocity provides us the ability to rapidly provision the virtual test bed, and then verify that our virtual solution maintains performance while scaling under rapidly increasing load.”

“Spirent is pleased to be partnering with Wedge Networks for this joint demonstration,” said Patrick Johnson, Spirent’s vice-president of cloud services solutions. “Wedge Networks is re-inventing network security and Spirent Velocity is re-inventing the world of test itself, ultimately accelerating the transformation of the network.”

For more information on Spirent Velocity, visit:

www.spirent.com/products/velocity

About Wedge Networks(TM)

Wedge Networks(TM) is transforming the way security is delivered. Powered by the innovative WedgeOS(TM) the Wedge Networks Cloud Security Platform(TM) is designed to combat the shifting threat landscape associated with mobility, cloud, internet of things and the consumerization of IT. Unlike first generation security products, cloud-assisted appliances or even dedicated security clouds, the Wedge Platform enables inline inspection of both inbound and outbound traffic embedded within the cloud layer across all platforms and device types without latency. The Wedge Platform(TM) is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, Internet service providers, and across all industry verticals. Wedge Networks is headquartered in Calgary, Canada and has international offices in Sunnyvale, USA; Beijing, China; and Manama, Bahrain. For more information visit, http://www.wedgenetworks.com/

About Spirent Communications plc

Spirent Communications plc. (LSE: SPT), a global leader in test & measurement, offers an extensive portfolio of solutions to test data centers, cloud computing and virtualized environments, high speed Ethernet networks and services, 3G/4G wireless networks and devices, network and application security, and positioning technologies. For more information visit

http://www.spirent.com/about-us/News_Room/About_Spirent_Communications_plc.aspx

“Wedge Networks sees a completely different view of the future of device, computer and enterprise security. They believe that most of the effort around anti-virus and anti-malware should be further up the food chain. More specifically they believe it’s the responsibility of the telco.” For the full article, please visit TechDay.

“Cloud is both a concern and an enabler of security.”

– Tim Dillon, Asia Research Director, Current Analysis

Wedge CEO, Dr. Hongwen Zhang, was quoted, along with leading industry analyst Tim Dillon, Asia Research Director, Current Analysis, in Singapore Business Review’s article on Cloud Security, published on January13, 2014.

For the full article, please visit Singapore Business Review.

“Rainwater straight from the clouds is distilled water, as safe to drink as tap water. Can you say the same about data from the Cloud?” asks Dr Hongwen Zhang, CEO of Wedge Networks. “How would you react to a water company that sold water as polluted as the typical spam and malware riddled Internet connection?”  This also raises serious concerns for the Internet’s long-term survival.

By Dr. Hongwen Zhang, Wedge Networks CEO

Water is the stuff of life: nearly 60% of our bodyweight is made of water and the presence of water is the first thing astronomers look for when considering a habitable planet. Find a good source of clean water and you are established for life: ancient trade routes went from water source to water source, and cities grew up around those precious assets.

In cyberspace it is not water but information that flows to those nodes. But the same rule applies: deliver good information and business will flourish. For the service provider the information comes from the Cloud, just as water ultimately comes from the clouds, but is it as clean? How might a service provider benefit if it could promise not just data, but pure data for its customers?

What’s in it for the Service Provider?

Customer churn is one of service providers’ biggest headaches. The annual churn rate in global mobile telecommunications service companies ranges from 20% to 40% and it gets worse as the market matures. It’s common knowledge that the cost of acquiring a new customer is way over the cost of retaining an existing one – it reduces profits as well as the referral benefits of continuing service customers.

So consider my question: “how would you react if your water supply was as polluted as a typical Internet connection?” You would be forced to spend money on your own filter systems or water sterilizing tablets, bottled water from other suppliers, and would be constantly looking for better ways to buy water.

This is just how it is for Internet users: they are expected to invest in third party anti-virus and security systems, so they have less to spend on services. Then they get angry at the daily floods of spam and keep looking for better, or at least cheaper, services and providers.

This is the very engine of churn. A constant pressure from unwanted spam mail – carefully engineered with every psychological ploy to attract your attention and distract you – and you are forced to trawl through your in-tray in order not to miss a few vital e-mails that might also be there. More than 97% of all emails sent over the net are unwanted, according to a Microsoft security report – and the daily count of spam messages passed the 200 billion mark in 2010. There’s also the money and time spent on third party Internet protection software to keep out malware… Then you hear about a different provider that seems to be offering a good deal, maybe start with a clean new e-mail account? For the customer it’s just scratching at an itch – for the provider it’s churn.

Now change the scenario: you have a provider who, for the last year, has provided good service with guaranteed levels of spam reduction and malware protection that match your need without any extra effort on your behalf. Why bother to change? We are back to the more usual business situation here, where it is far easier to sell to an existing customer than to woo a new one.

20 to 40% churn is not normal behavior, it’s a symptom of frustration. Reduce that frustration by delivering clean data, and you reduce churn

The bigger issue

I’ve argued so far that any company that finds a way to deliver unpolluted Internet access will gain an immediate advantage from slashing customer churn. Good for them – but what about the benefits to business, the economy and society?

This would not make much difference to the large enterprise or public organization that has already invested heavily in security solutions. Such groups have their own well-defined requirements which vary from the military’s bomb-proof security, through the high speed needs of financial traders, the personal data protection of healthcare and government and so on. They will have their own security systems in place and a specialist team to administer them.

The real beneficiaries will be the individuals, home users and smaller businesses that don’t want to be vulnerable but resent the time and resources needed to provide their own protection. This is a large sector of the population, but is it as economically significant as the larger enterprises?

Taking Europe as an example, the EU website defines SME as having less than 250 employees, of which “small” means less than 50 employees and “micro” means less than ten employees. In these terms SMEs “provide two out of three of the private sector jobs and contribute to more than half of the total value-added created by businesses in the EU. Moreover, SMEs are the true back-bone of the European economy, being primarily responsible for wealth and economic growth, next to their key role in innovation and R&D” according to the EU website. Canadian figures rate “small” as less than 99 employees, “medium” as less than 500, while “large” 500 or more employees: in these terms “Small businesses make up 98.2% of employer businesses, medium-sized businesses make up 1.6% of employer businesses and large businesses make up 0.1% of employer businesses.”

If these figures are at all typical – and there are around 220 million companies worldwide with less than 250 employees – then the economic benefits of cleaner Internet connectivity to any country will be enormous. And this is simply in terms of the time and cost savings to smaller businesses that do not have the resources to protect themselves from malicious and time wasting traffic.

Add to that the benefits to home users, for whom the Internet is largely a provider of recreation and social contact. A society where people can interact, share experiences and freely discuss ideas is potentially a very healthy society. But when the medium of communication becomes polluted with phishing probes, spam contacts, “grooming” and other forms of malicious traffic, then the medium that once united society becomes the very means to fragment it and spread distrust and anger.

To take a specific example: there are already more than 2.1 billion mobile web users amongst a total world population of 7 billion, and the 2013Q2 China Mobile Security Market Quarterly Research Report includes a survey result suggesting that 53% of mobile data users do not want to install security software in their mobile devices. This might seem shocking news to an IT security professional, but it simply reflects human need and is an extension of the frustration that a home user would feel at having to take steps to secure home IT systems. For the fact is that much of the attraction of mobile web access lies in its immediacy, simplicity and directness – once you start complicating that with more passwords and levels of security that attraction goes.

So this is the bigger picture: a society that provides clean Internet access and does not leave the main burden of security to the individual user will not only gain economically but also benefit from better social cohesion and less discontent.

But is it possible?

The move to cloud computing has barely started, but it is another game-changer in terms of the need for better security in the Internet. With estimates around a trillion dollars per annum for the damage that is already being done by Internet pollution to the world economy – despite some $60+ billion being spent to resist it – it is clear that clean Internet would make a staggering contribution to global economic and social welfare. But is it a pipe dream? How would it be realized?

Another game changer has been the massive increase in content on the web, driven particularly by the popularity of video. With 90% of attacks being concealed within content – text, video and sound – any solution needs to involve real-time object level analysis of network traffic. This “Deep Content Inspection” not only analyses the bytes within the network packets, but also the digital objects that are carried over many network packets can also be recognized and handled. Clearly, inspection at this level is an enabler for any number of new network applications, and removing spam and malware is just the beginning.

I began by addressing the benefit to the service provider: deliver clean Internet to your customers and you have an immediate competitive advantage. OK, I also suggest that all SPs should do this, so the competitive advantage would be short lived, however the reduction in churn remains as an important bonus.

But there is another factor here: if the service provider has the means to clean up the traffic, including content, then there is also the potential to provide a range of security and other services. “Clean Internet”, like clean water, is of course by far the biggest draw overall, but there will also be some customers with special needs who would appreciate an SPs offer of “flavored water” with added levels or styles of filtering according to region of origin, language, date of origination or any number of special criteria. Deep Content Inspection offers unlimited potential for future services along these lines.

What is needed to achieve this must be an add-on “security layer” – for few providers would welcome a forklift upgrade of their immense and far flung infrastructure investment. It should be provided as software, running as a hardened, embedded operating system, that can be installed on ordinary off-the-shelf hardware appliances and servers, or else packaged as virtual machines.

The good news is that such software is already available and thousands instances of it are already deployed in service providers, enterprises, and small businesses worldwide, performing high performance deep content inspection for these organizations. Use it to “clean up their act”, and service providers now have a major opportunity to improve business and make a significant contribution to society.

The biggest issue

A cleaner Internet has enormous implications for business and society. It also raises important issues about the future of the Internet itself.

It has already been suggested that a very large network, by its very complexity, adaptability and organic growth, has many characteristics of a living organism. A living organism, however, consists of more than just flesh and bone, for it has systems that overlay that structure. The nervous system plays the role of a recognisably distinct “control plane” that receives data from every part of the body, in the form of senses and pain, and transmits back signals to control and manage that body.

Modern trends in networking recognise a similar need for a control plane to turn a static network into a dynamic “living” entity that can adapt to fast evolving business and regulatory demands. This is the essence of software-defined networking (SDN) and is now widely recognised as the future of networking.

All complex life has evolved such a nervous system, together with other systems that function in parallel. Wikipedia states that: “The immune system is a system of biological structures and processes within an organism that protects against disease. To function properly, an immune system must detect a wide variety of agents, from viruses to parasitic worms, and distinguish them from the organism’s own healthy tissue.” This is a very clear description of biological deep content inspection.

It goes on to describe the “layered response” of an immune system, beginning with innate immunity that provides an immediate, non-specific defence for all plants and animals from single cells upwards. Then there is the adaptive immunity that has been developed in vertebrates such as human beings: “Here, the immune system adapts its response during an infection to improve its recognition of the pathogen. This improved response is then retained after the pathogen has been eliminated, in the form of an immunological memory, and allows the adaptive immune system to mount faster and stronger attacks each time this pathogen is encountered”. As pathogens evolve and adapt, the immune system has evolved multiple defence mechanisms to keep pace.

The point is that ultimately no organism can survive without some form of immune system, just as it cannot move and adapt without a nervous system. So what is the long-term future of networking unless we can develop not only a software-defined nervous system but also a software-defined security system that is built into the structure itself?

The security layer I have described will provide an immune system for the organism we call the Internet. This software-defined security is as fundamental a development as SDN.

It could prove vital to the Internet itself, as well as to society and the economy.