5 Channel Ops: Infrascale's 15-Minute Guarantee, Virtual Instruments, TrapX
The annual Black Hat show, which wrapped up yesterday, is an early indicator of some ways attackers might target your customers in the coming year. Among the 2015 high (or low, depending on your perspective) spots were sessions showing how a Jeep was hijacked through an open port, how a hacktivist group from Iran and Syria operates, and a keynote discussing why women make up only 10 percent of the information security industry.
Speaking of attacks, on Friday, Cisco’s Talos security team warned of a phishing campaign where emails purporting to be from Microsoft offering Windows 10 upgrades actually carry CTB-Locker, a ransomware variant. “Currently, Talos is detecting the ransomware being delivered to users at a high rate," wrote the team, which also shows how to detect the fake offers. It’s worth warning customers and end users to be very cautious. Ransomware is difficult, though not impossible, to recover from.
Ransomware Killer: DRaaS
The best way to beat any data loss, whether malicious or not, is effective backups. To that end, Infrascale this week announced a new Cloud Failover Appliance aimed at making disaster recovery simpler and more affordable. The product, available as a virtual or physical appliance, includes integrated backup and archiving. The company says it can concurrently fail over up to 200 VMs (VMware or Hyper-V), as well as Windows and Linux servers and applications; in fact, Infrascale guarantees 15-minute failover to a second site. Partners can enable encryption of data in transit and at rest, with optional private keys.
There’s still customer resistance to DRaaS, according to the 2015 DRaaS Attitudes & Adoption Report, which surveyed more than 350 IT pros from organizations with between 100 and 5,000 employees. The authors, ActualTech Media principals Scott Lowe and David Davis, say a perceived high cost is the primary inhibitor to DRaaS adoption for 36 percent of respondents. A lack of in-house IT resources and complexity were also listed as barriers. As result, 22 percent still use tape and offsite storage as their primary DR methodology. Only 10 percent of respondents could fail over critical business applications within 15 minutes.
"We believe this data indicates that small and mid-sized companies are largely being under-served when it comes to emerging DR and DRaaS solutions," said Lowe. Analysts say DRaaS could be a $20 billion market by 2020, and this report, which was sponsored by Infrascale, suggests there’s plenty of room for partners to grab a piece of that revenue.
The Cloud Failover Appliance starts at $3,427 plus a monthly fee for failover services and is available now through Infrasale’s partner network and select volume resellers.
PLUS: Storage startup Tintri this week announced the closing of a $125 million funding round, bringing its total haul to $260 million. This doesn’t surprise me — the company’s application- and VM-aware storage appliances combine SSD and HDD in a RAID 6 configuration and dramatically simplify storage in virtualized environments. Tintri is looking for partners; check out its online presentation on August 20 and free user conference in San Francisco on August 30.
Spot Problems Before Customers Do
Virtual Instruments launched this week version 4.3 of its vendor-agnostic VirtualWisdom infrastructure performance management platform. IPM software monitors physical, virtual and cloud assets and uses analytics to predict and then diagnose the source of problems. Essentially, it gives an IT team or service provider partner time to fix issues before the helpdesk lines light up. Key additions in the new version include expanded hypervisor support to include Microsoft HyperV and IBM PowerVM, a VM Coordinator to examine historical resource stats, and cloud-based analytics to allow for greater agility and scalability versus a fully on-premises deployment. Performance probes for NAS and FCoE storage protocols are due by year’s end.
Running IPM on a diverse, hybrid infrastructure is complex, yet plenty of companies would benefit from the intelligence that can be gained, which is where partners come in.
"Helping customers ensure that their applications and infrastructure perform better together through the actionable insights delivered by authoritative analytics is at the core of everything we do," says John Gentry, vice president of marketing and alliances for Virtual Instruments. “Our channel partners serve dynamic enterprises that require consistently high performance from their IT infrastructures — to enable agile business and innovation. Through VirtualWisdom, our partners enable their customers with authoritative decision-support, and the ability to drive the highest performance while controlling costs and mitigating risks." Gentry added that the company offers training programs to all partners.
Deception Tech: Don’t Try This At Home
MSSP Dunbar Cybersecurity, which serves verticals including finance, retail, health care and education, this week announced a deal to include the TrapX DeceptionGrid in its managed security services offerings. DeceptionGrid “automates the deployment of a network of camouflaged malware traps that are intermingled with real information technology resources." Essentially, they’re automated honeypots — files with tempting names, like “employee SSNs," that are meant to attract attackers and, hopefully, capture useful information on their attack methods. TrapX, which just raised $9 million in its Series B round and is recruiting partners, says commercial deception technology is a growing market; Gartner predicts 10 percent of enterprises will use deception tools and tactics and actively participate in deception operations against attackers by 2018.
If DeceptionGrid detects malware, it sends an alert to an organization’s or MSSP’s security operations team, which can then take action to block the attack. So far, so good. However, before helping a customer take any retaliatory action, or even logging details on a would-be attacker, ensure they check with legal counsel. There are possible privacy issues. And, DIY honeypots should be approached with extreme caution. At this year’s Black Hat, reps from Cymmetria, an Israeli cyber security start-up, gave a talk on “Breaking Honeypots for Fun and Profit." One upshot is that sophisticated attackers could detect and bypass a honeypot, or even hijack it and use it to their advantage.
Beacons: A Gateway To IoT
Target this week announced that it will test beacons at 50 stores. To take advantage, customers will need the Target iOS app (no Android yet) and a smartphone that can detect the beacon’s Bluetooth signals. They’ll also need to opt in to get content. For now, the program is pretty basic — push notifications of sale items and products trending on social media. Eventually the retailer says it may offer dynamic re-sorting a shopping list as a customer moves through the store or the ability to request help from an employee. The lack of these obviously useful features, and of an Android app, suggest that Target sees this technology as compelling enough to put a pilot on not-quite-fully baked fast track.
Partners catering to retail and hospitality customers should definitely be investigating, but beacons are not just for stores and restaurants. A new ABI Research report, BLE Tags: The Location of Things, says that total BLE (Bluetooth low energy) beacon shipments will comfortably exceed 400 million units on more than $1 billion revenue by 2020, and that retail is only a small part of that.
“Three very interesting verticals are asset tracking, vending machines and dedicated BLE beacon advertising networks, where OEMs like Gimbal, Sensoro, Kontakt.io, and Bluvision are having initial success," said ABI principal analyst Patrick Connolly in a statement. “BLE Beacons can completely revolutionize these markets, and ABI Research expects early adopters will gain a huge advantage."
While Apple’s iBeacons are the best known, Google’s Eddystone open format may be a more flexible choice as it works with both Android and iOS Bluetooth APIs and has an architecture that supports development of new frame types. Don’t say I didn’t predict it.
Bits & Bytes
Train Up: Cloud, network and communications service provider Comlink announced this week its Comlink Alliance, a new collaboration and training program for the company’s channel partners. Marketing collateral and support offerings include sales team training programs on cloud, network, voice and data services; access to co-branded print and digital sales and marketing collateral and an opportunity to collaborate on live events and video content. What’s available depends on status — levels are Kilobit, Megabit, Gigabit, and Terabit, based on monthly revenue production.
“The goal of the program is to differentiate Comlink in the channel partner community by supporting partners with a broad range of marketing, content and event components," says Jason Meyers, the company’s director of marketing.
SDN’s Time Is Coming: A new report by IHS shows that network operators see software-defined networking as the future. The 28 carriers surveyed by the consultancy represent 49 percent of the world’s telecom capex and 46 percent of telecom revenue. Of that group, 82 percent have either already deployed SDN, are now deploying or plan to evaluate in 2015; by 2017, 100 percent of those interviewed plan to deploy or evaluate.
“The successful field trials and a few commercial deployments of SDN in the last year keep moving toward more commercial deployments in 2015," said Michael Howard, senior research director for carrier networks, in a statement. Channel partners looking to become CSPs, or to partner with cloud providers, should consider SDN strategies. Why? The No. 1 reason for adoption is to simplify and automate service provisioning, which these big carriers (correctly) believe will lead to service agility and quicker time to revenue.
Cisco Sheds Light On Shadow IT: Nick Earle, Cisco’s SVP of Global Cloud and Managed Services Sales wrote this week about the company’s effort to gauge the pervasiveness of shadow IT by mining trend data from Cisco Cloud Consumption Service engagements with large enterprise customers across the United States, Europe, Canada and Australia between January 2013 and July 2015. Earle says companies today use up to 15 times more cloud services to store critical company data than CIOs were aware of or had authorized; last year, it was seven times. That percentage is steady across industry and geography. IT departments estimate their companies use an average of 51 cloud services. The reality? About 730. Cisco says not understanding cloud use creates huge, but often invisible, costs.
Follow editor in chief @LornaGarey on Twitter.