blog

5 Channel Ops: CenturyLink Opens Grant Program, Microsoft Addresses Privacy Uproar

Lorna GareyOn Oct. 1, CenturyLink opened the application process for its annual Teachers and Technology grant program. Full-time pre-kindergarten through grade 12 classroom teachers in public or private schools within CenturyLink’s local service areas can apply for a grant of up to $5,000 until Jan. 12, 2016. The funds are meant to help teachers use technology in an innovative way to increase student achievement. Since 2008, more than $5 million has been paid out, and $1.4 million is set aside for the 2015/2016 program. Grant winners will be announced between April 1 and May 15, 2016.

Riverbed Project Tiger Looks to Slash Branch Office Hardware

Earlier this week I spoke with Riverbed CTO Hansang Bae about the company’s plan to help partners eliminate routers, servers and storage from even the smallest branch sites using software-defined WAN technology (if you need a primer, check out our SD-WAN report). At VMworld, the company surveyed 260 attendees; 29 percent are exploring or have adopted SD-WAN for branch office locations. The drivers are deploying new applications and services quickly while reducing costs and cutting down on human error — all longtime challenges for remote offices.

In April, Riverbed followed Dell out of the Wall Street rat race by being acquired by private equity firm Thoma Bravo in a $3.5 billion deal. Bae says going private has given the company the flexibility to “think like a startup with a $1 billion cushion,” referring to the company’s annual revenue. He also says Riverbed is scrapping its RiOS code base and starting fresh — something that should benefit IT but surely would have drawn fire from Wall Street. “We’re blowing up our 13-year investment in RiOS because it was a monolithic piece of code,” Bae said, with the attendant complexity and potential vulnerabilities. He says the replacement, SteelOS, is built from the ground up for cloud, with support for containers and NFV.

Riverbed sells exclusively through its channel and has more than 26,000 customers, including 98 percent of the Forbes Global 100. Two years ago, the company moved from a traditional revenue structure to a competency model that includes certifications in WAN optimization, storage delivery, application delivery and performance management. Partners must be certified on products that are part of a specific competency to receive maximum program benefits. Riverbed also reduced its previous four partner levels to three.

Bae says the aim of the structure is to reduce the number of transactional sales to solve one-off WAN optimization problems in favor of working with customers on a holistic improvement plan, powered by SD-WAN technology. “Certification allows partners to be higher-touch with customers and earn more on both incentives and services,” he said.

Bae insists that SD-WAN is a win/win for the channel and customers. “For example, VoIP is the poster child for SD-WAN,” he said. “Protect voice at all costs.” But QoS is just one benefit. It also afford partners more autonomy. “SD-WAN takes some control away from carriers and brings it right back to the channel,” he said. “SD-WAN is blowing up because it’s taking away built-in monopolies. Competition is always good.”

Riverbed’s looking to replace branch-site IT gear with Steelhead appliances that cache anything from desktop images to video or new iOS or Android upgrades; after the initial bandwidth hit, dozens or hundreds of users get a free ride. IT or MSPs can manage multiple sites from the SteelCentral Controller. Currently the company offers a SteelHead appliance, which provides midsize locations SD-WAN application and network services and WAN optimization, and a top-end SteelFusion box that adds storage and server virtualization to that list. On the road map is Project Tiger, aimed at supporting even the smallest remote locations using a box with lightweight Linux containers, native routing services with zero-touch management and service-chaining for Riverbed-native and third-party services; Palo Alto is already on board. All will support SSL.

Bae admits that Riverbed isn’t the first name that comes to mind for volume sales to customers with hundreds or thousands of locations. “The very small branch has been a challenge for us,” he said. “You can’t ship a $40,000 box to support a call agent at home.”

While the company is not yet disclosing pricing or exact timing for Project Tiger appliances, Bae says they will be “very, very low cost. We understand the economies of scale associated with the branch space.”

Microsoft on Windows 10 Trust, Azure Advances

This week Terry Myerson, Microsoft’s executive vice president, Windows and devices group, addressed head on the privacy concerns raised around Windows 10. Besides the much discussed Wi-Fi Sense, Windows 10 automatically assigns an advertising identifier to users based on the email address associated with the OS. It then uses that ID to deliver tailored ads. Data mining is nothing new, of course — Amazon, Apple and Google have been riding that train for years. What is worrisome is that the Win10 EULA states that Microsoft “will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary.”

You can see why that would be a big problem for businesses, and so does Myerson.

There are settings that partners can adjust to minimize data transfers, as Slate’s David Auerbach explains in depth here, but toggling some levers won’t satisfy all customers, especially those in regulated industries. In response, Myerson lays out two privacy principles: First, Windows 10 collects some information to help the product work better; that bucket includes anonymous device ID, device type and application crash data that can be used to, for example, identify glitchy drivers. Second, he states that the user may determine what information is collected, and that all data collected “is encrypted in transit to our servers, and then stored in secure facilities.”

Myerson also takes a crack at Google by stating that “unlike some other platforms, no matter what privacy options you choose, neither Windows 10 nor any other Microsoft software scans the content of your email or other communications, or your files, in order to deliver targeted advertising to you.”

My take on Windows 10 selling points is here. For now, partners should discuss the data privacy tradeoffs and help customers make informed decisions — and not just for corporate-owned systems. In the age of BYOD, employees’ personal devices are a potential security nightmare. Microsoft has deployed millions of free copies of Windows 10. If you send a newsletter to customers, a primer on privacy settings would be timely.

On a more upbeat note, at its AzureCon symposium this week Microsoft announced new Azure innovations including:

  • The Azure Container Service, an open-source container scheduling and orchestration service resulting from Microsoft’s partnerships with Docker and Mesosphere.
  • The Azure IoT Suite that provides remote monitoring, asset management and predictive maintenance for IoT devices.
  • Advances in the Cortana Analytics Suite and an expanded strategy for Azure Data Lake, which would be a great name for a resort catering to BI geeks.
  • A new integrated Azure Security Center, due by year’s end, for end-to-end visibility into and control of Azure cloud resources. The service will integrate with security software from Barracuda, Checkpoint, Cisco, F5 Networks, Fortinet, Trend Micro and others.
  • New Azure VMs tailored for compute- and graphics-intensive workloads.

Microsoft also announced this week general availability and more granular pricing plans for ExpressRoute for Office 365 and Skype for Business, as well as the ability to connect to Microsoft Azure’s Government Cloud via ExpressRoute. ExpressRoute enables private connections between Azure data centers and on-premises or colo private systems. Current ExpressRoute connectivity partners include Aryaka, AT&T, Equinix, Level 3, NTT and Verizon.

Microsoft ExpressRoute

Verizon, AT&T Say Beat Spectrum Crunch With Wi-Fi

Verizon, AT&T and T-Mobile announced this week that they are banding together with Alcatel-Lucent, Qualcomm and the CTIA to form the EVOLVE coalition. The goal is to lobby for technology that would permit mobile devices to access unlicensed Wi-Fi frequencies without logging in. The push, if successful, would mean the devices could alternate between LTE and unlicensed spectrum like LTE-Unlicensed (LTU), due next year, and, eventually, Licensed Assisted Access (LAA). Cable companies counter that LTE-U will degrade existing Wi-Fi services, where they make most of their money, because it lacks listen-before-talk and has been developed outside of standards bodies.

It seems like the only thing the sides mostly agree on is that they want the FCC to stay out of the debate.

In an extensive report on LTE and 5G innovation commissioned by 4G Americas, wireless expert Peter Rysavy points out that while offloading onto Wi-Fi can reduce traffic on cellular networks, that assumes that the Wi-Fi network has spare capacity — clearly not always the case. Intelligent load balancing is needed, and most current schemes for tighter integration between Wi-Fi and cellular requires authenticating users on the Wi-Fi network, inserting a level of control.

Right now it’s a case of they said/they said, with your side largely based on revenue derived from cellular data versus Wi-Fi service. Each camp can cite technical experts and controlled trials. As Fierce Wireless’ Monica Alleven writes, it will take real-world testing to sort out how LTE-U will behave in the wild. Still, for partners charged with making sure customer WLANs operate as expected, LTE-U development is worth watching closely; the forum offers documentation here.

PLUS: T-Mobile says it has plenty of cash to buy enough low-band spectrum to cover the entire United States at the FCC’s upcoming spectrum auction, reports Ars Technica. Sprint is sitting this one out.

Retail Roundup, Chip-and-Pin Edition

October 1 was the deadline – set almost two years ago – for merchants to be equipped with readers that accept new, more secure chip-and-pin cards (also known as EMV cards). Using older PoS readers could make a customer liable for losses associated with credit card fraud, as they will be considered the weakest link in the transaction chain. If your retail clients have not yet installed the new readers, which can cost hundreds of dollars, they’re not alone. BridgePay Network Solutions estimates that only 5 to 10 percent of U.S. retailers are ready to accept EMV cards — and in any case, just 40 percent of cardholders even have them, according to a new CreditCards.com report. That gives retailers some breathing room. Still, there’s significant risk in ignoring the mandate.

“After October 2015, the entity that is the least secure in technology will be the one liable for the fraud, if it turns out that that transaction was a counterfeit card,” said Randy Vanderhoof, executive director of the Smart Card Alliance, in a statement. This mandate isn’t going away, and failing to spend that few hundred on an EMV-compliant PoS terminal could lead to thousands in losses. American Express offers FAQs and resources to help small-usiness customers upgrade their point of sale terminals.

Another option? Advise customers to get rid of terminals altogether and issue employees a smartphone or tablet with an EMV-compliant Square reader. That was the advice of one security expert at our recent cloud security summit.

PLUS: This week coupon app company RetailMeNot released its 2015 Holiday Insights Guide for Retailers. The report identifies the top online-shopping days for both desktop and mobile apps, lists most-searched categories by week through year’s end and offers tactics to help customers maximize holiday sales.

Palo Alto Announces New Offering, MSP Partner

Palo Alto Networks this week announced general availability through its partners of AutoFocus, a new threat intelligence cloud service that’s been in testing since April 2015 as a community access offering. The service issues alerts to help identify and quickly address targeted advanced attacks, offers context to help customers understand how threats fit into APT campaigns or target specific industries and provides advice on mitigating and preventing attacks.

The service builds on intel from Palo Alto’s threat intelligence cloud, including data from the more than 7,000 subscribers to its WildFire cloud-based malware analysis service; expertise from the Unit 42 threat research team; and all other users of the AutoFocus service.

The offering is in line with the recent trend toward shared intelligence, though Palo Alto points out that the service by default allows only authorized users to view data associated with only their organizations; there’s an optional “opt-in” mechanism to share data with other users. Even then, analysis is around samples observed in the network, and original file content is not disclosed. All data is encrypted in transit and is stored in Palo Alto’s secure cloud.

Note that while AutoFocus won’t require configuration changes to a customer’s Palo Alto firewall, and there won’t be a performance impact on the device, customers do need to own at least one firewall appliance to sign on. AutoFocus, which is sold as a per-seat annual subscription, is available now through authorized channel partners.

This week Palo Alto also announced that global MSSP Trustwave, which mainly serves enterprises and government agencies, is now a member of the NextWave partner program.

Bits & Bytes

And the Lawyers Weep: The New York Times reports that Google and Microsoft will dismiss all pending patent lawsuits against one another, a decision that reportedly affects about 20 cases in Germany and the U.S. regarding mobile phones, wireless networking, video decoding and other devices. Motorola patents are included.

Channel Happenings: The 2112 Group CEO Larry Walsh is hosting a webinar on Oct. 21 at 2 p.m. ET/11 a.m. PT. Walsh will be joined by Fernando Quintero, vice president, channel sales for Intel Security, and Luis Palacio, vice president, vendor relations for Optiv, to discuss partnership costs relative to different types of markets, products, and partners. The aim is to provide attendees with a 60-minute boot camp on setting sales objectives, enabling partners to achieve ROI and sustaining profitability.

In addition, on Oct. 14 from 6-8:30 p.m. ET, I will be attending a program hosted by the New England chapter of the Association of Strategic Alliance Professionals on “Creating and Delivering Value through Partner Programs.” The event will be held at Schneider Electric in Andover, Mass. Mark Coflin of Baxalta will lead a panel discussion exploring best practices in use by several local companies as they design partner programs. Panelists include Scott Barlow, vice president of Reflexion Sales, Sophos; Kara Shipulski, vice president, senior managing director at Liberty Mutual Insurance; and Scott San Antonio, CA-AM, North American director, alliances, Schneider Electric. The event is free for ASAP members, $35 for nonmembers. I hope to see you there.

Follow editor in chief @LornaGarey on Twitter.


Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 91052