by Peter Newton, senior director of products and solutions, Fortinet
Time-to-market pressures are driving digital transformation (DX) at organizations. This is not only putting pressure on the organization to adapt to a more agile business model, but it is also creating significant challenges for IT teams. In addition to having to build out new public and private cloud networks, update WAN connectivity to branch offices, adopt aggressive application development strategies to meet evolving consumer demands, and support a growing number of IoT and privately-owned end-user devices, those same overburdened IT workers need to secure that entire extended network, from core to cloud.
Of course, that’s easier said than done.
Too many organizations have fallen down the rabbit hole of building one security environment after the other to secure the DX project du jour. The result is an often slap-dashed collection of isolated security tools that actually diminish visibility and restrict control across the entire distributed network. What’s needed is a comprehensively integrated security architecture and security-driven networking strategy that ensures that not a single device, virtual or physical, is deployed without there being a security strategy in place to protect it. And what’s more, those security devices need to be seamlessly integrated together into a holistic security fabric that can be centrally managed and orchestrated.
The Limits of Traditional Segmentation Strategies
Of course, this is fine for new projects that will expand the potential attack surface. But how do you retroactively go back and secure your existing networked environments and the potentially thousands of IoT and other devices already deployed there? CISOs who understand the dynamics of modern network evolution are insisting that their teams move beyond perimeter security. Their aim is to respond more assertively to attack surfaces that are expanding on all fronts across the enterprise. Typically, this involves segmenting the network and infrastructure and providing defense in-depth leveraging multiple forms of security. Unfortunately, traditional segmentation methods have proven to be insufficient in meeting DX security and compliance demands, and too complicated to be sustainable. Traditional network segmentation suffers from three key challenges:
A limited ability to adapt to business and compliance requirements – especially in environments where the infrastructure is constantly adapting to shifting business demands.
Unnecessary risk due to static or implicit trust – especially when data can move and devices can be repurposed on demand
Poor security visibility and enforcement – especially when the attack surface is in a state of constant flux
The Power of Intent-based Segmentation
To address these concerns, organizations are instead transitioning to Intent-based Segmentation to establish and maintain a security-driven networking strategy because it addresses the shortcomings of traditional segmentation in the following ways:
Intent-based Segmentation uses business needs, rather than the network architecture alone, to establish the logic by which users, devices, and applications are segmented, grouped, and isolated.
It provides finely tunable access controls and uses those to achieve continuous, adaptive trust.
It uses high-performance, advanced Layer 7 (application-level) security across the network
It performs comprehensive content inspection and shares that information centrally to attain full visibility and thwart attacks
By using business intent to the drive the segmentation of the network, and establishing access controls using continuous trust assessments, intent-based segmentation provides comprehensive visibility of everything flowing across the network, enabling real-time access control tuning and threat mitigation.
Intent-based Segmentation and the Challenges of IoT
One of the most challenging elements of DX from a security perspective has been the rapid adoption and deployment of IoT devices. As most are aware, IoT devices are not only highly vulnerable to cyberattacks, but most are also headless, meaning they cannot be updated or patched. To protect the network from the potential of an IoT device becoming part of a botnet or delivering malicious code to other devices or places in the network, intent-based segmentation must be a fundamental element of any security strategy.
To begin, the three most important aspects of any IoT security strategy are device identification, proper network segmentation, and network traffic analytics. First, the network needs to be able to identify any devices being connected to the network. By combining intent-based segmentation with Network Access Control (NAC), devices can be identified, their proper roles and functions can be determined, and they can then be dynamically assigned to a segment of the network based on who they belong to, their function, where they are located, and other contextual criteria. The network can then monitor those IoT devices based on that criteria. That way, if a digital camera, for example, stops transmitting data and instead starts requesting it, the network knows it has been compromised and can pull it out of production.
The trick is in understanding the business intent of each device and building that into the formula for keeping it secured. IT teams that rely heavily on IoT security best practices, such as those developed by the National Institute of Standards and Technology (NIST), may wind up developing highly restrictive network segmentation rules that lead to operational disruptions. If an IoT device is deployed in an unexpected way, for example, standard segmentation may block some essential service it provides, while intent-based segmentation can secure it in a different way, such as tying it to a specific application or workflow rather than the sort of simple binary rules IT teams traditionally rely on. Such is the case with wireless infusion pumps, heart monitors and other critical-care devices in hospitals. When medical staff suddenly cannot access these devices over the network because of certain rigidities in the VLAN-based segmentation design, patients’ lives may be at risk. With Intent-based Segmentation, these devices would be tagged according to their medical use, regardless of their location on the network. Access permissions would then be tailored to those devices.
Adding Trust to the Mix
Of course, the opposite is true as well. Allowing implicit or static trust based on some pre-configured segmentation standard could expose critical resources to compromise should a section of the network become compromised. To determine the appropriate level of access for every user, device, or application, an Intent-based Segmentation solution must also assess their level of trustworthiness. Various trust databases exist that provide this information.
Trust, however, is not an attribute that is set once and forgotten. Trusted employees and contractors can go rogue and inflict extensive damage before they are discovered, as several large corporate breaches have proven. IoT devices are especially prone to compromise and can be manipulated for attacks, data exfiltration, and takeovers. And common attacks against business-critical applications – especially those used by suppliers, customers, and other players in the supply chain – can inflict damage far and wide if their trust status is only sporadically updated. Trust needs to be continually updated through an integrated security strategy. Behavioral analysis baselines and monitors the behaviors of users. Web application firewalls inspects applications during development and validates transactions once they are in production. And the trustworthiness of devices is maintained not only by strict access control and continuous monitoring of their data and traffic, but also by preventing them from performing functions outside of their intended purpose.
Ironically, one of the most effective strategies for establishing and maintaining trust is by creating a zero-trust network where all access is needs to be authenticated, all traffic and transcations are monitored, and all access is restricted by dynamic intent-based segmentation.
Securing Digital Transformation with a Single Security Fabric
Finally, the entire distributed network need to be wrapped in a single cocoon of integrated security solutions that span and see across the entire network. And that entire security fabric should enable granular control of any element of the network – whether physical or virtual, local or remote, static or mobile, or in the core or in the cloud – in a consistent fashion through a single management console. By combining verifiable trustworthiness, intent-based segmentation, and integrated security tools into a single solution, organizations can establish a trustworthy, security-driven networking strategy that can dynamically adapt to meet all of the security demands of the rapidly evolving digital marketplace. About the author
Peter Newton is senior director of products and solutions – IoT and OT at Fortinet. He has more than 20 years of experience in the enterprise networking and security industry and serves as Fortinet’s products and solutions lead for IoT and operational technology solutions, including ICS and SCADA.
ICANN and Verisign amend .COM registry agreement
The Internet Corporation for Assigned Names and Numbers (ICANN) and VeriSign, which operates two of the 13 global internet root servers and provides registration services and authoritative resolution for the .com and .net top-level domains, reached a proposed agreement to amend the .COM Registry Agreement (RA). In addition, ICANN and Verisign announced a new proposed framework for working together on initiatives related to the security, stability and resiliency of the Domain Name System (DNS) in the form of a binding Letter of Intent (LOI) between the two organizations.
ICANN facilitates the coordination of the 12 operators of the 13 authoritative root servers. These root servers are the foundation of the DNS.
Verisign noted that its operation of the .COM TLD is governed by two separate agreements: the .COM RA, and the Cooperative Agreement between Verisign and the U.S. Department of Commerce.
SEABRAS 1 enters Chapter 11
Seabras 1 Bermuda Ltd and its subsidiary Seabras 1 USA LLC, which are the owners of the Seabras-1 cable between New York and Sao Paulo, filed voluntary petitions for Chapter 11 restructuring.
Seabras 1 Bermuda Ltd said it is pursuing a restructuring plan with secured lenders to address its debt situation and emerge as a vibrant, healthy business. An online statement cites an "unexpectedly steep decline in wholesale capacity pricing on the US-Brazil route combined with the recent overbuild on that route remain serious challenges."
Seabras-1 is operated by Seaborne Networks, which is an indirect shareholder of the companies and is not part of the bankruptcy filing. Seaborn Networks said its operations are not expected to be impacted by the filings and that it will continue to provide all SG&A and Operations & Engineering services as usual.
Huawei generated 2019 revenue of approximately 850 billion Chinese yuan (US$122 billion), up 18% over 2018, according to a New Year's message from Eric Xu, Rotating Chairman of the company.
For 2020, survival is the top priority of the company, writes Xu, as Huawei remains of the U.S. government's "Entity List" and downward pressure on the global economy has intensified. He expects the US government to "continue to suppress the development of leading technology – a challenging environment for Huawei to survive and thrive."
Some key points of Xu's New Year message:
More than 700 cities and 228 Fortune Global 500 companies have chosen Huawei as their digital transformation partner.
Huawei shipped 240 million smartphones during 2019.
The company will engage in an all-out effort to develop an ecosystem for Huawei Mobile Services (HMS) outside of China.
TELE Greenland said in a statement that it has ruled out Huawei as a supplier for a future 5G rollout. Currently, the carrier has some Huawei gear in its network, although Ericsson is the principal supplier of its 4G network. TELE Greenland is able to provide mobile broadband to 92% of the population.
The population of Greenland is approximately 56,000.
Following repairs to a subsea cable linking Greenland and Canada, connectivity has been restored to customers north of the town of Sisimiut.
The population of South Greenland will have to wait for another 15-20 days before the southern branch of the damaged subsea cable is repaired.
Greenland is an autonomous territory of Denmark with a population of about 56,000, most of whom live along fjords in the southwest.
TELE-POST is the service provider for Greenland.
The subsea cable to Canada was breached in late December 2018. The weather has been a factor in scheduling the repair ship. Since then, an old microwave radio network has been providing service via a second subsea cable to Iceland.
WSJ: Huawei benefited from US$75B in state support
Huawei Technologies' spectacular rise to the top of global telecommunications was fueled in part by state support valued at tens of billions of U.S. dollars, according to an analysis published by The Wall Street Journal. The article examines records pertaining to public grants, loans, tax incentives and other forms of financial assistance awarded to Huawei by government officials in China. The Wall Street Journal estimates this support totals around US$75 billion over the past two decades. Of this total, approximately $46 billion was for credit lines and loans.
In a rebuttal posted on social media, Huawei asserts that its "relationship with the Chinese government is no different than any other private company that operates in China." Huawei insists that its working capital comes from its own business operations and external financing. The company says that R&D subsidies from the government amount to less than 0.3% of its revenues. Huawei is considering legal action against the Wall Street Journal.
Turkcell has developed and launched its own cloud-based email and calendaring platform.
YaaniMail is now available to consumers and business regardless of ISP, operator, country, web browser, or devices (iOS or Android). Data generated on the platform is securely stored at Turkcell’s data centers. The new email service provides customers an alternative to the provider’s global counterparts.
Turkcell said it is targeting 2 million registered users by the end of 2020.
“YaaniMail is part of a larger effort to ensure Turkey’s data is hosted in Turkey. We will offer YaaniMail through our broad digital services and solutions portfolio to other telecom operators in the world – helping them to become digital operators,” says Atac Tansug, Vice President of Digital Services and Solutions at Turkcell. “Providing the best customer experience to our users while keeping their data safe is our top priority. We will continue to enhance YaaniMail’s built-in smart features and user-friendly interface to offer the best available customer experience to our users.”
Monisha Ghosh appointed CTO of FCC
Dr. Monisha Ghosh has been appointed Chief of the FCC, replacing Dr. Eric Burger, who has been serving at the White House Office of Science and Technology Policy since October.
Dr. Ghosh has been serving as a rotating Program Director at the National Science Foundation since September 2017, in the Computer and Network System Division within the Directorate of Computer and Information Science and Engineering, where she manages the core wireless research portfolio as well as special programs such as Machine Learning for Wireless Networking Systems ((MLWiNS). She is also a Research Professor at the University of Chicago, where she conducts research on wireless technologies for the Internet of Things, 5G cellular, next generation Wi-Fi systems, and spectrum coexistence. Prior to joining the University of Chicago in September 2015, she worked at Interdigital, Philips Research and Bell Laboratories, on various wireless systems, such as the HDTV broadcast standard, cable standardization and cognitive radio for the TV White Spaces. She has been an active contributor to many industry standards.
Dr. Ghosh received her Ph.D. in Electrical Engineering from the University of Southern California in 1991, and her B. Tech from the Indian Institute of Technology, Kharagpur (India) in 1986. She is a Fellow of the IEEE.
This PoC demonstrates the next innovation in SD-WAN, which accelerates the adoption of multi-vendor SD-WAN and value-added services through automated operations and a new digital user experience. Powered by a unified marketplace, self-service portal and NFV-based uCPE platform, MEF 70 compliant SD-WAN services from different vendors can be selected independently of the CPE hardware and seamlessly deployed with little-to-no intervention from the service provider or end-user. Through this new “digital user experience”, SD-WAN services are orchestrated, activated, assured and managed using zero touch provisioning and end-to-end service automation in alignment with MEF’s LSO framework.
This PoC won the 2019 Award for MEF 3.0 SD-WAN Implementation.
Inphi samples first 400ZR QSFP-DD transceiver
Inphi has begun sampling its COLORZ II 400ZR QSFP-DD pluggable coherent transceiver for cloud data center interconnects (DCIs) to major cloud operators and OEMs.
Inphi cites several industry firsts for its COLORZ II 400ZR QSFP-DD:
400G single-chip, coherent Silicon Photonics Integrated Circuit (PIC) that includes all transmit and receive functions
Innovative, low cost, passive alignment of fiber to the PIC that eliminates the complicated active alignment, using traditional optics
Low power, high performance, 7nm CMOS-based coherent DSP enabling 400ZR as well as extended reach 100/200/300/400G ZR+ modes
Integrated industry standard firmware management interface that enables full performance monitoring previously only available in DCI or transport systems directly from the optical module
The 400ZR standard promises to lower the cost and power consumption of metro data center interconnect (DCI) by enabling switch and router companies to offer the same density for both coherent DWDM and client optics in the same chassis. This eliminates a layer of network connectivity that was previously required and supports high capacity DWDM connectivity directly from data center switches.
Inphi said its COLORZ II represents a massive increase in switch rack capacity, while reducing the power consumption by as much as 80%. COLORZ II delivers up to 14.4T of capacity per rack unit (RU), compared to 2.4T or 3.6T per RU on competing solutions, representing a 4-6 x increase in throughput per chassis.
“Inphi continues to innovate as we provide an expanding suite of choices for cloud network operators and OEMs to gain the flexibility of high bandwidth DWDM connectivity in between data centers with the ability to rapidly scale their capacity,” said, Dr. Loi Nguyen, Sr VP, Optical Interconnect, Inphi. “By meeting the needs of cloud network companies that require extended link reaches, the 400ZR opens up new possibilities for DCIs to reduce total cost of ownership of cloud networks. As a fabless company we have proven our capability to quickly increase manufacturing and market share for our COLORZ 100G DWDM modules and are ready to meet our customers demand for COLORZ II.”
O-RAN plugfest shows progress on integrated multi-vendor solutions
The O-RAN Allianceconducted its first worldwide plugfest and proof of concept to demonstrate the functionality as well as the multi-vendor interoperability of network equipment that complies with the recently published O1, A1, and Open Fronthaul interface specifications. Thirty-five companies and operator-members jointly demonstrated 10 scenarios to verify and validate recently published O-RAN specifications in Asia, Europe and North America.
“O-RAN’s first global plugfest showcases the power of the community to document and develop truly open interface specifications with the potential to accelerate new 5G advanced services that will be multi-operator, multi-vendor, and create opportunities for the entire ecosystem,” said Andre Fuetsch, Chairman of the O-RAN Alliance and Chief Technology Officer of AT&T. “These live demonstrations represent yet another step toward the realization of O-RAN compliant 5G RAN solutions that should soon become part of the product offerings of both mainstream and niche vendors.”
Hosted by China Mobile, the plugfest Asian Session was held in the China Mobile International Information Port, an Open Test and Integration Center, with physical attendance well over 200 attendees from over 70 companies, plus on-line attendance of over 70 participants. Representatives from global operators including British Telecom, China Telecom, China Unicom, NTT DOCOMO, Orange, Reliance Jio, Telecom Italia Mobile and an operator from North America have actively participated in this event.
The plugfest tested and integrated multi-vendor solutions that comply with the O-RAN Open Fronthaul interface and exercised decoupling different hardware technologies from the RAN software:
Cloud-based small cell running on virtualization technology was demonstrated by CertusNet, Lenovo, ChengDu NTS and Inventec. It features a VM-based O-CU and containerized O-DU cohosted on the same x86 processor plus accelerator platform.
Multi-vendor interoperability with 5G commercial products was demonstrated by NTT DOCOMO with Fujitsu and NEC.
A low power configuration of cloud base station running on Yocto OS and container technology was demonstrated by Altran, ArrayComm, WindRiver, Baicells and CIG. It features the open architecture baseband signal processing based on ARM processor plus accelerator computing platform.
Soft base station with O-RAN compliant open fronthaul interface, but without virtualization, was demonstrated by Radisys, Foxconn (Taiwan), QCT and Intel. It leverages open source software including the O-RAN Open Source Community’s OFH Lib, and BBDev based Accelerator Abstraction Layer SDK API.
The interworking of the O-RAN open fronthaul interface was demonstrated on technology provided by FHK (Shenzen) and Viavi, which performs comprehensive tests based on the test specification by O-RAN with O-RU and UE emulator in a multiple-UE test environment.
The plugfest held in the NTT DOCOMO R&D Center presented multi-vendor interoperability between CU/O-DU and O-RU using the O-RAN Open Fronthaul interface and multi-vendor interoperability between eNB and gNB using the O-RAN X2 interface. The functionality has been successfully demonstrated by NTT DOCOMO, Fujitsu, NEC, and Nokia. NTT DOCOMO has already started 5G pre-commercial service with the presented products. An Open Test and Integration Center is planned to be established in Japan.
The plugfest and proof-of-concept conducted within an Open Test and Integration Center candidate in North America, 5G COSMOS, which consists of vendor and university labs in the NYC metro area, was hosted by AT&T and focused primarily on the validation of the O1 and A1 interfaces:
Physical Network Function (PNF) Plug and Play, a 3GPP-aligned O1 use case that provides a means for service providers to collaborate with equipment vendors to have PNFs discovered by Service Management Orchestration (SMO) via a PNF registration handler, was demonstrated by Nokia, CommScope and Ericsson. Remote SMO functions were also demonstrated with connections to labs in France and Germany.
Bulk Performance Management Data Collection was demonstrated by Ericsson and Nokia.
O1 interface functionality for Configuration, Performance, and Fault Management of multi-vendor equipment via a vendor-agnostic SMO was demonstrated by Altiostar, CommScope, and Samsung.
A1 interface functionality to optimize PCI/RSI for a large-scale RAN simulator using a closed loop automation framework was demonstrated by IBM, Tech Mahindra, Wipro and highstreet technologies.
Convergence of the Open Fronthaul Management Plane specification with O1 interface was demonstrated by Samsung.
“The O-RAN Alliance has been continuously expanding its influence in the industry since its inception. It is really amazing to see such a symbolic milestone achieved just 10 months since its release of the first specification in MWC Barcelona this year,” said Zhengmao Li, EVP of China Mobile. “The successful holding of the plugfest event globally with deep contribution from over 30 partners represents a consolidated step towards a full disaggregated O-RAN compliant 5G network.”
Dr. Hiroshi Nakamura, EVP and CTO, NTT DOCOMO commented, "We believe wide adoption of O-RAN compliant products will enable more agile, flexible and cost-effective network construction, and welcome the testing and integration efforts of O-RAN standards that are being carried out across the globe. NTT DOCOMO will continue to lead O-RAN Alliance activities and expand its 5G network, and will accelerate the co-creation of 5G services and markets with vertical industry partners."
Researchers from the National Institute of Standards and Technology (NIST), University of Maryland, and University of Colorado are developing a new optical parametric oscillator (OPO) light source that can produce output light at different wavelength than the input light. In addition to creating light at visible wavelengths, the OPO simultaneously generates near-infrared wavelengths that can be used for telecom applications.
The research is published in Optica, The Optical Society's (OSA) journal.
“Our power-efficient and flexible approach generates coherent laser light across a range of wavelengths wider than what is accessible from direct chip-integrated lasers,” said research team leader Kartik Srinivasan. “The on-chip creation of visible light can be used as part of highly functional compact devices such as chip-based atomic clocks or devices for portable biochemical analyses. Developing the OPO in a silicon photonics platform creates the potential for scalable manufacturing of these devices in commercial fabrication foundries, which could make this approach very cost-effective.”
“Nonlinear optical technologies are already used as integral components of lasers in the world’s best atomic clocks and many laboratory spectroscopy systems,” said Xiyuan Lu, first author of the paper and a NIST-University of Maryland postdoctoral scholar. “Being able to access different types of nonlinear optical functionality, including OPOs, within integrated photonics is important for transitioning technologies currently based in laboratories into platforms that are portable and can be deployed in the field.”
The Optical Society said the silicon-based device may enable variety of photonic applications across a range of wavelengths.
Some highlights: The OPO based on a microring made from silicon nitride. It is fed by approximately 1 milliwatt of infrared laser power — about the same amount of power found in a laser pointer. As the light travels around the microring it increases in optical intensity until powerful enough to create a non-linear optical response in silicon nitride. This enables frequency conversion, a nonlinear process that can be used to produce an output wavelength, or frequency, that is different from that of the light going into the system. The device was used to convert 900-nanometer input light to 700-nanometer-wavelength (visible) and 1300-nanometer-wavelength (telecommunications) bands. The OPO accomplished this using less than 2 percent of the pump laser power required by previously reported microresonator OPOs developed for generating widely separated output colors.
number of compact chip lasers combined with flexible and versatile nonlinear nanophotonics.”
Paper: X. Lu, G. Moille, A. Singh, Q. Li, D. A. Westly, A. Rao, S.-P. Yu, T. C. Briles, S. B. Papp, K. Srinivasan, “Milliwatt-threshold visible-telecom optical parametric oscillation using silicon nanophotonics,” Optica, 6, 12, 1535-1541 (2019). DOI: https://doi.org/10.1364/OPTICA.6.001535
Ericsson's Connected Vehicle Cloud to run on Microsoft Azure
Ericsson and Microsoft formed an alliance focused on connected vehicles. The goal is to help automakers to deploy and scale global vehicle services such as fleet management, over-the-air software updates and connected safety services much easier and faster while reducing costs.
Ericsson is building its Connected Vehicle Cloud on top of the Microsoft Connected Vehicle Platform that is running on the Microsoft Azure cloud platform.
Ericsson notes that its Connected Vehicle Cloud already connects more than 4 million vehicles across 180 countries worldwide - approximately 10 percent of the connected vehicle market. The platform is tailored to fit vehicle manufacturers’ growing demand for scalability and flexibility with the capability of supporting any connected vehicle service.
Ericsson’s Connected Vehicle Cloud offloads vehicle manufacturers' complexity of global 24/7 operations and lifecycle management related to connected vehicles with a guaranteed service-level agreement.
“The Ericsson and Microsoft partnership will deliver a comprehensive connected vehicle platform at scale to the market. Our integrated solutions will help automotive manufacturers accelerate their global connected vehicle solutions and offer a better experience for drivers and passengers,” says Åsa Tamsons, Senior Vice President and Head of Business Area Technologies & New Businesses.
“This is an exciting new offering with great benefits for the automotive industry, leveraging Ericsson and Microsoft’s technology leadership in connectivity and cloud.”
Interxion acquires 70% share of Kenyan data center operator
Interxion agreed to acquire a controlling interest in Icolo, a Kenyan data centre operator. Interxion also entered into a strategic partnership with the Pembani Remgro Infrastructure Fund (PRIF), which will invest in Icolo and will collaborate and co-invest with Interxion on expansion initiatives across the African continent. The transaction is expected to close in 1Q 2020. Financial terms were not disclosed.
Icolo, which has two data centres in Kenya currently in operation, reports strong demand from cloud and content platforms and across the enterprise segment. Acquisitions of 25,000 sqm of land for further expansion of Icolo’s data centre footprint are in progress in both Mombasa and Nairobi, with the associated total capacity for Icolo in Kenya expected to grow to approximately 20MW. In Mombasa, Icolo is uniquely positioned to benefit from the growing number of submarine cable consortia that have expressed their intention to land in Kenya.
“We are pleased to announce this partnership with Pembani Remgro, one of the leading TMT infrastructure investment firms in Africa,” said David Ruberg, Interxion’s Chief Executive Officer. “Their deep understanding of the African communications and technology sectors is highly complementary to Interxion’s proven expertise in serving the mission-critical needs of the customers in our carrier and cloud-neutral data centres. Our ambitions in this region are substantial, reflecting the opportunity for the cloud and content platforms to bring several hundreds of millions of people online in Africa over the next decade. We look forward to working with Icolo’s founder and CEO, Ranjith Cherickel, and his team to build on the solid foundations they have created.”
Upon the closing of the transaction and taking into consideration the PRIF investment, Interxion will own approximately 70% of Icolo’s common shares with the remaining shares held by PRIF and Icolo management.
Digital Realty and Interxion agreed to a merger that would create a global provider of data center, colocation and interconnection solutions. Under the deal, Interxion shareholders will receive a fixed exchange ratio of 0.7067 Digital Realty shares per Interxion share. The transaction values Interxion at approximately $93.48 per ordinary share or approximately $8.4 billion of total enterprise value, including assumed net debt.
Interxion's European business currently consists of 53 carrier- and cloud-neutral facilities in 11 European countries and 13 metro areas including Frankfurt, Amsterdam, Paris and Interxion's Internet Gateway in Marseille. Its network reaches 700 connectivity providers, 21 European Internet exchanges, and most leading cloud and digital media platforms. Interxion has a robust pipeline of data center development projects currently under construction, with over $400 million invested to date and a total expected investment of approximately $1 billion. These projects represent roughly a 40% expansion of Interxion's standalone critical load capacity, are significantly pre-leased and are expected to be delivered over the next 24 months, representing a solid pipeline of potential future growth for the combined company.
The companies said their combination will build upon Digital Realty's successful track record of hyperscale development and will represent an extension of the connected campus strategy that empowers enterprise customers to leverage the right products – from colocation to hyperscale footprints – to create value by efficiently deploying
In Europe, Digital Realty has an established presence in Amsterdam, Frankfurt, London and Dublin. On a global basis, Digital Realty has 220 data centers in 35 top metropolitan areas,
The companies also noted that the merger will provide access to additional capital for investment.
F5 to acquire Shape Security for $1 billion
F5 agreed to acquire Shape, a privately-held company supplying fraud and abuse prevention solutions, for approximately $1 billion in cash, subject to certain adjustments.
Shape provides protection from automated attacks, botnets, and targeted fraud. In particular, Shape defends against credential stuffing attacks, where cybercriminals use stolen passwords from third-party data breaches to take over other online accounts. Shape’s application protection platform evaluates the data flow from the user into the application and leverages highly sophisticated cloud-based analytics to discern good traffic from bad. With F5’s location in the data flow of traffic in over 80% of Fortune 500 application infrastructures, F5 provides the ideal insertion point for Shape’s security services. Together F5 and Shape will dramatically reduce the time and resources needed for organizations to deploy world-class online fraud and abuse protection.
F5 said the acquisition brings together its own expertise in protecting applications across multi-cloud environments with Shape’s fraud and abuse prevention capabilities to transform application security.
“We know from the companies we work with that applications are critical to running their business. To drive maximum business value and the best experiences for their customers, these apps need to perform flawlessly while protecting data security and user privacy. When a website or application experience is degraded by web fraud and abuse, the result is lost revenue, lost brand equity, and customers jumping ship to the competition,” said F5 President and CEO, François Locoh-Donou.
“With Shape, we will deliver end-to-end application protection, which means revenue generating, brand-anchoring applications are protected from the point at which they are created through to the point where consumers interact with them—from code to customer,” continued Locoh-Donou.
“Since Shape’s inception, we observed a consistent pattern in customer after customer: the use of F5 technology to deliver and enable their applications,” said Derek Smith, co-founder and CEO of Shape. “Now, we look forward to the opportunity to deeply integrate into F5’s platform for application delivery and security—F5 provides the optimum traffic flow insertion point for Shape’s industry-leading online fraud and abuse prevention solutions.”
SETAR, the leading communications provider in Aruba, picked Nokia to provide a full end-to-end 5G network across the island.
In a phased approach, the deal will see Nokia upgrading RAN access and modernizing elements of the core and data management systems.
Nokia notes that this is its first end-to-end 5G deal in Latin America.
Nokia already works with SETAR to run a 4.5G Pro-based island-wide network using Single RAN Advanced AirScale technology – a flexible network that ensures easy re-farming of spectrum as needed.
The SETAR network evolution project consists of:
Enhancing and evolving SETAR’s network architecture with Centralized RAN and AirScale Cloud Controllers to support more capacity while managing network resources more efficiently
Site simplification by deploying Nokia AirScale dual and triple band AirScale RRHs reducing more than 60% site space requirements
Activation of advanced features like Carrier aggregation, 256QAM and MIMO4x4 to enable 3 to 4 times higher downlink speeds
An upgrade to 5G in the first selected sites using Nokia massive MIMO technology with 64 antennas to enable new mobile broadband uses cases like Fixed Wireless Access, Augmented and Virtual Reality, etc/
Nokia now has 55 commercial 5G commercial contracts globally.