COMMENT:DEALING WITH TARGETED ATTACKS – TIME TO LOOK INSIDE THE NETWORKP14

AN ITPTECHNOLOGYPUBL ICATION

MARCH 2013 VOLUME 19

ISSUE 3

COMBATING THE DATA

FLOOD: COMPANIES MUST

START TREATING THEIR DATA AS

AN ASSETP40

ARE YOU PCI COMPLIANT?ALL COMPANIES PROCESSING CREDIT CARDS MUST COMPLYP24

Dubai World Central and Smartworld have installed the region’s fi rst multi telecom vendor network

THINK SMART

We would like to give every business and every resident

the ability to choose the telecom provider

he wants. ”NAJMUL HUSSAIN

P20

Connect to More

Business Solutions

Connect to More

D-Link’s Switching, Wireless, Security, IP Surveillance and Storage Solutions deliver best-in-class performance and extreme value to small and mid-sized businesses, schools, hospitals, government agencies, retail chains and a variety of other organizations around the globe.

www.dlinkmea.com

facebook.com/dlinkmea info.me@dlinkmea.com

+971 4 880 9022

Contents

3 Editor’s letter: PCI compliance

5 Network news: All of the hardest

hitting news from the network industry

8 Fast Lane explains its FL-FLEXPODI

course and how it benefits network

professionals in the regional industry

10 Vendor Profile: Brocade discusses its

successes, challenges and future plans.

12 The Four Steps to IT Consolidation

Nirvana: Philippe Elie, director, business

operations EMEA, Riverbed, says IT

consolidation still meets with scepticism

14: Dealing with targeted attacks:

Strategies for mitigating APTs are lacking,

says Trend Micro

16: Cloud computing is not just about

IT: The real business opportunity for cloud

services lies beyond IT, says Gartner.

18: Where to put your cooling units:

Cannon Technologies explains where to

put your cooling units

51 Network security news: All of the

latest security news this month

56 Last word: Daniel Schmierer, area VP

sales, Middle East & Africa, Polycom

32: Network access controls and identity managementExperts looks at what kinds of

authentication and access controls

enterprises can and should implement

40: Combating the data floodCompanies must start treating their data

as an asset rather than a burden

24: Are you PCI compliant?Any company of any size storing,

transmitting or processing credit card

details must be PCI compliant to ensure

the safety and security of customers’ data,

20: Case Study: DWC implements multi-vendor networkDubai World Central, Smartworld install 10 Gigabit core network

Mar

ch 2

013

Vol.1

9 N

o.03

3

Edito

r’s c

omm

ent

Do you receive Network Middle East every month?To subscribe, please visit www.itp.com/subscriptions

Payment Card Industry

Data Security Standard

(PCI DSS) is a set of

requirements designed to

ensure that every company that

processes, stores or transmits

debit, credit, or pre-paid card

information maintains a secure

environment. Any company

that takes payment using cards

branded with American Express,

Discover, JCB, MasterCard, and

Visa International should be PCI

DSS compliant.

It is also a must-have for any

size of company, whether it

is an SMB, or a company with

thousands of employees.

PCI applies to all organisations

or merchants, regardless of size

or number of transactions, that

accept, transmit or store any

cardholder data. If any customer

of that organisation ever pays

the merchant directly using a

credit card or debit card, then

the PCI DSS requirements apply.

This standard is designed to give

peace of mind to customers and

business partners alike, that the

company has done its utmost

to ensure that its customers

will not have their credit card

details stolen, so why do very few

companies in the UAE comply

with PCI DSS?

Well, at the moment there is no

legislation to force companies to

ensure the security of credit card

data that passes through their

web portals.

In the US, for example,

the payment brands (Visa,

Mastercard, American Express,

Discover, JCB) may, at their

discretion, fi ne an acquiring bank

$5,000 to $100,000 per month for

PCI compliance violations.

Not only this, but no security

standards are currently enforced

in the region, meaning that all

these e-commerce sites that

are popping up in the UAE

and GCC, and all those Middle

East-based enterprises that you

entrust to keep your credit card

information safely are not doing

their utmost to protect your data.

A sobering thought. How many

of us shop online? How many of

us pay our bills online?

Utilising a web portal is the

most convenient way to pay your

bills, and we all know how much

easier it is to grab something we

see in an online store as a gift for

a birthday, Eid present etc, rather

than spending hours trawling

through shops looking for the

perfect gift. But is the ease of

using online portals about to

bite us?

There have been very few

reported major credit card detail

thefts through hacking in the

UAE, but, looking at the lack

of security laws in general and

around PCI DSS implementation

specifi cally, it seems like it may

just be a matter of time before

some cyber-criminal runs off

with thousands of customers’

credit card details.

For those of us who do shop

online frequently, the good

news is that third party payment

channels such as Paypal are PCI

compliant, but merely using a

third-party company does not

exclude a company from PCI

compliance. Although it may cut

down on their risk exposure and

consequently reduce the eff ort

to validate compliance.

However, it does not mean

they can ignore PCI.

So, next time you log on and

spot a nice pair of shoes, or want

to pay your bills, it might be a

good idea to check whether the

service provider has any form of

security in place, and maybe it

is time we, the customers, start

demanding that these Middle

East-based sites implement PCI

DSS for our own protection.

GEORGINA ENZER

Editor

georgina.enzer@itp.com

of security laws in general and

around PCI DSS implementation

specifi cally, it seems like it may

just be a matter of time before

some cyber-criminal runs off

with thousands of customers’

credit card details.

For those of us who do shop

online frequently, the good

news is that third party payment

channels such as Paypal are PCI

compliant, but merely using a

third-party company does not

exclude a company from PCI

compliance. Although it may cut

down on their risk exposure and

consequently reduce the eff ort

to validate compliance.

However, it does not mean

they can ignore PCI.

So, next time you log on and

spot a nice pair of shoes, or want

to pay your bills, it might be a

good idea to check whether the

service provider has any form of

security in place, and maybe it

is time we, the customers, start

demanding that these Middle

East-based sites implement PCI

DSS for our own protection.

GEORGINA ENZER

Editor

georgina.enzer@itp.com

PCI compliance: time to demand security?

Published by and © 2013 ITP Technology Publishing, a division of the ITP Publishing Group Ltd. Registered in the B.V.I. underCompany Number 1402846.

PO Box 500024, Dubai, UAETel: +971 4 444 3000 Fax: +971 4 444 3030

Offices in Dubai and London

Walid Akawi Neil Davies Karam Awad

Matthew SouthwellPeter ConmyDavid Ingham

Georgina EnzerTel: +971 4 444 3316 email: georgina.enzer@itp.com

Mark Sutton

George HojeigeTel: +971 4 444 3193 email: george.hojeige@itp.com

Nayeem DakhwayTel: +971 4 444 3482 email: nayeem.dakhway@itp.com

Dan Prescott

Jovana ObradovicEfraim Evidor,

Isidora Bojovic,

Lester Ali, George Dipin, Murrindie Frew, Shruti Jagdesh, Mosh Lafuente, Ruel Pableo, Rajesh Raghav

Kyle Smith Basel Al Kassem

Patrick Littlejohn Nada Al Alami

Gaurav Gulati

Daniel Fewtrell Michelle Meyrick

Shadia Basravi

Ahmad BashourTel: +971 4 444 3549 email: ahmad.bashour@itp.com

Vedrana JovanovicTel: +971 4 444 3569 email: vedrana.jovanovic@itp.com

Mohammed Affan Meghna Jalnawalla

Andrew Neil Robert Serafin

Toby JayMike Bayman, Neil Davies, Rob

Corder, Robert Serafin, Toby Jay, Walid Akawi

Printed by Royal Printing Press LLC

Controlled Distribution by Blue Truck

Subscribe online at www.itp.com/subscriptions

The publishers regret that they cannot accept liability for error or omissions contained in this publication, however caused. The opinions and views contained in this publication are not necessarily those of the publishers. Readers are advised to seek specialist advice before acting on information contained in this publication which is provided for general use and may not be appropriate for the reader's particular circumstances. The ownership of trademarks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system or transmitted in any form without the permission of the publishers in writing. An exemption is hereby granted for extracts used for the purpose of fair review.

Network Middle East is audited by BPA Worldwide.Average Qualified Circulation

5,174 (6 month audit Jul to Dec 2012)

5

Mar

ch 2

013

Vol.1

9 N

o.03

Brie

fing

ProductsResearch In Motion has launched

its BlackBerry Enterprise Service

10 multiplatform EMM (Enterprise

Mobility Management) solution

to mixed reviews.

The BlackBerry Enterprise

Service 10 is designed to bring

together device management,

security, and mobile applications

management for BlackBerry

smartphones, BlackBerry Play-

Book tablets, and new BlackBerry

10 smartphones in a consolidated

solution. It is also designed to

provide a single console for man-

aging BlackBerry, Android and

iOS devices. BlackBerry Enterprise

Service 10 prepares organisations

for the future of mobile diversity,

as well as integrates with existing

BlackBerry Enterprise Server ver-

sion 5.0 deployments.

Adam Leach, principal analyst

at Ovum said that the user experi-

ence of Blackberry 10 introduces

some nice new features but im-

portantly builds on Blackberry’s

UI heritage and therefore will

certainly appeal to existing Black-

berry users.

“The challenge for the compa-

ny will be to attract new users and

those that have already moved to

alternative smartphones,” he said.

One regional end-user is in

no hurry to upgrade to the new

BlackBerry 10.

“A year ago Masdar replaced

all BB handsets, therefore we will

take some time to assess this new

offering and gradually introduce

it in the organisation after initial

testing,” said Alok Srivastava, act-

ing head of ICT & senior manager,

IT applications.

Nicolai Solling from Help AG

says he is looking forward to

getting his hands on the new

BlackBerry 10.

“I want to see what they are

coming out with. It looks interest-

ing. It is a win or lose game for

them right now, if they don’t

make it with these devices it is go-

ing to be very challenging. If you

look at the core functionality you

need in a business phone, from

our perspective BlackBerry is still

the best option,” he said.

RIM launches BlackBerry 10

ManageEngine extends MDM to AndroidImplementationReal-time IT management

company ManageEngine, has

launched the latest version of its

desktop and mobile device man-

agement (MDM) software, better

known as Desktop Central,.

The solution can now man-

age Android devices. The new

version of Desktop Central is de-

signed to extend mobile device

management support to Android

smartphones and tablets running

Google’s mobile OS as well as

devices running Apple iOS.

“The mobile usage trends will

eventually drive sharp increases

Ovum’s Adam Leach: New OS may keep

existing users, but will it attract new ones?

Siemon begins Middle East, Russia recruitment driveBusinessGlobal infrastructure specialist Siemon is now recruiting for its commercial team in the Middle East and Russia. The company is expanding its activities and investment in both regions. 

The expansion also sees promotions for two of Siemon’s global marketing team: Daniel Vout has been promoted to the new role of regional manager for the company’s ‘North East’ area and Lyndsey Parham steps up into the role of marketing communications manager. 

Vout’s new role for the North East of EMEA sees him take control of Siemon’s business in Russia, Central Asia, the Baltics and Nordic countries. 

WD expands portfolio, includes SMB productsServicesWD, a Western Digital company, has expanded its product portfolio to address small and medium-sized businesses with the addition of network backup software and appliances from Arkeia Software, a data protection company based in California, which was acquired by WD. WD has also announced that the Arkeia Network Backup version 10.0 software, for which a limited release was delivered in December 2012 is now available. Arkeia’s software, appliances and virtual appliances back up data to disk, tape and cloud storage. The company’s Progressive Deduplication technology is designed to speed up hybrid-cloud backup by reducing the bandwidth necessary to replicate backup sets over wide area networks.

when an employee leaves the

company. Mobile application

management, which is designed

to enable IT professionals to

distribute and manage in-house

and Google Play store apps, and

configuring profile/policy, which

is designed to allow IT techni-

cians to create polices that can

restrict users from accessing the

internet (EDGE or packet data).

This is designed to ensure that

data security by preventing users

from exporting corporate data.

Similarly, certain device features

such as camera and Bluetooth

can be disabled.

in demand for enterprise MDM

solutions that embrace BYOD

while ensuring enterprise data

security,” said Mathivanan Ven-

katachalam, director of product

management at ManageEngine.

“The growing Android market

and increasing demand for

Android support among our

customer base encouraged us to

add Android support to Desktop

Central as quickly as possible.”

The solution includes data

wipe, where IT staff can remotely

wipe the data from a stolen or

misplaced device or remove the

corporate data from the device

6

Mar

ch 2

013

Vol.1

9 N

o.03

Brie

fing

ProductsTest equipment rental company

Livingston is now stocking the

latest Optical Time Domain

Reflectometer (OTDR) from Fluke

Networks. The OptiFiber Pro has

added to Livingstone’s range of

rental products supporting next

generation optical networks.

The OptiFiber Pro is the indus-

try’s first OTDR specifically de-

signed to meet the challenges set

by modern fibre optic enterprise

infrastructure, rather than those

of carrier infrastructure.

The OptiFiber Pro is designed

for troubleshooting campus,

data centre and fibre-based

storage networks, as well as

enabling rapid fibre certification

to be carried out. Its integrated

LinkWare software is designed

to assure rapid generation of

highly detailed, standard compli-

ant reports. The EventMap view

depicts fibre events in a way that

means no trace analysis expertise

is required by the operative.  

The OTDR’s DataCentre mode is

designed to automate the process

of defining test parameters, such

as wavelength or end-detection

algorithms, shortening set-up

time and operative training. Its

gesture-based user interface,

built on a large format multi-

touch capacitive touchscreen, is

designed to enhance productivity,

with single-touch tap and swipe

control for scrolling menus and

selecting options, plus pinch

zooms for magnification of items

on the display. Weighing 1.28 kg

and with an eight hour battery

life, this device is highly portable.  

“With enterprises in need of

ever increasing data storage

resources and the on-going

migration to 40/100Gbit Ether-

net data centre architectures,

maintaining the performance of

optical network is crucial,” states

Reinier Treur, marketing director

at Livingston.

Livingston stocks OptiFiber Pro

Middle East faces big data challengeBusinessThe Middle East is facing a chal-

lenge from big data, which is

posing a big storage challenge

for businesses across the region,

as the race to unlock value from

massive and exponentially grow-

ing datasets heats up.

Market research firm IDC

predicts that the global big data

market will grow 40% per year,

seven times as fast as the rest of

the IT industry.

According to IDC, most of that

cost will come from infrastruc-

ture-investment-calibre storage

projects that are set to drive

spending in the storage market

to above 61% through 2015.

With big data sets growing

NME Award nominations are now openBusinessThe Network Middle East Innovation Awards are now open for nominations. This year there will be 16 categories, including Best Cabling Vendor, Best Data Centre Project of the Year and Best VAD Distributor of the Year. The awards will be judged by a panel of five independent analysts and industry professionals and will be presented to the very best implementations, vendor offerings and key individuals and organisations in the Middle East market. The Network Middle East Awards, which are now in their ninth year, set out to honour the projects, people, suppliers and service providers that have excelled in the regional networking sector over the past twelve months. The deadline for submissions is March 28th 2013.

R&M increases FTTH focusProductsSwiss structured cabling specialist Reichle & De-Massari (R&M) Middle East, Turkey and Africa is increasing its focus on the growing fibre to the home (FTTH) market. Jean-Pierre Labry, EVP of R&M Middle East, Turkey and Africa has confirmed that the company has been working closely with telecom providers in Saudi Arabia, the UAE and Oman for large scale FTTH projects. Labry also said that the company is launching new products to further expand its FTTx portfolio. These include the introduction of the Venus FXXL solution with integrated Single Circuit Management (SCM) and field connectors which offer flexibility when planning building connections.

by an average of 60% per year,

based on IDC figures, business

research specialists Aberdeen

Group suggest that many

companies will have to double

the volume of their data storage

every 2.5 years.

IDC’s 2012 Digital Universe

Study, sponsored by EMC, esti-

mates that the digital universe

will reach 40 zettabytes (ZB) by

2020.  The amount exceeds previ-

ous forecasts by 5 ZBs, resulting

in a 50-fold growth from the

beginning of 2010.  Machine-

generated data is a key driver

in the growth of the world’s

data – which is projected to

increase 15x by 2020. The study

states that while the investment

in spending on IT hardware,

software, services, telecommu-

nications and staff will grow by

40% per annum between 2012

and 2020, storage management,

security, big data, and cloud

computing will grow faster.

“Whether it is mining social

media sentiment, drawing on

machine sensor readings to oper-

ate in a more sustainable fashion,

forensic search engine trend

analysis to prompt business

decisions – or all of the above –

the ability harness and tap into

power of Big Data is becoming

a must,” said Andrew Calthorpe,

chief executive officer, at Dubai-

based data storage solutions

provider Condo Protego.

The OptiFiber Pro is

designed for trouble

shooting data centre,

campus and fibre-based

storage networks.

7

Mar

ch 2

013

Vol.1

9 N

o.03

Brie

fing

InfrastructureStructured cabling specialist

Reichle & De-Massari Middle East,

Turkey and Africa, is planning

to establish a local presence in

Turkey after it experienced double

digit growth in the Middle East

region during 2012.

“We are deeply committed to

the region and the establishment

of a local presence in Turkey is

testament to this. This year we

plan to bring a number of innova-

tive products to the market which

will be specifically adapted to

healthcare, education, transporta-

tion, utilities, telecom and city

development,” said Jean-Pierre

Labry, EVP, R&M Middle East,

Turkey and Africa.

During 2012, the company

nearly doubled its staff strength,

inaugurated a new regional office

in Saudi Arabia and opened the

region’s first-of-its-kind patch cord

assembly facility at its headquar-

ters in Dubai.

“Over the past four years, in

spite of the global recession and

poor performance of regional

markets, R&M has invested heav-

ily in both staff and technology

in order to develop first level

supports for speed, consultancy

and flexibility in the region. We

customised our portfolio to the

needs of the region and offered

a broad spectrum of products ca-

tering to a wide range of vertical

markets such as residential, office

cabling, industrial, petrochemical,

energy, healthcare, and defense.

The result of these efforts has

been exponential growth even

through the tough financial times

and the Middle East, Turkey and

Africa region is now one of the

fastest growing markets for R&M,”

said Labry.

Labry also highlighted the em-

phasis that will be given to further

development of the company’s

distribution channel, particularly

in markets such as Turkey, Saudi

Arabia, Qatar, Oman and Iraq.

The cabling specialist will re-

main focused on its copper offer-

ings as well, since Cat6A remains a

highly utilised cabling solution for

the structured cabling industry.

R&M to establish presence in Turkey

Internet users want to stop data leakageBusinessAccording to Ovum’s latest

Consumer Insights Survey, 68% of

the internet population across 11

countries would select a ‘do-not-

track’ (DNT) feature if it was easily

available, suggesting that a data

black hole could soon open up

under the internet economy.

This desire to utilise a ‘do-not-

track’ feature has been born as

digital consumers around the

world begin to tire of their per-

sonal data being collected across

the internet. Global industry

analysts paint a threatening sce-

nario for the internet economy,

as consumers seek out new tools

that allow them to remain “invis-

ible” – untraceable and impossible

to target by data means. This

hardening of consumer attitudes,

coupled with tightening regula-

tion, could diminish personal data

supply lines and have a consider-

able impact on targeted advertis-

ing, CRM, big data analytics, and

other digital industries. 

Recent data privacy scandals

such as WhatsApp’s use of ad-

dress books, and the continuing

issues over privacy and data use

Jean-Pierre Labry, executive vice

president, R&M Middle East, Turkey

and Africa, says R&M is deeply

committed to the region.

policies on Facebook and Google

websites have fueled consum-

ers’ concerns over the protection

of their personal data. Ovum’s

survey found that only 14% of

respondents believe that internet

companies are honest about their

use of consumers’ personal data,

suggesting it will be a challenge

for online companies to change

consumers’ perceptions. Ovum

believes that internet companies

should introduce new privacy

tools and messaging campaigns

designed to convince consumers

that they can be trusted.

Cloud9 IDE integrates Red Hat OpenShift Online PaaSInfrastructureOpen source solutions provider Red Hat, has announced that Cloud9 IDE has built its online development environment with Red Hat’s OpenShift Online hosted Platform-as-a-Service (PaaS) solution. By integrating OpenShift Online into its original online development environment, Cloud9 IDE is able to deliver more flexibility, security and ease of use to developers.Cloud9 IDE is an online development environment for Javascript and Node.js applications as well as HTML, CSS, PHP, Java, Ruby and 23 other languages.

CommScope shows feasibility of Cat 8 for enterpriseResearchNetwork infrastructure spe-

cialists CommScope, have

demonstrated the techni-

cal feasibility of Category

8 cabling for enterprise

networks. This is a step

along the path towards a

viable 40GBASE-T system

for data centre applications.

CommScope verified a

proof-of-concept solution

for a viable 40 Gigabit per

second Ethernet channel by

utilising prototype Category

8 RJ-45 connectors and cop-

per twisted pair cables. All

components were designed

by engineers in CommScope

labs. The CommScope proof-

of-concept shows that data

centre operators will be able

to extend their preferred

mean of communication

technology for 40G.

According to one-click back-up, recovery and continuity specialists for small to mid-

sized businesses Quorum, the best defence against downtime is ins-talling a disaster recovery solution that ensures the business is opera-tional in minutes, rather than days. This is born out by the results of its Quorum Disaster Recovery Report, Q1 2013, whose findings are taken from Quorum’s hundreds-strong global customer base.

While natural disasters tend to take centre stage when considering

the causes of downtime, hardware and software failures and human error are statistically more com-mon. In fact, hardware failures alone comprise more than one-half of disasters for small to mid-sized businesses, according to the Quorum Disaster Recovery Report. And given it takes an average of 30 hours for recovery (according to IT managers), small to mid-sized businesses are at risk of losing customers, their reputation and hundreds of thousands of dollars in revenue.

hardware failure55%“only 28% of small to mid-sized

businesses have tested their backup”

Symantec SMB Disaster Preparedness Survey 2011

Most back-up solutions today

are based on technology that

is at least 4 deca-des old...

Solutions that enables instant recovery of data, applications and systems along with regular tes-ting, prove critical to avoid costly downtime

quorum disaster recovery report exposes

8 March 2013 Vol.19 No.03

infographic

55“ 28% Mostback upck

infographic

top4Types of Disasters

humanerror22%

18%

5%

“90% of business who experience one

week of downtime go out of business

within six months, and 50% of those

businesses fi le bankruptcy

immediately“

Alpha Technology Group

3.5 Average no of

disaster recovery events per year

3.4daysAverage

downtime per event

$74,000 Average

cost per hour of downtime

DOWNTIME IS COSTLY

natural disaster

softwarefailure

March 2013 Vol.19 No.03 9

Vendor Profile: Brocade

WHO IS BROCADE? Brocade is the pure-play

networking company that

innovates to make high-

performance networks easier

to deploy, manage, and scale

in the world’s most demanding

environments. Through

industry-leading technology and

unmatched expertise, Brocade

delivers resilient networks that

increase agility and efficiency

while helping organisations stay

ahead of change.

From pioneering fabrics to

software-defined networks,

Brocade delivers innovative

solutions for data center, campus,

and service provider networks

that reduce cost and complexity

while facilitating virtualisation and

cloud computing. Headquartered

in San Jose, California, Brocade has

approximately 5000 employees

worldwide and serves a wide

range of industries and customers

in more than 160 countries.

Today, it leads the Storage Area

Network (SAN) market with the

industry’s most powerful and

reliable offerings. In addition,

Brocade provides Ethernet fabric

technology and high-performance

Ethernet networking solutions

as part of a complete switching,

routing, wireless, and application

delivery portfolio.

To meet the increasing

requirements of distributed and

mobile computing, Brocade

is extending its proven data

centre expertise throughout the

entire network. This approach

helps organisations achieve

their most critical consolidation,

mobility, virtualisation, and cloud

computing initiatives.

Brocade combines a proven

history of innovation with

standards leadership and strategic

partnerships with world-class

IT companies. Maintaining the

industry’s most extensive partner

ecosystem facilitates open,

best-in-class solutions for the

broadest range of IT environments.

To help ensure a complete

solution, Brocade delivers a full

range of education, support, and

professional services offerings.

Brocade is the industry leader

in data centre storage networking

solutions with a focus on SAN

switching and server connectivity.

Brocade is a recognised leader in

end-to-end networking solutions

with a focus on LAN switching,

wireless, security, application

delivery, and metro and internet

core routing.

WHAT IS YOUR PRESENCE IN THE MIDDLE EAST? Brocade’s Middle East regional

headquarters is based in Dubai

Internet City in Dubai, UAE. The

company has an office in Saudi

Arabia and Egypt as well as staff

operating out of Kuwait and

Qatar. The company has a unique

two- tier channel approach very

different from competition and

has two key distributors for the

region – Westcon Middle East and

Mindware. Brocade makes it a

point to have a high involvement,

‘direct touch’, sales approach

with end-users and work on

opportunities alongside our

partners, as this helps build the

confidence of clients.

CAN YOU DESCRIBE SOME OF YOUR REGIONAL SUCCESSES? The Middle East contributes

Networking company Brocade explains its history, what it does, and what its plans are in the Middle East region going forward

Sufian Dweik, regional manager, Brocade, says that the company

has an office in Saudi Arabia and Egypt as well as staff operating

out of Kuwait and Qatar.

Mar

ch 2

013

Vol.1

9 N

o.03

Expe

rt’s C

olum

n 10

significantly to Brocade’s EMEA

revenue, which goes to show

how important this market is

strategically for the company. In

the past we have managed to

secure some large and prestigious

projects involving big-name

clients such as Al Nahdi Medical

Company (NMC), Saudi Economic

and Development Holding

Company (SEDCO), UAE University

(UAEU) and a host of other large

enterprise, government and

service provider companies across

the region. Brocade dominates the

Storage Area Networking (SAN)

market in the Middle East, with a

market share of over 70%.

WHAT ARE YOUR REGIONAL GOALS? Our objective for the Middle

East market is to sustain the SAN

dominance along with increasing

our IP Networking market

share. As we have increased our

headcount in the region this past

year we anticipate our growth in

the region to reflect during 2013

and 2014 and as such we will

continue to invest in the region

as well as growing our channel

base. We also plan to continue

leveraging our ‘Executive Briefing

Centres’ located in our Dubai office

as well as our London facilities for

more advanced showcasing of our

complete product portfolio.

“Brocade is the pure-play networking com-pany that innovates to make high-perfor-mance networks easier to deploy, manage, and scale in the world’s most demanding environments.” SUFIAN DWEIK, REGIONAL MANAGER, MEMA AT BROCADE

WHAT IS THE FL-FLEXPODI COURSE?Flexpodi is a course dealing with

the design, implementation

and administration of a Flexpod

solution. Flexpod is a data

centre platform combining

storage, networking and server

components from Cisco & NetApp

and integrating them into a

single fl exible architecture. This

infrastructure building block

integrates the power of Cisco &

NetApp together with VMware

to provide an effi cient data

centre solution. The Fast Lane

designed course explores in-depth

mechanisms of Cisco Unifi ed

Computing Systems hand-in-hand

with NetApp FAS storage systems

and how they integrate into the

FlexPod architecture serving

VMware virtualisation solutions.

Signifi cant content is devoted

to building block technologies

and protocols as well as to the

complete FlexPod solution and

its design. Ample focus is set

to hands-on confi guration and

management of UCS B-Series

servers, NetApp FAS3200

systems and VMware vSphere

environments for deployment as

well as day-to-day operations of a

FlexPod solution.

The course consists of

diff erent modules including,

Cloud Computing and Data

Centre Solutions overview,

Cisco UCS B-Series Hardware &

Architecture, Designing Cisco

UCS Server Deployment Model,

Examining Cisco UCS Solution

Management, Confi guring UCS

Connectivity, The NetApp Storage

Environment, Basic administration

of a NetApp FAS system, NetApp

Physical & Logical Storage,

NetApp in NFS NAS Environment,

NetApp virtualisation solutions,

vSphere Overview, vSphere

FC Connectivity, vSphere iSCSI

Connectivity, vSphere LUN Access,

NetApp FAS/V 3200 for FlexPod,

FlexPod for VMware and FlexPod

Architecture.

WHAT BENEFITS DOES FL-FLEXPODI GIVE THE STUDENT IN THE EMPLOYMENT MARKET?The course takes the student

into the heart of the data centre

platform with latest technologies

that have been consolidated

into a single architecture that

is driving the market. Students

obtain an understanding of cloud

computing and modern data

centre solutions and challenges.

During the course students

also work with the Cisco UCS

solution and learn how to

evaluate and describe the Cisco

UCS solution architecture and

identify diff erent management

options and administration

tasks for Cisco UCS. Students

will also learn how to explain

the connectivity requirements

for the Cisco UCS platform and

explore the dimensions of the

NetApp storage environment.

Successful attendees will also

be able to explore virtualisation

solutions with NetApp, describe

NetApp integration with

vSphere environment, describe

vSphere FC/FCoE connectivity

with NetApp, describe vSphere

iSCSI connectivity with NetApp,

describe vSphere LUN access with

NetApp, understand in depth

NetApp FAS/V 3200 for FlexPod,

build FlexPod solution for VMWare

and explore FlexPod solution

architecture for cloud.

IS IT AN ESSENTIAL QUALIFICATION FOR STORAGE EXPERTS?It is a qualifi cation for storage

experts to excel in the deployment

of advanced data centre solutions.

Storage area networks require

in-depth experience to manage,

deploy, and interconnect multiple

types of data storage devices and

data servers that enterprise users

rely on today. This is a multi-vendor

course taking the student into the

heart of the data centre platform

with the latest technologies that

have been consolidated into a

single architecture driving the

data centre market.

WHO SHOULD ATTEND?This course is intended for the

following audiences:

System administrators

Data Center Systems engineers

Data Center Field Engineers

Data Center technicians or

administrators

12

Mar

ch 2

013

Vol.1

9 N

o.03

Trai

ning

focu

s

FL-FLEXPODI A look at the ‘FLEXPOD Infrastructure for VMWare – Design/Implementation & Administration’ certifi cation

System Operators responsible for

vSphere and vCenter Server

Professionals who need to deploy,

confi gure, and manage the

FlexPod solution

PREREQUISITESThe following prerequisite

skills and knowledge are

recommended:

Understanding of server system

design and architecture

Basic VMWare environment

background

Familiarity with Ethernet and TCP/

IP networking

Familiarity with SANs

HOW MUCH DOES IT COST?

The course price is $3950 for

fi ve days of training including

courseware, professional trainers

and state of the art equipped

training labs.

TRAINING COURSE DATES:28 April – 02 May 2013, Dubai, UAE

30 June – 04 July 2013, Dubai, UAE

08 – 12 September: 2013, Dubai,

United Arab Emirates

HOW DOES THE FLEXPODI COURSE ENHANCE/IMPROVE A STUDENT’S CAREER?The FlexpodI class covers all the modern

technologies involved within modern data

centre; for example, FC, FCoE, UCS, Netapp

FAS, Vmware and Nexus platforms are all

covered in the course. Since Flexpod is the

state of the art solution for modern data

centres, by attending the FlexpodI class

this puts the student in the top of the game

regarding DC technologies and career path.

WHAT ARE THE MOST CHALLENGING PARTS OF THE COURSE FOR STUDENTS?

The most challenging part in the course is

the diversity of information and technologies

covered. Usually in our classes we have either

network engineers or storage engineers or

server admins, the main challenge in the

FlexpodI class that it integrates the three

major areas of the DC together, networking,

storage and server technologies so it is a

bit challenging for the trainer to keep the

audience in sync and the same for the students

to keep up with the diversity of information in

the class.

WHAT IS THE DEMAND FOR THIS COURSE?

If you mean market demand, then it is highly

demanded not just in the Middle East but

worldwide, the three major vendors Cisco,

NetApp and VMware are doing very good

job marketing the solution especially by

developing validated and tested designs

covering major applications like Oracle on

Flexpod, SAP on Flexpod and Hyper-V on

Flexpod. In addition to the unifi ed support

matrix, where an end customer can contact

any of the three vendors regarding any issue

within the Flexpod.

WHAT STANDARD OF KNOWLEDGE DO STUDENTS NEED TO TAKE PART IN THIS COURSE?

The students need to have a solid

understanding of networking and slightly

about virtualisation and storage technologies.

When I developed the course and the lab, I had

in mind that it is very diffi cult to fi nd students

with expert knowledge in the three technical

areas covered in the course (networking,

storage and virtualisation), so the course is

built with this mind and it takes the student

from technology basics, through a deep dive

into the three major technologies we talked

about previously.

DO PEOPLE DO PROPER DATA CENTRE DEPLOYMENTS IN THE REGION?CTOs and Technical decision makers are now

keener in investing in proper and validated

deployments; given current economy any

investor or a decision maker needs to ensure

fast ROI (Return on Invest) and investment

protection on any new technical deployment.

This is only insured if you invest in proper

technology deployments.

Bassem Boshra Senior Cisco/NetApp Certifi ed consultant and teacher of the FlexpodI course discusses the course benefi ts

Josef Miskulnig, CEO of Fast Lane, says

that the FL-FlexpodI course takes the

student into the heart of the data

centre platform with technologies that

have been consolidated into a single

architecture that is driving the market.

The course teacher’s perspective

Targeted attacks or APT-

style threats have been

gaining much publicity

since the watershed

year of 2010, when the world

first heard about the Stuxnet

virus and the Operation Aurora

breach of Google by Chinese

hackers. Awareness of such

threats among security profes-

sionals is now pretty high, but

unfortunately strategies for

mitigating them are in many

cases woefully inadequate.

The main problem is that

organisations are still too outward

focused, unaware that they may

already have been hit by a silent,

persistent and laser-focused

attack. What many people don’t

appreciate is that Advanced

Persistent Threats (APTs) often

do not really contain particularly

sophisticated malware – instead

it is the social engineering

techniques used to make that first

all-important incursion which can

really be called ‘advanced’.

INDIVIDUAL TARGETS Cyber criminals today will

typically target an individual in an

organisation, using information

gleaned from social networks

and elsewhere in crafting their

email to make it appear more

convincing. It’s often a senior

ranking member of the firm,

because there will be more

publicly available information

about these people. Attacks can

also begin in the physical world.

For example, in the US, cyber

gangs left ‘parking tickets’ – on

which were printed URLs – on

selected car windscreens. Those

recipients who subsequently

entered the URLs at their PC in

the hope of paying the fine or

complaining about it, would

have their machine infiltrated

by malware. When the attackers

combine physical world presence

with online attacks they may

gain the trust of even the most

guarded manager. The malware

in question is usually a zero-day

threat, eg one which has the best

chance of evading traditional

defences, but is certainly far from

remarkable or sophisticated.

Once inside, the bad guys will

move laterally in the organisation,

jumping from machine to

machine in search of an admin

password and ultimately the

server where the key data resides.

It’s all very quiet and carried out

over long periods of time in order

to stay under the radar.

The biggest mistake IT teams

make is viewing the perimetre

as an impenetrable wall, which,

if they focus all their efforts on it,

will keep out the bad stuff and

ensure the internal network is safe

Strategies for mitigating advanced persistent threats are woefully lacking, explains Nick Black, technical director at Trend Micro

Nick Black from Trend Micro

says that organisations are still

too outwards focussed.

Mar

ch 2

013

Vol.1

9 N

o.03

Expe

rt’s C

olum

n 14

from harm. They certainly need

to keep investing in perimeter

defences and end user education,

but must view this layer

nowadays as porous, because if

an attacker spends enough time

and money they will eventually

get in.

The perimeter is a noise filter of

sorts but in reality multiple layers

of defence are needed including

around core servers.

Virtual patching is also

essential, shielding from known

vulnerabilities at the network

layer is an important step as it

will send an alert if an attacker

is trying to exploit a known

vulnerability in the organisation.

Also important are tools to

analyse network traffic and

sandbox any suspect threats. If

there’s zero day malware, unique

to that attack, then custom

defences will need to be crafted

to deal with it. In the past your

defences didn’t have to be

spectacular but just better than

the next guy’s, the rationale being

that attackers always go for the

lowest hanging fruit. That logic

has been turned on its head by

cyber gangs laser-focused on

your organisation alone.

Advanced persistent threat (APT) is commonly used to refer

to cyber threats that utilise a variety of intelligence gathering

techniques to access sensitive information. Recognised attack

vectors include infected media, supply chain compromise, and

social engineering. Individuals, such as an individual hacker, are not

usually referred to as an APT as they rarely have the resources to

be both advanced and persistent even if they are intent on gaining

access to, or attacking, a specific target.

What is an APT?

Dealing with targeted attacks – time to look inside the network

Configurations

for any IT space!

Adaptable: Our solutions can be adapted to fi t any IT confi guration at any time — from small IT to data centers! Vendor-neutral enclosures, for example, come in different depths, heights, and widths so you can deploy your IT in whatever space you have available — from small IT or non-dedicated spaces to even large data centers.

Business-wise, Future-driven.™

©2013 Schneider Electric. All Rights Reserved. Schneider Electric, APC, InfraStruxure, and Business-wise, Future-driven are trademarks owned by Schneider Electric Industries SAS or its affiliated

Download any of our White Papers within the next 30 days for FREE and stand a chance to win an iPhone 5!Visit: www.apc.com/promo Key Code: 32203p

Call +9714-7099690 (Arabic) / +9714-7099691 (English) Fax +97147099-650

Simple. Adaptable.Manageable.

Simple:We are committed to making our solutions the easiest to install, configure, and integrate into either existing IT systems or data centers — or new build-outs. We ship our solution as “ready to install” as possible (e.g., tool-less rack PDU installation and standard cable management features). With our easy-to-configure infrastructure, you can focus on more pressing IT concerns such as network threats.

Solution guides for quick

and easy deployment!

Integrated InfraStruxure™ solutions include everything for your IT physical infrastructure deployment: backup power and power distribution, cooling, enclosures, and management software. Adaptable solutions scale from the smallest IT spaces up to multi-megawatt data centers.

Easy-to-deploy IT physical infrastructureSolution guides make it easy to determine what you need to solve today’s challenges. The core of our system, vendor-neutral enclosures and rack PDUs, makes deployment incredibly headache-free. Easily adjustable components, integrated baying brackets, pre-installed leveling feet, and cable management accessories with tool-less mounting facilitate simple and fast installation.

Manageable: Local and remote management are simplifi ed with “out-of-the-box” UPS outlet control, integrated monitoring of the local environment, and energy usage reporting. Manageability over the network and robust reporting capabilities help you prevent IT problems and quickly resolve them when they do occur — from anywhere! What’s more, our life cycle services ensure optimal operations.

Monitor and manage your

IT spaces from anywhere!

Cloud computing is not just about IT

“The move by non-IT organisations to pro-vide non-IT capabilities via the cloud will mean even more technology decisions will be made outside the IT organisation.”

The word ‘cloud’ has been

literally hanging over

executives’ heads for the

past two years — in the

form of massive banners hanging

from the ceilings of almost every

hub airport they travel through. To

date, the focus of cloud has been

on the delivery of IT-related capa-

bilities from IT-related providers,

largely for things that the IT depart-

ment is responsible for managing.

Cloud computing is expected

to grow to 20% or more of the

total IT budget by 2013. Gartner

research shows that there is already

signifi cant non-IT involvement

in decision making about cloud

services, with fi nance, marketing,

HR and other business units acting

as key stakeholders 25 to 30%

of the time and actually funding

cloud services between 10 and

30% of the time. Although largely

a technological development,

many of the pertinent questions

today about the usefulness of

cloud computing as a business

platform are non-technical. We

believe over time businesses will

better understand the principle

that cloud computing is a means to

deliver IT-enabled capabilities, not

just simple IT capabilities.

As this thinking evolves, the

focus of cloud computing will

shift toward exploiting it as a

service delivery mechanism for the

provision of non-IT capabilities,

such as such as payroll, printing,

logistics and e-commerce. In this

context, cloud computing enables

these services to be delivered

from organisations that are not

traditionally seen as IT companies,

nor have any intention of ever

being seen in this way.

By 2015, Gartner predicts that

20% of non-IT sector global 500

companies will be cloud service

providers. We are already seeing

examples of this emerging.

Large retail, fi nancial service,

government and media

organisations have begun to

recognise that supply chain

competencies do not need to be

commercialised solely through

their stores, either physical or

online. As discrete capabilities, they

have their own revenue potential.

We’ve also seen distribution

businesses undertaking the same

strategy. This trend is not being

wholly enabled, or strictly defi ned,

by cloud computing.

There are several related

trends that are actually fuelling

the business mandate behind

this, such as the accelerated

digitisation or ‘hyperdigitisation’

of many industries that are

largely information based, such

as fi nancial services, education,

communications and media,

government and industry-specifi c

intermediaries, such as the travel

and insurance sectors.

These industries deliver

non-physical digital services,

increasingly mostly online.

The real business opportunity for cloud services lies beyond IT, writes Brian Prentice, research vice president at Gartner

Brian Prentice says

that the focus of

cloud computing

will shift toward

exploiting it as a

service delivery

mechanism for the

provision of non-IT

capabilities.

Mar

ch 2

013

Vol.1

9 N

o.03

Expe

rt’s C

olum

n 16

Additionally, many businesses have

been exploring the move toward

process externalisation driven by

activities such as open innovation.

The move by non-IT

organisations to provide non-IT

capabilities via the cloud will mean

even more technology decisions

will be made outside the IT

organisation.

Ultimately these services are

bound to service-level agreements

that will be understood best by the

owner of the specifi c process. Yet,

while the barriers that historically

prohibit these groups from directly

provisioning these services drop,

the need to manage data and

integration requirements remain.

Far from being a problem, this

represents another opportunity

for IT departments to redefi ne

their value proposition as service

enablers — either through

consumption or provision of cloud-

based services.

As non-IT players externalise

business competencies via the

cloud, they will compete directly

with IT organisations that have

traditionally served in this capacity.

Security experts InfoWatch and Sophos

go head-to-head on BYOD security

“It is often a good idea to introduce BYOD in stages rather than throughout the whole company from the offset. BYOD is a learning process which is individual to every organisation. Businesses can look at user segmentation to see who need how much access and what controls are necessary.”

“Often staff fail to use the necessary security tools, such as encryption, on their mobile devices. ”

We see the BYOD trend present-

ing three main challenges to

businesses. The first involves the

loss of mobile devices. According

to InfoWatch Global Data Leakage

Report, H1 2012, 18.2% of all data

leakage incidents in companies occur

because of loss or theft of various mobile

devices containing sensitive corporate data.

Often staff fail to use the necessary security

tools, such as encryption, on their mobile devices

and ‘misplace’ their gadgets in public places. The second

challenge is the vague limit between personal and corporate data on

private mobile devices of employees. This data should be used and stored

separately on a private device, thus companies require special policies

for BYOD regarding personal and corporate data processing. The last

difficulty is intellectual property protection. Employees often regard the

results of their intellectual work as their private property, where as a mat-

ter of fact, it is usually the company’s property.

Personally-owned devices bring consumer

and other untested applications into the

enterprise, which in turn can affect the

enterprise network bandwidth and security.

Android devices in particular have been seen

to be a common target for cyber criminals

who infect applications with malicious code

designed to steal data and cause costs. As the user

is always the administrator of the device, it can be

very hard to forbid applications, or delete them as it is,

after all, a personal device. Users often remove passcodes and

screen-locks from their various mobile devices, which is a risk if a device

is lost or stolen.

BYOD is one of the biggest challenges facing the modern enterprise; experts look at the

biggest threats and how to stop them

Mar

ch 2

013

Vol.1

9 N

o.03

Expe

rt’s C

olum

n 18

ALEXANDER ZAROVSKY, INTERNATIONAL BUSINESS CHIEF, INFOWATCH

BARBARA HUDSON, SOPHOS PRODUCT MARKETING MANAGER

WHAT ARE THE BIGGEST THREATS BYOD BRINGS TO THE ENTERPRISE?

March 2013 Vol.19 No.03 19

In order to protect corporate data on a device which is

lost or stolen, the IT team should use encryption and

Mobile Device Management (MDM) solutions. The

latter allows remotely controlling data on mobile de-

vices including remote data removal - if the gadget

is lost or stolen.To secure private and corporate data

the most appropriate technology is Data Leakage

Prevention (DLP) which provides for scenarios of

using the mobile gadgets as data storages and data

exchange devices (e-mail, Skype services, etc.) If staff

are allowed to use private devices in corporate network, it

would be reasonable to install monitoring agents on each device

and control traffic from these devices on the corporate gateway. Security

policies must include dividing private correspondence from corporate,

access restrictions of private devices to corporate resources and

using encryption.

The practice of allowing corporate access to personal

devices in the Middle East region is among the

highest in the world. However, the majority of em-

ployees expect their companies to grant them cor-

porate mobile gadgets for executing their duties. If

the company requires its employees to be available

24 hours per day, seven days a week, it should invest

in providing him or her with a corporate device. If there

is no such business need, there is then little sense either

providing a corporate gadget or allowing him or her to use

their own device in the network.

The first step would be to introduce a Mobile Device

Management (MDM) solution to manage and control

which devices have access to the enterprise net-

work. This should allow the enforcement of security

policies and ensure devices which are not compli-

ant no longer have access to the network. The

solution should also offer the possibility to deploy a

security solution to protect Android mobile devices

from malicious applications and other threats and

ensure the protection remains installed on the device. A

further step would be to prioritise WiFi bandwidth for busi-

ness applications. And the third would be the ongoing process

of educating users.

It is often a good idea to introduce BYOD in stages

rather than throughout the whole company from the

offset. BYOD is a learning process which is individual

to every organisation. Businesses can look at user

segmentation to see who need how much access

and what controls are necessary. Many companies

also restrict the number of platforms they allow. Mo-

bile Device Management to support BYOD doesn’t have

to be complex and if IT resources or expertise are limited,

then it may be better to look at a hosted SaaS solution, or

purchase from a Managed Service Provider to bridge the gap.

Barbara Hudson, Sophos product marketing managerAlexander Zarovsky, international business chief, InfoWatch

WHAT IS THE BEST WAY TO PROTECT THE ENTERPRISE NETWORK FROM BYOD THREATS?

SHOULD COMPANIES

RESTRICT BYOD TO PROTECT THEIR

NETWORK?

DWC implements a multi-vendor networkDubai World Central and Smartworld have installed the region’s first multi telecom vendor, 10 Gigabit core network in an MPLS service provider model

Cas

e St

udy

Mar

ch 2

013

Vol.1

9 N

o.03

20

Dubai World Central,

Dubai’s aviation and

logistics freezone,

has implemented the

region’s first vendor-neutral

fibre network throughout its

140 square kilometre footprint

utilising Smartworld, a next-gen-

eration service provider formed

as a joint venture between DWC,

Etisalat and du. The network

allows any one of the hundreds

of companies that are based in

the city to access the telecoms

services they want through the

service provider they prefer.

THE PROBLEM:Many of the clients in DWC are,

and are likely to continue to be,

multinationals that will have a lot

of peer-to-peer services, which

will need a lot of bandwidth.

Today, people may talk about

100mBps, but they cannot

utilise it. According to Najmul

Hussain, programme manager

for DWC, it is very possible that

some of the companies in DWC

will go beyond the 100mbps

requirement. This means that

the infrastructure that has been

laid down should accommodate

growth until 2020.

IMPLEMENTATION OBJECTIVE:DWC is a freezone providing

heuristic services to attract

businesses, so keeping this in

mind DWC decided to build the

unique multi-telecom operator

infrastructure to support their

business in DWC and make it dif-

ferent to other areas. This allows

businesses to have access to all

kinds of services with full speeds,

and they can choose between

multiple service providers.

logistics hub for Dubai. The DWC freezone covers 140 square

kilometres of land and is twice the size of Hong Kong.

Dubai World Central is comprised of eight districts: logistics,

aviation, Al Maktoum International Airport, humanitarian,

residential, commercial, leisure, exhibition and commercial.

Currently phase one is under construction and there

are currently over 100 tenants from some of the world’s

largest aviation, logistics, business and freight forwarding

companies including Aramex, RSA, Al Futtaim and National

Air Cargo. The Al Maktoum airport is also currently open

for cargo and will open later this year for business and

passengers.

around the airport containing businesses relating to the

airport.

was given to DWC by HH Sheikh Ahmed bin Saeed

Al Maktoum.

sold, and construction is pending.

Dubai World Central

March 2013 Vol.19 No.03 21

Luai Bahder from Smartworld says that telecoms are a crucial element of DWC.

“Today we have two licensed

operators in the UAE; Etisalat

and du. Services are distributed

in other freezone areas so that

the customer has to go with a

single provider, but in DWC we

can provide the services from

both operators, so this will give

more flexibility to the customer

to choose to have more competi-

tion in terms of services, com-

mercial prices and will be more

attractive to do business. DWC is

the first freezone city that is offer-

ing both service providers,” says

Smartworld’s Bahder.

IMPLEMENTED INFRASTRUCTURE:Smartworld has laid super

fast fibre infrastructure, with

hundreds of kilometres of fibre

cable linking all customers and

plots with the multi 10-Gigabit

core network in an MPLS service

provider model. The network

is capable of delivering up to 1

gigabit of bandwidth capacity to

an individual office.

“It is not like a normal network,

it is service provider MPLS multi

10 Gig core infrastructure, and

also we have built a GigE access

infrastructure so any customer or

tenant in DWC can get GigE fibre

to his premises,” says Bahder.

Smartworld is the next-generation service provider for telecom

services and ICT services for Dubai World Central and is a joint

venture between Etisalat, Dubai World Central and Du. The

company was established four years ago in order to build telecom

infrastructure in DWC and transport telecom services.

“When we began the implementation of this entire

infrastructure we realised that telecoms is a very critical element

and when we agreed on looking at the infrastructure, we decided

as DWC that we will bring in the infrastructure of all telecoms

operators, unlike other areas in the city where it is either Etisalat

or Du that brings in the infrastructure. We agreed that DWC will

have open and equal access to all clients irrespective whether

they want Etisalat or Du. As such we engaged in talks with Etisalat

and Du, out of which Smartworld was born. It is a joint venture

between all three companies and any other telecom company

that may start up in the UAE,” says Luai Bahder, technical director

of Smartworld.

Smartworld

straight away. If a client can bring in the services that he wants,

that makes DWC more attractive from a business point of view.

the infrastructure – benefitting the developer.

network, so maintenance costs are reduced.

satisfies customers - there is always the option available of

moving away from the existing service provider.

operators – it is a technology neutral platform for the business.

Business benefits of the implementation

“Today Google in USA is

building a GigE infrastructure

in Kansas City. Verizon, the

USA’s fastest service provider

gives up to 150 MB/S to the user.

Today Google is building GigE

infrastructure in Kansas to be the

first city in USA to have this for

the end-user. Today we have this

in DWC. We have invested over

Dh100m just in material to cover

the entire network.”

According to Bahder, the rea-

son DWC has implemented GigE

infrastructure when Etisalat and

Du only provide up to 100mb/s is

to cater for future requirements

and to allow customers to imple-

ment services between multiple

service providers.

“Etisalat has just launched 4G

or LTE technology, we are ready

here in Dubai World Central to

host this on our infrastructure

any time,” said Bahder.

IMPLEMENTATION PROBLEMS:TECHNICAL ISSUES:The first problem that

Smartworld had to overcome was

how to build the first open-equal

access network in the region

that would be able to transport

services from a licensed operator

plus transport the Smartworld

community cloud, managed

ICT services to the end-user and

manage customer identities and

the flow of the traffic between

individual customers.

“The technical limitations of

technology, the VLAN IDs is only

4096 IDs while there are about

2,000 plots in DWC, and the

future requirement may be for

thousands of tenants in the com-

mercial city, was another prob-

lem to overcome. We managed

to implement the latest technol-

ogy to fix this which is the QinQ

double tag. We are the first in the

region to have QinQ technology,”

said Bahder.

QinQ is when each data packet

which goes everywhere in DWC,

has two VLAN IDs. 4096 multi-

plied by 4096 equals more than

16 million identities. So DWC can

supply more than 16 million ser-

vices from either Etisalat or Du or

future providers.

22 March 2013 Vol.19 No.03

“In all facilities where we host our equipment we have the

latest technology. We have in row cooling from APC, in

terms of infrastructure. The fibre we have chosen for the

infrastructure and the corridors and manholes we have built

are all as per international standards in terms of containing the

infrastructure.

“The civil infrastructure does play a big role in protecting

the technology. Plus here we have a process which we have

applied across all developers, where we provide our standards

and requirements in terms of facilities that need to be built

within the customer facilities in order to provide a proper

environment for the infrastructure.

We also manage the design of the facilities within the customer

premises. The customer can’t just build what he wants, he

has to take permission from us and follow our guidelines and

designs,” said Bahder.

Overcome environmental challenges

Smartworld has also invested in a community cloud to provide

managed ICT services to customers. This managed ICT services

covers servers, storage, unified communications, security, load

balancing – where it can reach all customers. Any tenant can

get storage over fibre up to what he needs on the cloud. The

capacity of the cloud is multi 10 Gig core.

“Today in the region there is a challenge of providing public

cloud because of the telecoms services. So any customer is

paying back to the telecoms operator to reach the cloud via

an internet or telecom link. Here in DWC we provide our cloud

services with free access charges because it is our network,”

said Bahder.

Any customer that wants storage can buy the service from

the cloud and it is provided up to the customer’s premises

without the need to buy telecoms services.

“Look to any cloud offering in the region, this is a unique

model and it gives attractive offers for the businesses here. If

they want to have not only an office or plot, but their entire

IT infrastructure provided as well, it can be outsourced and

hosted in the cloud with attractive costs because the element

of the telecom is removed,” said Hussain.

Cloud service provider

“For the general technology, each vendor has his own standards,

we are using best of breed in terms of infrastructure and active

equipment. In terms of operation processes we are using the ITL

version three in terms of operation infrastructure and as business

processes we are following ISO standards,” said Bahder.

Standards

BUSINESS BASED ISSUESApprehension by service provid-

ers around sharing a freezone

was another issue that had to be

overcome by DWC and its imple-

mentation partner Smartworld.

“The initial apprehension

by service providers was ‘Why

are you not using what we are

using?’, but then you have to go

back to our concept of open and

equal access. Whether you like it

or not, our services and our busi-

nesses will have best of breed ser-

vices irrespective of the operator.

Today we have Etisalat and du,

hopefully in another couple

of years the TRA will approve

another four, so we would like to

give every business and every

resident to choose what he

wants. So the challenges were

not just technical, the challenges

were business-related as well and

with stakeholders from the oper-

ational side,” said Smartworld’s

Najmul Hussain.

Hardware implemented

RESULTS“Everything has run perfectly

from day one with no issues. We

have even hosted our first event

-

ried this infrastructure and it was

very successful and this year we

will hopefully settle any appre-

hensions anyone has. The provi-

sioning is apt for the amount of

people we expect,” said Hussain.

“As the landlord, I would like

to stress the fact that this is the

best network that we have in the

is very important that the mar-

ket understands the capacity

and potential of this network,

because from a telecom point of

view this is probably the only area

that has this kind of network.

“We would like to welcome any

one who would like to see this

and test the network and see the

services we have to offer from a

technical point of view.”

Najmul Hussain from Dubai World Central says that DWC is offering a unique cloud model to clients, in which they do not have to pay a telecoms operator to utilise and access cloud services.

“The initial apprehension by service providers was ‘Why are you not using what we are using?’, but then you have to go back to our concept of open and equal access.”Najmul Hussain, programme manager for DWC.

With Siemonmonitoring your network...

...doesn’t have to be difficult

Next Generation Intelligent Infrastructure Management

www.s iemon.com/midd leeast/MapITG2

24 March 2013 Vol.19 No.0324 March 2013 Vol.19 No.03

Any company of any size storing, transmitting or processing credit card details must be PCI compliant to ensure the safety and security of customers’ data, according to regional experts

Are you PCI compliant?

PCI Compliance

March 2013 Vol.19 No.03 25

T he Payment Card Industry

Data Security Standard,

or PCI DSS is a set of

requirements designed to

ensure that every company that

processes, transmits or stores

credit card data does so in a

secure environment.

The Payment Card Industry

Security Standards Council,

featuring five major global pay-

ment brands; American Express,

MasterCard Worldwide, Visa Inc,

Discover Financial Services and

JCB International, was launched

on September 7, 2006 to man-

age the ongoing evolution of

the Payment Card Industry (PCI)

security standards with focus

on improving payment account

security throughout the transac-

tion process. 

The idea behind PCI compli-

ance is to ensure that companies

have improved security in cases

where credit card details are

stored or processed.

“We have seen a lot of cases in

the world where the storage and

processing of credit card details

have been compromised and

obviously more security is neces-

sary and in turn, any organisa-

tion, any company, any non-

profit organisation, it does not

matter who, anyone who stores

or processes credit card details

would need to comply with PCI

DSS,” explains Dr Angelika Plate,

director of Strategic Security

Consulting at help AG.

PCI compliance applies to al-

most everybody in the payment

industry, whether it is a merchant

doing a transaction, or a bank

providing financial services.

Anything to do with finance by

any channel, PCI is relevant.

“As of today PCI has mandated

the hardware manufacturers

with a certain level of compli-

ance depending on region,” says

Niranj Sangal, Group CEO, at card

payment specialists OMA Emir-

ates LLC.

COMPLIANCE LEVELSThere are four different levels of

– and data encryption. This is

all there to protect cardholder

information. We restrict informa-

tion to only those required to see

it. Then we look at the physical,

logical security of the premises

where the data is stored,” ex-

plains Sangal.

There are twelve different

standards that a bank must look

at or that Visa or MasterCard

would assess the bank on. If you

look at a merchant, for example

Carrefour; it is an entity that is

not a bank but has all the finan-

cial obligations in terms of a card

used in its setup.

“When you look at the compli-

ance level of a bank it must

adhere to all the 12 standards,

but when it comes to Carrefour,

there are certain features that

are not applied to them because

they are a merchant. But in terms

of the data transmission from

the location to the bank, it needs

to be secure, so we look at data

encryption and decryption,”

states Sangal.

“If you look at Duty Free, you

need not do a compliance level

for them because they have their

own infrastructure. The banks

do not force them to go with PCI

standards because they have

their own standards. All their

applications are secure, which

means if I go to a Duty Free setup

I cannot use any USB or an ex-

ternal hard drive to download or

upload data. So they are partially

compliant when it comes to

credit card transactions.”

The most important thing for

a card used in a retail outlet or

an SMB, is the card holder name,

then CVV2 – card verification

value: the security code on the

back of the card – and then the

track-one and track-two data

which is on the magnetic strip.

It is not required that everybody

uses a chip card; today the US is

still running mag-stripe cards or

contactless cards.

“Today we are required to be

fully EMV-compliant [Europay,

MasterCard and Visa, also known

“We have seen a lot of cases in the world where the storage and process-ing of credit card details have been compromised and obviously more security is necessary and in turn, any organisation, any company, any non-profit organisation, it does not matter who, anyone who stores or processes credit card details would need to com-ply with PCI DSS.”Dr Angelika Plate, director of Strategic Security Con-sulting at IT security consultant help AG.

Dr Angelika Plate from help AG says that every

company regardless of size must be PCI

compliant if it deals with credit card details.

PCI compliance and depending

on which level you are on, you

have certain rights.

According to Martin Walden-

strom CEO of online payment

gateway cashU, on the differ-

ent levels there are different

requirements depending on

whether you are a processor or

merchant. If you are a processor

you process for hundreds and

even thousands of merchants

but if you are a merchant it’s just

for yourself.

The different levels are defined

based on services provided by

different financial organisations.

“Let’s take a bank; for a bank

we have 12 different standards of

compliance. We look at the secu-

rity, including networks – which

have to have a secure firewall

Level 1: the highest and the only one that allows you to store

credit card details. It requires you to have an external PCI auditor

to audit at least once a month. You need to have a compliance

officer dedicated to this. Level 1 is merchants that process over six

million Visa or MasterCard transactions per year.

Level 2: Level 2 are merchants processing from 150,000 to six

million Visa or MasterCard transactions per year.

Level 3: Level 3 are merchants processing from 20,000 to 150,000

Visa or MasterCard transactions per year.

Level 4: Level 4 are all merchants not included in Levels 1, 2 or 3.

PCI compliance levels

March 2013 Vol.19 No.03 27

as “chip and PIN”; a chip standard

is already applicable, since 2006

in the Middle East. Today in the

region about 80% of provid-

ers are still implementing chip;

practical acceptance is still 60%,”

explains Sangal.

There are a lot of standards

that people can comply with and

those standards that are build

for compliance always have a

set of requirements, PCI DSS has

around 200 different require-

ments and sub-requirements.

“Very often I am asked ‘is one

requirement more important

than another?’. Whilst maybe

people feel like it is, for example

when there is a requirement to

make sure that credit card details

like the transaction numbers, and

things like that, are stored in a

secretive way. That looks more

important than to have a writ-

ten information security policy.

However, on the compliance

level it it does not make a blind

bit of difference. A requirement is

a requirement and non-compli-

ance with one requirement will

not lead to certification, as much

as non-compliance with any of

the other requirements,” states

Dr Plate.

many people claiming all sorts of

compliance, it is one of the most

mis-used words I have ever seen

and everybody who can think of

it claims compliance with all sorts

of things and in many cases it is

not relevant at all. I have seen

organisations who have said they

are compliant because they use

PCI compliant products, which

is simply not good enough,”

explains Dr Plate.

COMPLIANCE DEADLINEAt the moment the deadline to

be PCI compliant is in 2014. Be-

ing PCI compliant is recommend-

ed but there are no penalties for

not abiding by it.

“At the moment PCI is applied

by each merchant in different

ways because the processor may

be PCI compliant. However there

are some merchants who accept

credit card details over the tele-

phone or via fax and are not PCI

compliant, which is not recom-

mended,” says Waldenstrom.

“There is an avenue to report

a website breach that may affect

credit card details, one can report

it to the e-crime department at

the police or the central bank.

But here in the UAE there is no

action that will be taken.”

In the GCC the number of PCI

compliant firms is much higher

that for the UAE, OMA Emir-

ates says that PCI compliance

is a mandate so all institutions

should be PCI compliant other-

wise Visa, MasterCard and other

schemes won’t certify them.

“I would say about 80% of

Niranj Sangal from OMA Emirates says that about 80% of regional GCC institutions are fully PCI compliant.

“When you look at the compliance level of a bank it must adhere to all the 12 standards, but when it comes to Carrefour, there are certain features that are not applied to them because they are a merchant.”Niranj Sangal, Group CEO, OMA Emirates LLC.

PCI COMPLIANCE IN UAECurrently there are no laws or

regulations in the UAE around

PCI compliance, at the moment it

at the discretion of the organisa-

tion whether they want to be

certified or not.

“As long as there is no regula-

tory aspect around it, like maybe

a decree from the central bank or

some piece of legislation, compli-

ance is only something that

applies to people who want to

claim compliance and any body

wishing to claim compliance

has to go through certification.

What we have at the moment is

a sheer mixture of some banks

have it, some don’t. I think from

any organisation, aside from

banks, I don’t think anyone has

really looked into it in the UAE,”

says Dr Plate.

While PCI DSS certification

is nice for companies to have,

because it gives customers inde-

pendent accreditation that the

company is certified to protect

their data, the only drawback

is that it is very difficult for an

organisation to prove that they

are secure. Companies who are

PCI compliant can let customers

know through a badge on their

website. Any certification helps

to demonstrate to business part-

ners, customers and the general

public that they are operating

completely securely.

“It is always good for any

customer to double check if pos-

sible or get some additional cred-

ibility to make sure the payment

gateway is secure. I have seen so

Does your fibre system tick all the boxes?

40G

LANmark-OF : Competitive Fibre Optic Solutions

100GAccelerate business at the speed of light

LANmark-OF brings the best fibre technologies together to ensure maximum reliability and lowest operational cost.

Micro-Bundle cables save up to 50% trunk spaceSlimflex cords offer 7,5mm bend radius saving 30% space in patching areasPre-terminated assemblies reduce installation timeMPO connectivity enables cost efficient migration to 40/100G

OF brochure

www.nexans.com/LANsystems info.ncs@nexans.comG l o b a l e x p e r t i n c a b l e s

a n d c a b l i n g s y s t e m s

Top 10 tips to ensure PCI compliance

March 2013 Vol.19 No.03 29

Martin Waldenstrom from

cashU says that the different

PCI compliance levels

are defined based on the

services provided by different

financial organisations.

“There is an avenue to report a web-site breach that may affect credit card details; one can report it to the e-crime department at the police or the central bank. But here in the UAE there is no action that will be taken.”Martin Waldenstrom CEO of cashU.

Today the majority of credit

card transactions go through

COMTRUST, says Niranj Sangal

from OMA Emirates.

PCI compliance is now mandated by nearly every credit card scheme.

30 March 2013 Vol.19 No.03

have lower and so there is no so-

lution that fits all. At the moment

at least, nobody has come up

with a decent scheme that helps

to reduce the amount of require-

ments for SMBs, as sorry as I am

to say that,” says Dr Plate. “I am

the member of the ISO commit-

tee where ISO27001 is devel-

oped, which is one for the inputs

into PCI DSS and even there we

keep discussing whether we can

do something for SMEs and how

can we help them.”

PCI compliance is all about

security, so an SMB company will

be assessed on: qualifications of

staff, access rights, where a com-

pany hosts its system, auditing of

the physical access to data rooms

and IT department, companies

are even assessed on whether

they leave confidential docu-

ments in an easy to reach place,

according to Waldenstrom.

PCI COMPLIANCE REQUIREMENTSThere are a lot of requirements

around PCI compliance covering

the protection of the credit card

data in storage, transmission, or

as a process.

There is not as much consider-

ation of integrity or availability,

which are also very important

aspects.

“I would recommend ev-

erybody considers availability.

Nicely protected data does not

mean anything if you don’t have

availability,” states DrPlate.

Then there are a set of techni-

cal requirements related to the

network that is processing the

data, any applications that are

used for this processing, and

all the IT devices used for this

process. These all go through a

separate product certification for

PCI compliance.

“The PCI DSS certification

for organisations is always an

organisation certification, that

means that the organisation

with its people, its processes,

its IT, its technology, its policies

and everything is assessed and

tors who were not up to the level

of doing PCI audits, and that

was why you had professional

companies charging $100,000

or $120,000 just to do an audit.

To save this cost the banks have

been hiring their own people to

do PCI audits,” Sangal explains.

There was an incident in Alge-

ria a couple of weeks ago, where

Visa had certified a site and a

fraud still occurred. In such cases

the schemes are liable, but since

2006 most of the liability share is

on the financial bodies.

PCI compliance is now man-

dated by nearly every scheme.

There are audits a company must

go through before it starts taking

payments. There is an application

form that must be filled in, on

which they ask about Payment

Card Industry compliance.

Without that compliance they

won’t certify the premises.

“MasterCard has started

working with four organisations

locally [in the UAE] and Visa has

been working with around 30

companies. These companies do

the audits for Visa and Master-

Card; they look at the compliance

level of the site and the compli-

ance level of the applications

used. We call the applications

compliance level PA-DSS [Pay-

ment Application Data Security

Standard]. The auditors scrutinise

the whole application in terms of

the way the data is stored on it.

For example, do they have some

stored procedures that store data

and then release it?” says Sangal.

In the last three years OMA

Emirates has found that banks

are starting to have PCI audit de-

partments. About 80% of these

banks are already compliant. Re-

cently most of them have been

working towards compliance

because Visa and MasterCard

have got a mandate to ensure

these standards are followed.

Hardware manufacturers are

also being certified because

without the hardware you can-

not run an application.

SMBS AND COMPLIANCENone of the PCI compliance

standards downsize well, accord-

ing to Dr Plate, and the number

and complexity of standards that

must be adhered to to become

compliant can be prohibitive for

small and medium businesses.

“It is very difficult because the

SME world is so diverse and some

have higher security and some

Security breaches can be hard to detect, but there are signs that can appear when a security breach has occurred:

headquarter locations

logs are being deleted)

*By Visa Inc Fraud Control and Investigations Procedures

Version 3.0 (Global)

Detecting security breaches

March 2013 Vol.19 No.03 31

depends entirely on where the

card transaction process and

is how good or bad the organisa

products in their processing to

THE HUMAN ELEMENT

tion, policies and processes, the people in the organisation need to be brought alongside in the

bring people on board and tell

hat they are brought alongside in

The weakest link in any

company is the human being;

that is why PCI compliance

also deals with processes and

policies for the employee.

There are between 12 and 15

steps that a company needs to

go through to comply with PCI

standards.

32 March 2013 Vol.19 No.03

Access controls and identity management experts look at what kinds of authentication and access controls enterprises can and should implement, how they work and how they protect the network against unauthorised intrusions.

If you are a network manager who has not implemented identity

management (IDM) and network access controls (NAC), then

you will be a network manager who is looking for a new job,

according to digital security experts Gemalto.

“If you do not implement identity management and network

access controls, you are really setting yourself up for a problem be-

cause even though a username and password has been considered

good enough security, that is changing. We are getting to a place

where the demand, especially for sensitive areas of a corporate

network, is for stronger authentication credentials,” explains Ray

Wizbowski, vice president of strategic marketing, Security Business

Unit, at Gemalto.

IDM and NAC is the management of individual identifiers, their

authentication, authorisation, and privileges within or across system

and enterprise boundaries with the goal of increasing security and

productivity while decreasing cost, downtime and repetitive tasks.

Who accesses what in a corporate network is an essential tool in the

battle to maintain network security.

IDM can be extended to physical access, to buildings and access

control systems in general. A good example of this is the Emirates ID

card, which potentially could be used for identity management or

to identify the individual.

“In the future you might have public services which will use the

certificate store that we have on the Emirates ID to identify the indi-

vidual against those services. There is nothing that stops the Emir-

ates ID project from also having commercial access for enterprises

to identify employees, visitors etc,” says Nicolai Solling, director of

technology services at help AG Middle East.

Network access controls and identity management: What you need to know

Access control

Who accesses what in a corporate network is an essential tool in the battle to maintain network security.

March 2013 Vol.19 No.03 33

March 2013 Vol.19 No.03 35

CONTROLSWhen enterprises looking at IDM

and NAC for the typical uses that

exist within the organisation and

the access that they need, they

need to keep in mind how privi-

leged users are controlled within

the organisation.

“As part of an overall access

governance programme, people

should look to put the right

controls in place that actually

improve the ability for people to

do their jobs, but also take away

the risk from the business. So

being able to control the sharing

and use of privileged passwords,

being able to record sessions

if an external consultant is ac-

cessing systems and being in a

position where you haven’t got

large number of administrators

who are using and sharing sys-

tem or administrator passwords,”

says Phil Allen, director, Identity

and Access Management, EMEA

at access control and identity

management experts Dell Quest

One Identity Solutions.

The average American

enterprise environment any

user will have up to 25 different

identities they have to remember

within the environment and at

any point in time they will have

username and password that is

expiring or about to expire and

the user has to remember all of

these, says Wizbowski.

“From a management perspec-

Ray Wizbowski from Gemalto says that network access controls and identity

management are business critical.

“If you do not implement identity management and network access controls, you are really setting yourself up for a problem because even though a username and password has been considered good enough security, that is changing.”Ray Wizbowski, vice president of strategic marketing,

Security Business Unit, Gemalto.

tive that is a huge overhead. Ev-

ery time that you lose a password

as a user, some of the research

shows that it costs the company

$25 is in loss of productivity

because the person cant log it,

it is the fact that you have to call

support etc,” he explains.

IMPORTANCE OF IDENTITY, ACCESS MANAGEMENTData is the crown jewel of any

organisation; the intellectual

property and the data of the

business, whether that is

financial data, mergers and

acquisition data, and all of that is

now connected to the internet.

In today’s environment there

needs to be a new way of

looking at enterprise security.

In the past, NAC and IDM were

focused on keeping the bad

guys out and letting the good

guys in. Enterprises handled

this by putting up a strong

perimeter security strategy. NAC

and IDM were put in place to

essentially offer keys to the right

people to let them in through

this hardened perimeter while

keeping those without the keys

out of the network. 

“This was a decent strategy

when the enterprise controlled

their data centre, the applica-

tions sat within that data centre,

and the organisation could easily

control who to let in and who to

keep out,” says Marc Lee, director

EMEA, at identity and access

Denmark has an advanced form of identity management called the NemID, which means easy ID, every single person in Denmark who has a social security number has this ID. You can use it for e-government services and on top of that they have a commercial arm which allows people to identify the individual using that. So if you go to services like the Danish eBay, one of the big issues they had on the website was that they could not identify the individual that was putting stuff up for sale. What they are now doing is they are actually subscribing to this government-based identity service, the NemID, which means that as an individual I have one card that identifies me against these services. The same thing happens with banks, another place where identity is very important. When we log onto our e-banking, there is a project called Easy ID, which is a government service, run by the same company which does all our money transfers between banks in Denmark. The banks use this service to identify users on e-banking environments. One card does everything. There is nothing that stops a large enterprise to go and access the identity service on its applications.

According to Nat Pisupati from HID Global, the Emirates ID is going to be able to be used as a payment device.

Nicolai Solling: HelpAG: talks NemID

In the average American enterprise environment, any user will have up to 25 different identities.

36 March 2013 Vol.19 No.3

Phil Allen from Dell Quest One Identity Solutions says that putting the right controls in place makes is easier for

employees to do their jobs.

strong authentication devices

in place in the ID cards and one

can also log onto their laptop

with the same ID card, providing

logical security for their laptops.

These companies in oil & gas and

government, they really don’t

want their facilities or employee

IDs to be compromised and no

one can blame them for that,”

explains Nat Pisupati, regional

sales director for secure identity

solutions provider HID Global.

HOW DOES IT WORK?Most software systems use NAC

or IDM software in one form or

another. User identity is authen-

ticated and verified to ensure

that the user has the correct

provisions to access information.

Vendors that provide access

management systems provide an

application residing on a server

that accepts authentication re-

quests and uses standards-based

policies to verify the request.

“The identity used in the

request contains attributes and

credentials that are used in the

verification step. Additional

software uses the identity infor-

mation that is also indexed with

application or system entitle-

ments to determine whether the

requestor is authorised to access

the application or system. There

are specific entitlements for each

application. These entitlements

are identified and stored in an

entitlement catalog during the

construction of the identity man-

agement system,” explains Earl

Perkins, research vice president

in Systems, Security and Risk, at

market research firm Gartner.

Access management solutions

bring together authentication

and authorisation services to

verify identities and enforce the

entitlements associated with

them. Audit software serves as

a foundation for analysis and

alerting, recording activity and

recognising patterns of user be-

haviour. If there is an anomaly or

“As part of an overall access governance programme, people should look to put the right controls in place that actually improve the ability for people to do their jobs, but also take away the risk from the business.”Phil Allen, director, Identity and Access Management, EMEA, Dell Quest One Identity Solutions.

management leaders Courion.

Enterprises now have travelling

executives who have unlimited

access to the data on the corpo-

rate network and are carrying

it with them on their laptops,

so that data becomes the most

precious asset within a company.

Controlling who gets access to

what is critical and having strong

authentication is essential.

“Identity and access manage-

ment is beyond a nice to have

thing. I would call it business

critical, mission critical, whatever

term you want to use,” states

Gemalto’s Wizbowski.

Implementing a way to ensure

a high level of assurance that the

employee that is accessing that

data is the correct person has

become essential.

“If it is not in place it is a case

of not if you will get compro-

mised, it is when you will get

compromised, because if you

are blocking access by using a

username and password that is

easily bypassed by cyber thieves,”

states Wizbowski.

Today, the extended enter-

prise is all about ensuring that

employees, contractors, partners

and even customers can access

critical data and applications

from anywhere, anytime. The

applications and data are often

cloud based and accessed by

mobile devices. This hardened

perimeter of keeping everyone

out no longer applies; the new

perimeter is policy based and the

key ingredient to that policy is

identity and access.

“Because of the huge entrance

of the new devices to the

network, mainly from tablet

computers, smartphones etc, ad-

ditional security is needed now,

included network access control,”

says Ammar Enaya, general

manager for the Middle East at

network access solution provider,

Aruba Networks.

Identity intelligence is required

to immediately identify when

user access or activity is suspi-

cious, identify the risk associated

with this, and immediately alert

and notify the proper people

and provide them ability to

remediate. It provides the ability

to define policy, enforce policy,

verify policy compliance, and

immediately identify risky access

and user behaviour to take im-

mediate action to remedy.

“We work with Aramco and

Qatar Petroleum and they have

very, very secure premises, very

secure facilities and they don’t

want the security in these build-

ing to be compromised, so we

provide an ID card. For example

in Qatar where you can not only

enter the building, but security

guard can authenticate your

identity because your photo is on

the ID. It is difficult to compro-

mise because we have some very

March 2013 Vol.19 No.03 37

Nicolai Solling from HelpAG says there is no reason why commercial ID applications cannot be integrated into the Emirates ID card.

“There is nothing that stops the Emir-ates ID project from also having com-mercial access for enterprises to identify employees, visitors etc”Nicolai Solling, director of technology services, HelpAG Middle East.

abnormality, Identity and Access

Management systems can alert IT

staff, enabling the identification

of potential risk areas before any

real threats occur.

“The authorisation decision

of ‘should you get access to this

resource’ or ‘can you perform this

operation’ is then made using

identity and provisioning infor-

mation.  The software is used to

detect whether more informa-

tion or stronger authentication

is required to provide access,

or whether access should be

granted to the user,” explains Lee.

Access control software

controls who goes to what part

of a complex or building, for

example in Qatar petroleum they

have virtual cities, and they can

control movements of people

where they want based on how

senior they are.

“We allow the IT managers

to define roles, because in an

organisation a particular user

might need access to certain

programmes, so we allow them

to define what a person’s role is,

what they are allowed to do and

we allow them to implement

that role based approach,” says

Prasanna Kumar Singh, senior

technical expert, ADManager

Plus at ManageEngine.

According to Allen, from Dell

Quest One Identity Solutions he

typically sees organisations still

using the in-built authentication

processes that exist within ap-

plications like Microsoft systems

and Unix systems that exist on

their infrastructure.

“However, if people are access-

ing the network externally from

we are seeing a rise in enterprises

using strong authentication pro-

cesses, such as software based

tokens, hardware based tokens,

people using one time tokens on

mobile devices,” he says.

NFC for use in network access and identity management is in its very early

stages. In the ID market NFC technology is primarily being used to open

doors. Near Field Communications is a young, evolving technology, and so

are the technologies that will secure it as well as the role that NFC may play in

security.

“We have a pilot project in Goodyear Arizona, state university where

students were given mobile phones like BlackBerry’s or iPhones and a lot of

these kids seem to be losing their room keys, but most of them will not use

their phone, so we are using a programme right now where these kids can access

the library, the entrance to different college buildings, they can access their

dormitory rooms by putting their mobile phone in front of a card reader and

the door automatically opens,” says Pisupati.

Nicolai Solling from HelpAG says that he has seen authentication methods

whereby the user places their phone on a physical reader device next to their

computer. Your phone then identifies you and that you are close to your

computer and opens the machine. When you are not at your computer you

take your phone with you and the computer locks. That proximity information

can also be used by IT applications that can then forward calls when the user is

away from his desk, for example.

When it comes to using NFC within a data infrastructure, this is still very,

very early technology, according to Ray Wizbowski from Gemalto.

“There are some reports that say NFC are about 10% of the phone market

right now, I think that may be a bit high, but even at 10% you are still talking

a very small number that would be able to be used for access or identity

management,” he says.

While it is possible that NFC may serve as a foundation for delivering

improved means of authentication and/or authorisation, it is too early to tell at

this stage. Interesting development work continues, explains Earl Perkins from

Gartner.

NFC in identity management:

38 March 2013 Vol.19 No.03

THE BURDEN ON ITAn effective IDM and NAC system

brings an enterprise better assur-

ance of access, more transpar-

ency for access and identity

administration, and account-

ability of that access for all users,

according to Gartner.

In such an environment,

audit for compliance purposes is

easier and more thorough, and

automation of many manual

processes associated with identi-

802.1X Web-based Proprietary clientPros Highest security; standards based; multiprotocol;

most transparent; scales;built-into modern operating

systems

Very familiar model to

end-users; broadest

platform support; handles

guest users best.

Tight integration between

client and security policy;

broad range of topology

support.

Cons 802.1X supplicants have a “bad reputation” (although

this is not supported in our testing); weak guest support;

poor support for nonmainstream platforms such

as Linux, Palm, Symbian, and embedded devices.

Onerous and slow for all

users; only supports IP;

requires web browser;

security model weaker

Platform support not broad

(usually Windows-only);

requires vendor lock-in; weak guest

support.

Pros and cons of NAC Authentication:

An effective IDM and NAC system brings an enterprise better assurance of access, says Earl Perkins from Gartner.

“To build an effective system, there is a burden placed upon key support pro-viders like network managers to con-struct an effective identity data model, to ensure that systems are configured and supported properly, and to ensure the ongoing maintenance of that envi-ronment”Earl Perkins, Research Vice President in Systems, Security and

Risk, Gartner.

manager varies widely based

upon the degree and scale of

implementation,” says Perkins.

According to HID global, there

is a lot of work involved when

it comes to implementation of

access controls and network

authentication software.

“You are looking at thou-

sands and thousands of people,

different ID numbers and one

person at a time and each one

has to be given different access

to various points in a building or

buildings in a complex and that

does place a lot of burden on

the IT managers as well as on the

infrastructure because in some

instances you are managing hun-

dreds of thousands of people.

A big petroleum company has

200-300,000 employees as well

as contract workers that come in

every day and every one of these

people has to be managed and

given access and permission and

every time new vendor comes

into a building, all their details

have to be put into the system,”

says Pisupati.

Wizbowski says that in most

cases there is no downtime for

the organisation when they

move into access and identity

management, it is just a simple

switch over. However, the biggest

challenge is getting hardware

devices, such as an OTP token in

people’s hands.

“The easiest way to provide

enterprise employees with access

controls is for them to download

an application and then switch to

using it, so it really is a back end

change,” he explains.

This change can be done in

as little as a couple of weeks

for small organisations or as

a phased approach, or where

different groups are phased into

the access change over a couple

of months. Another advantage of

the latest IAM technology is that

it allows IT managers to better

align business risk to access risk

by providing a clear view of the

most problematic security areas.

This enables organisations to

allocate their security budgets

more effectively to the most criti-

ties is established and helps to

streamline the process of identity

management and use.

“To build an effective system,

there is a burden placed upon

key support providers like

network managers to construct

an effective identity data model,

to ensure that systems are con-

figured and supported properly,

and to ensure the ongoing main-

tenance of that environment.

The overall level of effort by the

March 2013 Vol.19 No.03 39

Sector Premise Questions to be answeredPolicy What is your security

policy?

What are you trying to accomplish? What type of users and

devices will the NAC deployment focus on?

Authentication What authentication

method will you use?

How will user identity affect security policy and access

control?

Environment What end-point

security features do

you want?

What types of devices will have their security checked? What

is the associated policy? How will you handle users and

devices that cannot be checked, such as guests or printers?

Will you be running continual security checks, or just at login

time?

Enforcement What enforcement

strategy will you use?

Where in the network will you enforce? Will you mix different

types of enforcement, or use a single consistent strategy?

Integration How is NAC going to

integrate into your

existing network?

How will physical integration be done? What

steps can you take to ensure that integration goes

smoothly and without unnecessary disruption?

How will it integrate organisationally?

Key questions to answer when deploying NAC

Access and identity management is fast becoming a must-have for enterprises.

cal areas that pose significant risk

to their business.

In terms of actual dollar costs,

Perkins from Gartner says that

at a guess, if we assume an

“average” enterprise of 10,000

users with at least 10 major ap-

plications and requirements for

different classes of access, such

an organisation might require

$250,000 to $500,000 in software

costs and another $200,000 to

$400,000 in implementation

costs. This means such a use case

might cost between $450,000

to $900,000. Such projects often

take anywhere from six months

to a year to implement depend-

ing upon complexity.

These costs also include train-

ing and education.

Big data

40 March 2013 Vol.19 No.03

March 2013 Vol.19 No.03 41

Companies must start treating their data as an asset rather than a burden, writes Piers Ford

WEDNESDAY 29TH MAY 2013, JUMEIRAH EMIRATES TOWERS, DUBAI

THE MOST CELEBRATED EVENT FOR MIDDLE EAST NETWORKING PROFESSIONALS

w w w. i t p . n e t / e v e n t s / n m e - a w a r d s

NOW IN THEIR 9TH YEAR, THE NETWORK MIDDLE EAST INNOVATION AWARDS

BRINGS TOGETHER THE REGION’S IT COMMUNITY TO RECOGNISE THE LEADING

PROJECTS, VENDORS AND INDIVIDUALS IN THE NETWORKING SECTOR

Do not miss your opportunity be part of the 9th Network Middle East Innovation Awards.Visit www.itp.net/events/nme-awards or contact one of our team today

For sponsorship enquiries please contact:

Nayeem DakhwaySales ManagerTel: +971 4 444 3482Email: nayeem.dakhway@itp.com

George HojeigeSales DirectorTel: +971 4 444 3203Email: george.hojeige@itp.com

For nomination enquiries please contact:

Georgina EnzerEditor, Network Middle EastTel: +971 4 444 3723Email: georgina.enzer@itp.com

For any other enquiries please contact:

Michelle MeyrickEvents ManagerTel: +971 4 444 3328Email: michelle.meyrick@itp.com

Silver Sponsor

ONE MONTH LEFT TO NOMINATE

NOMINATION DEADLINETHURSDAY 28 MARCH, 2013

Haritha Ramachandran, programme manager, information

and communication technologies practice at analyst Frost &

Sullivan, said businesses should choose big data processes that

suit the size and scale of analysis they aspire to.

“Initially, they could start with a collaborative business

intelligence solution that gets data real-time from social media,

then scale up to a full-blown analytical system with tiered

storage management and the like,” she said.

“Globally, big data is gaining interest among enterprises that

deal with huge data sets – banking and telecoms, for example.

Over 85% of the Fortune 500 companies are planning to

implement the technology in the next two years.

“Comparatively, the Middle East is still in its infancy.

Although there is much discussion, little implementation is

seen as yet. Vendors are still marketing the advantages of big

data to companies. However, budgets, manpower and risk

seem to be deterrents. Verticals such as healthcare are veering

towards managing data effectively to provide better service to

the citizens; big data is an enabler for electronic medical and

health records, and so on.”

How to manage Big Data

March 2013 Vol.19 No.03 43

If data was water, we’d need

more than a fleet of arks to

save us from the flood. The

volumes being bandied

around– take your pick from exa-

bytes, terabytes and petabytes

– defy comprehension for most

of us. But digital data is spilling

out of its traditional home in

the corporate database, crying

out for analysis, integration and

above all, use.

And with analysts like Gartner

and IDC predicting that the

digital universe will double in

size every year between now

and 2020, resistance is futile.

Instead, it’s time for enterprises

to embrace the phenomenon of

big data and acknowledge the

opportunity it represents: to find

innovative, cost-effective ways

to manage and store informa-

tion, and build applications that

will exploit it in increasingly

creative ways.

If the infrastructure is not

to buckle under the pressure,

organisations must start treating

their data as a dynamic asset

rather than an overwhelming

by-product requiring expensive

storage just to hold it at bay.

DEFINING BIG DATAWhat is big data? Definitions

abound, but a broad consen-

sus is that it is the deluge of

unstructured data generated by

what might loosely be called ‘life

in the 21st century’: everything

from multimedia traffic to

mobile devices, surveillance

networks and social media.

The list is endless. The smallest

transaction creates its own wave

of data, adding another layer to

the information pool.

“Organisations are producing

more data than ever before from

various internal and external

sources, thereby making it critical

for them to manage and analyse

this enormous volume,” explains

Boby Joseph, chief executive of-

ficer at StorIT Distribution.

“Although there is no exact

definition of big data, most re-

search firms define it as the mas-

sive volumes of complex, high

velocity and variable data that an

organisation collects over time

and which it is difficult to analyse

and handle using traditional da-

tabase management tools. Such

large volumes of unstructured

data require advanced technolo-

gies and techniques to capture,

store, analyse, distribute and

manage this information.”

Joseph says that simply ac-

knowledging the phenomenon

and trying to apply traditional

management tools to accom-

modate this bewildering array of

data sets is not the answer. Busi-

nesses need to interact with big

data in real time so that they

can react quickly and make fast

business changes in response

to the live situation it repre-

sents. The wealth of informa-

tion can only yield its true value

if there is a shift in attitude.

“To address the big data

problem, organisations need to

change their mindset in addition

to upgrading their technology,”

states Joseph. “To use big data

Boby Joseph from StorIT says that

organisations are producing more

data than ever before.

“Although there is no exact defini-tion of big data, most research firms define it as the massive volumes of complex, high velocity and variable data that an organisation collects over time and which it is difficult to analyse and handle using traditional database management tools.”Boby Joseph, CEO, StorIT Distribution.

While big data is much-discussed at board level, it requires

commitment and investment throughout the business.

Analysts say that in order to realise the benefits of cost

effectiveness that big data could ultimately deliver, CIOs might

run into opposition because of the big price tag on the storage

infrastructure technologies pitched at meeting the challenge.

“Due to the fact that most big data projects today are

funded by the business, it is becoming imperative for CIOs to

demonstrate the cost effectiveness of a proposed big data

project,” said Sid Deshpande, senior research analyst at Gartner.

“In order to leverage and deploy some of the emerging

storage architectures, CIOs and IT managers need to hire

employees with the correct business level exposure, in addition

to the technology skill sets: Java and functional programming,

data mining and statistics, open source code management,

custom ETL exploiting MapReduce methods, Hadoop, and

open source data analytics.”

The value of big data

44 March 2013 Vol.19 No.03

effectively, organisations need

to choose from a number of

advanced technologies and new

platforms that will help them tap

into internal systems, silos, ware-

houses and external systems.

They also need to add resources

with skills to use this massive

volume of data optimally. This

means that the organisation’s

infrastructure, operations and

development team need to work

together to tap the full potential

of big data.”

So it’s a challenge for every-

one. And there are some impor-

tant questions to consider.

“Big data is becoming a par-

ticular problem for IT, because

more of the budget is going to

data storage and the volume of

data is causing traditional mod-

els to break,” says John Rollason,

EMEA director, product, solutions

& alliances marketing at network

storage vendor NetApp.

“We need to get people to

think of data as something that’s

more of an asset, and help them

find different ways to manage

and store it.”

THE CLOUDSofocles Socratous, regional sales

director at storage specialist

Seagate, says the fundamental

challenges of data management,

information security, infrastruc-

ture investment and operational

control, are increasingly ag-

gravated by the need to reduce

the complexity and cost of

enterprise data storage.

“Some of the key questions

that I think big enterprise will

have to face now include: how

do enterprises store lots of

data in a limited physical space?

How do they offer reliable and

consistent data access to their

ever-growing customer base

while avoiding network conges-

tion? And how can they deal with

shrinking budgets yet offer a

sustainable storage platform that

they won’t outgrow tomorrow?”

Socratous asks.

He says that more businesses

in the Middle East are looking

at IT virtualisation, outsourcing

their data to the cloud – which

negates the problems of over-

and under-provisioning storage

Sofocles Socratous from Seagate says that more and more

businesses are looking to outsource their big data to the cloud.

“Some of the key questions that I think enterprise will have to face now include: how do they store lots of data in a lim-ited physical space? How do they offer reliable and consistent data access to their ever-growing customer base while avoiding network congestion?”Sofocles Socratous, regional sales director, Seagate.

46 March 2013 Vol.19 No.03

Analysts such as Gartner and IDC predict that the digital universe will double in size every year between now and 2020.

“Using distributed infrastructure and software to deliver solutions over different geographic territories creates its own challenges – for example, within some EMEA countries, legislation requires data relating to individuals to be identified on individual disk drive spindles.”Andrew Logie, chief technology officer, DrPete.

Mervyn Kelly from Ciena says that there is a need to upgrade

current data warehouse models.

resources, and theoretically

liberates the business to focus on

data analysis and exploitation.

And to do that, they need the

right tools.

“The fact that most enterprises

are being forced to address big

data is in itself an opportunity to

lower their network’s total cost of

ownership through the deploy-

ment of more modern and more

efficient information technology

solutions,” explains Socratous.

“With large enterprises

expanding their current data

centres and building new

virtual networks, deploying new

physical-layer infrastructure is

becoming more recognised as a

business priority, as it can serve

to handle the deluge of new data

while improving system perfor-

mance, scalability and future

network congestion.”

The cloud does not necessarily

contain all the answers, however.

According to Andrew Logie, chief

technology officer at IT strategy

consultant DrPete, which has

undertaken a number of projects

across the region, big data-savvy

enterprises are turning to major

technology and social media

providers for their tools. Compa-

nies like Amazon and Google are,

after all, in the vanguard of the

big data phenomenon.

“For instance, Google utilises

PEOPLE. POWER. PROFITS.NOW ON YOUR iPAD

Search for Arabian Business in the App store

In-depth news, expert views, big name interviews andexclusive videos now on the Arabian Business iPad App.

Download your FREE App today.

www.arabianbusiness.com

48 March 2013 Vol.19 No.03

a proprietary technology called

‘Big Table’ and possibly other

open software source solutions

such as Hadoop and Cassandra,”

says Logie. “While Amazon pro-

vides hosted database solutions

built on its noSQL ‘DynamoDB’

solution, based on distributed

datastores where the emphasis is

on predictable Input/Output per

second and scaling on demand,

rather than just storage used.

“Solutions always work more

effectively when they are near

users,” counsels Logie. “The

challenge with collecting and

reporting on big data is that

users can be anywhere, and in

huge numbers.

“Using distributed infrastruc-

ture and software to deliver

solutions over different geo-

graphic territories creates its own

challenges – for example, within

some EMEA countries, legislation

requires data relating to individu-

als to be identified on individual

disk drive spindles. This scenario

makes using cloud-based infra-

structure challenging. Amazon,

at least, allows organisations to

pin their data to any regional

data centre.”

“This is implemented on fast

flash-based disk arrays, with as

much distributed computing

resource as is sufficient to handle

the request specified by the

customer application and the

data stored.”

However, organisations should

be cautious about implementing

a cloud-based big data strategy

which takes the data too far from

their own domain.

Yet adhering to traditional,

localised data management

practices could compromise

the ability to scale quickly and

be reactive in data analysis. It’s

a dilemma that information

technology managers will need

to resolve with care.

EASE-OF-USE IS IMPORTANTAt data analysis software special-

ist CommVault, MENA senior

technical account manager Allen

Mitchell says it will be essential

for the IT function to make avail-

able analysis tools that are easy

to work with and well-integrated

with business processes.

“Using Storage Resource

Management (SRM) software is a

“Agent-less SRM makes rollout a non-issue and it can really help you to organise data for the best access/cost compromise.” Allen Mitchell, MENA senior technical account manager, CommVault.

Allen Mitchell from CommVault says it will be

essential for the IT function to make available

analysis tools that are easy to work with and

well-integrated with business processes.

Big data requires big changes in infrastructure and data

analysis. At high-performance network specialist Ciena, EMEA

marketing director Mervyn Kelly said there are three main areas

of opportunities and challenges for the enterprise.

Firstly, the combination of high-speed cameras, 1- and

10-gigabit Ethernet networks and sophisticated analytical

software has enabled new big data applications. In the US,

for example, baseball stadiums are being fitted with cameras

and software that tracks players and ball flight in real time,

to develop precise performance metrics. That’s one million

records per game.

“The potential to develop similar, totally new applications

using big data analysis cuts across almost every business,” said

Kelly.

There will also be the need to upgrade current data

warehouse models – to make better sense of supply chain

information, for example.

“An upgrade project might include integrating a new data

source by connecting to a subsidiary’s data centre,” said Kelly

“Or maybe adding a new network connection to a cloud facility

with more compute-intensive platforms enables the ability

to economically shift big data workloads that demand peak

processing.”

Finally, research and education institutions have the

opportunity to exploit very high performance applications in

the areas of computational bioinformatics, weather and climate

simulation, brain simulations and other ‘peta-scale’ research.

“The ability to scale to 100 Gbps networking is key to moving

these huge data sets between data centres,” he said.

Strategies for coping with Big Data

March 2013 Vol.19 No.03 49

Haritha Ramachandran from Frost & Sullivan says that big

data management in the Middle East is still in its infancy.

“Globally, big data is gaining interest among enterprises that deal with huge data sets – banking and telecoms, for example. Over 85% of the Fortune 500 companies are planning to implement the technology in the next two years.” Haritha Ramachandran, programme manager, Frost & Sullivan.

good start,” he said. “Agent-less

SRM makes rollout a non-issue

and it can really help you to

organise data for the best access

or cost compromise. Not only

will the trending warn you that

you’re heading down the big

data path, but it can also help

drive archive policies for effective

long-term storage and keep

costs under control.”

On the enterprise storage

front, in a non-cloud environ-

ment, a flexible approach com-

bining multidirectional scalability

and multiple data centre support

will be crucial, said Andrew

Childs, senior business develop-

ment management at Huawei

Enterprise Middle East.

Multidirectional scalability and

the flexibility to use a variety of

storage methods – Distributed

File System, Scale-out, Network

Attached Storage and Object-

based storage – will be instru-

mental in successful big data

management, said Childs.

“Availability is also impor-

tant in being able to manage

big data for a company,” he

added. “Should a data centre, for

example, go down due to some

natural calamity the data will

still be accessible with multiple

data centres. While companies

in the region are quite a long

way behind the western world

in terms of having solutions to

support the growing big data

trend, we are seeing companies

in the Middle East moving slowly

itowards providing these data

centre solutions.

“They are planning ahead,

realising that enormous amounts

and various types of data can be

capitalised on market intelli-

gence to drive their market share

and stay ahead of the curve.”

Mar

ch 2

013

Vol.1

9 N

o.03

50

Secu

rity

focu

s

What makes the BlackBerry 10 platform a better option for enterprises when compared to Android or iOS?We’ve been in the device

management business for over

10 years and we offer a secure,

manageable and cost effective

solution that organisations can

definitely trust.

BlackBerry 10 smartphones will

be managed on the BlackBerry

Enterprise Service 10 (BES

10), which is BlackBerry’s new

enterprise mobility management

solution. With BES10, we are

giving businesses a cost-efficient

and industry leading secure,

reliable and scalable solution that

consolidates the management of

smartphones and tablets running

BlackBerry and PlayBook OS, as

well as Android and iOS. No other

mobile device management

(MDM) vendor manages more

devices than BlackBerry.

We are also supporting

the consumerisation of IT

through BES 10’s BlackBerry

Balance feature for BlackBerry

10 smartphones, which offers

separation of work and personal

data. Personal apps and

information are kept separate

from work data, and customers

can switch from their Personal

Space to their Work Space

to ‘lock down’ the BlackBerry

10 platform capabilities.  This

provides CIOs with the trusted

end-to-end BlackBerry security

model, and enables users to use

the work and personal BlackBerry

10 features they want, without

circumventing IT, or sacrificing

any functionality.

Many analysts have said that BlackBerry 10 is the make or break for BlackBerry; what would you say to this?

BlackBerry 10: The safe option for enterprises?

Khaled Kefel from BlackBerry says that the BlackBerry workspace is fully encrypted and fully secure.

BlackBerry Balance: This system allows users to separate

professional communications and applications from music,

photographs and other personal items.

Application permissions: This feature lets you see, control, and

customise what each application can access and allows you to

manage and protect your privacy.

BlackBerry Protect: This can help you remotely locate your

BlackBerry smartphone, set a password, and even wipe it from

anywhere with an internet connection. It is integrated into every

BlackBerry 10 smartphone..

FIPS Certification: BlackBerry 10 is Federal Information

Processing Standard certified. This is a US government computer

security standard used to accredit cryptographic modules.

End-to-end data encryption: BlackBerry products and solutions

are protected by best-in-class AES 256-bit encryption, a highly

secure, internationally recognised data protection standard.

Key security features of BlackBerry 10with a simple gesture on the

BlackBerry 10. The Work Space

is fully encrypted and secure,

enabling organisations to protect

their content and applications,

while at the same time letting

employees get the most out of

their smartphone experience for

their personal use

Can you describe the new security enhancements and how these protect the enterprise better than previous versions?BlackBerry is the gold standard

for secure end-to-end mobility.

Security is built into the

BlackBerry DNA and that is why

BlackBerry 10 and BES10 were

FIPS certified before launch.

BES 10 ensures end-to-end data

encryption provides protection

and assures employees of their

privacy and freedom with

features like BlackBerry Balance.

We’ve also supported protection

against unauthorised devices

accessing corporate assets and

prevent data leakage. By creating

a single outbound port for all

communications, there is no need

for additional VPNs.

With BlackBerry Balance, IT

organisations have the ability to

segment and control work data

on the device, without having

We’re confident BlackBerry 10

will succeed. Since our global

launch across six cities, including

Dubai here in the Middle East, we

have had a fantastic response for

our BlackBerry Z10 smartphone.

We are building a new, seamless

customer experience and

partnering for success with

customers, developers and

carriers. Consumers and

enterprises are excited about our

re-designed, re-engineered, and

re-invented BlackBerry platform. 

Khaled Kefel, senior country director, Saudi Arabia at BlackBerry, explains the security benefits of the new enterprise platform

Mar

ch 2

013

Vol.1

9 N

o.03

52

Secu

rity

focu

s

Trend Micro. Through an integrated

approach that is designed to

protect data, promote flexible work

styles, and simplify the path to the

cloud, Microsoft Windows Server

2012 Essentials a central server

that can automate important

activities like online data backup

and protection of computers;

allow teams to share and organise

business documents; provide

a platform for running line-of-

The role and importance of

information security continues

to evolve within the Gulf

Cooperation Council (GCC) block

of countries, and this evolution

is only expected to intensify over

the next few years, according to

the newly released “Gulf States

Security Software Market 2012-

2016 Forecast and 2011 Vendor

Shares” study from International

Data Corporation (IDC).

The Gulf security software

market generated $143.34 million

in license and maintenance

revenue in 2011, with IDC’s

research showing that large

enterprises, particularly those

from the banking, government,

and telecommunications sectors

were the primary drivers of this

expenditure. The IDC expects

spending on IT security in the

GCC to continue growing over the

coming five years, as the region is

witnessing an increasing level of

cyber warfare.

Indeed, it is believed that

the spate of recent attacks on

energy and media companies in

countries such as Saudi Arabia

and Qatar were only the first in

a series that are likely to grow in

complexity and in frequency.

“Companies and governments

must assess all possible risk

vectors and IT security threats,

and reevaluate their security

strategies accordingly,” says

Megha Kumar a research

manager at IDC Middle East,

Africa, and Turkey.

“We expect companies, and

even governments, to rebuild

their business continuity

strategies in order to effectively

manage the eventuality of further

complex cyber attacks. We also

expect organisations to become

more stringent when evaluating

prospective vendors out of

concern that they may not be

doing enough to remain ahead of

the threats.”

The UAE accounted for the

largest proportion of spending

on security software in the Gulf,

with 41.5% share, followed by

Saudi Arabia and the other GCC

countries of Kuwait, Bahrain,

Oman, and Qatar. The market

continues to be dominated by

Symantec, which garnered 22.2%

share in 2011, while McAfee

placed second with 12.5% share

and Kaspersky rose to third with

10.8% share. The top three sectors

of finance, government, and

telecommunications together

contributed to 58.2% of total

security software spending in

the GCC in 2011. The series of

cyber attacks that struck the

energy sector in 2012 will cause

companies to reevaluate their

security strategies and show

greater interest in business

continuity planning, fueling

security spending throughout

2013 and 2014.

Cloud security leader Trend

Micro has announced Worry-Free

Business Security solutions in the

Windows Server 2012 Essentials

dashboard and Trend Micro

Worry-Free Business Security 8,

which supports Windows 8. These

solutions are designed to protect

small business in the face of the

growing BYOD and cloud trends.

“Trend Micro is committed to

delivering products that best serve

small businesses. By working

with Microsoft to integrate

Trend Micro Worry-Free Business

Security Services and Windows

Server 2012 Essentials, Trend

Micro small business customers

benefit from cloud computing and

mobile applications while feeling

confident that their information

is safe. It’s the must-have security

for small businesses,” said Magi

Diego, director, SMB Marketing at

business applications; and provide

remote access to data from any

internet-connected location or

connected device.

“Trend Micro is taking advantage

of the built-in ability to include

their offerings in the single

management console in Microsoft

Windows Server 2012 Essentials,”

said David Fabritius, Product

marketing manager, Server and

Tools, at Microsoft.

Trend Micro releases SMB security solutions

Regional companies are set to re-evaluate protection measures in wake

of the Aramco attack, according to IDC.

GCC cyber security spend to surge

Mar

ch 2

013

Vol.1

9 N

o.03

54

Secu

rity

focu

s

As part of its managed services

offerings, du – the UAE’s

integrated telecommunications

service provider, has announced

the launch of Mobile Device

Management, offering both

on-premise and cloud based

solutions for businesses to

manage corporate data on their

employees’ personal mobile

devices. The solution is built on

MobileIron, a leading platform for

securing and managing mobile

apps, documents, and devices.

Du’s MDM solution is designed

to provides a secure gateway

that connects the end-user to

the organisation to retrieve and

share corporate data, to back-

end enterprise resources like

Exchange, app and web servers

and SharePoint. MDM permits

employees to securely view

email attachments, secure access

to SharePoint docs and secure

on-device storage. In addition,

there is no ‘Open in’ access for

rogue apps and organisational

data can be deleted in the case of a

lost device.

Du MDM is designed to provide

a one stop, highly configurable,

cross-platform solution that is

compatible with any mobile

device used by an employee.

Offered in collaboration with

MobileIron, the MDM solution

provided by du is purpose-built

for Mobile IT providing end-

to-end integrated security for

multiple operating systems,

data loss prevention controls for

email attachments, certificate-

based identity, application and

document containerisation,

Bring Your Own Device privacy

protection, and automated

closed-loop compliance.

“More and more companies

realise, that in the fast paced lives

of employees today, they prefer

the convenience of using their

personal mobile devices for work

which would entail organisations

monitoring their devices, without

compromising any employee’s

privacy. Additionally, this proves to

be a challenge for an organisations

IT department to maintain

control of sensitive information.

Our MDM is the ideal solution to

maintaining the privacy of each

employee, while also maintaining

security and control over which

individuals are able to access these

files. All the data is encrypted

prior to transfer with MobileIron

providing delivery, configuration,

data-in-motion,  and data-at-rest

protection for email, applications,

documents and web services,” said

Farid Faraidooni, chief commercial

officer, du.

The solution is available on the

cloud as well as on an on-premise

MDM model..

Du launches MDM solution

Analysis: Security-relevant data,

including full network packets,

logs, and threat intelligence, are

captured and quickly analysed to

speed up threat detection.

High Powered Analytics:

Designed to enable much larger-

scale collection of data and

empower new analysis methods

over that of traditional SIEM-based

approaches to security.

Integrated Threat

Intelligence: Helps organisations

operationalise the use of threat

intelligence feeds to accelerate

detection and investigations

RSA, has announced the release

of RSA Security Analytics – a

transformational security

monitoring and investigative

solution designed to help

organisations defend their digital

assets against today’s internal

and external threats. Built on

RSA NetWitness technology, RSA

Security Analytics fuses SIEM,

Network Forensics, and Big Data

analytics into a security platform.

By providing security

professionals with the visibility to

see and understand vulnerabilities

and attacks, RSA Security

Analytics is designed to enable

the discovery of risks as they occur.

Furthermore, by helping security

professionals understand digital

risks originating from both inside

and outside their enterprise,

organisations can better defend

business assets, including

intellectual property and other

sensitive data, while reducing

the time and cost associated

with threat management and

compliance-focused reporting.

The RSA Security Analytics

Unified Platform is designed

to deliver: Quick Capture and

of potential attack tools and

techniques.

Context for Threats: Through

integrations with the RSA Archer

GRC platform and RSA Data Loss

Prevention suite, and by fusing

data produced by other products,

analysts can use business context

to prioritise and allocate resources

to the threats which pose the

greatest risk.

Malware Identification:

Using a variety of investigative

techniques, the solution identifies

a much wider range of malware-

based attacks.

RSA announces release of RSA Security Analytics

Farid Faraidooni from du says that more and more companies are realising that employees want to use their own devices.

Mar

ch 2

013

Vol.1

9 N

o.03Last

wor

d56

Can you tell us how you began working

in the IT industry?

In 1984, after fi nishing my studies,

the personal computer started to

spread in enterprises and I decided I

wanted to be in the industry. I joined

Texas Instruments Computer Division

and a few years later I joined Digital

Equipment Corporation, the second

largest IT company after IBM at the

time, and I have continued to work in

the technology industry since.

What is the best and worst thing about

the networking industry?

The best thing is the creativity, energy

and capacity to change how the

world is communicating and coming

together. Working now for Polycom,

the leader in video communication and

collaboration, we are bringing people

from all over the world to communicate

with each other and breaking through

the distance.

Talk us through what you do on

a daily basis...

My days are a mixture of

activities, encompassing

customer and reseller visits,

meetings and sales reviews

with my team, internal meetings

on project advancements,

analysing and planning the

business, economic and

competitive environment, along

with being continuously trained

on our ever-evolving portfolio.

What has been your proudest

achievement in your career so far?

What keeps me proud and fuels my

professional passion is Polycom’s

success as a winning team. I feel

particularly rewarded by the fantastic

personal relationships I have with

my colleagues, be it at Polycom, and

throughout my career.

What IT product or innovation should

the IT industry watch out for this year?

Mobility and cloud are really the areas

to watch this year. People want to

connect, work, be entertained, and see

each other from anywhere at any time.

Millions of smartphones and tablets are

spreading at light speed, and mobility

applications and related cloud access

are a major trend.

Comparing the IT industry to other

countries, do you think it measures up

or is lacking and why?

The UAE is moving very fast in

adopting leading edge technologies.

We have very advanced and forward

thinking customers in the region

adopting Polycom solutions.

What IT company, other than your own

do you admire and why?

Companies like Apple, Microsoft and

IBM all have an incredible power in

developing applications with great

human interface, whilst renewing

and adapting their strategies in a fast

changing competitive environment,

and have maintained that for more

than 30 years.

Who do you look up to in your career

and why?

I have written many books regarding

sales and management and there are

too many great mentors out there to

name one specifi cally. Watching great

CEOs or inspirational presenters is

always a good reference point.

What do you do for fun?

I play and watch football, I like

photography and I recently started

learning to play the acoustic guitar.

Communication championDaniel Schmierer, area sales vice president for Middle East & Africa, Polycom, talks IT innovations

What is your favourite fi lm:

Many are great, let’s say ‘The Good the

Bad and the Ugly’.

iOS, BlackBerry or Android?

iOS

What is your favourite gadget?

None

Who is your favourite band/musician?

Stevie Ray Vaughan

What is your favourite book?

The 7 habits of highly effi cient people

from John Covey

Favourite things

Open the Door to Energy Savings

Opportunity is Knocking

Find out more at www.chatsworthproducts.co.uk/aisle-containment

www.chatsworthproducts.co.uk Middle East Sales Office +971-4-2602125

Just as no two data centres are the same, the solutionsneeded to keep your energy costs down are rarely thesame either. Whether you’re looking for free cooling orneed to support higher heat densities, Chatsworth Products, Inc. (CPI) can create the perfect Aisle Containment Solution for you. CPI’s stock of racks, cabinets, cable management and containment doorshave helped create some of the industry’s most innovative containment solutions from the floor up – literally. Now, with Aisle Containment Solutions that areunmatched on the custom market and sealing solutionsthat are proven to be 200% more efficient than any similar product, CPI is proud to introduce its new pre-engineered Aisle Containment System.

Features & Benefits• Available as either Hot or Cold Aisle Containment• Architectural aluminum sliding doors with auto-closing

mechanism• Designed for ease-of-assembly and maximum sealing

performance • Work with our application engineers to create unique

design solutions• Broadens air temperature envelope with 4x higher heat

and power densities