LENOVO AND GOOGLE: BRINGING ENTERPRISE-GRADE KUBERNETES TO THE DATA CENTER

Organizations have always considered time-to-market for their applications as a key success metric for their business. Every industry is aiming to accelerate and simplify application deployments, and containers have emerged as the fastest way to achieve this. Containers help developers package code and dependencies into a single object, enabling a build-once-and-run-anywhere approach, rather than spending precious cycles troubleshooting and trying to tailor software to each environment. Using containers not only helps accelerate application deployment, but also helps create a predictable and reliable strategy for bringing your applications to market. However, the buck doesn’t stop here. Similar to how an orchestration layer is needed for applications running on virtual machines, software is needed to deploy, manage and maintain your containerized applications. Kubernetes has become the de facto standard in the past couple of years to help manage containerized workloads.

After using containers to run internal workloads like Search, Gmail, Maps  and YouTube, Google open-sourced the Kubernetes project to enable customers to run their containerized workloads in production reliably. Google Cloud’s Anthos allows users to run their containerized applications without spending time on building, managing and operating Kubernetes clusters. Recent surveys show that nearly two-thirds of IT departments need an enterprise-grade Kubernetes deployment on-prem. Organizations want to avoid any heavy lifting involved in operating Kubernetes clusters, and are looking to get the same public-cloud like experience in their own data centers.

As recently announced at Google’s Next ’19, Lenovo, working with Google, has validated Google Cloud’s Anthos on Lenovo’s ThinkAgile Platform. This solution will enable Lenovo customers to get a consistent Kubernetes experience between Google Cloud and their on-premises environments. Users will be able to manage their Kubernetes clusters and enforce policy consistently across environments – either in the public cloud or on-premises. In addition, Anthos delivers a fully-integrated stack of hardened components, including OS and container runtimes that are tested and validated by Google, so customers can upgrade their clusters with confidence and minimize downtime.

This collaboration further strengthens Lenovo’s ability to be a complete on-premises and hybrid-cloud solution provider, including hybrid cloud deployments with Google Cloud. Google’s leadership in the open source ecosystem with projects like Kubernetes and Istio is helping bring the cloud-native ecosystem to Lenovo’s proven data center capabilities. Our goal is to enable agility for development and operations teams while reducing risk for customers’ most critical hybrid cloud workloads.

Source: https://www.lenovoxperience.com/newsDetail/283yi044hzgcdv7snkrmmx9ovwkeqasgj9ez69uwpslt01yb

FOR A FREE CONSULTATION, PLEASE FILL THIS FORM TO CONTACT US.

ON THE OCCASION OF WORLD ENVIRONMENT DAY, GALAXY PLANTED A THICKET OF 100 TREES FOR TRIBAL’S OF KORAPUT, ODISHA INDIA.

As a socially responsible organization, Galaxy always tried to give back to society and nature in whatever form possible. On the World Environment Day, we collaborated with “Grow-Trees”, a Social Enterprise helping to improve ecological balance in India, we have planted a thicket of 100 trees for Tribal’s of Koraput, Odisha India.

Grow Trees has planted more than 1.5 millions trees across India. Save the environment and plant trees for nature & wildlife.

SD-WAN – WHAT ENTERPRISE IT LEADERS NEED TO KNOW

As part of rapid evolution, more and more enterprises are adopting new technologies, moving their data and applications to cloud platforms and establishing critical business resources to be accessible anytime, anywhere via direct internet connections. As this happens, there is a huge demand for businesses to change their WAN architectures and adopt a smarter network that that can simplify the interconnection for any user, from any location, via any device over any deployment, while ensuring security and reliability.

Software-defined WAN has been proving to be a game-changer as it uses software-defined networking concepts to let IT work smarter, faster and at lower costs!

Traditional vs. Smart Networking

Traditional WANs use expensive connections such as leased line and Multiprotocol Label Switching (MPLS) that are incompatible with the cloud-centric and mobile-first modern enterprises. It requires huge infrastructure and manual programming to connect disparate complex networks. This is a very expensive, time consuming and error prone process.

SD WAN greatly simplifies the process by automatically determining the most effective way to route traffic across disparate offices and data centre sites by using business defined rules from a central management portal. It comes with the promise of Agility, Flexibility and Security, all of which come at an overall reduced networking and infrastructure cost.

In the marvelous world of digital, enterprises are in a constant hunt for all the infinity stones – The Internet, The Cloud, Artificial Intelligence, Machine Learning, Internet of Things and Software Defined Networks – to become invincible – Agile, Flexible, Fast and Software Defined – and seek success in the race to digital. Although the analogy may sound cinematic, for networking teams its true to life.

Enterprises have well realized the fact that to invade the digital world further, they first need to secure and upgrade the only portal – The Network – which connects both worlds together. In doing so, enterprises are already going through a drastic change in infrastructure, business models, and functions. IT’s are turning dynamic, and no more they work under silos. The real challenge for IT today is to protect and prevent the only portal – The Network – from unknown and known alien attacks – Cyberthreats. It’s an uphill battle which keeps networking teams on their toes all the time. Like any other powerful defense mechanism, the guardians of this portal  – the networking teams – are well equipped and evolving their arsenal. And, topping the – armory list for network engineers, is Network Segmentation. By segmenting enterprise networks, networking teams confine the impacts of well planned attacks within limited zones.  It prevents attackers to delve deeper into the network.

The network is the reality of the world of digital – and is no less than an infinity stone. The advance Network mechanism of the digital world is nothing but a mesh of Software Defined and Traditional Networks working in sync with the cloud. And segmenting such advance networking mechanism, well poised with high tech solutions, requires a comprehensive strategy. As a result, in today’s ever evolving networking paradigm, networking teams find themselves amidst a chaotic din in order to manage all the infinity stones-  too many high tech solutions and services.

NETWORK – THE REALITY STONE

Connectivity is the bedrock of the digital world. Carrying one of the crucial resources – Data and Information  – of both worlds, networks today play a huge role in life and business. Data and information of all sort generated by – Citizens, Governments, and Businesses – the digital world is all over the network. And, each body – Citizens, Businesses and Governments- is responsible to protect information and data which are confidential. For example, your office  laptop’s password for bank accounts, customer ID, Password etc. For enterprises protecting data and information is not as simple as how you protect your personal data and information on devices, and on different networks.

For enterprise business, employee’s data, stakeholder’s data and most importantly customer’s data, makes networks much more accountable to carry, prevent, and protect data. And just when the networking world clamored for next generation network architecture, SDN emerged as a boon. The flexibility, operational simplicity, the ability to defend next-gen threats, and the option to address digital traffic (workloads) within a definite cloud based virtual environment.

To manage and monitor networks carrying data and information of all sorts globally requires high level of visibility and reduced complexity. Modern network architectures (SDN and Cloud based) help networking teams to segment network at micro level. Centralized management and monitoring, backed with intent based networks driven by policies and other next gen networking solutions – like NFV, AI, ML, Containers, Dockers, Kubernetes – make networks – The Portal – powerful  enough to meet the demands of today and the future needs of the digital world.

WITH POWER COMES RESPONSIBILITY AND …

Too many integrated network solutions and services in today’s dynamic IT environment are making it difficult for networking teams to manage and monitor networks. The sheer size of networks, new technology additions in the IT tech stack, collaboration with different other functions (DevOps, Security, Management and Monitoring teams) and the new norm of BYOD among employees over the years has catered in making managing and monitoring networks tough for IT.

No doubt, with a power like SDN and other infinity stones – next-gen technologies – comes responsibility- to address the rising complexity securely, following a comprehensive management and monitoring strategy. Visibility is the first challenge which comes to mind when talking about complexity. It’s one of IT’s top most priority today.

Overall network visibility, in form of analytics and insights is one of top most priority for enterprise networking teams. It’s obvious because one must be able to see – devices, users and applications – in order to discover, act and implement security measures.

A MICROSCOPIC VIEW OF SEGMENTED NETWORKS

End to end network visibility is one of the major network management challenges networking teams face today. For dynamic IT teams, effective network management starts with empowering networking teams with powerful monitoring and analytics capabilities.  90% of enterprise network teams indicated that they need an end-to-end management environment that covers WAN networking.

Today’s enterprise networks are subjected to meet sudden business changes and requirements. In doing so, networks become vulnerable. Ever evolving traffic patterns of the cloud era, demands more focus on network security. Not so surprisingly, Gartner highlights a rise in security investments for cyber/information security by 55%. And as security measures proliferate, network segmentation hits a new radar in the IT security tech stack.

In most enterprises, network segmentation is used with a perimeter firewall. In addition, Intrusion Prevention System (IPS), Advanced Threat Prevention (ATP) is applied to guard the network perimeter. vLANs and vRFs are two most common types of network segmentation methods used by networking teams. VLANs provide only site-specific segmentation and on the other hand VRFs are used for complex wider deployments. Regardless of the technologies chosen for network segmentation and segregation, there are five common themes for best practice implementations:

• Enterprises today require just more than traditional firewall and security measures. Host and network should be segmented at a granular level (application and user level), for example segregating data link layer as well as application layer. Measures should be applied to the host and overall network for seamless management and monitoring.
• Don’t allow the host, network or service communicate with other host, service or network if not needed. If communication needs to be achieved, with other host, service or network using a specific protocol or port, it should be restricted. Using principles of need-to-know and least privilege will help you minimise user privileges and significantly beef up security in dynamic IT ecosystems.
• Separate business critical operations (Networks, Application and users) based on security requirements, and based on the requirements of host or network. Isolate the out of band management networks, and separate management of critical networks in particular.
• Authorise, authenticate and identify all users to all other end points for all connections. Ensure access for all users, hosts, and services to all, except those with specific requirements to perform designated functions and duties. Disable all legacy and local services to avoid poor identification, authentication and authorization services.
• Avoid blacklisting, implement white-listing of network traffic. Allow access only for known good network traffic instead denying access to bad network traffic. By implementing white-listing, you will not only ensure bespoke security policy to blacklisting but it will also help you to significantly improve ability of your networking teams to detect, discover, and act on possible network attacks.

SD-WAN today is responsible to redux innovation in 21^st century networking. Thanks to SD-WAN, networking is scalable, flexible, fast and measurable. Its no more hardware centric. Whether Cloud, new technologies or any other custom networking solution, with SD-WAN enterprises today has the answers to the rising challenges of the new network paradigm – Bandwidth, Cloud Services, applications, user expectations, network visibility and most importantly security.

At Lavelle Networks, our solution ScaleAON allows networking teams to create network segments with Zero errors. Assisted visual aids in the user interface, which allows to create VPN or WAN topology without a single line of actual network interface configuration. ScaleAOn simplifies the configuration and management of network segregation making segmenting of network traffic seamless and scalable.

Source: https://lavellenetworks.com/blog/network-segmentation-best-practices-to-secure-the-portal/

FOR A FREE CONSULTATION, PLEASE FILL THIS FORM TO CONTACT US.

Distractions are the enemy of innovation. In order to be truly innovative, you first need a level of mastery in a given craft, so you can effortlessly command it whenever it’s needed. But no matter how precise a skill set or tool, if you’re distracted with tedious though necessary tasks, it’s easy to lose sight of the big picture.

But what if those tasks were no longer distractions? You could change the world.

Some of the most innovative minds simply removed dull decisions from their days so they could focus on the issues at hand. Albert Einstein, Mark Zuckerberg, and Steve Jobs, for example, all chose to wear the same clothes every day to eliminate a mundane chore. With their relentless precision, those three changed our understanding of the universe and how we communicate with each other.

Similarly, Robotic Process Automation (RPA) removes repetitive functions so a workforce can focus on what they do best rather than on monotonous tasks. As workers concentrate on more complex processes that require human decision-making, their understanding deepens and their expertise grows, empowering them to improve your business, transform, and stay ahead.

WHAT TYPES OF TASKS SHOULD BE AUTOMATED?

When you start implementing RPA into your existing workflow, it’s important to be on the lookout for business processes that are redundant or unnecessarily complex — for example, a procure-to-pay workflow. Many of these tasks don’t necessarily require a high degree of skill and can easily be simplified.

For example, you can set up one bot to retrieve invoices from either a portal or an inbox, while another detects differences between invoices and purchase orders. Add a bot to verify tax amounts, because who wants to make a mistake there? Bots could also route invoices for approval and automatically provide proof of delivery receipts.

And that’s only one workflow.

GOVERNANCE — AN ESSENTIAL INGREDIENT

A center of excellence (CoE) is an absolute necessity when implementing RPA policies, overseeing the design of bots, and assessing implementation. Business leaders can use a CoE to create automation guidelines, identify best practices, and deploy bots. Automating processes without the right planning can quickly go wrong, so a CoE is a critical element in a company’s growth.

A CoE also governs bot maintenance, compliance, and identification of new tasks that can be automated. As your organization starts to see improved efficiency and innovates how the business is run, it’s common to expand what’s automated. That’s when an automation CoE really comes into play.

RPA MAXIMIZES YOUR RETURN

RPA buys your employees time to think of new ways to improve your business. With fewer distractions, your workforce can hone the tools at their disposal and dive deep into any assignment with laser focus. As workers fully engross themselves in their work, innovations will present themselves, changing the entire way you do business.

Our Bot Store makes it easy for you to design or deploy premade software bots and Digital Workers to automate individual or manual tasks and integrate key aspects of legacy systems. And, when combining decision-making cognitive capabilities with artificial intelligence (AI)-enabled bots, you can easily facilitate all of your systems talking to one another.

Spark innovation and jump-start your automation journey with RPA.

Source: https://www.automationanywhere.com/in/blog/changing-the-world-with-automation/use-ai-to-simplify

FOR A FREE CONSULTATION, PLEASE FILL THIS FORM TO CONTACT US.

CHALLENGES OF A DIGITAL WORKSPACE

As the digital workspace continues to transform entire industries, companies are able to adapt to new ways of connecting — to employees and information. Now the digital workspace is expanding to include new technologies like artificial intelligence (AI), which is emerging as the next best way to secure information, handle growing complex threats, and evolve productivity tools. Despite all of the conversations about the digital workspace, it remains challenging for IT leaders to plan for the changes required to make the digital workspace a reality. Many of the skills, tools, and processes used today are based on 20-year-old, PC-based technology. A new approach is needed to make a digital workspace strategy successful.

FROM DEVICE MANAGEMENT TO EMPLOYEE EMPOWERMENT

The requirements for a digital workspace solution start with the employees. This is the most fundamental shift in IT planning and, though simple in concept, requires a different way of thinking and the development of new skills. While yesterday’s tools and processes revolved around devices, they missed the critical connection of how an individual employee moves between devices throughout their workday.

To capture the complete experience, IT must consider:

• How do employees learn about new applications?
• How intuitive is the process when using the app for the first time?
• Is the process different depending on the device or location?
• Does the app require access to other apps or services, like cameras or local files?
• When changes are made to the app, does it improve or hurt its usage and adoption?
• Is the application or its data stored in a public cloud or on-premises?

In a consumer world, app developers are constantly sweating over these design details because adoption is their #1 goal. Now IT can partner with their lines of business to make tool and service adoption their #1 goal as well.

5 CRITICAL REQUIREMENTS FOR A DIGITAL WORKSPACE

The details underlying each requirement will be unique to your business or organization, but each requirement must be met.

The 5 critical requirements identified are as follows. Let’s take closer look –

1) Putting Employee Experience First

Building a strong design culture around the employee experience is critical to meet the demands of the business, as well as the ability to secure corporate data. If lines of business, teams, and individuals believe that IT gets in the way and slows them down, employees will avoid adopting the tools and services designed to protect them. IT must put themselves in a position to design and deliver the productivity experiences employees will use. This takes into account the devices and form factors employees use throughout the day, the locations from which they need to work, as well as providing a level of flexibility and choice that will keep up with the demands of employees and departments.

2) Delivery of Applications —Anytime, Anywhere

The next critical requirement is the ability to deliver any application through the digital workspace experience. “Any application, anytime, anywhere” is a big ask. It doesn’t just mean the latest mobile app on an Android or Apple device, but the 12-year-old Windows app, internally developed Java-based apps that no longer have an internal owner, or the old Excel app with macros that don’t work in recent versions of the program. It also means web apps delivered internally through complex and ever-changing VPN tools, or SaaS apps accessible from anywhere, but with passwords no one can remember.

To transform Windows delivery, applications must be portable across device types, locations, and ownership models.

3) Device Management

Device management is based on the now universal trend that modern operating systems need to be updated on demand, anywhere, from the cloud, in an effort to manage billions of devices at scale and ensure application compatibility for developers. To allow enterprise organizations to effectively manage the experience and security policies of devices, device management APIs, that potentially expose hundreds of policy options and context data for each operating system, have been exposed through device management tools. Device management has been extended to every device operating system: Windows, Mac, Chrome, Android, iOS, and flavors of embedded Linux. There is no question that, in the near future, every enterprise-managed or personally owned device accessing corporate data will be connected to a management platform.

The question is, when? Many organizations have heavily invested in years of tools, skills, and processes revolving around domain and image-based management of PCs and Macs. We believe device management is a necessary requirement for the digital workspace. Device management helps secure access management so there is only one app and one place to go. It also ensures unified endpoint management for a consistently great user experience that is also highly secure.

In the near future, every enterprise-managed or personal device accessing corporate data will be connected to a management platform.

4) Manage Experience and Security

You might have noticed a pattern here. Each of these requirements builds on the one before. Start with the employee and the ability to design a complete experience that extends across all their devices and locations. Then ensure that all their apps are accounted for, and leverage modern device management to make sure you have the ability to deliver and protect those apps across all endpoints and locations.

However, IT can’t proactively drive successful experiences if they can’t measure the adoption of these experiences. This is where insights come in. IT has never been in an ideal position to track the adoption and usage of applications across devices. True insights from data are gained from the ability to spot patterns and trends, identify potential gaps in experience or security, and make recommendations for change.

5) Automate to Succeed at Any Scale

To handle the scale of a digital workspace, automation is critical, whether onboarding a new employee or device, deploying apps, serving up patches and updates, or automating remediation steps to assure an employee’s device is compliant with policy.

These all must be achieved without generating tickets that require administrators or application owners to take manual actions. Automation assures that operational costs are minimized, and removes gaps that could result from inconsistently applying security policies or leaving devices in noncompliant states for too long.

THE DIGITAL WORKSPACE IS HERE TO STAY

Implementing and maintaining an employee-focused digital workspace is critical to supporting new business initiatives and fostering better ways to connect people with data. IT leaders need to lead the charge toward a more efficient, user friendly, and secure digital environment.

FOR A FREE CONSULTATION, PLEASE FILL THIS FORM TO CONTACT US.

Data loss prevention (DLP) solutions are growing in popularity as enterprises look for ways to reduce the risk of sensitive data leaking outside the company. According to an estimate by 2020, 90% of organizations will have implemented at least one form of integrated DLP, up from 50% in 2016. A DLP solution relies on several core technologies that enable its engine to accurately identify the sensitive data that enterprises need to secure and take remediation action to prevent incidents.

IDENTIFY AND CLASSIFY SENSITIVE DATA

The priority in any successful data security strategy should be to understand the sensitivity of your data and it’s location – be it in databases, cloud, file shares, or all of the above – and then to conclude whether or not this data requires protection and how much if it does. Classification of data (Popularly known as data classification) helps by discovering the data first, regardless of its location. It then puts data into relevant buckets of categories, based on various factors such as sensitivity, size, and other factors and creates important policies that regulate, assign and restricts access to this data, and how they can use it. Data classification can help companies immensely in meeting the regulation mandates such as PCI DSS and GDPR. It also helps in protecting intellectual property.

UNDERSTAND DIFFERENT TYPES OF THREATS

Many DLP solutions do not have the ability to understand external threats that put data at risk, they mainly focus on accidental data leakage (The insider threat). The tools that you choose for security must be reactive and have knowledge of external threats such as malware and brute force attacks. High-end DLP solutions are equipped with tools that can identify any external attackers that try to steal credentials and enter the network under the guise of an employee. Threat intelligence is very important in understanding the type of attack. In a scenario where a hacker corrupts an admin’s account – a smart and complete solution will block the admin from moving data or at least encrypt it, based on their unusual behaviors or where they have logged in from. Many security products claim to protect data but are not dynamic and contextually aware of such threats.

SAFETY MEASURES FOR THE ACCIDENTAL INSIDER THREAT

Even with data classification and access controls in place, employees present a great risk to internal data. It is imperative for the IT teams to audit the employees on the level of risk that they present to company data. Some employees will present a greater risk than others. For example, Employees in the finance department may make a tempting target for cybercriminals due to the lucrative data that they process. Employees, on the other hand, with network administrator credentials pose a far higher risk than those with local user access. It is important to understand which employees present a higher risk to data and then to tailor defenses accordingly. In such a manner IT teams can dramatically reduce the threat associated with insiders.

DIVERSIFY BACKUPS

Having more than one backup is always a good practice. 3-2-1 is the golden thumb rule. In this system, the company should have 3 backups of anything that’s very important. They should use at least two different formats for backups, such as on a hard drive or in the cloud. An offsite backup is imperative in case there is damage to your physical office.

ENCRYPT SENSITIVE DATA

Organizations should invest in a backup system or service that automatically encrypts all backups to ensure that sensitive data cannot be accessed by unauthorized persons under any circumstances.

FOR A FREE CONSULTATION, PLEASE CONTACT US.