IBM Taps Cisco Tech for New Managed Private Cloud Service

Virtualization Review | January 27, 2020

IBM announced a new fully managed private cloud service based on Cisco's Unified Computing System (UCS), which combines datacenter server hardware, virtualization support, switching fabric, storage access and management software. Cisco UCS will power the new Managed Private Cloud-as-a-Service that runs on industry-standard, x86-architecture servers in two distinct flavors based on the choice of virtualization tech. VMware, the traditional flagship offering from the virtualization kingpin .RedHat OpenShift, an open source container application platform based on the Kubernetes container orchestrator for enterprise software development and deployment.

Spotlight

This section provides a high-level overview of the Certified hyperconverged infrastructure (HCI) for SAP HANA using the Cisco HyperFlex solution for production environment SAP landscapes frequently are deployed on virtualization platforms, most often using virtualized application servers. In recent years, SAP has been encouraging its customers to migrate to SAP’s own database platform of the future: SAP HANA. SAP HANA databases can be deployed on virtual servers or on physical machines. With the launch of the Cisco HyperFlex™ system, Cisco offers a low-cost, easy-to-deploy, high-performance hyperconverged virtual server platform that is an excellent solution for SAP landscapes.


Other News
VMWARE

CISA recommends VMware, F5 patches. Liquidity mining fraud. Strapi issues patched. TDI clarifies data incident.

CISA | May 20, 2022

VMware yesterday addressed issues in several of its products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. That these are more significant than the ordinary run of patches may be seen by the way the US Cybersecurity and Infrastructure Security Agency (CISA) has discussed them. Alert (AA22-138B), "Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control" warns that "malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination." The Alert adds, "CISA expects malicious cyber actors to quickly develop a capability to exploit newly released vulnerabilities CVE-2022-22972 and CVE-2022-22973 in the same impacted VMware products. In response, CISA has released, Emergency Directive (ED) 22-03 Mitigate VMware Vulnerabilities, which requires emergency action from Federal Civilian Executive Branch agencies to either immediately implement the updates in VMware Security Advisory VMSA-2022-0014 or remove the affected software from their network until the updates can be applied." US Federal civilian agencies have until next Monday to identify and remediate the issues, and they're required to report completion no later than Tuesday. Fraudulent liquidity mining. Sophos describes the way the threat of fraudulent liquidity mining is shaping up in decentralized finance systems. "Legitimate liquidity mining exists to make it possible for decentralized finance (DeFi) networks to automatically process digital currency trades," Sophos explains, and criminals are using social engineering to abuse such systems to defraud cryptocurrency investors of their holdings. More loosely regulated than conventional cryptocurrency exchanges, which use market makers and seek to ensure that sufficient reserves are on hand to back trades, DeFi exchanges use Automated Market Makers (AMMs). Sophos explains that "Smart contracts built into the DeFi network have to rapidly determine the relative value of the currencies being exchanged and execute the trade. Since there is no centralized pool of crypto for these distributed exchanges to pull from to complete trades, they rely on crowdsourcing to provide the pool of cryptocurrency capital required to complete a trade—a liquidity pool." Liquidity pool tokens, ("LP tokens") are used to represent the portion of the liquidity pool an investor contributed. But unethical DeFi operators can cancel the tokens (or simply not create a pool to back them in the first place), and this, Sophos observes, offers "ample opportunity for digital Ponzi schemes, fraudulent tokens, and flat-out theft." CMS vulnerabilities disclosed and patched. The Synopsys Cybersecurity Research Center (CyRC) has identified two vulnerabilities in Strapi. Strapi is an open-source headless content management system (CMS) Javascript software that enables developers to quickly design and build content-rich APIs. Both vulnerabilities involve authenticated users with access to the Strapi admin panel having access to private and sensitive data, such as email and password reset tokens. The first vulnerability allows for the authenticated user to view private and sensitive data for other admin panel users that have a relationship with content accessible to the authenticated user. The second vulnerability allows for the authenticated user to view private and sensitive data for API users if content types accessible to the authenticated user contains relationships to API users. The vulnerabilities are fixed in newer, updated versions of Strapi, and Synopsys has commended Strapi for its quick response to the discovery. Texas Department of Insurance clarifies facts surrounding its data incident. The Texas Department of Insurance (TDI) has sent around a fact sheet that clarifies a data incident the agency sustained earlier this year: "In January 2022, TDI found the issue was due to a programming code error that allowed internet access to a protected area of the application. TDI promptly disconnected the web application from the internet. After correcting the programming code, TDI placed the web application back online. The forensic investigation could not conclusively rule out that certain information on the web application was accessed outside of TDI. This does not mean all the information was viewed by people outside TDI. Because we couldn't rule out access, we took steps to notify those who may have been affected." While data could have been accessed by unauthorized personnel, TDI has investigated and found that, "There is no evidence to date that there was a misuse of information."

Read More

VIRTUAL DESKTOP TOOLS

O-RAN ALLIANCE Announces Its June 2022 Industry Summit, Progress of Its Global PlugFest Spring 2022 and a New Set of O-RAN Demos

O-RAN ALLIANCE | June 10, 2022

The O-RAN ALLIANCE invites all interested public to join its next industry summit to be held on June 29, 2022, as an open virtual event. The 2.5-hour session will bring: Latest updates from the O-RAN ALLIANCE leadership Updates from the O-RAN ecosystem on RAN openness, intelligence, cloudification, and testing and integration Live panel discussion: Accelerating industry adoption for large-scale commercialization For more details and to join the event, please visit www.o-ran.org/events. O-RAN Global PlugFest Spring 2022 in Progress O-RAN ALLIANCE has been sponsoring its global PlugFests to enable efficient testing and integration for the O-RAN ecosystem. O-RAN Global PlugFest Spring 2022, first of the two PlugFests planned for this year, has been progressing at 3 venues: Auray OTIC and Security Lab is hosting 21 participants: Alpha Networks, Askey Computer, Calnex Solutions, Foxconn, Institute for Information Industry, Inventec, IP Infusion, ITRI, JPC connectivity, Keysight Technologies, Lions Technology, LITEON, MICAS, NKG, Pegatron, QCT, REIGN Technology, Rohde & Schwarz, Sageran, VIAVI Solutions and WNC. Telefonica, at European OTIC in Madrid, is hosting 6 participants: ADVA Optical Networking, Juniper Networks, Keysight Technologies, Precision Optical Transceivers, Ribbon and VIAVI Solutions. AT&T and DISH are hosting participants including Analog Devices, Anritsu, Calnex Solutions, Cisco, Fujitsu, HCL, IP Infusion, ITRI, Juniper Networks, Keysight Technologies, META, NSF ARA: Living Wireless Lab, NSF PAWR: AERPAW, NSF PAWR: Colosseum, PHYTunes, Rohde & Schwarz, VIAVI Solutions, VMware and Wind River; with assistance from AT&T Lab, NSF PAWR: COSMOS Lab, NSF PAWR: POWDER Lab and University of New Hampshire Interoperability Lab. All venues aim to conclude the spring PlugFest by end of June 2022. 23 new demos of O-RAN technology at the O-RAN Virtual Exhibition O-RAN ALLIANCE member companies have been progressing with their O-RAN based implementations. Latest demonstrations will soon be available at the O-RAN Virtual Exhibition. Newly added Intelligent RAN control demonstrations include: AirHop and VMware demonstrate how automation and programmability efficiently detect and remediate PCI collisions/confusions to optimize RAN performance. The proposal is a solution to current RAN frequency planning, conflict mitigation and optimization methods which are costly and time-consuming, slowing deployment of new services and decreasing performance of existing ones. Cellwize and VMware demonstrate how to bring programmability to any type of RAN deployment, including purpose-built RANs. As an example, we demonstrate how Cellwize’s rApp onboarded on VMware Centralized RIC optimizes EN-DC anchoring to maximize spectral usage in purpose-built RANs; leading to monetizable gains in performance. China Mobile and Lenovo demonstrate how video experience can be optimized using an xApp to predict the available bandwidth for a UE using the RIC and radio information reported over the E2 from the network and providing this predicted bandwidth to the Application Provider to adjust and optimize the video bitrate. Cohere and VMware demonstrate how using RAN programmability, operators can double mobile bandwidth without any changes to antennas, radio or devices. Using Cohere’s Spectrum Multiplier xApp powered by VMware Distributed RIC, now Services Providers can activate broadband in rural areas while avoiding costly changes in handsets or infrastructure. GDCNi demonstrates its RF product with high/middle/low transceiver power, performing interoperability testing with other vendors. GDCNi has rich RAN industrial experience and provides private RAN solutions for coal mines, ports, intelligent manufacturing, agriculture, and transportation, and helps to enrich the O-RAN ecosystem. Intel demonstrates SLA assurance demonstration with AI/ML-powered Network Slice Radio Resource Manager (NSRRM) xApp in an O-RAN RIC integrated with an Open, virtualized RAN. This demo shows operators the viability of offering revenue-generating business models with optimal radio resources. Polte and VMware demonstrate how to leverage RAN programmability to deliver precise sub-meter UE positioning. Using cellular as prime technology (as opposed to GPS or Wi-Fi), Polte’s xApp powered by VMware’s Near Real-time RIC offers global location indoors/outdoors, while lowering cost and extending battery life of the IoT asset tracker. Rimedo Labs demonstrates the complete integration of the Traffic Steering xApp into the open-source SD-RAN Near-Real-Time RIC from ONF. The solution highlights the opportunities to control the xApp via the policies through the A1 interface as defined by the O-RAN ALLIANCE, which enables manipulation of the behavior of the corresponding RRM algorithm based on the current strategy coming from the SMO. Newly added Open RAN demonstrations include: ArrayComm demonstrates its 5G Distributed Small Cell in a 5G SA E2E network showing its high performance and stability testing with measured downlink and uplink throughputs. It includes white box O-DU, Fronthaul Gateway, and O-RU. The O-DU is a single box built with NXP LX2160A and LA1201 SoC. ArrayComm demonstrates its 5G Distributed Small Cell on a Marvell platform consisting of a Marvell CNF95O virtualized O-DU card combined with x86/Arm server, Fronthaul Gateway, and O-RU. This platform can be widely used in the capacity coverage improvement scenarios, and also can be easily deployed as distributed RAN or cloud RAN. China Mobile and Lenovo demonstrate a CaaS platform, which followed O-Cloud specs, and pico gNB BBU respectively to form a joint test solution. Hardware construction has been completed; the first call was made in June. 5G performance will be tested in a E2E environment in next stage. Comba showcases Open RAN Multi-band Remote Radio Unit with advanced technology that maintains a low power consumption level and better receiver sensitivity. The small form factor and improved Mean Time Before Failure performance contributes to optimized installation and maintenance cost. These features facilitate fronthaul integration with O-DU partners. Foxconn, Auray and Calnex demonstrate O-RAN S-Plane Performance Testing with Foxconn’s O-RU in Auray OTIC and Security lab with Calnex’s Paragon-neo. O-RAN.WG4.CONF.0 has recommended the S-Plane performance test and functional test to be mandatory for O-RU S-plane testing and therefore mandatory for O-RAN/OTIC O-RU Badging. Intel, Capgemini, AWS and others demonstrate a unified view of end-to-end 5G service orchestration from the network edge to the cloud. Demo highlights agility using service orchestration to support dynamic network slicing for new business and service capabilities - allowing continuous delivery of new services and features. It also demonstrates O-RAN Fronthaul (xRAN) Test as defined by O-RAN ALLIANCE, using a sample application created to execute test scenarios with features of the xRAN library and test external API. IS-Wireless showcases a Multi MNO scenario supported in the form of a Neutral Host. The end-to-end Open RAN network is deployable on any cloud in an automated manner as containers and supports both Open Fronthaul Split 7.2x and 3GPP split 2. LITEON demonstrates FlexFi indoor small cell system based on open interfaces (e.g. Open Fronthaul Interface) enabling a cost effective deployment at large scale. And we also demonstrate an O-RAN based intelligent RAN management and control solution-LiteNetics. In this Proof of Concept, we verified manage gNB via the Radio Intelligent Controller (RIC) with O1 interfaces. LITEON provides 5G products that meet customer needs. MICAS demonstrates two O-RAN Radio Unit solutions, with one sub-6 GHz indoor small cell and one mmW small cell. Both solutions feature O-RAN's open fronthaul interface technology and enable cost-effective large-scale deployment. Pegatron, Auray and Calnex demonstrate O-RAN Fronthaul Latency Testing with Pegatron’s O-DU/O-CU in Auray OTIC and Security lab with Calnex’s Paragon-X in network emulation mode. O-RAN.TIFG.E2E-Test.0 has recommended the xHaul latency to be mandatory for O-RAN E2E testing and therefore mandatory for O-RAN/OTIC Badging. Rohde & Schwarz and VIAVI Solutions jointly demonstrate O-RAN open fronthaul (OFH) conformance and 3GPP pre-conformance validation of a Foxconn O-RU at Auray Lab. The Foxconn O-RU is validated by VIAVI’s automated TM500 O-RU tester with R&S SMW200A vector signal generator, R&S FSVA3000 spectrum analyzer and the R&S VSE signal analysis software. The demonstration highlights a progressive test plan including functional, interoperability, conformance and performance testing, with a single point of control for the entire testbed. Spirent demonstrates its end-to-end Open RAN test solution enabling the ability to accomplish functional, interoperability, performance, and compliance testing with either a real or emulated UE. This demo walks through the architecture of the solution and gives an overview of the interface, reporting, and capabilities. Spirent demonstrates a flexible, scalable, high-performance solution for comprehensively testing the CU for compliance, functionality, performance, and capacity. This demo walks through the architecture and presents an overview of the interface, reporting, and capabilities through running a test in 5G SA mode (NSA is also available). Spirent demonstrates how O-DU is tested with multiple emulated O-RU to verify function, reliability of O-DU & test delay in fronthaul networks. A challenge for O-RAN is long-duration reliability testing. Streamblocks are usually sent once in 5G fronthaul testing. Spirent solution sends continuous traffic to emulate real-world network traffic. Deploying a complete Open vRAN network is a daunting task. VMware and Altiostar demonstrate how to greatly reduce this effort by combining the automation capabilities of Altiostar EMS and VMware Telco Cloud Platform RAN over Intel FlexRAN TM architecture. About O-RAN ALLIANCE The O-RAN ALLIANCE is a world-wide community of more than 300 mobile operators, vendors, and research & academic institutions operating in the Radio Access Network (RAN) industry. As the RAN is an essential part of any mobile network, the O-RAN ALLIANCE’s mission is to re-shape the industry towards more intelligent, open, virtualized and fully interoperable mobile networks. The new O-RAN specifications enable a more competitive and vibrant RAN supplier ecosystem with faster innovation to improve user experience. O-RAN based mobile networks at the same time improve the efficiency of RAN deployments as well as operations by the mobile operators. To achieve this, the O-RAN ALLIANCE publishes new RAN specifications, releases open software for the RAN, and supports its members in integration and testing of their implementations.

Read More

VMWARE

VMware and Wipro Expand Partnership to Power Customers’ Digital Transformation

VMware | May 09, 2022

VMware, Inc. and Wipro Limited announced an expanded collaboration that will enable customers to achieve the cloud freedom they desire with the enterprise control they require as they execute their digital strategies. The companies are bringing together the power of VMware Cross-Cloud™ services with industry-leading Wipro FullStride Cloud Services to help global enterprises accelerate app modernization and reduce the cost, complexity, and risk of moving to the cloud Multi-cloud architectures can accelerate service delivery and give lines of business and IT the flexibility to innovate using the best services from different cloud providers, without lock-in. Multi-cloud also comes with inherent complexity that can slow down application development, increase management costs, create networking and security blind spots, and produce sub-par user experiences. VMware and Wipro are collaborating to help eliminate the complexity and risk inherent in customers’ multi-cloud initiatives. Wipro will offer a full portfolio of digital transformation services that includes VMware Cross-Cloud services across the Americas, Europe, Middle East, Africa, and Asia Pacific. “Digital transformation and multi-cloud are inseparable concepts, requiring that industry leaders such as VMware and Wipro bring together our collective strengths to help make multi-cloud as easy to adopt and manage as possible,” said Zia Yusuf, Senior Vice President, Strategic Ecosystem And Industry Solutions, VMware. “Together, VMware and Wipro are providing enterprises the solutions and services they need to harness the power of multi-cloud to achieve value from technology investments faster, compete more effectively, and operate their businesses more efficiently and securely.” The innovative solutions we have created with VMware enable enterprises to accelerate the development and deployment of modern apps while dramatically simplifying the management of a multi-cloud infrastructure. This strategic partnership will help customers accelerate innovation and drive agility and scale, which makes it an exciting proposition for leading enterprises.” Jason Eichenholz, Senior Vice President, Global Head of Ecosystems & Partnerships, Wipro Limited About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. About Wipro Limited Wipro Limited is a leading global information technology, consulting, and business process services company. We harness the power of cognitive computing, hyper-automation, robotics, cloud, analytics, and emerging technologies to help our clients adapt to the digital world and make them successful. A company recognized globally for its comprehensive portfolio of services, strong commitment to sustainability and good corporate citizenship, we have over 240,000 dedicated employees serving clients across six continents. Together, we discover ideas and connect the dots to build a better and a bold new future.

Read More

SERVER VIRTUALIZATION

Beyond Identity Expands Integrations With Leading SSO Providers

Beyond Identity | April 18, 2022

Invisible, unphishable multi-factor authentication (MFA) provider Beyond Identity today announced integrations with additional single sign-on (SSO) solutions from CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware to accelerate enterprise and higher education adoption of completely passwordless MFA. These new integrations – which come on the heels of Beyond Identity announcing $100 million in Series C funding – further expand the industry’s most extensive ecosystem of identity and SSO providers committed to the advancement of passwordless MFA. Passwords remain the most vulnerable link in the authentication chain and are involved in 80% of data breaches. Passwords are a compromised authentication method and an initial attack vector for ransomware and account takeover attacks. Adversaries employ phishing techniques to steal credentials or simply purchase previously stolen passwords to gain access. Recent high-profile security breaches, such as TransUnion South Africa, further underscore the fact that passwords are the root cause of cyberattacks. The prevailing assumption is that MFA will protect organizations from password-based attacks. Unfortunately, attackers are easily bypassing existing MFA solutions at scale. To shore up the federal government’s cybersecurity defenses and deliver on President Biden’s Executive Order on Cybersecurity, the Office of Management and Budget (OMB) recently released a Zero Trust Architecture Strategy that requires agencies to stop using easily phishable MFA, including push notifications, one-time passwords over SMS, and voice-based systems. “Strong authentication” is a foundational component of any zero trust strategy, and the U.S. government now requires “passwordless MFA.” “Beyond Identity’s approach aligns with the OMB’s recent guidance: passwordless MFA with no phishable factors,” said Kurt Johnson, Vice President of Strategy and Business Development at Beyond Identity. “We are thrilled to welcome cybersecurity leaders CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware into our technology ecosystem. We look forward to bringing secure and frictionless MFA to these important solutions with our Secure Work product that transforms the user experience while significantly bolstering defenses.” Secure Work, one of three products built on Beyond Identity’s cloud-native platform, safeguards an organization’s SaaS apps, cloud resources, and critical data by eliminating passwords and restricting access to authorized and secure devices. It empowers zero trust by cryptographically binding a user’s identity to their devices with proven public/private key technology. The solution ensures every device has the correct security settings and required security software running at the time of login – before granting access. Beyond Identity’s advanced authenticator collects dozens of device security posture checks at the time of login. These granular security attributes can then be used to enforce security policies and stop risky users and devices from authenticating, protecting all critical resources. About Beyond Identity Beyond Identity is fundamentally changing how the world logs in with a groundbreaking invisible, unphishable MFA platform that provides the most secure and frictionless authentication on the planet. We stop ransomware and account takeover attacks in their tracks and dramatically improve the user experience. Beyond Identity’s state-of-the-art platform eliminates passwords and other phishable factors, enabling organizations to confidently validate users’ identities. The solution ensures users log in from authorized devices, and that every device meets the security policy requirements during login and continuously after that. Our revolutionary approach empowers zero trust by cryptographically binding the user’s identity to their devices and analyzing hundreds of risk signals on an ongoing basis. The company’s advanced risk policy engine enables organizations to implement foundationally secure authentication and utilize risk signals for protection, rather than just for detection and response.

Read More

Spotlight

This section provides a high-level overview of the Certified hyperconverged infrastructure (HCI) for SAP HANA using the Cisco HyperFlex solution for production environment SAP landscapes frequently are deployed on virtualization platforms, most often using virtualized application servers. In recent years, SAP has been encouraging its customers to migrate to SAP’s own database platform of the future: SAP HANA. SAP HANA databases can be deployed on virtual servers or on physical machines. With the launch of the Cisco HyperFlex™ system, Cisco offers a low-cost, easy-to-deploy, high-performance hyperconverged virtual server platform that is an excellent solution for SAP landscapes.

Resources