|Remove||Item||Quantity × Price|
|Your cart is empty|
What is going to happen in the near future in the field of I/T and Networking ? Let's try to make a reasoned analysis.
Like it or not, more and more stuff will go in Public (AWS, Azure, etc.) or Private Clouds. Due to this, things like OpenStack, oVirt, VMWare, Nutanix, OpenNebula and others will grow. A lot.
And most of this stuff is going towards one direction: SDN (Software Defined Networking). Yes, it’s the buzzword of the moment, like most things in IT it is having its hype moment and it will have its stabilization. But given what is happening in the industry, it’s probably going to stay.
10Gbit Ethernet is nowadays common in data centers, even in small & medium business. You can get an 8 port 10GBit switch on Amazon for less than 700$ .
In Capetown (South Africa), 1Gbit connections to home users are common and ISPs are starting to deliver 10Gbit to end users. Network speeds today peak at 100GBbit/sec, by the end of the year the 400GB/s IEEE standard will see the light. Terabit Ethernet will be there sometime after 2020.
As a side effect, DDoS attacks will rise and they will be even more dangerous than they are today – which is not nuts.
How and when DPI (Deep Packet Inspection) technologies will be able to cope with all of this ?
Go to Google, Amazon, Facebook, LinkedIn, whatever thing you want, the networking world is embracing encryption as if there was no tomorrow. Encryption is the driver without which you simply could not have the Cloud and eCommerce. And although some researchers are making giant steps in designing password decryption solutions in real time, it is reasonable to assume that it will be highly unlikely that real-time brute-forcing of encrypted network traffic will be within the reach of malicious people before the mass availability of the quantum computing. At least, we hope so.
Anyway, 146 days in the average for 2016. Which leads us to consider about the upcoming GDPR regulations being operative from May 2018. Non-compliance with GDPR regulations will be punishable by May 2018 with fines that are capable to kill a lot of giants. Even if Equifax is in the US, it would have been equally affected since they have also UK citizens personal information (UK is still in the EU, at least until brexit is not complete). It would have been up to about $63 Million of dollars fines. Not bad.
Ransomwares in 2017 have seen threats like WannaCry, Petya and NotPetya, and AI is coming to a rescue with products like Reaqta, but things will be even more complex to deal with. The black market for vulnerabilities and exploits is far bigger of what you can find on metasploit.
Remote work, BYOD & IPv6
In 2016, nearly 53 million Americans were freelancers, that’s 34% of the workforce; there are predictions that, at least in the US, in 2020 the workforce will be made 43% by freeelance, which means they will work with their own devices. Probably, with some year of delay, other EU countries will follow. Due to this, companies like https://www.crossover.com will be more and more common.
What this means ? Well, nowadays BYOD is already common, in the feature this trend will grow more and more. It means that you will not be able to be in control of the I/T devices of the people you work with, but you will have to give them access to what they need to do the job you’re paying them for (hey, they’re probably contractors, remember !).
In addition to this, mobile traffic grows year by year and this means that most of the new available 100Gbit bandwidth will be used by more VPN and encrypted traffic (if you don't hire them and give them a workplace, they have to work from home, Starbucks or wherever there is a network connection, trustable or not !).
IPv6 adoption is still relatively slow, but probably the rise of the new IoT industry will give it a strong boost, given also the approaching IPv4 exhaustion
Consequences: Ne Security Approaches
As per today, most common Security “Products” (Security is not a product !) vendors are going towards a “shared intelligence cloud” where their devices connect to this cloud to improve security checks they make at customer sites. Cisco, Checkpoint, Juniper, Fortinet are just a few example names. And guess what ? IP Reputation is still going strong !
Go to see yourself:
IP Reputation is already a must for some applications like spam-fighting for email, (SPAM) and will be more and more common for others (http://www.reputationauthority.org/).
AI and Machine Learning are growing like hell. Although it is a very complex study matter, overly influenced by the rather simplistic media vision, it is undeniable that AI is the buzzword of the moment, and in a silent and quiet way is becoming part of our daily life (just use a smartphone to have examples of everyday use). If you don’t trust me, just go on LinkedIn and look how many “Data Scientist” and “Machine Learning Expert” positions are available. Or look in a digital bookstore for how many titles on this subject are available ("Machine Learning in <$language_of_choice>").
Probably, the world of security, as we know it today, will change significantly. Analyzing logs for a firewall or an IDS/ IPS system (assuming that new ones can be built to handle such traffic volumes) will be a task to be performed offline for artificial intelligence software. With such volumes of traffic, packet analysis will probably be used just for troubleshooting. And above all, storing network logs, user & device authentications, application and error logs in separate places will simply be silly and useless.
Security data lakes are already a reality and will be the knowledgebase on which artificial intelligence will be concerned with controlling the security of networks and systems. Separate Security tools is stuff of the ‘90ies.
Do you think all this is very remote over time ? If the answer is yes, when did you use a public telephone booth the last time ?
Fl0wer cannot solve all of this, it does not have a magic wand, but for sure, can give you a real help. Check it out at https://fl0wer.me