Featured
Reports
Verizon Mobile Partners with Microsoft So Teams Can Energize the Mobile Workforce
December 2023 // For years, mobile employees have constituted a significant portion of the workforce. Since the start of the […]
“Private Cellular or Wi-Fi?” Isn’t an Either/Or Question: You Can Have Both
December 2023 // The world used to rely on wired connections. The phones we used back then plugged into the […]
Enterprises Have Big Plans for Wireless but Lack Unified Management
October 2023 // Siloed management, security and QoS leads to complexity and downtime. A converged multi-access wireless network* is the […]
Check out
OUR NEWEST VIDEOS
2024 ZKast #112 with Cedric Lockhart and others at the APGA Golf Tour
17.7K views September 11, 2024 10:55 am
17 0
2024 ZKast #111 With Paul Turner from VMware on VMware Cloud Foundation
12K views September 10, 2024 4:32 pm
24 0
2024 ZKast #110 with Bryan Ward, Lead Network Engineer with Dartmouth College at Juniper NOW
15.8K views September 9, 2024 8:52 am
14 1
Recent
ZK Research Blog
News
This expanded integration with RingCentral, along with others, gives Avaya customers full control over how they modernize communications.
This week, Avaya and the International Avaya Users Group (IAUG) are holding the annual Engage user event in Denver, CO. The conference brings Avaya stakeholders such as customers, resellers, partners, and anyone who wants to learn about the latest and greatest in Avaya innovation. Historically, Avaya has used the event to launch “big news.” So far, Engage 2024 is no different as Avaya and RingCentral announced an expansion to their strategic relationship.Mix and Match Avaya Flavors
The new offering integrates RingCentral’s UC suite with Avaya Aura, extending RingCentral across Avaya’s customer base. Avaya currently offers Avaya Cloud Office by RingCentral, Avaya’s exclusive UCaaS solution, as an IP Office replacement, primarily directed at SMB customers. Avaya Aura is a rock-solid calling platform widely deployed across large enterprises. Now, customers can migrate to RingCentral’s collaboration capabilities but retain their Avaya Aura for telephony. The new offering lets customers mix and match Avaya flavors. While most of the IP Office install base is SMBs, a large percentage of the enterprise base has used it in branch offices to complement Aura in the headquarters. The enhanced relationship would enable a large enterprise to use ACO in branch offices, keep Aura for more prominent locations, and bring in RingCentral. This would provide seamless collaboration across the company with Avaya Aura and ACO deployed in a hybrid mode.Welcoming AI
Customers can also access RingSense AI, RingCentral’s generative artificial intelligence (Gen AI) platform. RingCentral designed RingSense to increase worker productivity and facilitate collaboration. Avaya customers can access core features such as live transcription, closed captioning, video summaries, and video highlights. AI in collaboration can have significant benefits for customers, and that is being reflected in customer commentary. “In the digital age, embracing technology isn’t just about convenience; it’s about unlocking new possibilities and empowering businesses to thrive. With RingSense, Seneca Foods can connect seamlessly, access support, and elevate their communication game,” said Tim Eddinger, Enterprise Networks Manager, Seneca Foods, an ACO customer.Teaming Up for Voice
As part of the expanded relationship, the direct routing and RingCentral for Microsoft Team calling will be available for ACO customers. For all the innovation Microsoft has delivered to Teams, its big weakness is calling. RingCentral was quick to jump on the Teams calling train and is one of the leading telephony providers to the Microsoft platform. ACO customers can now embrace Teams and be assured of the five-nines reliable calling. One last piece to the partnership puzzle is that the Avaya Experience Platform (AXP) public cloud contact center is integrated with ACO. Historically, if a customer deployed both, users would need to run both independently making them the integration point. Post integration, workers will experience a single environment that spans back office to front office. At Avaya Engage, I discussed partnership updates with RingCentral CEO Vlad Shmunis. He mentioned that the two companies have worked diligently to create feature parity between ACO and RingEX. Typically, there has been about a one-release feature lag between the two, which can create confusion with customers and channel partners. The Teams integration is a big part of creating a “like-for-like” experience.My Take
The expansion of the expanded RingCentral-Avaya partnership was important for several reasons. Most notably, Avaya’s value proposition and brand promise of “Choose Your Journey” and “Innovation Without Disruption” are rooted in users having control over their transformation path. The integrations with RingCentral coupled with the recent integrations with Zoom and Microsoft Teams gives Avaya customers full control over how they modernize communications. This sentiment is being shared by the channel. I discussed the expanded partnership with Amrit Chaudhuri, Chief Growth Officer at C1, and he told me, “C1 has a long history of working and partnering with Avaya and RingCentral, and we are excited about the new hybrid solution announced at Avaya Engage. We have a large customer base that can benefit from the best of Avaya and RingCentral’s product innovations to enable simplified and seamless management of communications and collaboration technologies. These enhancements are essential for creating better employee and customer experiences and thriving in today’s dynamic business environment.” By partnering with Teams, Zoom, and RingCentral – three of the most common UCaaS platforms – Avaya can do what it does best: deliver reliable voice and contact center capabilities and ensure customers can bring in the collaboration partner of their choice while being assured of interoperability. It may seem counterintuitive to integrate deeply with a competitor, but better vendor interoperability is something customers have been requesting for decades, and the industry has failed to deliver it. Also, over the past year or so, there has been industry chatter regarding cracks in the RingCentral-Avaya relationship. Rumors are rumors, but where there is smoke, there is fire, so there were likely issues that came up and needed tweaking. The good news for Avaya customers is that both parties have worked together to resolve any differences they may have had and now further extended the partnership in multiple, meaningful ways. Typically, when vendors do what’s best for the customer, things work out in the end, and that’s what both companies did. When Alan Masarek took the helm of Avaya he had several priorities, both internal and external. One of the items he was most emphatic about was listening to customers and doing right by them. It’s no secret that Teams, Zoom, and RingCentral are in Avaya accounts. One just needs to talk to customers to find this out. Masarek could have stuck his head in the sand and refused to admit Avaya customers were using other products, fighting the headwind. Instead, the partnerships can turn those headwinds into tailwinds.Study reveals third-party IT expense management solutions propel FinOps maturity, yielding cost efficiency.
One of the challenges of the post-pandemic IT climate is that business priorities have shifted from growing and hiring with a nearly unlimited budget to re-focusing on cost savings – including IT expense management (ITEM). Companies spent too much, and now business executives and boards are clamping down, wanting CIOs to throttle back spending. A new study from Tangoe delves into IT expense management practices, comparing fully in-house programs, external third-party solutions, and hybrid models. The study, conducted in partnership with Vanson Bourne, is based on responses from 500 senior IT and finance professionals in the U.S. and UK, who work for organizations with annual global revenues ranging from $500 million to $50 billion. All the organizations have an IT expense management solution in place. Below are some of the study’s key findings.Moving Forward Requires Investment
The challenge is that businesses need to move forward, and that requires continued investment. As IT spending continues to climb, driven by the escalating costs of artificial intelligence, cloud, and mobile tools, organizations are feeling even more pressure on their budgets. This makes the ability to track and manage spending, govern expenses, and adjust IT budgets effectively a must. The Tangoe study uncovered that third-party information technology expense management (ITEM) solutions foster more mature financial operations (FinOps) programs and offer faster business insights and savings than alternative approaches. Furthermore, such solutions often incorporate automated processes that help reduce the risk and costs associated with IT outages. According to the data, this approach has proven to be five times more cost-effective than its alternatives, offering a superior method for managing IT expenses.Cost Efficiency Disparity
One of the standout findings is the cost disparity between different expense management approaches. Organizations using a fully external ITEM solution reported spending approximately $442,000 on average, which is remarkably lower than the $2.35 million incurred by those with a hybrid approach. By outsourcing, organizations not only save money but also free up internal resources. Unlike in-house programs, which typically rely on vendor-provided tools, third-party providers offer specialized analytics platforms to identify cost optimization opportunities and managed services that help companies act on them quickly. This allows organizations to focus on critical investments and decision-making, rather than mundane tasks like invoice processing, expenditure analysis, and service adjustments.Advanced FinOps Programs
Organizations that employ third-party solutions for managing IT expenses are more likely to have a mature FinOps practice, with 94 percent of organizations having a dedicated team for optimizing cloud spending. Those using an external provider are more successful in deploying their FinOps practices, with 61 percent achieving full deployment compared to 53 percent of those using other methods. Having a FinOps program in place has also been shown to reduce spending on cloud infrastructure and software by 20 percent and 28 percent, respectively.Improved Insights and Savings
Nearly all (99 percent) senior IT and finance decision-makers experienced significant benefits from outsourcing. Third-party ITEM solutions tackle common challenges related to data analysis, IT service inventory management, and manual processes. Organizations using these solutions reported a 90 percent improvement in productivity and process efficiency, with 88 percent experiencing faster access to business insights and cost savings. On average, organizations saved more than $10.5 million annually by outsourcing to third-party providers. Additionally, 88% of those with fully outsourced solutions achieved business insights and savings faster.Automation is Necessary
Approximately 43 percent of IT expense management tasks are still performed manually. The consequences of manual dependency include service outages due to late payments, experienced by 85 percent of organizations. This can lead to substantial revenue losses and potentially halt operations completely. According to the findings, automation decreased the frequency of regular outages from 41 percent in environments with mostly manual processes to 32 percent in those with automated processes—a 22 percent reduction.Bottom Line: Third-Party ITEM Supports Cost Savings
As businesses expand and grow, IT expense management is a critical tool to boost profitability. Third-party ITEM solutions help organizations manage the complexities of modern IT expense management by supporting advanced FinOps practices, decreasing manual workloads, and providing considerable cost savings.- Embrace generative AI. Since most businesses and security teams already use generative AI, create policies that foster innovation and address risks like data leakage.
- Promote collaboration and tool consolidation. Encourage cooperation across departments, especially IT, to improve digital resilience. Simplify operations by consolidating tools to focus on major threats.
- Align with legal and compliance teams. As regulatory requirements become more central, work closely with legal and compliance teams to integrate compliance into everyday security operations.
- Advocate for resources. Leaders should demonstrate the business value of robust cybersecurity measures to gain executive support.
- Encourage hiring and training. Address skill shortages by utilizing AI and employing creative training methods like allowing non-security staff to participate in security operations.
- Focus on fundamentals. Commit to basic cybersecurity practices like regular updates of IT asset inventories, which can mitigate risks and improve long-term compliance.
- Stay informed on global dynamics. Keep abreast of global political and regulatory changes, and have an understanding of how they impact cybersecurity.
AI for networking: close but not ready for prime time
Like all industries, AI has been the talk of the town for networking for the past two years. The launch of ChatGPT made people think about what’s possible if one brought generative AI to networking. If a user was having problems with a Zoom call, a network engineer could ask the system why, and, like magic, the answer would be revealed with a possible solution. Though the vision is excellent, the reality is customers are just starting to dip their toes into AI for networking. During a customer panel at Extreme Connect, theCUBE Research analyst Bob Laliberte asked the three customers if they were using AI with network operation. They stated they are looking at it but have yet to roll it out. One could argue that a sample size of three isn’t all that big, but this is consistent with feedback I’ve had with IT pros – not just in networking but also in security, collaboration, contact centers and every other area. Make no mistake, AI is coming to information technology organizations, and when it starts, I believe the ramp will be quick, but companies need to experiment with the systems and learn from them, which builds trust and then utilization. The reality is that IT pros are drowning in complexity and need AI to simplify their jobs, but there is an experience chasm that needs to be crossed.The messy product work is now behind Extreme
Extreme’s portfolio is built on a collection of products from several acquisitions. The company had its own products but has added infrastructure from Enterasys, Avaya Networking, Brocade, Motorola, Aerohive, Ipanema and others. It did this over just a few years, and the engineering team has been busy rationalizing hardware and software. It appears this work is now behind the company, and it now has an enterprise networking that can go toe-to-toe with any of its competitors. One of the interesting differentiators for Extreme is its “Universal Hardware,” where customers can deploy a switch or access point and then manage it using the cloud. If, in the future, the customer wants to bring the data into a private cloud and switch the management model, they can do so without having to change hardware. Integration, rationalization and product issues have held the company back, as it has had to manage the roadmap and upgrade path with customers and partners. Most of the hardware is done, and the company can now look forward versus trying to manage the historical install base.The network fabric is Extreme’s best-kept secret – but it needs it not to be
When Extreme acquired the networking assets from Avaya, it inherited Avaya’s shortest path bridging-based network fabric, now known as Extreme Connect Fabric. SPB was developed about a decade ago to simplify networks and solve some of the limitations of the Spanning Tree Protocol, such as slow convergence, blocked links, and box-by-box configurations. The network is configured at the edge, and updates are made dynamically across the fabric. This results in a less complex network with improved performance that is significantly easier to run. One of the challenges for Extreme with Fabric Connect is that it is a much different way of running a network. Some customers I talked to were skeptical that the solution would bring the benefits that Extreme articulated. However, once customers move to the fabric architecture, they stay with it. I’ve talked to many customers who use Extreme’s fabric, and they all rave about the product. Extreme needs to highlight these customers and quantify their benefits to obtain more proof of concepts, which will lead to more deals. Extreme Fabric Connect has been described as a “best-kept secret,” but the goal should be for the value to be well understood by the industry.Extreme is the king of complex Wi-Fi
Of all the different network domains, Wi-Fi has been the most difficult for vendors to get right. It’s not a technology issue but rather a deployment one. We have all experienced bad Wi-Fi where you’re connected but it’s not working well. This happens at stadiums, conference centers, airports, hotels and other places where traffic is unpredictable. I’ve talked with CIOs from facilities with bad Wi-Fi, and they explain that the proper level of planning wasn’t done to deliver consistent, great performance. Wi-Fi in carpeted offices can be somewhat cookie-cutter, but that’s not the case with stadiums, schools and conference centers. Over the years, Extreme has developed a reputation for doing complex Wi-Fi better than anyone. It’s used in many of the old, iconic stadiums, such as Fenway Park, Wrigley Field, Old Trafford Stadium and Lambeau Field. These facilities were not designed with Wi-Fi in mind and require a tremendous amount of pre-work, and Extreme has mastered the art of complex. If it can do those, the business should feel confident it will work in more traditional environments.Security is poised as the growth area
Extreme has a strong network portfolio and is a Gartner Magic Quadrant leader. However, many macro issues are causing companies to delay network purchases, so even if Extreme takes share, its ability to grow is limited. Today the company announced its quarterly results, posting revenue of $211 million, slightly ahead of expectations but down 36.5% year-over-year. As the network industry recovers, so too should Extreme, but accelerated growth requires an adjacent market, and security is it. As mentioned, it announced universal UZTNA, which complements its SASE offering. Right now, Extreme is selling security through its network channel. The goal should be to continue building network-centric security products, post some lighthouse wins and use those customers to validate its strength in security. On the company’s earnings call today, Chief Executive Ed Meyercord (pictured) called for a return to growth by fiscal year 2025. “At Connect, sessions on zero trust drew standing-room-only crowds,” he said. “When added to our unique Fabric, this allows us to present a highly differential security value proposition.”Summary
While the network industry is crowded, Extreme Networks is the only one that’s an enterprise pure play. The company has a strong network portfolio, and many major customers chose it because of its focus. Kroger was on stage and talked at length about Extreme’s willingness to partner with him to help the retailer meet its business goals. Looking ahead, Extreme needs to continue to lead in Wi-Fi and develop its AI and security solutions.It must also exercise a degree of patience while the macro issues that are plaguing networking today subside. Extreme Connect was a good event that featured product innovation, strong customers, channel partners and a glimpse of the future. Now that the product integration issues are out of the way, it’s time to step on the execution gas.Enabling microperimeters
One of the more interesting aspects of Arista’s MSS is that it eliminates the need for endpoint software agents or proprietary network protocols while enabling effective “microperimeters” that restrict lateral movement in campus and data center networks, which reduces the impact of security breaches like ransomware. The use of software agents isn’t bad, per se, but adds another level of complexity. Each system must be configured, agents can vary by operating system, and not all endpoints, particularly internet of things devices can host an agent. This leaves many blind spots between the domains. Arista MSS enables the following capabilities:- Stateless wire-speed enforcement in the network: Arista’s identity-aware microperimeter enforcement enables lateral segmentation.
- Redirection to stateful firewalls: By integrating with Palo Alto Networks and Zscaler firewalls and cloud proxies (among others), MSS sends the right traffic to security controls.
- CloudVision for microperimeter management: Real-time visibility into packets, flows, and endpoint identity provides effective east-west lateral segmentation.
The traditional perimeter has collapsed
Barbieri says that Arista subscribes to the notion that the traditional enterprise perimeter has fundamentally collapsed. “Not only because users are now distributed everywhere,” he said. “But most of the devices connected to the network are also unmanaged. So unknown devices represent the future expansion of your business.” He told me that, with applications distributed — in your private data center, in a collocated data center or in the public cloud — controlling the network with traditional security has proven ineffective. Barbieri explained why the network is the right approach to micro-segmentation. “The network connects all the endpoints and is best positioned to deliver better end-to-end micro-segmentation services.” But you’ll still need those old tools. “You’ll still need perimeter security, you’ll still need VPN, you’ll still need endpoint security technologies,” he said. “But the game here is how to use the network to play a more central role.” Barbieri says Arista wants to integrate its segmentation with threat detection and access control technologies to close the loop. “So you can admit someone into the network, and you can restrict their ability to move laterally,” he said. “But at the same time, you continuously monitor to adapt your policies and track their behavior.”Some final thoughts
The network connects all points, and, in many ways, the network is the perimeter. Wherever the network goes, it needs to be protected. So Arista’s approach is sound. Its technology is good, and it has integrations with best-of-breed security vendors. Over the past several years, Arista has built out its security portfolio. Although I’m not ready to declare the company a vendor that can lead with security, it has a growing set of products and services that can protect its customers by leveraging network data.Advanced unified compliance coverage is now available to unified communication platforms through Theta Lake.
Artificial intelligence (AI) was the big theme at the recent Enterprise Connect 2024, which took place in Orlando, Florida. Companies are proactively incorporating AI features into their daily business practices at a rapid pace. However, the rise in AI’s utility creates considerable concern about data security and transparency – an issue that Theta Lake aims to tackle.Theta Lake Tackles AI Compliance and Oversight
Key concerns surrounding Artificial Intelligence (AI) involve the accuracy of its outputs and problems with misleading information, known as “hallucinations.” There is also apprehension about the types of queries users submit, such as requests for sensitive information, which pose ethical and security risks. Organizations are growing interested in monitoring AI prompts to ensure compliance with ethical guidelines and security standards. To address this, Theta Lake builds solutions for organizations using communications and collaboration platforms, focusing on compliance to enhance user regulatory oversight.Enhancing Compliance: Insights from Theta Lake’s Chief Product Officer
I spoke with Dan Nadir, Theta Lake’s Chief Product Officer, at Enterprise Connect 2024. Nadir discussed the benefits and challenges of advanced features in collaborative meeting products today. He also shared the company’s news from the show. Highlights of the ZKast interview, done in conjunction with eWEEK eSPEAKS, are below.- Compliance requirements often lead to disabling functionalities like chat or video, which causes user dissatisfaction and potential violations. Theta Lake’s technology is an enabler by offering monitoring capabilities that help organizations maintain compliance and functionality. Through its integration with Zoom Compliance Manager (ZCM), for instance, users can access compliance tools directly within Zoom.
- Theta Lake supports a wide range of platforms with over 100 integrations and has established partnerships with companies like Zoom, Microsoft, Cisco, RingCentral, Salesforce, and Slack. For example, Theta Lake’s integration with Microsoft leverages the features in Purview, which includes numerous customization options. One key feature is the ability to use labels. Theta Lake automatically archives and retains labeled documents in Purview according to specified settings.
- Theta Lake has broadened its integration capabilities beyond traditional chat applications to include platforms like Dialpad, Miro, and Mural. Theta Lake maintains close partnerships with these companies, allowing them to influence application programming interface (API) development and adapt to new beta APIs as they become available. Meanwhile, the user experience remains consistent across the platforms.
- At Enterprise Connect 2024, Theta Lake announced enhancements to its unified compliance communication services by adding more data sources. This includes new voice technology support for Webex, and an expanded partnership with RingCentral, specifically its new Ring CX intelligent contact center solution.
- Additionally, Theta Lake now supports Mural, Miro, and Zoom whiteboards. The whiteboard integrations allow users to replay their sessions, simulating the experience of watching someone write and make changes in real time. This includes tracking and displaying actions like writing and erasing.
- Theta Lake’s integrations improve communication management by linking different types of interactions—voicemails, calls, and emails—into a cohesive timeline. The communications are aligned in sequential order, so users get a comprehensive view. They can see messages across different platforms, get access to interconnected data, and adhere to regulatory guidelines.
- Theta Lake unifies different communication forms in one place, simplifying data management and searchability. The company has broadened its functionality to include detailed tracking of communications across multiple platforms. This expansion encompasses complete language support, translating content into various languages for emails, text messages, and transcripts.
- Moreover, Theta Lake has developed a unified identity tool to address the issue of scattered user identities across various communication platforms. The tool consolidates important user information—such as phone numbers and employee numbers—into a single identity profile, and facilitates thorough searches across all associated data.
Bottom Line: What’s Next for Theta Lake?
The company is working on proactive compliance and real-time functionality. This capability will automatically alert users about potential risks or compliance issues, removing the need for manual checks. Theta Lake will also deepen its AI use by generating summaries of data sourced from its partner platforms. The goal is to not only monitor but also actively guide users in managing their AI settings.Now it’s time for Masarek and the team to execute consistently and turn their strategy roadmap into sales success
This past week, Avaya held its analyst summit in San Diego, CA. This was the first analyst event in several years. This event focused solely on providing an update to industry analysts, the first of its kind in several years. While much of the content was NDA, many broader themes are worth mentioning. Below are my top five thoughts from the 2024 Avaya Analyst Summit.- Large enterprise communications moving wholly to the cloud is not a fait accompli. The tech industry loves to swing pendulums from one side to the other, and their messaging shows it. In the late 90s, the rhetoric was that everything would move to an IP-based system. Although the deployment movement swung that way, the industry still hasn’t fully migrated from the old TDM systems. Similarly, it’s commonplace to hear that all unified communications and contact centers will be cloud-based. Much of the small and mid-market has moved that way, but large enterprises have yet to pull the trigger to move to SaaS-based services. In fact, going from my conversations with IT leaders from large companies, there are many challenges to using public clouds, including data sovereignty, control of security, economic considerations, customization, and migration issues. This is why the hyperscalers all have private cloud offerings: enterprise-class customers want the cloud model but prefer a private cloud.
- The Avaya management team is the best it’s been – perhaps ever. Since taking over as CEO, Alan Masarek has completely revamped the management team, and it’s in the best position I can recall in my years of covering the company. Since Masarek took the helm, he has added the following key hires:
- Soren Abildgaard – Chief Technology Officer. Background includes Contentful, Adobe, Zendesk, Autodesk, and Microsoft.
- Omar Javaid – Chief Product Officer. Background includes Qualcomm, Vonage/Nexmo, Tivo, HP, Qualcomm and Motorola.
- ML Maco – Chief Revenue and Customer Experience Officer. Background includes Genesys, CognitiveScale, HPE, Oracle and Cisco.
- Al Morales – Chief Transformation Officer. Background includes Tenneco, TD Synnex, AmerisourceBergen and AT&T.
- Josh Mueller – Chief Marketing Officer and GM of Hardware. Background includes National Instruments, Vonage, Dun and Bradstreet and Dell.
- Amy O’Keefe – Chief Financial Officer. Background includes Weight Watchers, Savant Systems, Black and Decker, and Ernst and Young.
- Avaya is focused on the right customer base. Historically, Avaya has tried to be “all things to all companies.” This made sense nearly 25 years ago when the company split from Lucent. Avaya had a massive install base and was the leader in contact centers and phone systems for companies of all sizes. A lot has changed since then, with the company being much smaller than it was in the past. This requires a more focused approach to everything from sales and marketing to partner management to product development. Avaya management talked at length about focusing on the top end of its customer base, which are massive, multi-national organizations and governments across the globe with complex requirements. That’s not to say Avaya won’t service customers' needs outside this demographic, but Avaya management made it clear – the large, global companies are its strength and will point most of its resources there.
- “Innovation without disruption” is more than a slogan. In the social media era, companies always come up with their latest hashtag-gable quote. Late last year, Avaya started using “innovation without disruption” as its latest go-to-market. At that time, the sentiment was more vision than anything, but the company has put together a solid plan to back up the vision since then. In the contact center, customers can keep the tried-and-true Avaya on-prem system and then leverage the capabilities of AXP (as public or private cloud) for the digital channels.
- Avaya has more work to do. The leadership is in place, the product roadmap has been defined, and Avaya focuses on large enterprises. However, success from here is certainly not a given, and the company fully acknowledges they have work to do.
Custom model import
“Tens of thousands of customers are already using Bedrock as the foundation for their generative AI strategies because we give them the broadest selection of leading foundation models,” he told me. “But with this announcement, we’re empowering our customers to bring their own proprietary models to Bedrock.” Amazon Bedrock custom model import enables organizations to use their tailored models onto the platform, streamlining operations and speeding up app development. AWS says customers are fine-tuning existing models for their specific needs, especially in healthcare and finance, using services like Amazon SageMaker. That integration enables the use of Bedrock’s AI tools with custom models, eliminating the need for independent development. Through a straightforward process, organizations can import their models into Bedrock as fully managed APIs and take advantage of the platform’s scalability and protective features. That flexibility enables users to combine Bedrock’s models with their own with a single API. Currently supporting Flan-T5, Llama and Mistral architectures, this feature is available in preview, with expansion plans.Amazon Bedrock’s Model Evaluation
“It’s great that we have all the models — and now you can bring your own model as well — but then you want to be able to evaluate which one is doing best for your use cases,” Philomin said. “And then you can choose one or more of the models to power your application or user experience. That’s where the Model Evaluation capability is useful, and we are making it generally available.” This feature enables customers to assess and compare models swiftly, aiding in selecting the most suitable one for their needs. With a vast array of top-tier models, Bedrock caters to various pricing, performance and capability preferences. In the past, organizations faced extensive analysis to match models with their specific requirements, which can delay the deployment of AI applications. Model Evaluation streamlines this process, reducing evaluation time from weeks to hours. Customers can quickly start by choosing evaluation criteria and uploading datasets or leveraging built-in resources. For subjective assessments, Bedrock facilitates human input to evaluate model responses based on tailored metrics. Once set up, Bedrock conducts evaluations and provides a comprehensive report, aiding customers in swiftly identifying the optimal models for their use cases.Guardrails for Amazon Bedrock
“The Guardrails for Bedrock is the only capability offered by any cloud provider that enables customers to build and customize privacy protections for their applications all in a single offering,” Philomin said. “Usually, it’s not a combination of safety and privacy protections—it’s one or the other. We’re bringing the two together. AWS provides customers with a way to enforce safeguards and filter out personal data, profanity, specific terms and harmful content. Organizations must deploy it securely and responsibly to ensure the widespread adoption of gen AI across industries. Although many models come with basic content controls, customers require further customization to ensure responses align with company standards and ethical AI principles. Guardrails for Amazon Bedrock promises to enhance safety measures beyond native model capabilities, blocking up to 85% of harmful content. It offers prebuilt and customizable safeguards within a single solution that are compatible with all large language models in Bedrock. Setting up guardrails involves providing natural-language descriptions of restricted topics and configuring thresholds for filtering hate speech, insults and other undesirable content. This feature empowers customers to innovate confidently, maintaining a consistent user experience and upholding safety and privacy standards across generative AI applications.Model choices
AWS is now offering Amazon Titan models exclusively on Bedrock, along with the latest models from Cohere and Meta. These models, pretrained by AWS on diverse datasets, prioritize responsible AI use. Titan Text Embeddings V2, optimized for RAG tasks, offers improved accuracy and reduced compute and storage costs, making it ideal for various applications like chatbots and recommendations. In addition, Amazon Titan Image Generator, which is generally available, enables industries such as advertising and ecommerce to create or enhance images via natural language prompts, with added invisible watermarks for transparency and security.AWS enables customers to step on the AI gas
AWS, like its Amazon mothership, doesn’t do things on a small scale, so it is taking that approach with gen AI. Everything is necessarily big, and AWS is one of the few providers that can attain the scale required for gen AI. It’s also among the few providers that can deliver on customer expectations for model choice, evaluation and guardrails. We are still in the early stages of the gen AI revolution, but AWS has already established itself as the go-to for customers looking for choice and an end-to-end solution.The new HPE Aruba 730 series Wi-Fi 7 access points tout high performance, enhanced security, location tracking capabilities, and more.
Hewlett Packard Enterprise (HPE) a subsidiary of Aruba Networks rolled out new Wi-Fi 7 access points (APs). The new 730 series APs are designed to significantly improve wireless network performance and security, especially for enterprises using advanced technologies like artificial intelligence (AI) and the Internet of Things (IoT). Wi-Fi 7 is based on the IEEE 802.11be standard for those unfamiliar with the latest Wi-Fi specification and offers the following improvements over previous standards.- Higher data rates. Wi-Fi 7 has a maximum data rate of over 30 Gbps, significantly higher than the 9.6 Gbps of Wi-Fi 6 and 6E. This is accomplished through more efficient spectrum utilization, higher order modulation (4096-QAM), and additional improvements in channel bonding and MIMO capabilities.
- Improved latency. Wi-Fi 7 reduces the latency on wireless networks, making it suitable for real-time gaming, AR/VR, and video apps. The new standard introduces features such as multi-link operations (MLO), which allows devices to transmit data across multiple bands (2.4, 5, and 6 GHz) simultaneously and dynamically allocate traffic to the fastest link.
- Better spectrum utilization. Wi-Fi 7 supports 320 MHz channels in the 6 GHz band, compared to 160 MHz with 6/6E. This allows more data to be transmitted, improving throughput and network efficiency.
Addressing Wi-Fi network security issues
Currently, there is a diverse mix of devices using Wi-Fi 6, 5, and the emerging Wi-Fi 7, with substantial increases in Wi-Fi 7 devices anticipated by 2028. Enterprises are future-proofing their network infrastructure to accommodate this growth and ensure compatibility across Wi-Fi standards. However, security remains a major concern. The rise of generative AI poses new challenges, as hackers can use it to exploit network vulnerabilities. On top of that, the convergence of IoT and operational technology (OT) is leading to an influx of devices on Wi-Fi networks, posing security risks. HPE Aruba introduced several security enhancements in the 730 series to address these challenges. The APs have several layers of security to protect against external and internal threats. Features like policy-based access control, Layer 7 application firewalls, and media access control security (MACsec) help secure networks by monitoring and controlling access and encrypting data transmission. Additionally, the APs provide enhanced IoT visibility and segmentation, assigning roles to users and IoT devices for secure, segmented network access. “On the switching side, we’re seeing increased demand for things like MACsec (a security protocol that provides encryption at the link level). But you don’t have to have MACsec enabled to use this AP. It’s merely a security add-on,” said Madani Adjali, vice president of product management at HPE Aruba, in a pre-briefing. In terms of performance, the new APs are built to handle a high volume of wireless traffic, providing up to 30 percent more capacity than other products on the market. They utilize HPE’s ultra tri-band hardware technology, which optimizes using 5 and 6 GHz bands to reduce interference. This supports a heavier load of devices and more data-intensive applications. Additionally, the APs feature enhanced data processing capabilities. They have twice as much synchronous dynamic random-access memory (SDRAM) and Flash memory as previous models to run application-specific containers directly on the APs. While most existing APs operate at one gigabit (Gb), the 730 series APs have dual 5 Gb Ethernet interfaces. The introduction of 5 Gb interfaces caters to evolving technology needs, helping enterprises prepare for future network demands and higher data throughput. However, organizations updating to newer Wi-Fi standards might install these advanced APs at new sites while upgrading their wired infrastructure. As is often the case, “wireless advancements precede updates to wired networks,” said Adjali. “Even in the wired space, few devices ever get near 50 percent of that one gig pipe. As more devices are leveraging 6 GHz, that possibility is certainly there, but it’s not going to happen tomorrow. So, this is more about future-proofing for when the time comes to enhance the wired edge,” Adjali added.Advanced features abound
Lastly, the 730 series includes advanced location tracking capabilities that provide accuracy up to one meter. This high level of precision is essential for apps that require exact location information, such as asset tracking in industrial settings or creating immersive user experiences in public venues, Adjali explained. The APs also support the IEEE 802.11az standard to enable self-location networks, and they have additional features like a Global Navigation Satellite System (GNSS) receiver for asset tracking and a barometric sensor for floor-level mapping. The 730 series APs will be globally available in July 2024. HPE Aruba will showcase the new capabilities at HPE Discover + Atmosphere 2024, which will take place in Las Vegas June 18-20. During the conference, a Wi-Fi 7 network consisting of approximately 220 APs will be put to the test in a dynamic public setting with over 10,000 attendees. This will trial the APs in real-world conditions and demonstrate what’s possible in modern networking.Looking for vulnerabilities
Russell shared that one of the products that attracted Veeam to Coveware is Recon, which can look at vulnerabilities in an existing environment. “From a services perspective, they can do tabletop exercises with an organization and help them understand where vulnerabilities could be at a conceptual level,” he said. “They can run Recon in the production customer environment to show the vulnerabilities.” This Recon capability doesn’t send any customer data, he said, but it does send metadata for functions such as port usage and other indicators of compromise — nothing like server names or even sensitive metadata. “With that, a report can be generated using their large language model, to suggest known vulnerability strains in the wild and their attack vectors in areas where your deployment model, your data center, could be open to vulnerability,” he said. “So that’s very proactive.”Using LLMs as an early warning system
Coveware might fall under the “incident response” category, but it’s really an early warning or simply stopping the threat before it becomes a problem. “Coveware does proactive threat hunting,” he said. “They are engaging with their clients in advance to offer best practices to keep them out of a cyber situation. On the one hand, they market themselves as an incident response team, like a fire department. But they’re more like fire prevention. And the part that excites us at Veeam is the ability to do the proactive threat hunting to understand the nature of the threats operating in the wild today and how to best defeat them.” But in the future Russell sees many more possibilities from Coveware’s large language model. “Because their LLM will get better with the more information it receives, and with over 1 million Veeam backup and replication servers out in the wild, even if we got 10% uptake that’s 100,000 new backup servers that are now able to add to that LLM — becoming even more intelligent but also proactively identifying vulnerabilities that a customer may be running with and unaware of,” he said.Some final thoughts
Veeam has become a significant player in ransomware recovery, and this acquisition should add to its broad capabilities. Blending the artificial intelligence world of LLMs to create a vast storehouse of knowledge to prevent attacks before they happen is very possible. Vendors will need to turn to this approach because attackers will be using AI in all its forms to relentlessly test every company’s defenses.Think of Hypershield as an AI-enabled security fabric where every network port becomes a high-performance enforcement point.
As AI demands more from IT infrastructure, Cisco just released Hypershield, which it heralds as a new way to secure data centers and clouds. This new solution aims to protect assets wherever they are—applications and devices, as well as public and private data centers. The company says Hypershield was created with AI in mind from the ground up to help secure beyond a level humans can reach alone. In a pre-briefing, Tom Gillis, Senior Vice President and General Manager of Cisco security products, shared the background on Hypershield. “For decades, the way the industry has worked is that every time there was a new problem in security, there’d be a little cluster of new companies formed to solve that problem,” he said. And while the individual solutions are excellent, this puts the burden on the customer of constantly ingesting a new tool and often onboarding a new vendor.” Gillis said that Cisco wanted to create a more integrated solution defined in software—independent of infrastructure—that could span private and public clouds. The company would then tie it together with its networking capability.Better security outcomes
“This is going to create a better security outcome for our customer, which is better, faster, and cheaper—an irresistible combination in any industry, but in security in particular,” he added. Cisco Hypershield is a security architecture built to meet the needs of the AI-scale data center. Cisco says it built Hypershield on three key pillars:- AI-native: The company says it designed Hypershield to be autonomous and predictive. As such, it self-manages once it earns trust, which is the key to its operation at scale.
- Cloud-native: With open-source eBPF underpinning, Hypershield can connect and protect cloud-native workloads. Bolstered by its acquisition of Isovalent, an eBPF provider for enterprises, earlier this month, this should be a unique advantage for Cisco.
- Hyper-distributed: Cisco’s network heritage gives it a singular advantage in how it views security—it uses the network fabric, enabling it to shift security where workloads need protection.
- Distributed exploit protection. Hypershield protects against the rising number of vulnerabilities through continuous testing and deploying compensating controls into the enforcement points of the distributed fabric. Critical vulnerability exploits (CVEs) are a way of life and are growing faster than most customers can keep up, and Hypershield can help minimize their impact.
- Autonomous segmentation. Hypershield's continuous monitoring enables it to observe and re-evaluate segmentation policies and dynamically adjust them. Customers have been interested in segmentation for years, but maintaining the policies is extremely difficult and impossible in dynamic environments.
- Self-qualifying upgrades. The solution automates the time-consuming and manually-heavy process of testing and deploying upgrades once they are ready, leveraging Hypershield’s dual data plane. Effectively, it accomplishes this by creating a "digital twin" of the environment.