Another BGP Routing Incident Highlights an Internet Without Checkpoints

Yesterday, there were two BGP routing incidents in which several high-profile sites (Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games) were rerouted to a previously unused Russian AS. The incidents only lasted about three minutes each, but demonstrated once again the lack of routing controls like those called for in MANRS that could have prevented this from happening.

As reported in BGPmon’s blog post on 12 December 12,

“…our systems detected a suspicious event where many prefixes for high profile destinations were being announced by an unused Russian Autonomous System.

Starting at 04:43 (UTC) 80 prefixes normally announced by organizations such Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games were now detected in the global BGP routing tables with an Origin AS of 39523 (DV-LINK-AS), out of Russia.”

Either a configuration mistake or a malicious attack, it propagated quickly through the Internet without visible obstacles. This was one of almost 5000 route leaks and hijacks in 11 months of 2017. For comparison, network outages during the same period caused almost 8000 incidents (source: https://bgpstream.com/):

In practice, the efficacy of corrective actions strongly depends on the reliability and completeness of information related to expected routing announcements. And these qualities quickly deteriorate with every routing hop on the path. Meaning that the easiest and most effective way to prevent such incidents from a customer is by its direct transit provider. In the case of AS39523 – that is AS31133 (Megafon).The Internet is an interconnected system and its security is only as strong as its weakest link – the least secure network operator. But the concept of “defense in depth” is more applicable here: If a network emits a false routing announcement, there should be many chances to correct it.

Deploying the simple, low-cost, low-risk measures promoted by MANRS is vitally important for all network operators. Had Megafon implemented Action 1 “Prevent propagation of incorrect routing information,” the false announcements yesterday would have been stopped at the first hop. Had reliable data been available about what prefixes DV-LINK-AS is authorised to advertise, others could have prevented that too.

Is your network doing all it can to prevent incidents like this? Read the MANRS document, follow the Implementation Guide, and Join MANRS!

The post Another BGP Routing Incident Highlights an Internet Without Checkpoints appeared first on Internet Society.

Internet Society

That’s another fine mesh you’ve got me into: Part 1

CIOs developing IoT strategies might take note of a particular section of Gartner’s Top 10 Strategic Technology Trends of 2018, says Clare Grant, general manager at Red Hat Mobile, where it describes the emergence of the intelligent digital mesh: “Gartner calls the entwining of people, devices, content and services the intelligent digital mesh. It’s enabled by digital models, business platforms, and a rich, intelligent set of services to support digital business.”

This is where IoT, analytics, edge computing and AI can be combined to deliver information so that organisations can offer a more immersive experience.

The combination of IoT, analytics and AI and, I would argue, mobile, can impact application development, integration and management by fuelling the need for apps to be developed and deployed for traditional, mobile and stateless environments.

CIOs should plan for maintaining core systems in the most cost-effective way, while constantly updating, securing and scaling apps, so that their organisations can respond quickly and flexibly to user and market demands.

So how can they manage change with finite resources? And how can they extend existing applications to mobile and other digital use cases?

Modern app development

Rather than being directed solely by internal IT departments, software development has shifted towards a more user-centric model, with demand for features and services often being driven by users engaging through multiple digital channels.

Today, software should be developed faster, updated more frequently and be able to integrate with multiple business functions and engagement channels, including mobile, messaging, the web and social media.

The industry has figured out how to connect back-end systems with mobile apps, now organisations should also interface with connected devices, analytics and AI apps.

Organisations that can deliver apps that quickly respond to changing conditions across multiple engagement channels can gain an advantage over those that are stuck in lengthy review cycles and tied to inflexible architectures.

In its Top 10 Strategic Technology Trends of 2018, Gartner has included:

AI foundation
Intelligent apps and analytics
Intelligent things
Digital twins
Cloud to the edge
Conversational platforms
Immersive experiences
Blockchain
Event-driven
Continuous adaptive risk and trust

Build on successes

While ‘the intelligent digital mesh’ may conjure images from a sci-fi movie, AI and IoT technologies ultimately provide either new apps or extend the functionality of existing apps.

Clare Grant

CIOs working with limited budgets and tighter timeframes should avoid reinventing the wheel and re-use existing models and infrastructure where possible. Many of the issues that surface with the integration of AI and IoT are similar to those faced and solved by mobile app developers when enterprise mobility was in its infancy.

Some organisations have become more strategic in their approach, no longer treating mobile as a separate project but seeing it as a broader part of their enterprise application landscape and their digital transformation strategy. I believe the integration of AI and IoT is likely to follow the same path to maturity.

Working with the open source community can also aid in IoT and AI app experimentation. The community can work together to solve common issues. Organisations can then select productised enterprise-ready versions of community-developed innovations that are built for scale.

The author of […]

The post That’s another fine mesh you’ve got me into: Part 1 appeared first on IoT Now – How to run an IoT enabled business.

Blogs – IoT Now – How to run an IoT enabled business

That’s another fine mesh you’ve got me into: Part 2

As IoT adoption increases and the number of connected devices proliferates, writes Clare Grant, general manager at Red Hat Mobile, I believe it will become unsustainable for organisations to integrate point-to-point.

Application Programming Interfaces (APIs) can play a crucial role in application development in the intelligent digital mesh because they enable connected devices and AI apps to interact with data stored in enterprise back-end systems, in a more secure and repeatable manner. In this way, large enterprises can respond in a more agile way to change and disruption, such as damaged infrastructure, stock substitutions, route variations, price increases, or product improvements.

Managing multiple point-to-point communication

The opening up of APIs can also enable organisations to provide uniform interfaces to internal and external developers, partners and customers, to help improve data exchange and transactions. In addition, APIs enable the open source community to create new functionality and value.

At your service

Microservices, whereby application functionality is developed as independently deployable services, enable organisations to experiment with new features and more rapidly respond to changes and disruption.

Microservices architectures still require integration capabilities such as transformation, orchestration and connection, so that data can be shared across multiple systems and services. An agile integration approach, taking advantage of APIs, containers, and distributed integration technologies, can be used to bring integration into the application development processes.

Changes to client-side functionality require equal flexibility on the backend. Using an integration platform, developers can more quickly create and scale lightweight integration services, based on APIs. Business workflows rely on core systems of record and supporting IT infrastructure. In addition to AI and IoT datastreams, the Intelligent Digital Mesh will still require data from back-end systems to power apps and help deliver business value.

Enabled by containers

With an increasing number of different applications running in an enterprise, from the newer AI, mobile, and IoT applications to the more traditional business intelligence, web, and other industry-specific applications, the delivery and management complexity can quickly escalate. This is where the role of containers and a container-based platform can come into play.

By deploying microservices in containers, independent development teams can deliver them. Container technologies are designed to eliminate bottlenecks in performance and facilitate agile integration that underpins independent app development and scalability.

As AI and IoT combine and users become accustomed to an increasingly connected and data-driven environment, apps can become subject to continuous updates and unpredictable demands for elastic scalability, often independently from one another. Containers enable the continuous development of lightweight, tested units of app deployment that can scale independently on demand. Most importantly, containers enable consistent version management of system units and provide portability for existing apps so that they can be deployed in different environments without too much retooling.

Embrace the mesh

As with enterprise mobility, successful implementations are more likely to be strategic rather than tactical. Organisations should avoid working in silos and view AI, IoT, data analytics and mobile developments as part of the overall technology roadmap.

Clare Grant

I expect the emergence of the intelligent digital mesh to help drive enterprises to adopt modern app […]

The post That’s another fine mesh you’ve got me into: Part 2 appeared first on IoT Now – How to run an IoT enabled business.

Blogs – IoT Now – How to run an IoT enabled business

Another Brick in the Wall: Barriers to IoT Adoption

In my previous blog, I outlined the major components of the Internet of Things (IoT), giving the current state of IoT technology a grade of B-minus. Why the minus? Today, I’ll dive deeper into two major issues slowing IoT adoption: complexity and security.

Complexity Fragments Markets and Hampers Interoperability

There is no such thing as the “IoT market.” The typical vertical markets associated with industrial IoT applications range from manufacturing, transportation, oil and gas, and mining to agriculture, retail, insurance, healthcare, education, and smart cities. Each of these huge markets has many submarkets, and even within each submarket there are many overlapping, often long-standing ecosystems. Car manufacturers in Europe, for example, work within a completely different supply chain from those in the United States; each has its own vocabulary, technologies, and challenges. Adding to that complexity is the fact that, with few exceptions, IoT deployments are in “brownfield” environments, where innovations have to coexist with a plethora of incompatible legacy technologies.

“Car manufacturers in Europe, for example, work within a completely different supply chain from those in the United States; each has its own vocabulary, technologies, and challenges. Adding to that complexity is the fact that, with few exceptions, IoT deployments are in “brownfield” environments, where innovations have to coexist with a plethora of incompatible legacy technologies.”

Then factor in access technologies. The wide range of IoT use cases drives an equally wide range of technologies that vary according to bandwidth, reach, power, and cost. Connected vending machines may need to send a few packets whenever a brand of soda needs to be restocked. On the other extreme, the sensors deployed around an oil rig may generate terabytes of data each day. These sensors are connected within the rig using a combination of Ethernet and wireless technologies. In some cases, the data can be sent back to the central data repository using a fiber cable; but when this isn’t possible for remote sites, the data is processed locally in real-time, and just the exceptions or alerts are sent back via satellite. In other cases, you might piggyback on a municipal Wi-Fi system, or use Low Power Wide Area Network (LPWAN) technologies to connect battery-powered devices. Payment apps such as Apple Pay use near-field communications (NFC), which (thankfully) won’t work more than a few inches away. Indeed, these special needs demand specialized technology—but the result is a complex tangle of often incompatible and disparate access methods.

The IoT industry has tried to bring order to all of this with horizontal and vertical standards bodies and consortia—IEEE, IETF, ODVA, ISA, IIC, OCF, and OPC, to name a few (and to get lost in alphabet soup!). Ironically, there are so many industry organizations that it’s hard to bring them all together into a cohesive set of standards that ensure interoperability across an entire IoT deployment. The various sensors in a single production facility may run on different semi-proprietary standards that limit the free flow of information. Limited access to IoT data limits the value of your IoT deployment. For example, IoT applications such as preventive maintenance can work only if they can gather, process, and analyze all the data generated by heat, pressure, and vibration sensors on a piece of heavy equipment. Standardization and interoperability are the gateway to IoT value.

Companies considering IoT deployments also have to navigate rapidly changing organizational structures. For most of the 20th century, vertically integrated vendors strived to deliver end-to-end solutions. Today, markets move too fast for any one company to develop or deliver a single, complete solution on its own. The 21st century model is the emergence of symbiotic ecosystems of partners who complement each other in developing IoT solutions together. You might picture a big square dance, where partners come together for a time, then move off to dance with someone else. For many companies, this is unknown territory, but the sooner you embrace this model, the sooner you’ll be able to benefit from the IoT economy.

Security Concerns Can Kill an IoT Deployment

Worries about security may cause decision-makers to hesitate before investing in an IoT deployment—and last year’s IoT distributed denial of service (DDoS) attacks didn’t helped matters. IoT security is in many ways unique: It is more distributed, more heterogeneous, and more dynamic than traditional IT security environments. It also introduces new scenarios that require brand new approaches to security (think connected cars, sensor swarms and consumer-class devices in the workplace).

“Worries about security may cause decision-makers to hesitate before investing in an IoT deployment—and last year’s IoT distributed denial of service (DDoS) attacks didn’t helped matters. IoT security is in many ways unique: It is more distributed, more heterogeneous, and more dynamic than traditional IT security environments. It also introduces new scenarios that require brand new approaches to security (think connected cars, sensor swarms and consumer-class devices in the workplace).”

Back in the day when industrial enterprises ran self-contained, proprietary systems, “security by obscurity” was standard practice—if you’re not connected to anything, no one can break in. That approach no longer works in today’s connected IoT environment (if it ever did), so businesses must rely on a policy-based architectural approach that builds security into every aspect of a deployment—not just defending the perimeter.

After years of under-investment, the security industry is finally addressing the special requirements of IoT in a way that is reminiscent of how it responded to the challenges of Wi-Fi 15 years ago—accelerating work in standards, interoperability and certifications.

On the Other Hand, Adoption Accelerators Can Help Realize IoT Value

While complexity and security remain obstacles to widespread IoT implementation, here are two technology trends that promise to accelerate adoption and multiply the value of IoT solutions:

Analytics: When we put sensors on things and then connect them, we begin collecting vast amounts of data in motion about those things. Analytics sifts through that data real-time or near-real-time to find what is important and delivers insights and recommended actions for business impact. Two of the four fast paths to IoT payback I’ve identified—predictive analytics and preventive maintenance—depend on analytics to create IoT value.

Blockchain: I mentioned in my last blog that the ability to have a trusted means of transferring and tracking value online is enabling a whole new class of IoT capabilities, such as authenticating interactions among autonomous vehicles or managing and reporting mining site data. The “Internet of value” created by IoT plus blockchain will transform online processes. The industry is moving swiftly to capitalize on these capabilities starting with the formation of consortia to ensure interoperability.

So while obstacles remain, I am optimistic about the trajectory of IoT. An active community of IoT innovators is working tirelessly to reduce complexity and improve security. They know that IoT value depends on it.

Do you want to get involved?

Learn and contribute more by joining lively discussions from industry thought leaders in the new Building the Internet of Things community. More IoT insights can also be found on my web site.

(c) istockphoto.com/ bogdanhoda | tramino | hywards

The post Another Brick in the Wall: Barriers to IoT Adoption appeared first on IoT Tech Expo.

IoT Tech Expo

IoB Insiders: IoT gets us into another fine mesh

IoB Insiders: IoT gets us into another fine mesh

IoB Insider Rob Bamforth of analyst company Quocirca, on why the time has come for commercial IoT applications to use the mesh technologies more commonly deployed in emergency and combat scenarios.

Many IoT applications look great when first presented. Low-cost processing power and storage, coupled with the pervasive availability of open networking, should in theory make almost anything possible. The challenge comes when trying to turn this combination into real business solutions. Security is an ever-present and justifiable concern, but for many use cases, the biggest issue is scale.

The IoT scaling challenge is both technical and financial: one is up, the other is down.

In other words, much of the need to scale down financially appears to have been tackled as technology has been commoditized. This helps, but as they move from concept to reality, most IoT applications increasingly rely on a sizeable investment in software, services and, in particular, networks. Almost every link in the value chain sees IoT as a new source of revenue, and mobile network operators were among the first to seize upon this when they pushed early machine-to-machine (M2M) solutions in the early 2000s.

So are cellular networks going to completely fulfil the needs of low-cost, high-scale that IoT applications will demand as they grow?

Probably not, and hence, the massive IoT scale at the edge of the network (think of smart cities, smart buildings and autonomous vehicles) has provoked interest in other, low-capacity, low-power wireless network technologies. These include long-range networks such as LoRa and Sigfox, as well as short-range connectivity options such as Zigbee and Bluetooth LE (Smart) and, of course, Wi-Fi.

Traffic management

At this stage, it is difficult to constrain traffic levels for many IoT applications, so it is clear that other approaches will be necessary. Organisations, in both the private and public sectors, will need to think carefully about potential scaling issues in the networks they will need to use in IoT solutions. Range, capacity, reliability and price will all have an impact on the viability of any fully deployed IoT application.

This is where mesh networks have strong appeal. Here, the principle is that instead of constructing the network as a star or tree, radiating out to the edge with a ‘backhaul’ to a core, each node can relay traffic to another node – thus forming a mesh – as well as being used as an edge device itself.

The theory is that, unlike regular networks that become clogged as more devices are added, with mesh networks, adding more nodes makes the mesh better. This decentralized control approach makes the mesh feel more like a ‘community’ than a carrier.

Read more: Everynet announces FOTA update capabilities for LPWA networks

Mesh networks have many advantages. They offer alternative paths for network traffic to route around ‘damage’ or bottlenecks. Traffic can be split and shared to improve performance. They enable ad hoc deployment and extension, without the need for central control to pre-build or pre-plan backhaul connectivity or infrastructure.

This means there is a lot of flexibility with a mesh architecture, so they have often been exploited where networks have to be rapidly deployed in difficult situations, such as in emergency or military scenarios.

Home and away

Many people will encounter a form of mesh networks via Wi-Fi in the home. Dual and multi-radio systems are often used to extend domestic networks, so that no wired connection is required between access points. These typically work very well, as they tend to involve relatively small numbers of access points in fixed locations. Once the mesh is established, it just carries on working. If access points need moving or adding, after a short reconfiguration, it all works again.

The premise of mesh networking is that this should scale up to work in other scenarios, such as smart cities, buildings and vehicles. But these represent a more complex and dynamic environment than that which is seen in a home network. The cooperation between meshing devices can be complex and grow out of proportion with network scale. Alternately, a central root device that coordinates the mesh introduces the problem of a single point of failure and loses the autonomy of the edge to adapt.

Read more: Kigali IoT network provides blueprint for African smart city initiatives

The problem only gets worse if the mesh has to dynamically configure itself, such as if the devices are physically mobile, which ironically is when the ability to build ad hoc networks really comes into its own. Many Wi-Fi and mesh solutions become unreliable and choked when overloaded by users, radio interference or their own traffic flow management. Current cities with masses of static, mobile and pop-up networked devices already stretch and break the scaling of traditional cellular networks. Mesh networks will need to exceed current capabilities by some margin in order to add value to the wireless edge.

Safe pathways

A solution could be close at hand. One approach comes from Rajant Corporation, for example. Its BreadCrumb network devices were designed to give a ‘Hansel and Gretel’ safe pathway home in the most challenging environments. The highly adaptive mesh architecture this requires makes this type of technology suitable for large-scale and dynamic IoT use cases.

Just as many of the wireless technologies already enjoyed by businesses and consumers once originated in military developments, so too are the more robust wireless mesh technologies. Those looking to deploy large-scale, multi-purpose networks for IoT applications – in public spaces and smart environments, for example – should again be considering the potential for mesh. It has been assessed before (in networks in street furniture serving mobile users and so on), but now the criteria are more rigorous and mesh solutions have evolved.

Large-scale IoT mesh networks will need to be able to autonomously adapt to traffic needs and failures in a dynamic environment, where elements of the mesh itself will move around and shift in numbers. It is a complex real-time problem that needs to be robust and secure, as well as demonstrating sufficient capacity at a low deployment and operational cost. However, perhaps now the time is right for military and emergency-grade mesh technologies to play their part in the large-scale yet rigorous world of commercial IoT applications.

Read more: Ulster University rolls out Sigfox-based IoT network

The post IoB Insiders: IoT gets us into another fine mesh appeared first on Internet of Business.

Internet of Business