The magazine for network and data centre professionals September/October 2023 EUROPE NETWORKS SOLVING ARCHITECTURAL CHALLENGES AFRICA’S DIGITAL GROWTH Future-proofing data centres: cabling and connectivity in the age of AI Preparing the fibre cities of the future The 5G network evolution IN THIS ISSUE:05 New whitepaper harmonises essential secure boot processes 05 RtBrick Partners with Radisys to deliver turnkey disaggregated IP networks 06 AI-powered contextual threat event analysis 06 Veam partners with Sophos 07 Gaia-X project Tellus reaches design phase 07 New flowmeters eliminate the need for separate cabling 08 End-to-end IQ capture and playback system for RF signals 08 Launch of the latest high-capacity modular chassis in the OmniSwitch family 09 World’s first silicon-to-cloud locationing solution using WiFi, cellular IoT, and GNSSk 10 New SAP patching solution 10 New partnership for large venue coverage offer 11 Rajant acquires Reios SRL to form Rajant Italia SRL 11 Colt DCS expands to Frankfurt Surrey Technology Centre Surrey Research Park 40 Occam Road Guildford, GU2 7YG www.networkseuropemagazine.com Published by: Abacus Communications Limited Publisher: Greg Ward Editor: Hazel Davis The views expressed in the articles and technical papers are those of the authors and are not endorsed by the publishers. The author and publisher, and its officers and employees, do not accept any liability for any errors that may have occurred, or for any reliance on their contents. All trademarks and brandnames are respected within our publication. However, the publishers accept no responsibili- ty for any inadvertent misuse that may occur. This publication is protected by copyright © 2023 and accordingly must not be reproduced in any medium. All rights reserved. Networks Europe stories, news, know-how? Please submit to editor@networkseuropemagazine.com including high resolution (300dpi+ CMYK) images. 050907 NEWS IN BRIEF Rajant acquires Reios SRL to form Rajant Italia SRL offering a suite of IoT solutions EUROPE NETWORKS 11 CONTENTS 0212 The AI boom is generating renewed tech optimism in the UK: here’s why Room for positivity 16 Future-proofing data centres: cabling and connectivity in the age of AI The world's insatiable demand for data storage 18 The 5G network evolution – 2024 predictions A 5G market that's ready to scale 22 The telecoms industry trends that will dominate 2024 How to position your business for success 26 Back to the Future: Bringing the Cloud back on-premise A new model gaining ground 28 Dark Fibre: Preparing the fibre cities of the future The need for reliable and consistent connections 32 Harnessing the potential of SD-WAN Sharing the load 36 Embracing the edge – innovative solutions for a digital future Beyond the streaming universe 38 Networking: solving architectural challenges The need for robust security 42 Africa’s digital growth is an opportunity to think differently More than a distributed and rural data story 122818 FEATURES CONTENTS 03Welcome to something of a future-gazing issue of Networks. We’re fresh from the AI Safety Summit at Bletchley Park, where talk was of identifying AI safety risks, building a shared scientific and evidence-based understanding of these risks and building global risk-based policies. This included increased transparency by private actors developing frontier AI capabilities, better tools for safety testing and developing relevant public sector capability and scientific research. Still, the AI boom is generating renewed tech optimism in the UK, says Cloud Industry Forum’s Steph Macleod. She talks about how we can solidify the UK’s position as a leader in this area and as AI continues to evolve, the importance of applying these technologies safely and responsibly, while harvesting the benefits. Elsewhere in this issue we continue looking ahead to some 5G network predictions and how AI will continue to drive data centre evolution. We also look at how to prepare the fibre cities of the future and discover how open- caching is positioned to play a pivotal role in the future of streaming media. Happy reading and, as ever, we look forward to hearing from you on topics you’d like us to cover. Happy Holidays! Hazel Davis, Editor The magazine for network and data centre professionals September/October 2023 EUROPE NETWORKS SOLVING ARCHITECTURAL AFRICA’S DIGITAL GROWTH Future-proofing data centres: cabling and connectivity in the age of AI Preparing the fibre cities of the future The 5G network evolution IN THIS ISSUE: Share your news! Send your press releases or announcements to: editor@networkseuropemagazine.com EUROPE NETWORKS 04 FOREWORDOriginal Equipment Manufacturers (OEMs) and operators are benefitting from a common set of requirements to better protect gateways from critical attacks, thanks to a new whitepaper from the prpl Foundation. Presented at the 2023 prpl Summit, ‘An Introduction to Secure Boot’ (PRPL- SBW001) defines the concepts of a secure boot process and the prerequisites which need to be considered for it. Created by prpl’s Security Assurance Working Group, the document outlines the major principles of a secure boot, how these can be applied to all prpl-compliant products and provides key guidance on how best to align the implementation efforts of a prpl-compliant bootloader. “While the concept of a secure boot is well established, the lack of commonality regarding the necessary requirements for one can result in operators having to navigate difficult proprietary processes,” said prpl Foundation president Dr Len Dauphinee. “Thanks to the Security Assurance Working Group and ‘An Introduction to Secure Boot’, organisations can benefit from improved guidance and a common, secure foundation to build from. I’m excited to see what this harmonisation will bring across our industry.” The bootloader is a piece of software that performs all the steps necessary to put the hardware of the gateway into a defined state when powering on, so that the execution process can be carried out by the main Operating System (OS) or Firmware. Correct and predictable functioning of the Gateway is essential if operators are to provide reliable services to their subscribers. To achieve that, a bootloader must be built around a Chain of Trust (CoT), which will ensure each software component loaded has not been tampered with. All firmware components found in the chain must be verified and authenticated, and, if running Customer Premises Equipment (CPE) has been compromised, the bootloader must ensure that any such changes to these components are not persistent. If these considerations are not met, an attacker could quickly access confidential information which allows for unauthorised exposure and usage, leading to significant financial and reputational damage for all involved. At the same time, secure boot designs rely on critical assets such as Root of Trust (RoT) keys, yet OEMs and operators may have alternate designs for bootloaders that prefer simpler or more complicated key management schemes, hardware capabilities and trust-party setups. The type of non-volatile flash memory chosen may also impact the implementation of a bootloader, leading to proprietary developments which may hinder a successful secure boot process. New prpl whitepaper harmonises essential secure boot processes RtBrick has announced that it is partnering with Radisys Corporation to offer telcos solutions to build IP networks based on open, disaggregated, ‘cloud-native’ architecture. The partnership will enable operators to adopt RtBrick’s disaggregated IP routing software as part of an end-to-end integrated networking solution from Radisys that includes core and access technologies, support and OSS/BSS integration. Network disaggregation allows operators to benefit from a new generation of open ‘bare-metal’ hardware, breaking the cycle of vendor lock-in imposed by many traditional manufacturers, and lowering costs. Software from RtBrick transforms these white-box switches into carrier-grade MPLS routers. This initial use case contains RtBrick’s Broadband Network Gateway (BNG), the specialist router used to offer broadband internet services and network aggregation. “Changing to a disaggregated network requires an investment in new skillsets and draws on limited IT resources,” said Pravin S Bhandarkar, CEO and founder at RtBrick. “Radisys can deliver a turnkey integrated solution that will give operators a simpler way of realising the benefits of network disaggregation.” The solution can be scaled by adding more open hardware as needed, in incremental steps, whether the aim is to add more subscribers or more throughput. “Partnering with RtBrick will allow Radisys to offer an integrated and complete disaggregated broadband solution to our customers. A disaggregated network from a diverse and open ecosystem gives operators the flexibility to mix and match hardware and software as needed,” said Prakash Siva, Head of Technology and Architecture at Radisys. “In addition to reducing CapEx costs, this new cloud-native operating model also enables Zero-Touch Provisioning and automation using open REST-based APIs, to optimise OpEx costs.” RtBrick partners with Radisys to deliver turnkey disaggregated IP networks NEWS IN BRIEF 05Progress has announced the release of its network anomaly detection system, Progress Flowmon ADS. Flowmon ADS 12.2 harnesses the power of artificial intelligence (AI) to provide an advanced and holistic view of detected security events, empowering cybersecurity professionals to identify those that are important, prioritise them with context, guide efficient decision-making and respond quickly. One of the most significant hurdles facing IT teams is the overwhelming volume of security events and alerts. Security professionals struggle to extract actionable insights and to prioritise their efforts effectively. Without adequate network detection capabilities or sufficient data to make informed decisions, organisations are susceptible to attacks. With the latest release of Flowmon ADS, IT professionals have fast and automatic access to an expanded range of meaningful security insights. They can immediately apply sophisticated intelligence and context to identify malicious behaviours, attacks against mission-critical applications, data breaches and various indicators of compromise. Contextual threat event analysis addresses critical problems by examining the overall state of the network, identifying event trends and generating a comprehensive at-a-glance view. New data views correlate detected events in the entire IT ecosystem - on-premises, cloud and hybrid - providing critical information about the devices with the highest threat score, those with an increased threat score, changes in severity across the most common types of detected events and/or the most significant detected threats. Flowmon ADS acts as an always-on, AI-powered cyber security analyst, able to distil and summarise only the most important events and findings, providing a contextualised understanding of incidents and key insights into the dynamics of any security situation. “Flowmon’s AI-powered contextual threat event analysis represents a giant leap forward in the battle against ever-evolving threats,” said Sundar Subramanian, EVP & GM, infrastructure management, Progress. “By cutting through the noise and providing a cohesive understanding of the threat landscape, organisations have the necessary tools to stay ahead of cyber threats, mitigate risks and safeguard their critical assets.” NEWS IN BRIEF 06 Veam partners with Sophos Veeam Software has announced a strategic partnership with Sophos. This partnership will see the Veeam Data Platform integrate with Sophos Managed Detection and Response (MDR) to add a layer of human-led threat detection and response against ransomware attackers. Through the partnership, Veeam Data Platform will integrate with Sophos Managed Detection and Response (MDR), adding a critical layer of human- led threat detection and response to advance the security of business-critical backups against ransomware attackers who attempt to manipulate, delete or change the customers backup environment as a tactic in their overall attack chain to increase pressure on victims to pay the ransom. With persistent cyberattackers constantly upping their game, the question is no longer if or when, but how often an organisation will be impacted, making it more critical than ever for organisations to have the right protection and recovery capabilities in place. Together, Veeam and Sophos technologies vigilantly detect cybersecurity threats, determine the warranted response and rapidly recover impacted data, providing organisations with peace of mind, knowing their data is always available and easily recoverable. “The growing threat of cyberattacks can only be addressed by companies coming together to offer customers more complete and integrated protection,” said Danny Allan, CTO at Veeam. “Combining the number one global leader in data protection and ransomware recovery with the number one MDR offering provides customers with the most comprehensive cybersecurity protection and recovery on the market today. Keeping businesses running, no matter what happens, is central to Veeam’s overall mission, and by uniting with Sophos to create an end-to-end approach, we take another step in protecting customers from bad actors by strengthening their overall security posture and enabling radical resilience.” Veeam Data Platform monitors an organisation’s environment to detect potential threats against customers’ production workloads and their backup environment. Should a threat be identified, such as an attacker attempting to tamper with backups, Veeam sends an alert to Sophos MDR – a fully- managed threat-hunting, detection and response service that provides a dedicated 24/7 security team that rapidly identifies and neutralises complex attacks, including ransomware, network breaches, hands-on keyboard adversaries and more. contain and fully-eliminate the attacker. AI-powered contextual threat event analysis Tellus, the Gaia-X development project led by internet exchange operator DE-CIX, has completed its design phase. With this important step the network and cloud layers are now ready for use. A core project of the design phase was the development of the matchmaking and broker services for the network and the cloud. These brokers are critical for the delivery of services and resources on the Tellus platform and have been carefully designed to ensure smooth and efficient intermediation between users and service providers. Using the intuitive Tellus interface, users can effortlessly access all available services from providers, clouds and networks to make use of precisely the services they need. On the basis of users’ requirements, the sophisticated matchmaking service suggests exactly which services are needed. Secure, interconnected and federated data infrastructure Another important step was the introduction of an authentication process based on Self-Sovereign Identity (SSI). This approach allows users to maintain full control over their identity while providing secure authentication. This helps to strengthen data security and protect the privacy of users, thus meeting the most modern security standards. “The successful completion of the design phase in the Tellus project marks a significant step towards live operation,” highlighted Dr Christoph Dietzel, global head of products & research at DE-CIX and Tellus Project Manager. “Having concentrated in the now completed design phase on the matchmaking and broker services, the user-friendly Tellus user interface, and the innovative authentication process, our developments put their focus on a secure, connected and federated data infrastructure with data sovereignty at its core. Tellus has taken inspiration from real-world use cases and will find broad application within the Gaia-X ecosystem for the high-performance interconnection of dataspaces and services. With guaranteed performance and security, we are shaping the future of digital services, making them uncomplicated and automated.” The project goal is to develop and deploy a Gaia-X compliant network infrastructure for sensitive use cases that leverages existing Internet infrastructure and adds a software layer. An operational prototype for this software-based network infrastructure is expected to be ready by the end of 2024. Gaia-X project Tellus reaches design phase ABB has launched new CoriolisMaster and ProcessMaster flowmeters that can be powered over the same ethernet cable used for data transmission, eliminating the need for separate cabling. The new features reduce installation time and cost, and increase the speed and reliability of data transmission. The CoriolisMaster and ProcessMaster flowmeters combine Power Over Ethernet (POE) with the ProfiNet protocol, providing a single-cable solution for both power and data transmission. They also reduce the risk of data transmission errors caused by power fluctuations or interruptions, providing accurate and reliable real-time data to the control system. Scalable, four-wire ethernet facilitates remote flow- rate measurement and adjustment, while a dedicated web server provides direct access to device diagnostics. One of the key challenges facing customers in process industries is the need to reduce the complexity and cost of installation and operations of field instruments, infrastructure and systems. The new flowmeters address this challenge by providing a single-cable solution. ProfiNet is a protocol used in the field of operational technology (OT) that operates at the application layer. Incorporating ProfiNet into ABB’s CoriolisMaster and ProcessMaster flow metres enables seamless and real- time exchange of data, and monitoring of alarms and diagnostics. It also allows for diverse configurations to ensure reliable and efficient communication between the flowmeters and across both local area and wide area networks (LAN & WAN). “Remote monitoring and control are becoming increasingly important in many industries,” said Harald Grothey, global product manager at ABB. “ProfiNet's high-speed communication capabilities with fast and reliable data transmission mean remote operators can make informed decisions in real-time, reducing the need to travel for on-site support. We are always looking for ways to help our customers become more efficient. By reducing the need for separate cabling, the new CoriolisMaster and ProcessMaster flowmeters are a stepping stone to a more resource-efficient future.” New flowmeters eliminate the need for separate cabling NEWS IN BRIEF 07End-to-end IQ capture and playback system for RF signals Anritsu Company has partnered with AnaPico AG in response to the growing demand from customers need for instruments to capture RF signals-of-interest over the air and then play them back from vector signal generators. AnaPico is an ISO9001 certified technology leader. Their core expertise lies in the development, manufacturing, and provision of cutting-edge RF and MW test and measurement instruments tailored for a broad spectrum of civilian and governmental applications. The Anritsu IQ Signal Master MX280005A PC application has been enhanced to integrate the capture of RF IQ signals using the Field Master Pro MS2090A spectrum analyser, and then to load the IQ data file into the AnaPico VSG for playback at any frequency up to 40GHz. The seamless process of IQ data capture and playback is ideal for in- depth testing of the response of receivers to a wide range of signals. The ability to record and analyse a broad range of radio signals including radars, telemetry links, secure communications and jammers are increasingly important to the security and defense agencies. The IQ Signal Master MX280005A integrates all the required functionality into a single package that manages the capture configuration, provides a built-in spectrum analyser replay with microsecond resolution, and playback of the captured signal at any frequency to 40GHz. Built-in intelligent algorithms include tools to quickly find and extract signals of interest from large data files, extraction of low-level signals from the noise, and scenario testing, to validate the performance of receivers to real-world threats. Alcatel-Lucent Enterprise has launched the Alcatel-Lucent OmniSwitch 9912, the latest high-capacity modular chassis in the OmniSwitch family. As performance requirements in enterprise core and data centre networks continue to increase, the OmniSwitch 9912 provides a robust foundation for high- bandwidth autonomous networks. It offers seamless integration with the existing OmniSwitch portfolio to support large-scale virtualised networks using modern and scalable fabric technologies such as the industry-recognised Shortest Path Bridging (SPB). With OmniSwitch 9912, customers can protect their investment by future-proofing their core network build-out using a high-capacity switching fabric and high-density 100G line cards to meet bandwidth requirements. Maximum flexibility, with a range of port speeds from 1G to 100G, allows networks to be designed to last for years, while growing incrementally as requirements increase. The OmniSwitch 9912 lets operators build a resilient network core with full redundancy and multiple connectivity options to create large campus networks. > High-capacity, modular, flexible 12-slot chassis > High-bandwidth availability with port speeds from 1G to 100G > 51.2Tbps switching capacity > Investment protection > Flexible deployment options for migration > Extended security > A future-ready solution “We are excited to announce the addition of the Alcatel-Lucent OmniSwitch 9912 into the OmniSwitch portfolio. This offering creates new opportunities across all regions and vertical markets for mid to large customers, helping them protect their existing investments with flexible solutions that allow them to grow as needed,” said Stephen Robineau, EVP, Network Business Division, Alcatel-Lucent Enterprise and President of ALE USA. Launch of the latest high- capacity modular chassis in the OmniSwitch family NEWS IN BRIEF 08World’s first silicon-to-cloud locationing solution using WiFi, cellular IoT, and GNSS Nordic Semiconductor, has announced it is now established as the world’s first sole supplier of a complete silicon-to-cloud locationing solution with WiFi, cellular IoT, and GNSS. Nordic’s single-vendor solution, combined with the company’s world-class tech support, will simplify and accelerate product development of applications based on WiFi locationing. The new nRF7000 companion IC is a unique low-power WiFi 6 chip, optimised for WiFi network scanning on both the 2.4 and 5GHz WiFi frequency bands. Together with Nordic’s nRF91 Series cellular IoT System-in-Package (SiP), the nRF7000 enables SSID- based WiFi locationing. Nordic’s SSID-based WiFi locationing enables the acquisition of accurate location fixes in an extremely power-efficient manner both indoors and outdoors, in urban and suburban areas. This is a valuable complement to GNSS, especially in buildings and in dense urban areas where GNSS can fail due to signal fading and interruptions. Scanning for WiFi SSIDs for locationing is commonplace in products such as smartphones. The nRF7000 IC is highly optimised for ultra low power WiFi SSID scanning and does not support data communication via WiFi. The optimisation enables Nordic’s WiFi locationing solution to offer a unique balance between power consumption and location precision. Nordic’s SSID-based WiFi locationing solution uses the nRF7000 IC for WiFi scanning and an nRF91 Series SiP for cellular communication to Nordic’s nRF Cloud. Instead of relying on traditional methods like cell towers or satellite signals, SSID-based WiFi locationing scans the signals from nearby WiFi access points to accurately determine a tracker’s location. This enables a location accuracy that is better than cellular-based but less accurate than GNSS, while being more power-efficient than GNSS and almost as power-efficient as cellular-based. “Nordic's dedication to low power wireless technology enables us to provide highly efficient solutions for numerous IoT applications,” said Kjetil Holstad, EVP strategy & product management at Nordic Semiconductor. “This focus culminates in a fusion of WiFi locationing from the nRF7000 with the cellular and GNSS capabilities of the nRF91 Series SiP. Customers now need to come to just one place for a comprehensive, low power locationing solution and world-class technical support. This streamlines the process and saves them significant time and money.” “The launch of the nRF7000 IC makes the Nordic SSID-based WiFi locationing solution best-in-class,” explained Finn Boetius, product marketing engineer at Nordic Semiconductor. “Competing solutions tend to use general-purpose WiFi ICs for WiFi locationing. These are usually oversized and not optimised for this specific use case. This makes them both more expensive and more power-hungry. “The Nordic locationing solution allows a trade-off between position accuracy and power consumption,” continued Boetius. “In situations where high-position precision is needed, GNSS is the best option. But if GNSS is unavailable or only a very rough location is needed, you can use cell-based locationing and save battery life; this will be accurate enough to tell you in which neighborhood your device is. If you’re still without GNSS and need more accurate information, you include WiFi information at the cost of a little more power. This will be accurate enough to tell you in which house the device is located.” Nordic’s SSID-based WiFi locationing solution is supported by the nRF Connect SDK, the company’s single software development environment. When used in conjunction with Nordic’s nRF Cloud Services, it enables effortless over-the-air updates for application, middleware, and/or modem firmware while providing a secure and reliable update procedure. “If you run into technical problems on a project, dealing with multiple vendors can create a massive technical support headache,” said Ville-Veikko Helppi, product director, Cloud Solutions at Nordic Semiconductor. “That multi-vendor headache is eliminated with Nordic’s one-stop-shop solution.” 09 NEWS IN BRIEFNext >