[Nigeria] Actis acquires majority stake in Rack Centre, announces plans to build a $250 million African data centre platform

Leading investor of private capital into global emerging markets, Actis has acquired a majority stake in Nigeria’s leading, independent, co-location business, Rack Centre. 

Rack Centre owns and operates a certified Tier III data centre in Lagos. It has the largest installed capacity in West Africa hosting over 80 international, regional and local clients. With over 35 carriers connecting to the facility, as well as hosting Nigeria’s internet exchange, Rack Centre is the most connected facility in the region and links every country on Africa’s Atlantic coast.

The investment into Rack Centre will fund a rapid expansion of the data centre, doubling the existing modular capacity and developing a traditional-build scale data centre on the same premises. This will create the largest data centre outside South Africa with hosting capacity in excess of 10MW over the near term.

Actis is already one of the largest real estate and power generation investors in Africa. The firm has also created a Chinese data centre platform, Chayora Holdings, to develop hyperscale data centre facilities in Tianjin and is exploring other Asian markets.

 “We have been tracking the data centre market in Africa closely, building relationships with key operators and customers. Africa is at an inflection point and we expect to see an explosion in growth of demand for hosting capacity in independently owned data centres across the continent.” David Morley, Head of Real Estate at Actis, said:

“We are excited about this new partnership with Rack Centre and its promoter Jagal Investments.  Together they have built a strong business of international repute, hosting a compelling mix of customers ranging from leading Nigerian corporates to global cloud majors.” he added. 

Ayotunde Coker, Managing Director of Rack Centre said “It has been a great honour to lead the growth of Rack Centre to become one of the most respected carrier neutral data centre brands in West Africa. Rack Centre is now at a key juncture and my team and I are excited with being part of the future growth. With over 750kW of installed capacity, it is now doubling capacity to 1.5MW of IT power at the currently location on a trajectory to 10MW”

 “Jagal is excited with its new partnership with Actis. Rack Centre has developed into a leading and respected African brand and it is now at a critical stage for investment and growth. Actis understands global and emerging markets and will be a fantastic partner for the next phase of the Rack Centre journey” Maher Jarmakani, CEO of Jagal added. 

Actis is the largest private equity GP in Africa having committed US$4.5bn to the region over the last 15 years.

Actis has also announced plans to establish a US$250 million pan-African data centre platform. The buy and build platform according to the company will comprise of independently owned, carrier neutral, data centres across key African markets.

www.act.is

www.rack-centre.com

[Kenya] Safaricom to accelerate cloud adoption in with Amazon Web Services

Safaricom has announced a strategic agreement with Amazon Web Services (AWS), which will see the Telco become a reseller of AWS services.

Safaricom has announced a strategic agreement with Amazon Web Services (AWS), which will see the Telco become a reseller of AWS services.

The agreement is designed to accelerate Safaricom’s internal IT transformation, lower costs and provide it with a blueprint and skilled resources to assist customers with their journey to the cloud.

“We chose to partner with AWS because it offers customers the broadest and deepest cloud platform, overall commitment to security excellence, and a strong culture of customer obsession. This agreement will allow us to accelerate our efforts to enable digital transformation in Kenya,” said Michael Joseph, Chief Executive Officer, Safaricom.

In addition, Safaricom will be able to offer AWS services to East-African customers, allowing businesses of all sizes to quickly get started on AWS cloud and accelerate innovation.

Safaricom also announced the attainment of Advanced Consulting Partner status in the AWS Partner Network (APN), becoming one of the first APN members in East Africa. The APN is the global partner program for technology and consulting businesses who leverage AWS to build solutions and services for customers.

The APN helps companies build, market, and sell their AWS offerings by providing valuable business, technical, and marketing support. This achievement recognizes the skills, knowledge and experience in AWS cloud services that the Safaricom PLC team has gained.

Safaricom’s announcement to work with AWS has been met with interest by customers, with enterprises, startups, and government agencies expressing a desire to use the partnership to build their cloud strategy.

www.safaricom.co.ke

[South Africa] Cloud market moving from supply-driven to demand-driven, says Routed

Vendor neutral cloud infrastructure provider, Routed, says that four years ago the development of the local cloud landscape was still in its infancy. Managing Director, Andrew Cruise, says that in the time since launching Routed, cloud demand has increased: “The market is moving from supply-driven to demand-driven. While the enterprise sector has taken time to embrace the cloud-concept, we have noted an increase in demand from these organisations.”

He says that the enterprise sector has moved into the driving seat, demanding cloud solutions. This about-turn was predicted according to Cruise: “We knew that the industry needed time to mature and better understand what digitilisation would mean to the success and longevity of their businesses. Where four years ago, owned equipment (either on-premise or collocated) was the outright preference as opposed to public or private cloud, we are now seeing a shift.”

While this shift may imply significant movement, Cruise cautions that cloud growth locally remains small. In particular, private cloud uptake is low and in fact, he says it has never really taken off: “The issue with private cloud is that the definitions tend to vary, which makes it difficult to understand or obtain a firm view of the uptake. Bear in mind that having dedicated equipment that is virtualised does not mean that it is a private cloud.

“When considering public cloud, the local sector seems to have a mixed bag of hosting implementations, but very few that are comparable to a true cloud experience, similar to that provided by the hyperscalers.”

Cloud platform providers have launched some compelling products that will assist in the migration to, and provide easy management of applications in, a legitimate public cloud, but still offer it in a secure and private way: VMWare’s vCloud Director is the standout example.

Lack of cloud skills remains another issue the industry has to address. Cruise says that the channel needs to address their ability to implement bona fide cloud strategies: “It is very important to ensure that you select the correct cloud partner. They need to focus on cloud as their primary business and have the skills to architect, deploy, secure, manage and support cloud infrastructure.”

www.routed.co.za

[Column] Andrew Cruise: Mastering the complexity of multicloud in 2020

As enterprises’ demands look set to continue maturing in 2020, they are better able to distinguish between cloud platforms and identify which ones work best for their applications. “It’s no longer about moving to cloud, it’s about which cloud,” says Andrew Cruise, managing director at Routed, Africa’s only vendor neutral cloud infrastructure provider.

“Now that market penetration of cloud, particularly internationally, has hit a critical mass, we see enterprises are much more confident about moving workloads than before when it appeared they would be on the bleeding edge. While there are still some concerns around uptime, performance and security, these are largely being addressed without any need to reinvent the wheel,” he says.

Multicloud is already broadly being achieved through SaaS applications like Salesforce.com and Office365, through utilising an enterprise’s own on-premise infrastructure, and via several other cloud platforms. “True multicloud however, involves IaaS from multiple providers across native hyperscale IaaS (or PaaS) as well as private cloud, both hosted and on-premise.” In order to successfully implement multicloud, Cruise notes that an enterprise would need to replace parts of their overall infrastructure estate, either by re-hosting workloads (lift and shift) into a hosted private cloud, or re-architecting applications in a cloud-native way to suit native hyperscale clouds. Secure connectivity, either through VPN, SD-WAN or private circuit, is also must.

He adds that because the biggest benefit of multicloud is the way in which it lends itself to a best of breed approach. “Not one single cloud can ever be the silver bullet to solve all an enterprise’s problems. Cloud only, hybrid cloud, or on-premise only solutions are already legacy and too restrictive. Utilising a hosted private cloud for traditional applications as an initial ‘lift-and-shift’ can make it easier to digitally transform by alleviating pressures on on-premise resources and allow them time to properly re-architect suitable applications in the native hyperscale cloud.”

While the benefits of multicloud are impossible to overlook, enterprises need to think carefully about the best strategies for managing the complexity of multicloud environments. It is not possible to manage multicloud effectively on-demand, manually, without automation, says Cruise. Similarly, human expertise will always be required.  Any kind of one-size-fits-all thinking is bound to fail. Further, workload migration between on-premise and cloud and between cloud and cloud is non-trivial and the difficulties should not be underestimated. Unless one standardises on a single platform across multiple clouds, for example, VMware ESXi (which is available on local VMware cloud providers and on all the major hyperscalers too), the ideal of frictionless migration between clouds is a pipedream,” he says.

Andrew Cruise is the managing director at Routed.

[Column] Johan Scheeper: Be data ready in 2020 by tackling key data issues

Data is an intrinsic part of business processes and also a source of competitive differentiation thanks to the potential of data analytics

Data is an intrinsic part of business processes and also a source of competitive differentiation thanks to the potential of data analytics. Data has become a mission critical business asset, which means that organisations need to be able to discover, protect and use it effectively and in a timely manner.

This concept is known as being ‘data ready’. While there are many factors affecting an organisation’s data readiness, three key issues will be prevalent in 2020: ransomware, multi-cloud environments and data compliance regulations. Tackling these key data issues can help organisations to be data ready in 2020.

Ransomware is rampant

Ransomware is a threat to each and every business today. In fact, it is so prevalent that an attack has become a matter of ‘when’ and no longer ‘if’. High-profile data breaches were a common theme in 2019, and many attacks caused several days of service outages.

A new malware threat called ‘wiper’ is also becoming increasingly prevalent. This malicious software does exactly as the name suggests – rather than holding data to ransom by encrypting it, it actually erases it from its storage media. This changes the game completely.

A data wipe is not about money, it is completely malicious and an outright hostile attack. Paying the ransom or de-encrypting ransomed data by other means is not an option. If you do not have an effective backup and recovery solution in place, and you are ‘hit’ by a successful wiper attack, your data is gone.

The ability to recover from a malware attack involves more than Disaster Recovery (DR). Manual backups and attached storage can also be infected, which means that having multiple backups is no longer enough. Being data ready in the case of malware means we have to think differently about business continuity.

It is imperative to have strategies in place to detect anomalous behaviour within data storage as well as backups and archived, so that attacks can be identified quickly and suspicious behaviour can trigger alerts to notify the correct people.

The key to a data ready recovery system is rapid, frequent and separated backups that allow you to bring key systems back online immediately while you ascertain where an attack came from, isolate it and remove it.

Managing data in multiple clouds

Most organisations already exist in a multi-cloud environment, even if they are unaware of this fact. Whether it is a hosted Enterprise Resource Planning (ERP) solution, Office 365 or some form of cloud storage like Google Drive or iCloud, these solutions are frequently found in the makeup of businesses. On the other side of the coin, there is also no organisation that is completely 100% in the cloud.

This multi-cloud hybrid scenario creates the need to be able to move data between systems. There are many reasons why data may need to be moved, either between clouds or between the cloud and the premises. The underlying common factor is that business models need change, so data architecture needs to be able to adapt. This is part of data readiness – the ability to drive economies between cloud and on-premises solutions to maximise cost and benefit while minimising risk.

This, in turn, requires central visibility into all data across all of the various areas of storage. It is critical to data readiness to have a central management layer or platform in place to consolidate the view of data across the organisation. Without this visibility, it is impossible to migrate data to leverage the best provider or location to meet changing business needs.

Meeting compliance requirements

Data is becoming increasingly regulated and it is not enough to know that you have the data, you also need to understand the purpose for which it was collected. Companies must have a record of the consent from the consumer to use the data for its intended purpose and the ability to comply with the ‘right to forget’ should the consumer request this. This is an imperative of all data privacy regulations.

Data readiness means having a way of consistently knowing where data is, what type of data it is and the sensitivity of the information. This requires specific tools, as manually identifying sensitive data is simply not possible given the volumes of data in business today. It is also important to enable search and discovery to enable the ‘right to forget’ and then prove that the data has been removed, including from backups.

Be data ready in 2020

It is absolutely essential today to know what data you have, the purpose for which it was collected, and that it is adequately protected and can be recovered in the event of a data loss event. It is also critical to ensure that backups are protected and that they are tested to ensure that data recovery is possible.

Data readiness enables business agility by ensuring that data is available at all times in the right location to the right people. This means that your data can be leveraged to create business value. However, it is impossible to manage what you do not know exists.

Essentially, the ability to deal with pressing issues such as ransomware, the multi-cloud and compliance boils down to data governance and effective data management, which lie at the heart of data readiness.

Johan Scheepers is the Country Head at Commvault in South Africa. 

[Column] David Bunei: Stay ahead of those data security woes

The very factors that have helped to make Kenya such a motivated and major African player in the Digital Age have also made local organisations in the public and private sector vulnerable to security threats and compliance issues. The good news is that, next-generation cloud infrastructure and applications are mitigating these concerns with their autonomous capabilities, ensuring a higher level of security than ever before.

In 2018, Kenya’s economy lost Sh29.5 billion to cybercrime and related activities, up 40% from the previous year. The Communication Authority of Kenya also reported that in Q4 2018, the number of cybersecurity threats in the country jumped 167% to 10.2 million from 3.8 million in Q3.

Faced with such intimidating figures, many enterprises – especially those in high-risk sectors such as Government and Banking – are investing heavily in cybersecurity measures or carefully exploring digital transformation, the very process that will help them to operate more efficiently and cost-effectively.

At Oracle, we have been integrating security into our solutions and protecting our customers’ sensitive data for decades. Oracle solutions have multi-layered security built-in and integrated, whether talking about Oracle Cloud Infrastructure, Autonomous Database, SaaS applications as well as our traditional on-premises infrastructure and applications. Of course, with more customers moving to cloud, we have intensified our focus on security, taking advantage of developments in AI, and related machine learning, to protect customers’ sensitive data and ease their security burden.

Last year at Oracle’s annual OpenWorld conference in San Francisco, attendees were able to learn more about the role Oracle’s Generation 2 cloud has in underpinning a wide variety of new cloud services such as Oracle’s Autonomous Database.  Autonomous functionality is very important to cybersecurity as a large percentage of system breaches are the result of not being able to respond to events, self-patch or self-tune to mitigate against compromises or outages. Secure by design – in fact, having security architected into every layer– Oracle Generation 2 Cloud is designed to configure, manage and secure systems for the customer, based on their requirements. Human error is removed because processes are no longer manual, and patches are applied automatically in the background while running to avoid downtime. The same applies to data encryption, backup and a general enforcement of security policies.

As an example, Oracle Data Safe was just one of several next-generation cloud security services introduced at OpenWorld this year. Data Safe helps organisations protect their databases more effectively in a way consistent with best practices. Data Safe can identify sensitive data and mask it for use in partner or development environments. It also alerts on risky users and system configurations, and proactively monitors database activity to spotlight and respond to suspicious access attempts. After all, data is at risk from both external threats and those – whether accidental or deliberate – within organisations.

Such cloud-embedded simplification of security tasks for businesses is particularly relevant in Kenya, where there were only 1,700 skilled cybersecurity professionals in the country in 2018. Generation 2 Cloud security measures help to fill a noticeable gap and keep organisations safe.

The narrative around cloud and cybersecurity is also changing worldwide. Security in the cloud is now being recognised as secure, or more secure, than what can be achieved on-premise by 72% of those surveyed in the Oracle and KPMG Cloud Threat Report 2019. Security is now named as the biggest benefit to cloud by 66% of C-level executives, putting it ahead of both cost and scalability.

Data security is also closely linked to compliance in terms of handling personal information. Oracle’s second-generation cloud security solutions are designed to keep sensitive data safe and out of sight on Oracle cloud databases thanks to automatic encryption, advanced access controls, always-on separation of duty, data masking and redaction. It’s one of the reasons, Rakuten Securities, Japan’s largest online financial brokerage company, chose Oracle Database Security to address their strict regulatory requirements, while efficiently managing social security and tax ID numbers for 2 million customer accounts across a complex network of disparate systems.

With financial losses, fines and reputations at stake, it is critical for companies to ensure the security of their data and resiliency of their systems in the face of continually evolving threats and regulations. With Generation 2 Cloud, the burden shifts from enterprises to Oracle, and with Oracle’s embedded AI doing most of the work, customers have the chance to really innovate instead of expending so much time and manpower on patches and staying up to date with defensive measures. Cloud services are a viable option for the most critical enterprise workloads. Fears around data security should never hold an organisation back from exploring this path to greater, immediate business value.

David Bunei is the Managing Director for Oracle Kenya.

41 billion missing IoT devices: The biggest prediction miss in the history of IT?

41 billion IoT connected devices have failed to materialise, potentially representing the biggest missed prediction in the history of IT, Eseye a leader in ubiquitous global IoT connectivity, has uncovered.

In 2010, Ericsson predicted that 50 billion devices would be connected by 2020, a prediction echoed by Cisco in 2011. Yet, despite the enthusiasm for IoT, current estimates identify the true figure to be closer to 9 billion, with many of those being mobile phones. Eseye has subsequently identified six key challenges that IoT must overcome in 2020 to reach its potential.

It’s now clear that successful IoT deployments are much harder than previously thought and substantial complexities have been glossed over. This is borne out by recent research from Cisco Systems which has found that more than 75% of IoT deployments fail. A lot of the damage happens before the devices even go live, however. Microsoft estimates that 30% of IoT projects fail at the Proof of Concept (PoC) stage, while eight out of ten IoT projects fail before they are even launched, says Gartner.

From hardware design and testing to connectivity, data management and global technical support, there are many obstacles to overcome. The six challenges for IoT to overcome in 2020 as identified by Eseye, are:

  1. Hardware needs to become relevant again

In IoT deployments 80% of the data and processing is at the ‘edge’ of the network. This is where the ‘things’ and sensors are and where data is captured. However, to make sense of it all, without the expense of having to back-haul the data into the heart of the network, it needs to be processed on the edge. To deliver successful deployments organisations need a strong understanding of how to optimise IoT hardware from circuit boards to firmware.

  1. Bundled silicon to speed up deployment

The incorporation of secure IoT connectivity into silicon at the point of manufacture will go a long way to streamlining the IoT deployment experience. Bundling IoT capability at the silicon level significantly simplifies the setup and deployment of IoT devices. The real game-changer is that once the device is activated it should automatically connect to any network in the world, providing as close to 100% coverage anywhere in the world, and start provisioning data to either their on-premise solution or any one of the hyperscale cloud providers.

Eseye and Gemalto recently launched Intelligent Cloud Connect, in response to this challenge. The solution enables customers to develop and manufacture a single IoT product SKU for any application, which then connects out-of-the-box to any mobile network in the world, while offering seamless and secure data provisioning to AWS IoT Core.

  1. Localisation of devices to maintain uptime

A key precursor to the widespread adoption of IoT is the ability to quickly and simply connect devices anywhere in the world. Some suggest this exists through global roaming, yet a growing number of MNOs (Mobile Network Operators) and regulators are implementing permanent roaming restrictions which could mean that after three months an IoT device could be taken off the network. For IoT customers with fixed devices around the world, this may result in the inability to use some networks beyond the short term unless they use a localised eSIM. As roaming falls out of favour organisations will need to turn to global ‘super’ Mobile Virtual Network Operators (MVNO’s) whose strategy is to localise connectivity wherever possible, in order to effectively deploy IoT devices anywhere in the world.

  1. Overcoming the consumer centricity of eUICC

The Embedded Universal Integrated Circuit Card (eUICC) – often referred to as eSIM – was going to negate the need to migrate profiles between SIMs, enable everybody to work together and open a world of opportunities. Unfortunately, it has created a number of implementation challenges for business IoT use cases, as it was designed with the end consumer in mind, rather than industrial users. Profile management and network switching must be driven by service provision rather than the profitability of an MNO. The best way to do this is for the profile management algorithm to be implemented in an abstracted and MNO agnostic switching platform – not by the MNO’s platform. Only by doing this can a single pane of glass management capability, single global invoice and single support service be delivered for an Enterprise’s total global estate of IoT devices.

  1. Utilising Hypercloud

Cloud had its challenges with security. One of the biggest risks in IoT is the edge of the network and the massively expanded threat perimeter. The good news, however, is that several hyperscale cloud providers, such as AWS, are deploying standard security managed services features that audit the configuration of devices, monitor connected devices and detect abnormal behaviour to mitigate these security risks. Eseye predicts that that 2020 will see at least 40% of new large IoT projects deployed in a hyperscale cloud platform.

  1. The need for a ‘Star Alliance’ Federation model for IoT

With MNOs under pressure from complexity busting hardware, and with increased pressure on their commercial models, there is a growing need for them to compete for and deliver global IoT projects. A more commercially favourable and collaborative approach is required, such as a ‘federation of MNOs’, or to put it another way the ‘Star Alliance’ of the airline for IoT to prevent them from becoming a commodity. Much like the Star Alliance where you would buy a single air ticket, travel around the world and pay once, if one MNO sells a global deal in one country, each MNO in the federation needs to then deliver the traffic requirements in their own country.

Nick Earle, CEO of Eseye, comments: “41 billion missing IoT devices is a monumental miscalculation and arguably is one of the biggest misses in the history of IT forecasting! The two questions that must be asked now, however, are why this happened and what can be done to rectify it? In our view, the ‘why’ primarily comes down to organisations underestimating the complexities of IoT deployments. “The intricacies involved in creating specialist IoT device hardware, establishing access to global connectivity and the ability to manage vast amounts of data effectively and efficiently, are just some of those complexities. This was recognised by Gartner when it predicted in 2018 that 75% of IoT projects would take twice as long to deliver. Removing the complexities and barriers to IoT development and deployment will see a greater uptake on a global scale. We predict that 2020 will be the year that global IoT rollouts will take off, provided our six key challenges to IoT success in 2020 are overcome.”

[South Africa] Teraco welcomes VMware cloud

Teraco has announced that VMware Cloud is now available via VMWare Cloud Verified service providers in the Cape Town (CT1) and Johannesburg (JB1) data centre facilities. VMware Cloud provides the fastest and easiest way to migrate existing enterprise application workloads to the cloud. When you see the VMware Cloud Verified logo, you’ll know you can easily access the full set of capabilities of VMware’s Cloud Infrastructure.

Jan Hnizdo, CEO, Teraco, says that this collaboration will further expand business opportunities for clients already present within Teraco’s data centre facilities as they adopt a cloud-first approach for their existing and next-generation applications.

“With VMware Cloud now available within Teraco, enterprises can take advantage of private and secure multi-cloud connectivity, and quickly deploy hybrid cloud infrastructures. The premise of Teraco’s vendor neutral data centre offering is to serve local and global markets at the digital edge and through channels critical to the connected world we live in. VMware, as one of the world’s leading cloud providers, assists us in making our offering richer.”

Hnizdo says that through the Teraco cloud services ecosystem, the addition of VMware Cloud will further enhance the ability of service providers to deliver more innovative cloud strategies, ultimately delivering better business value and experience to clients. 

“The choice of Teraco’s digital infrastructure platform is critical for the enterprise when transforming and embracing digitalisation. It must enable scale, performance and security and assist in building digital architecture that provides resilient data centre services,” explains Hnizdo.

Together with Teraco, VMware’s expanded portfolio will enable service providers to deliver new cloud services for differentiation and, in turn, potential revenue growth, and create clouds that are developer ready and support modern applications.

Dave Funnell, Senior Manager Cloud Business at VMware, sub-Saharan Africa, says that VMWare is now being viewed as the ‘Switzerland of Cloud’ as it partners with the six major hyper-scalers as well as over 4,000 local cloud providers: “VMware’s goal is to continue being a strategic partner to our clients as they transform their business via accelerated application delivery. It encompasses providing the fastest and easiest way to migrate to the cloud, along with a platform for the management of the hybrid-multi cloud world that provides for both existing application environments, built on virtual machines, as well as the next generation built on containers. We provide freedom and choice to our clients as they adopt cloud, with the VMware Cloud Verified status providing confidence in the cloud provider they engage with.”

VMware Cloud within Teraco’s vendor neutral data centre facilities further supports the ambition to reach and assist the enterprise sector in developing and implementing successful cloud strategies: “We are excited to form part of the Teraco cloud ecosystem as we assist our clients in implementing their cloud journey” says Funnell.

www.teraco.co.za

Kaspersky named as Strong Performer in evaluation of cloud security solutions

Kaspersky has been named as a Strong Performer in The Forrester Wave™: Cloud Workload Security (CWS), Q4 2019. The company’s solution, Kaspersky Hybrid Cloud Security, received the status after achieving the highest scores possible in 13 criteria, including hypervisor protection, the scalability of hypervisor protection and the strategy around hypervisor protection.

The Forrester Wave is a guide for businesses that are considering their purchase options in a technology marketplace. By evaluating vendors and their products against a clear set of criteria, Forrester objectively ranks technology solutions to demonstrate the performance of their offering, strategy and market presence. Prospective customers can then compare different vendors independently, across a variety of metrics.

According to the Forrester report, ‘Kaspersky offers a versatile and technologically competent CWS solution. The solution provides comprehensive user management capabilities, has strong guest OS level support and has an effective remediation policy set against hardening standards’. The report also noted that the solution provides ‘one of the strongest memory protection and file integrity monitoring capabilities across vendors in this Wave’.

 “We are delighted to be named as a Strong Performer in the Forrester Wave CWS evaluation. Receiving this recognition validates that our efforts are going in the right direction. Forrester Wave also recognised Kaspersky’s plans to develop API control for IaaS and PaaS with the highest possible score, which aligns with our priority to continue product development to meet the needs of our customers and partners. For instance, in the next product update, we plan to expand protection functions for Linux, as well as bring more management capabilities for data centers and managed service providers,” comments Sergey Martsynkyan, Head of B2B Product Marketing, Kaspersky.

Kaspersky Hybrid Cloud Security was launched in 2018 to provide customers with a combination of protection technologies and visibility for virtualization, private and public cloud environments. The solution offers multiple layers of protection including behaviour detection, exploit prevention and anti-ransomware, as well as various security controls – to ensure safety of data and workloads in the cloud. No less important is the seamless orchestration through the single console, to manage security of the entire cloud environment.

www.kaspersky.co.za

[Column] Kurt Goodall: Extending security to the cloud

Business leaders now have a choice whether they want to continue using their trusted firewall or move to a next-generation firewall delivered by appliances or as cloud services to protect the outer perimeter security in branch offices.

Troye technical director Kurt Goodall says Citrix offers various choices, from the long-established multi-site to the advanced multi-layered approach, both of which can protect users and data at the branches, data centre, and clouds from multi-vector cyber threats.

“Citrix SD-WAN Integrated Firewall complements your trusted firewall investment and strengthens overall security infrastructure. Citrix provides an integrated perimeter firewall that masks users and infrastructure from cyber surveillance,” he explains.

This integrated firewall has global policy control, supports zone-based policies so that you can implement granular micro-segmentation of traffic and enforce uniform policy consistently. Citrix SD-WAN can also intelligently track the fast-changing open ports from SaaS and IaaS apps as trusted traffic and directly breakout the traffic to the internet, enhancing application performance.

It marks all other traffic, such as web browsing, as untrusted and forwards it to the full security stack, typically located at the HQ or a private data centre. Citrix SD-WAN also takes extra precautions by encrypting all branch-to-branch egress traffic, even when it is transported over a private MPLS line

Goodall says Citrix SD-WAN automates connectivity to cloud security. “With most enterprises embarking on some form of cloud transformation, Citrix recommends extending perimeter security to the cloud, where apps and workloads reside.”

Citrix has partnered with industry leaders like Palo Alto Networks, Zscaler, and Symantec to deliver joint solutions that enable our SD-WAN to be a transparent gateway for Secure Web Gateway (SWG) service. Cloud-based SWG is a popular option for branch offices due to its simple and yet effective multi-layer protection.

Citrix SD-WAN management platform is the key component in this joint solution, providing on-boarding automation and a direct subscription link to Palo Alto Global Protect (aka Prisma) and Zscaler Secure Internet Gateway services. Through API automation, Citrix SD-WAN also secures the connectivity (via IPsec) from the branch to the Palo Alto, Zscaler and Symantec clouds.

The benefits of automation become more significant as more branch sites are involved, directly translating into time savings and reduction in configuration errors. Last but not least, Citrix provides this automated on-boarding capability free of charge.

In addition, cloud-based security also enables a new service-consumption model. It provides an option to shift to opex spending, which can be easily aligned with your business growth. There is no need to deploy security appliances at every branch. It also removes the need to build an in-house resource to manage the security infrastructure.

Kurt Goodall is the technical director at Troye Technical Solutions in South Africa.