The expectation in deploying a disruptive technology is typically the exploitation of market inefficiencies, reaping huge gains on the investments in capital and labor. On the other hand, we face a unique threat which our investor peers do not. Not only do we need to have great foresight, but also we need to ensure successful adoption and implementation of disruptive technology. This can be a huge obstacle because of the interrelatedness of modern IT systems.

So how do our investor counterparts maximize their big wins and mitigate their misses? They do it by utilizing the principles of portfolio diversification and leveraging other people's money. We in IT also manage a diverse investment portfolio. The software and systems which comprise our infrastructure, transactional, informational and strategic initiatives diversify us and tell a story about our risk appetite. When Wall Street firms apply these principles in IT, they experience greater gains with less risk and ensure themselves the ability to take advantage of tomorrow's unforeseen market opportunity or cost.

For instance, investors in the 1990s correctly thought that the Internet was a disruptive technology and it would have a huge impact. Investors understood how much money could be made from the change but erred on how quickly the returns would come. As a result, the "all-in" bets on media companies and dot.com firms destroyed vast amounts of wealth and careers in the process. But because the Wall Street firms were well diversified and used other people's money, they had the luxury of playing multiple bets, ensuring their ability to adapt as the bubble burst.

As IT professionals we can attain the same luxury and allow for safer investments in disruptive technologies. Like our investment counterparts, we should use someone else's money when taking on disruptive technologies.

To do this, Wall Street firms utilize an independent IT finance company. Their value proposition, which is designed to reduce our risk and the residual investments they make in new technologies, lets our firms capitalize on borrowing well below our internal cost of funds. By engaging these firms in our disruptive and required technology projects, we can be greater stewards for our firm's resources, specifically by 1) enabling the adoption and acquisition of more/better technologies today; 2) increasing our flexibility to embark on the advancements of tomorrow; 3) hedging against disruptive technology obsolescence and; 4) reducing the amount of capital needed, which should resonate with our investor counterparts.

Wall Street firms lead the world in their ability to diversify risk and leverage other people's money to optimize investment return. We, as IT thought leaders, have the same opportunity when applying these principles to our IT investment portfolios by leveraging the use of independent IT finance companies.

Erik A. Carlsen, Winthrop Resources Corporation,952-656-7416; email: ECarlsen@WinthropResources.com;web: www.winthropresources.com.

Implementing governance rules can be complex, but companies can avoid bureaucratic delays – and the paralysis that sometimes attends overwhelming tasks – by taking an incremental approach. The following seven steps provide a clear mechanism for making steady progress without having to boil the ocean.

1. Prioritize areas for business improvement.

An incremental approach helps to avoid one of the biggest historical problems with data governance: lack of follow-through. Target a single area, such as marketing, and work with the existing organizational structure to take action and ensure accountability. Align information objectives clearly with business strategy, get stakeholders to achieve consensus about requirements, and identify key data entities so that policies about them can be outlined. For instance, marketers may want to use cleaner demographic and geographic information to increase their effectiveness in targeting potential clients with specific risk profiles. Projects like this help keep attention focused, which would be much more difficult with a large-scope project.

2. Maximize availability of information assets.

This may seem contradictory: How do you govern information better by making more of it more widely available? The availability of different forms of information – EDI transactions, data warehouses, CRM and ERP applications, legacy file structures, etc. – helps get stakeholders to understand the relationships of various pieces of information and how it all should be managed. For instance, imagine an employee pulling out an iPad to call up the record of a recent sale to find out why it’s not showing up on a report – and then think about how that could affect stakeholder attitudes toward real-time data cleansing.

3. Create roles, responsibilities, and rules.

Data governance is a partnership between business people, who know the data, and IT professionals, who understand how it can be manipulated. Profile the data to identify incorrect or inconsistent data elements. Analyze the impact of bad data on your organization and provide suggestions, or cleansing rules, as to what the data should look like. Pass the cleansing rules to IT professionals so that they can apply technology to cleanse the data based on the business professionals’ suggestions.

4. Improve and ensure information asset integrity. Don’t make the mistake of considering data governance to be a one-time, set-it-and-forget-it system. Continuously improve and ensure the integrity of information assets in a four-step process: data profiling, parsing and standardization, data enrichment, and data monitoring. For example, profiling shows you the variation in your data; parsing and standardization makes sure the variation occurs in easily predictable ways; enrichment fleshes out information to make sure everyone who uses it has the proper context and detail; and monitoring ensures that bad data doesn’t have a chance to be spread from system to system. Together, these steps minimize the amount of bad data in the enterprise and mitigate the risk and possible damage done by any that happens to creep in.

5. Establish an accountability infrastructure.

Even with all of the processes in place to ensure information integrity, some questions will linger: What happens if the information is still inaccurate? What happens to those data elements that fall through the cracks of the automated processes? What if I want to make sure the changes are right before they are applied? Processes alone do not ensure the integrity of information. People do. Establish an accountability infrastructure that holds people accountable for information assets, and provide them with the technology and metrics they need to ensure the integrity of the assets remains high.

6. Convert to a master data-based culture.

Most organizations today focus on transactional data. In reality, though, individual transactions matter less than overall relationships; master data focuses holistically on the essential facts that define a business, which helps raise relationships to the position they deserve. For instance, in a master data-based culture, a discussion about a particular invoice elevates to a discussion about the customer. Master data exists everywhere in an organization – in different applications, systems, transactions, data warehouses, and messages. Master data management (MDM) decouples master data from those individual source applications and ensures consistent master data across transactional and analytical systems. Everyone sees the same information, providing one acceptable version of reality.

7. Develop a feedback mechanism for process improvement. Everything discussed so far is part of a cycle, and there is always room for improvement. Build a feedback mechanism into the process that allows for continual process improvement. Monitoring information assets over time gives a clear picture of how initiatives are performing and provides a way to graphically depict both successes and failures in the process.

From a process improvement perspective, compliance standards indicate that companies will need to audit the processes that capture, cleanse, and manage information. While building their compliance processes, they should be careful to look beyond basic compliance issues and build in a feedback mechanism that helps them continually improve their processes. For instance, if a bank designs a given data governance initiative to improve services to minority-owned businesses, and the company has licensed information from a data provider to augment marketing records with demographic information, there should be a feedback mechanism that shows what percentage of records are being properly augmented with minority-owned status; if the percentage is too low, the company may need to research additional third-party data providers. Feedback mechanisms of this sort are essential to prove business value, improve processes, and keep efforts focused on areas that need improvement.

By following these steps on an iterative basis, your organization can take control of its information and begin to approach data governance in a way that increases oversight, reduces business and compliance risk, and improves business processes – all at the same time.

Jon M. ­Deutsch, Vice President Financial Services,Information Builders, Office: 917-339-5495; email: Jon_deutsch@ibi.com; Twitter: JonMDeutsch;web: www.ibi.com

We depend increasingly on information from our financial services providers at our fingertips, but that information in the wrong hands can be disastrous. New headlines of website attacks and corporate data breaches are on the rise, with leading financial services brands being a key target by unknown malicious groups. While threats to network and information security have existed since the dawn of the information age, the complexity and scale of attacks have exploded in recent years, and cybercrime has risen to the level of a national security threat, according to a National Security Council report issued in July of this year. More new malicious code vulnerabilities were introduced in 2008 than in the previous 20 years combined. That number was surpassed in just the first half of 2009, with a new threat signature appearing every 8 seconds. Security firm Sophos estimates that a new Web page is infected every 3.6 seconds. And according to the Web Application Security Consortium, more than 87% of Web applications currently carry a vulnerability classified as high risk. Today’s estimates place the median annualized cost of cyber crimes at $5.9 million per year, with a range of $1.5 million to $36.5 million each year per company. Cyber attacks have become more commonplace, with a 44% frequency increase in attacks per week, today compared to last year.

Unfortunately, traditional perimeter defense products have not kept pace with the rapid growth in risk. Most large enterprise firms assume they are prepared with an arsenal of different threat-specific point solutions such as firewalls, intrusion prevention systems, and network scanning solutions. Unfortunately, these traditional, rigid, centralized defenses do not provide a layered, holistic monitoring scale necessary to combat the outsized and adaptive threats facing today’s IT infrastructure. In fact, many of the most threatening attacks today come in looking like legitimate transactions.

In light of critical IP-based applications such as online banking and credit card access, financial services companies should embrace the distributed nature of the Internet, using its scale and flexibility to their advantage when implementing a defense-in-depth strategy. Defense in-depth means deploying overlapping layers of security that employ a diverse set of tactics to protect against threats. Cloud-based security, possibly incremental to existing enterprise security defense, provides a critical layer within this approach, helping to overcome traditional perimeter defense limitations. Not all cloud services are created equal, however. In order to use the unique strengths of the cloud to their advantage, enterprises must find security solutions that leverage a highly distributed, multi-network platform – one that can deliver massive scale at the edges of the Internet and protect core origin infrastructure by deflecting attacks closer to their source.

Business leaders must assume that the defenses in place now will not be sufficient next year, and they must be strategic in how they allocate their resources. Security technology alone is far from sufficient. Expertise, either in-house or via a strategic security partner, is essential to staying ahead of cybercriminals. Business leaders should establish a threat intelligence function to monitor trends and emerging threats that impact business. To compensate for limited visibility across the cyberthreat landscape, leading organizations should establish relationships with peers, industry groups, government agencies and vendors to source intelligence.

Help may be on the way in the form of new industry federal regulations being considered. “European banks will be ordered to inform customers immediately of any data security breaches, under legislation being drawn up by the European Commission.” In the meantime, the community must be more collaboratively open to new approaches in order to stay ahead of future security challenges. There is a large opportunity for key players at leading financial services firms to collectively benefit from increased conversations and more open dialogue around the evolving threat landscape, considered approaches and best practices. For major financial services firms, many with decades-old businesses, protecting an online brand is a significant part of the corporate mandate.

Paul Sop, CTO of Prolexic, a leader in global IP security, highlights the challenges today: “What is really wreaking havoc with these enterprises is how often the attackers can rotate attack vectors. Many organizations that believe themselves to be protected from web attacks are in fact unable to respond to the diverse methods being used.”

Talk with your current suppliers about network-based protections. You might be surprised to learn the ease and scale that can be applied to your business and keep your firm a step ahead of those entities who try to make the internet a dangerous place to meet your customers.

Justine Lupul, Financial Services Market Management, Level 3 Communications, ­­­­­720-888-2443;email: Justine.lupul@level3.com;web: www.level3.com.

On October 5, 2010 the Wall Street Technology Association (WSTA) held a seminar in the Boston Financial District on the topic of Cloud Computing. In 2010, the topics of interest among vendors included differentiation between delivery models, metrics, availability, costing, scalability management applications and success criteria.

One year later, at this year’s WSTA Cloud Computing seminar, the “cloud” discussion was remarkably different; it had matured. The attributes mentioned above are all still important factors, but they have been mostly commoditized in the market. In 2011, although there are several major areas where cloud computing has matured, some issues remain and new ones have arisen.

Whereas in 2010, each vendor, enterprise and analyst had their own lingo for the cloud and its various delivery models, 2011 ushered in two specific maturations:

1. Although NIST has published several specifications on cloud computing, they all tie back to a common definition of what “cloud” technology is (see NIST SP800-145 “A NIST Definition of Cloud Computing”). This has leveled the playing field between organizations and vendors as they both now have a common reference point for discussions.

2. The disparate terminology between delivery models, from public (e.g., public-shared, community, etc.) to private (e.g., on-premise, local, etc.) and all those confusing iterations between have been more-or-less removed.

2010 saw a plethora of business drivers for moving solutions into the cloud – costs savings, scalability, time to market and others. In reality, there were not many cost savings, scalability only went in one direction (customers never considered plans for server deflation), and time to market decreases did not translate into scalable solutions.

Cloud customers have matured in their thinking. It is no longer about the specific attributes of the cloud technology and/or vendor; it is about the business value-add. Customers are asking vendors for a two-pronged solution set:

1. What business benefits can be achieved by moving their project to the cloud?

2. How can the vendor’s technology/solution measurably achieve these benefits?

Customers are viewing the traditional build-versus-buy exercise with a new set of spectacles – shaped not only by the historical missteps in early cloud adoption, but also by the maturing of cloud concepts and the sophistication of the vendors’ offerings.

With the normalization of the cloud delivery semantics – public, private, hybrid, etc. – cloud vendors do not focus on the specific delivery models. Discussions between vendors and customers revolve around the classification/definition of processes and data and the appropriate deployment mechanism for each piece of a solution; entire solutions are no longer tied to a single delivery model. Most implementations are some form of hybrid deployment: clients can use public cloud instances for the mundane (and innocuous) processes while keeping proprietary information and processes in their private cloud. There are little or no differences in the deployment interfaces and communication protocols between cloud instances; and as such, management becomes a much simpler task for clients.

Scalability is no longer skin deep. Experience shows that simply cloning servers does not achieve true scalability and in some cases acts as a detriment to processing. Real benefits in cloud scalability comes from a service-oriented architecture (SOA) designed for multi-point receptors and executors. If an existing project does not already use this approach, then moving to the cloud may not achieve the anticipated scalability.

In designing (or redesigning) applications for the cloud, while agile software development lifecycle has become the norm, application design processes have also matured. Clients are combining agile SDLC with tried-and-true design techniques, such as Yourdon’s methodology for component design and other fractal design principles

In addition, data storage on the cloud can still be a single point of failure if improperly designed. Placing data in the cloud does not automatically make data redundant. And given the newest licensing models for the popular databases, it is tempting for companies to deploy only a single instance of the database engine.

Tightly coupled with application architecture are the development skills needed to properly achieve the architected design. Developers need to know such rudimentary concepts as state machines, mutexes and memory management, which are no longer widely taught. Congruent to supporting the appropriate application architecture, developers need to be seasoned in parallel computing, as well as high availability programming techniques.

In cloud security, there is the adage “the cloud is no more secure than your organization.” While this point is still very relevant, contractual language by cloud vendors is better at clarifying the responsibilities of information security by the customer.

However, clients should remember that they need to ensure information security for data “in-transit” as well as “at-rest.” Compliance is solely the responsibility of the customer. Data security on the cloud is still an open book; and one would not expect to see any standardization in this area.

The best approach is to use application-level security – incorporate authentication, authorization, encryption and detection into the application. Then create a layered security model – i.e. circles of protection – around smart log management and auditing.

The strategy known as “Avoid, Trap, Mitigate,” which was first defined by the FAA in their Cockpit Resource Management guidelines, adopted by NIMS ICS for use by emergency first responders, and is utilized in the defensive strategy for almost every team sport. This strategy can be effectively applied to enterprise security and extended to cloud security.

The FAA, in response to the avoidable crash of United Airlines Flight 173 on Dec. 28, 1978, developed one of the first “critical thinking” guidelines for crisis management. Originally known as “Cockpit Resource Management” (and later changed to “Crew Resource Management”), this process is integrated by many emergency services into their Incident Command System. One particular aspect of this guideline that applies to any group of decision-makers is the use of the three “decision outcome avenues.”

Even as the cloud adoption enters this next phase, some persistent issues still exist. Organizations are still:

1. Struggling to define relevant and optimized management applications for their needs, as well as to define success in deployments.

2. Stumbling in the beginning of the contract process:

a. Expectations of both the vendors and the organization’s internal groups, b. Wide variety of cloud contracts, c. Understanding accountability and ownership of data, and d. Recognizing security responsibilities of vendors.

And with adolescence a host of new (or unforeseen) issues is being brought to the forefront:

1. Software licensing models: Cloud vendors are quick to point out that clients are responsible for all licenses. This is a moving target, as VMWare changes its licensing model to be limited by RAM, Oracle redefines its licensing terms to be per core rather than per CPU, and concurrent licensing and seat licensing are moving towards usage-based models.

2. Ambiguity in terms: While all parties have normalized the terminology used, there is still ambiguity between the interpretation of terms by technology groups and business groups. For example, does “availability” mean the state of the server hardware, the VM, the platform or the application?

3. Smart provisioning: Vendors are beginning to provide more sophisticated tools to build custom templates, with platforms and middleware already in place. However, most client deployments are not built with intelligent provisioning utilities, so although one can spawn a new server in “seconds”, it may take “hours” to get it configured properly.

4. Scalability in both directions: Vendors will readily give a client tools to build up a server farm but are reluctant to handhold a client in determining its teardown criteria.

From 2011 through 2012, consider “Cloud” to be in its adolescence – a dichotomy of promoting its virtues yet still trying to solidify its identity in the marketplace. As many disparate issues in the cloud (vendors like to call them “differentiators”) have been commoditized; new more advanced issues arise. This does not make cloud computing a “bad bet”; on the contrary, the fact that it continues to evolve is testament to its success.

John C. Checco is currently employed in the Governance, Risk and Compliance space. He is founder of Checco Services Inc., an information security consulting firm that markets the award-winning bioChec™ keystroke biometric technology. John currently holds CCSK, CISSP and CSSLP certifications, is a member of the Advisory & Content Committee of the WSTA, a board member for InfraGard’s NY Metro Chapter, and has active memberships in ASIS, ISSA and OWASP. He may be reached via email at John.Checco@CheccoServices.com.

That requires financial firms to take big data into account in their data management planning now, as the assumptions on which data management best practices are built are coming under attack in big data’s wake.

Big Data and Data Agility

To understand the nature of this attack, it’s critical to know what big data is, the promise it holds for competitive differentiation and the business requirements for data agility.

Big data is more than just big data volumes. Big data is “big” across four dimensions:

1. The actual volume of the data, fueled by algorithmic trading, more complex instruments, global markets and social media, and by the underlying trend toward “hyperdigitization” – the accelerated shift toward enhancing the electronic experience via big data and context to integrate the physical and virtual encounter.

2. The complexity of data, reflecting the greater intricacy of underlying relationships and linkages across, for example, customers, products, geographies and markets, and the greater level of detail required about each.

3. The variety of data, stemming from the greater range of details required about individual entities and relationships, more stringent regulatory and compliance requirements, and the increased competitive importance of unstructured and semi-structured data.

4. The velocity of the creation and arrival of data, due to the increasing speed of doing business, and new technologies that enable the creation and distribution of data in microseconds or faster.

Many financial firms are eying big data as the source of significant competitive differentiation and are seeking to exploit the richness and immediacy of big data to rapidly and more fully identify and analyze competitive threats and opportunities.

However, just as big data advances a competitive edge, it also endangers competitive advantage because the sheer scale of big data overwhelms traditional approaches to data management, thus reducing data agility.

The very data that can provide increased business value restricts the agility required to produce right-time, relevant and transparent business decisions and actions across a broad business audience. Moreover, just as data has grown in volume, complexity, variety and velocity, so too have the demands being made for the use of data, requiring increased agility.

Implications for Data Best Practices

Today’s best practices for data management are based on assumptions about the nature of data and data requirements. These assumptions have become ingrained in our thinking and behaviors just like the maxims we learned as children, such as look both ways before crossing the street.

We continue as adults to look both ways automatically because we assume that traffic is two-way. However, if that two-way street becomes a bumper-car arena, our best practice of looking both ways no longer is enough to protect us.

The danger is that when best practices fail we are too quick to discard them, even when they remain largely valid. In our bumper-car scenario above, the maxim to look both ways isn’t wrong. It’s just that, in a new reality, we must look in all directions, not just left and right.

Similarly, today’s data management practices are largely still valid but, because of unexamined underlying assumptions, they fail to deliver the promised business results. This should serve to spur the re-examination of data management best practices and underlying assumptions to preserve those practices that continue to be valid and fine-tune those in which the underlying assumptions may no longer hold true.

For example, a commonly held best practice is to centralize data to improve access, control and consistency. This practice is based on underlying assumptions such as an inability to adequately access and control distributed data, and to efficiently aggregate distributed data for reporting and analysis. These assumptions remain generally true, although advances in technology and implementation of overarching governance processes mitigate these concerns to some degree.

However, there are other assumptions we hold regarding the best practice of data centralization – for example, data users are close to the central source and they have common requirements. Such assumptions may often be erroneous given geographic expansion and a far broader variety of user requirements, coupled with reduced latency requirements. The implication of this is the need to physically centralize data on a selective basis, while centralizing governance and introducing logical centralization through greater adoption of industry-level standards and transformation capabilities.

This new look at the underlying assumptions that forms the basis for today’s best practices in data management will help financial services firms exploit the significant business value of big data while retaining the data agility that’s so essential for effective business decisions and action.

Mary Knox is a Research Director, Banking and Investment Services, at Gartner, Inc.

Telepresence, which employs a number of digital, technological and in some cases tele-robotic innovations, has made “physically being there” less of a necessity than simply having a presence. One also might say telepresence comes as close to replicating your actual presence without employing Star Trek-like teleportation devices.

Telepresence systems include a set of technologies that allow you to feel as if you are present, or to at least give the appearance that you’re present. Some systems allow you to actually have a physical effect (e.g., an avatar) at a place other than your actual location by using telerobotics, basically the control of robots from another location, which have been used for years in space and sea exploration, as well as in surgery and by the military.

Potential Rewards

The potential rewards for investing in a telepresence system go beyond the anticipated financial benefits. Recent surveys have found that the one perk IT professionals value more than all others is the ability to work remotely via telecommuting. In fact one out of three said they would rather cut their salary by 10 percent in exchange for working from home.

Telepresence systems that use high-end mobile solutions could easily solve that challenge. Moreover, it would allow hiring managers to draw talent from outside their immediate labor pool. For example, they could extend offers to someone across the country who loves where he or she lives and would never consider relocating.

What does it look like?

In most cases telepresence means an expensive, high-end high-definition videoconferencing system that links hi-def cameras and televisions to a number of specially designed meeting rooms that all look the same. Each site has matching furniture, wall color and other details that create the illusion that everyone is in the same location and not in other cities or countries around the world. These systems also offer powerful cloud-based video content management solutions that can deliver this media rich environment to mobile devices such as the Apple iPad and iPhone.

As we mentioned, some systems even employ telerobotics so your presence is not only seen and heard, but also felt. Some have as many as 75,000 end point devices that can handle 25,000 concurrent video calls.

Typically, telepresence systems cost hundreds of thousands of dollars; but over time, they could save companies millions in travel and other expenses. There are less costly options for small businesses that range between $40,000 and $50,000. And then there’s the dirt cheap approach that uses Skype on a camera-equipped laptop or tablet that costs next to nothing.

For the high-end user, one of the biggest telepresence expenses is bandwidth. To maintain high-quality video service, each telepresence room requires at least one dedicated broadband Internet line. Prices for these lines range – depending on speed – from $100 per month to about $1,000 per month. Despite the cost, the market for these systems is beginning to grow, especially among businesses looking to cut travel expenses.

Expected Growth

According to the research firm Yankee Group, telepresence is expected to generate $3 billion in revenue for vendors this year. As for the less expensive end of the market, a 2010 Gartner survey of IT professionals found half of their employees will be using some form of videoconferencing at their desktop within two years.

Fred Yager, eFinancialCareers Editor, 212-370-8534; email: fred.yager@efinancialcareers.com;web: www.efinancialcareers.com.

As computing needs grew more complex and bandwidth-intensive in the 1980s and 1990s, enterprises increasingly turned to Ethernet to deliver efficient, high-speed, and cost-effective data network services within their LANs.

The demand to expand networks beyond tight geographic boundaries saw Ethernet grow beyond the confines of LANs out into campus area networks (CANs) and metropolitan area networks (MANs). Over the last few years, progressive companies have begun demanding that their service providers offer these services over wide-area networks (WANs).

It is not a surprise, therefore, that as today’s enterprises expand globally, they look to Ethernet to supply its traditional benefits of scalability, ease of use, and efficient use of bandwidth throughout the entire world.

Global Ethernet services are projected to reach $40 billion by 2014, growing at a 17% compound annual growth rate (CAGR) according to a recent Network World article (Nan Chen 29.06.2011 kl 16:45 | Network World). Overall market size will be driven by the large Ethernet markets: Japan, the US, and the UK.

What makes Ethernet the industry standard for networking - in the LAN, and now the WAN?

• ‑Ethernet offers much more efficient bandwidth utilization. This makes Ethernet particularly valuable across vast stretches of expensive undersea cables.

• ‑The ability to standardize on less expensive router interfaces lowers costs and enables deployment of uniform equipment worldwide.

• ‑Ethernet offers 'pay as you grow' flexibility, allowing businesses to purchase bandwidth incrementally and easily upgrade it as their requirements expand.

• ‑An often overlooked benefit is that of simplicity: internal enterprise support teams welcome Ethernet as a familiar technology that can now be used to link metropolitan, national and global sites.

What’s next for Ethernet?

Once restricted to IP networks, new global Ethernet networks are capable of delivering meshed networks that allow any site on the network to communicate with any other site. This meshing feature enables less expensive business continuity planning (BCP) and can be important for optimizing global voice and video calling. Further enhancements allow for differentiated classes of service (CoS) across the network. This allows a company to prioritize critical data such as voice or SAP over less important traffic such as Internet browsing or email.

Beyond just raw network efficiency and easier BCP, specific to the financial community, Ethernet makes for more cost effective circuits for intra and intercompany turret integration and is now the leading delivery method of choice for algorithmic trading.

Leading edge network service providers are now leveraging Ethernet to facilitate External-Network to Network Interconnections (E-NNIs). These private Ethernet exchanges let the two providers efficiently extend their respective Ethernet footprints across the world with limited expense.

100-gigabyte Ethernet is now being deployed across special, high-demand links. Inevitably, this will become commonplace as GigE and 10GigE links today.

As global organizations naturally migrate towards next-generation Ethernet services, these firms will employ global Ethernet with the peace of mind that this future-proof solution can facilitate the transition to all-packet networks with truly global scalability and reduced total cost of ownership (TCO).

Andrew Morawski, Managing Director – Americas, Cable & Wireless Worldwide 212-547-3055; email: andrew.morawski@cw.com;web: www.cw.com.

Ethernet Exchange: What is it?

An Ethernet exchange is a physical network infrastructure through which Ethernet service providers, carriers and Internet service providers can seamlessly and securely exchange Ethernet traffic (voice, data and video) among their networks. The Ethernet exchange is ideally designed to be a neutral meeting place where wireless and wireline carriers can connect to multiple Ethernet services in several markets that need access to specific locations through one scalable connection that can be turned up to support more bandwidth as the need grows. As service providers and operators continue to grow, they need a network to support the increasing amount of data and video on mobile networks. The exchange platform allows Ethernet sellers to connect in a secure, carrier-neutral location (such as a data center) for immediate access to the buyers and a more basic technical process of buying and selling Ethernet-based services such as voice, video and data. Ethernet exchanges offer an accelerated system for carriers and worldwide service providers to extend market reach and coverage – without adding expensive transport equipment. Many carriers and service providers have adopted this technology due to the refined administration features and lower costs, especially when compared to older wholesale Ethernet interconnectivity solutions that required separate External Network-to-Network Interface (ENNI) agreements for each carrier and each connection – which could take months. And now, this technology is being closely examined by financial market companies as a way to quickly share real-time information across multiple locations.

The new fabric for information exchange

Just as the Internet has evolved as a viable transport

for the distribution of financial services, Ethernet exchanges are equally well-positioned for data interchange created by colocation environments where trading platforms are adjacent to each other. Colocation environments, also known as multi-tenant data centers, create adjacency by allowing financial exchanges (NYSE Euronext, CME, BATS, etc), subscribers (broker / dealers, financial institutions, hedge funds, etc.), customer network providers (CFN, BT Radianz, Savvis) and information providers (Bloomberg, Thomson Reuters, Activ Financial) to co-exist in the same data center. These providers and financial firms, now colocated in a data center, are just a cross-connect away in a secure environment. Previously, they would need a network service provider to talk to one another and share information, a model that added latency and cost. But today’s colocation model creates an environment where information distributors with consolidated feeds can publish their data feeds onto the Ethernet exchange. Subscribers would then be able to access multiple data sources based on economics and content interest.

Financial market data feeds have evolved from measuring latency in seconds to milliseconds, and now microseconds. This has lead to high frequency trading (HFT) applications and direct data feeds requiring complex, expensive infrastructures. HFT applications focus on latency, but dynamic access to financial service information can be equally as critical.

Ethernet exchanges can provide financial services

firms with an aggregation point to the many data components necessary for trading decisions. Similar

to how data is accessed from business enterprise networks, Internet in the home, or video via cable infrastructures, financial firms can connect to an Ethernet exchange community and easily choose their desired data, just like choosing a TV channel. Although this was always the intent of traditional IP networks, the Ethernet exchange has fewer complexities and infrastructure overhead than traditional IP network delivery, and eliminates the need for discrete connections to multiple service and content providers. In short, a financial markets firm can remove the need for a public Internet connection by joining an Ethernet exchange. Ethernet may not completely replace the need for IP, but it can push IP further to the edge, reducing complexity and ultimately, costs. IP networks require multi-layer processing (Layer 2 and Layer 3) to transport information (or financial instruments), which results in additional complexity and latency. In other words, the fewer bits that need to be processed over a public Internet connection to read the values of a "packet" containing a financial instrument value (IBM = 172.28), the faster a trade can be executed – and the more secure the information as it travels between networks.

Virtual Interconnect:

Removing location barriers

Adding content and platform service attributes to otherwise nameless network interconnection points can provide both publishers and subscribers with a huge number of opportunities to securely share vital financial markets data in real time, allowing stakeholders to make decisions and execute with more accuracy. Virtual interconnection points within an Ethernet exchange provide a step towards seamless networks without regional boundaries. There are many aspects of providing financial data products including latency, bandwidth, proximity and cost which can all be assessed based on their service level tier. Understanding the intricacies of multi-tenant data center interconnection will guarantee the proper matches among content providers, ISPs and carriers. This can be the key to high performing content delivery networks (CDNs).

As the number of Ethernet exchange subscribers continues to rise, these connections will not only be identified by their technical network attributes, but will also identify the content to which they are connected. An Ethernet exchange provides the natural enhancement and easy accessibility to the already prevalent interconnection facilities, co-location and hosting models used in financial services today. Ethernet networks add discreet paths through the use of VLAN's (logical secure information channels) similar to TDM (time division multiplexed or conventional networks) protecting vital and confidential trading information. Industry best practices using IP components such as ACL's (Access Control Lists), firewalls and intrusion detection policies will still remain a critical aspect of network security. However these components are not necessary for data transport at Layer 2 (or Ethernet levels) and can be applied at the network edge.

Just as the Internet has evolved into a viable transport for the distribution of financial services, Ethernet exchanges are equally well-positioned for data interchange created by co-location environments where trading platforms are adjacent to each other. Creating this ubiquity in the financial marketplace will pave the way for expansion of private cloud computing applications, eliminating high costs of infrastructure and data center space process cycles for development.

Rob Schrage, Director, Product Development and Strategy Interconnection Products, Telx; 917-284-6479 M: 516-523-9706; email: rschrage@telx.com;web: www.telx.com.

Until recently, only one video conferencing architecture existed: installed-site, room-based systems. If more than two sites – called endpoints – are involved, infrastructure components such as multichannel units (MCUs) are required.

Today, the industry landscape has changed dramatically. Apple®, Skype®, and others render consumer-grade video to millions daily, fueling greater demand for video conferencing in businesses. However, while these consumer products may be adopted in some business settings, their inability to ensure continuous high-quality video, security, and operation over branch office and private networks preclude their use in most financial services institutions. As a result, these institutions are increasingly turning to cloud-based video conferencing to deliver high definition (HD) video to desktops and conference rooms.

Installed-Site Video

Conferencing Systems

The installed base of standalone video conferencing systems such as those sold by Polycom® and Tandberg® has grown steadily over the last two decades, with pronounced increases in recent years due in part to travel limitations.

This architecture relied on fixed bit-rate video encoders and decoders (e.g., H.263, H.264) and dedicated network routes to guarantee high video quality. While some multichannel mixing, typically up to four channels, and H.239 data sharing capabilities have recently been built-in, such systems still require detailed bandwidth, network route, and port capacity planning.

As such, companies have been forced to adopt one of three infrastructure strategies for the system: entirely outside the firewall, entirely on a private network for internal-only conferencing, or outsourced to a facilities management firm. Regardless of the configuration, the result for IT is the same: islands of computing with no provision for load balancing, failover, and scalability—all fundamental requirements as demand for video conferencing grows beyond the boardroom.

Cloud-Based Video Conferencing

Cloud computing is a proven architecture that addresses most of these issues. When combined with end-to-end parallel processing and variable bit-rate or dynamic scalable video, this architecture can deliver multipoint HD video to business desktops and rooms, adjusting video quality based on real-time network conditions. Security is always a concern – whether video infrastructure is on-premise or cloud-based – and in addition to confirming encrypted communications, users must be aware of their responsibilities regarding their login credentials, content, who attends, and any associated privacy requirements..

Among the benefits of the cloud-based approach is removing the barriers between ‘all outside the firewall’ and ‘all on the private network’ configurations described above. Now IT staff can elect to support both employee-only and internal-external conferencing sessions. The required gateway service, proxy and firewall traversal components are all provided via the cloud.

A refined implementation, such as that shown in the diagram, leverages proximity heuristics to virtualize video conference sessions in close geographic and ping-time proximity to participants. Such optimization is simply not possible with infrastructure that relies on static routes.

A Better Fit with Virtualization & IT Management Strategies

Cloud computing treats video input as a peripheral function, providing all other infrastructure capabilities, including video mixing, desktop gateway service, and seamless collaboration, through virtualized resources in the cloud. Depending on the implementation, this architecture has functional advantages over installed-site systems, such as external desktop reach and more powerful live sharing tools. Moreover, cloud computing and its virtualized resources provide load balancing, failover, and scalability, providing a better fit with today’s IT management strategies for providing and maintaining business-critical services.

Tom Toperczer, VP Marketing, Nefsis Corporation, 858-715-0970; email: ttoperczer@nefsis.com; web: www.nefsis.com

By Kyle F. Flaherty

Financial institutions face several IT challenges in 2011, with much of the focus centering on the desire to have a hardened infrastructure that also continues to achieve lower and lower latency. In order to accomplish this mission, organizations are looking to three primary objectives:

1. ‑Deploying next-generation content-aware equipment to create a faster and more intelligent network for customers, users, and business operations.

2. ‑Optimizing data center load to meet the performance and capacity promises of co-location, virtualization, and mega data center infrastructures.

3. ‑Mitigating distributed denial of service (DDoS) attacks to keep business services operating at acceptable levels even while under pervasive and persistent attack.

All three require one critical element: the ability to simulate your unique network traffic conditions. Too often, even the best financial services IT departments lack the tools they need to simulate the extreme real-world conditions that their infrastructures will face in high-volume, low-latency trading environments. That keeps them from validating network and security equipment appropriately, and denies them the advance insight needed to minimize the risks posed by heavy load and persistent security attacks. Armed with the right tools, however, financial services IT professionals can stay ahead of the curve, proactively hardening their network and data center infrastructures to mitigate those risks.

Sure, it would be easy to run simple HTTP traffic through a firewall or IPS/IDS (intrusion prevention system/intrusion detection system) device, pepper in a few attack signatures, and claim that the device works under “realistic” conditions. But network and security veterans know that those conditions hardly reflect reality. Unfortunately, device vendors are prone to make grandiose claims on data sheets that reflect such a simplistic approach to traffic — or, even worse, that are based on the performance of the device when handling even simpler TCP or UDP packets.

That’s simply not good enough to meet the technical or business demands of today’s exchange environments. Devices and whole infrastructures must be validated, using:

• ‑Blended application traffic, including FIX and all the major enterprise database and communication protocols, plus multicast.

• ‑The most current security attacks.

• ‑Extreme data volumes that reflect real operating conditions.

Reduce the Cost and Time of Real-World Simulation

But even with the right tools, there are two other burdens in achieving our three key tasks: cost and time. Certainly you could carry out a product bake-off between multiple vendors, but to do it right you would have to build out a complete real-world simulation of your own environment. Traditional testing simply cannot scale to the proper levels to match today’s environments, which serve thousands of concurrent users. Following the traditional approach would mean paying for hundreds of linear feet of servers and their accompanying application licenses. And the same would go for simulating a massive DDoS (distributed denial of service) attack with millions of botnets.

These limitations have become roadblocks for financial services organizations, forcing companies to cut corners and use cheap simulation tools that generate unrealistic traffic and meager loads to “test” a device. As levels of user and application loads have escalated and attacks have worsened, this approach has become insupportable. Fortunately, technological innovation has led to a new era of simulation technology that can generate massive-scale application, live attacks, and user load. Today, harnessing innovation in network processor technology, a single compact device, rather than a roomful of servers, can generate these traffic scenarios.

But it is not enough to simply use new technology. You must be able to harness innovations in network and application traffic simulation without having to take your eyes off business critical projects already under way. Look for services that not only leverage network simulation products but also combine dedicated application and security research teams, and examine the methodologies from other financial services organizations. Taking this approach, you will have, in a matter of days, the hard data and detailed statistics you need to make smarter decisions about next-generation devices, optimize your data center infrastructure, and know for certain how you will perform under a DDoS attack.

You have a lot to accomplish in 2011 to make IT work for your business. Address your top objectives with technologically evolved simulation equipment and packaged services to help you cross a few items off that to-do list.

Kyle F. Flaherty, BreakingPoint Systems, 512-821-6000;

email: kflaherty@breakingpoint.com;

web: www.breakingpoint.com.