NSA's crummy crypto crop Suite B binned, and other network nuggets

Over at the Internet Engineering Task Force, a notorious piece of history is being consigned to... well, history.

This Request for Comment, RFC 8423, reassigns a bunch of specs that were authored or co-authored by American intel bods at the National Security Agency (NSA) to "Historic Status".

The RFCs in question are the NSA's "Suite B documents", which pertain to NSA cryptographic algorithms.

As recently as 2010, the "Suite B" implementations were still NSA-recommended for US government secrets – until government secrets walked out the door with former sysadmin and whistleblower Edward Snowden in 2013, and the rest of the industry started wondering how much they trusted NSA-authored specs.

Whispers grew to shouts when it became clear that Dual_EC_DRBG was nobbled, forcing RSA to yank it out of its BSafe products, to considerable corporate embarrassment.

In 2015, the agency announced a rapid transition away from Suite B, towards the Commercial National Security Algorithm suite, in what noted cryptographer Matthew Green called a "freak out".

Moving the RFCs to historical status formalises the death of the suite. No flowers, please.

NEC's traffic management adds 5G

NEC has announced that its Traffic Management Solution (TMS) now supports 5G. The company said this capability will be important when carriers start operating mixed 4G/5G networks and need to ensure smooth hand-off when a handset moves between different network types.

The software has also been enhanced to make its analytics faster and more accurate, and its Dynamic TCP Optimisation is upgraded to support stations communicating at 5 Gbps or more.

The Japanese vendor also announced its June quarter financials: revenue of ¥613bn ($5.5bn, £4.2bn), with a loss of ¥4.8bn ($43m, £33m).

FireEye adds a dash of machine learning to endpoints

FireEye this week launched MalwareGuard, which it describes as a "machine learning-based detection and prevention engine" to its Endpoint Security range.

Integrated into the Endpoint Security agents, existing customers can install it at no cost, and there's a free trial for non-customers.

The company said MalwareGuard makes "intelligent malware classifications on its own and without human involvement. The machine learning model is trained with both public and private data sources, including data gathered from over 15 million endpoint agents, attack analyses based on more than one million hours spent responding to attacks to date."

MalwareGuard works alongside the existing endpoint agents: the behaviour-based ExploitGuard, the signature-based Malware Protection, and the intelligence-based IOC.

Other enhancements to Endpoint Security include an enhanced policy manager, an updated alert workflow, and identity and access management solutions for cloud deployments.

The company also released its financials this week: revenue was up 5.7 per cent to $202.7m, and its operating loss narrowed a satisfying 15 per cent to $48.5m.

Arista drops Mojo Networks into the cart, heads for checkout

With a strong Q2 under its belt, Arista Networks went shopping this week, announcing its intention to acquire "Cognitive Wi-Fi" specialist Mojo Networks.

Mojo's mojo is self-driving enterprise Wi-Fi, with the management layer in the cloud, and a single SKU providing access to its entire feature suite (including intrusion prevention, analytics, root cause analysis, guest management, and access to all APIs).

Terms of the acquisition weren't announced.

Arista's financial highlights for the quarter were a 28.3 per cent year-on-year rise in revenue to $520m, and net income up nearly 50 per cent to $150.7m.

Linux Networking Foundation gets new friends

The Linux Networking Foundation added a bunch of new members this week: silver members Arris, Affirmed Networks, Equinox, MYCOM OSI and SnapRoute; and associate members Chinese research agency CAICT, the OpenAirInterface Software Alliance, and Chinese tech media outlet SDNLAB.

The foundation said the new members will participate in its seven networking projects: FD.io, ONAP, OpenDaylight, OPNFV, PNDA, SNAS.io, and Tungsten Fabric.

Kontron buys Inocybe

Open networking company Inocybe Technologies has a new owner in the form of carrier and cloud infrastructure vendor, German company Kontron.

Inocybe's specialty is OpenDaylight SDN controller technology, which will be integrated into Kontron's SYMKLOUD white-box hardware and open source solutions.

Kontron says the acquisition bolsters its NFV and SDN offerings, and will expose it to new customers.

Inocybe's products are offered on a subscription SaaS basis, providing customers with what the company says are “consumable netwrks”. As well as OpenDaylight, the company has offerings in OpenSwitch, PNDA (the open source Platform for Network Data Analytics), and ONAP (the Open Network Automation Platform).

Healthy Q2 for Fortinet

Fortinet announced a strong second quarter this week. CEO Ken Xie said on the earnings call the company scored a "seven-figure" win from Dutch supermarket chain Superunie for its software-defined wide area network (SD-WAN) product.

Q2 2018 revenue was up 21 per cent year-on-year to $441m, and net income was more than double the same quarter in 2017 at $49.3m.

Sales of the company's Security Fabric platform also performed well, Xie told the earnings call, as did the FortiASIC chip technology.

Fortinet's SD-WAN offering slots into its FortiGate Firewall. The company only took the wraps off it in mid-July, making its Dutch contract a surprisingly quick win. ®