Arraya Insights

by

Arraya Insights Radio

Episode 2: Ignite of the Living Dead: Recapping Microsoft’s ‘Every Tech Event’

Host: Thomas York (Director, Quality and Operational Excellence)

Guests: Matt Sekol (Director, Microsoft and Cloud Practice) and Jason Kline (Microsoft Cloud Solutions Architect)

With Microsoft Ignite in the rearview, the Arraya Insights Radio crew recaps the biggest stories coming out of this year’s conference, including the future of Skype for Business/Teams and Microsoft’s growing competitive-friendships with its fellow industry leaders. Also, they don their reading glasses to assess Satya Nadella’s new book, “Hit Refresh: The Quest to Rediscover Microsoft’s Soul and Imagine a Better Future for Everyone.”

Theme Music: “I Don’t Remember (Yesterday)” by Hygh Risque

Further Reading:

Want to learn more about what took place at Microsoft Ignite? Click HERE to register for Arraya’s upcoming Microsoft Ignite Recap. This event will take place on Nov. 9 at The Hub in Conshohocken, PA and will feature sessions covering the latest news on Azure, Office 365, Hybrid Cloud, and more!

by

With National Cyber Security Awareness Month coming to a close, the U.S. Government seized the opportunity to put a select group of businesses on notice, so to speak. In a recent joint statement, the Department of Homeland Security and the Federal Bureau of Investigation warned of “advanced persistent threats” targeting the nation’s critical infrastructure, including companies in the energy, manufacturing, nuclear, aviation, and water industries. The warning also included a look at the tactics employed by attackers as well as a rundown of what those in the crosshairs can do to stay safe.

The earliest signs of this activity can be traced back to May and it’s escalated ever since. According to the statement, in some cases, the attacks have succeeded. However, the Feds were mum as to the identity of the victims.

What do these attacks look like? Typically they are multi-stage, originating in a low-level system before spreading into something far more lucrative – and critical. The companies targeted are either the primary objective, or, they are a stepping stone to a much larger victim. The methods attackers use to conduct these campaigns vary, but some of the more common instances involve:

  • open-source reconnaissance
  • spear-phishing emails launched from compromised legitimate accounts
  • watering-hole domains
  • host-based exploitation
  • industrial control system infrastructure targeting
  • ongoing credential gathering

What comes after awareness?

Awareness only goes so far, which is why the Feds also included some steps organizations who fit the target profile can take to spot malicious activity and protect themselves. At their core, however, these are best practices that can be leveraged by all businesses, regardless of industry. Here are some of the recommendations put together by the DHS and FBI:

  • Update network blacklists. The DHS and FBI includes information on domain names, IP addresses and more known to be compromised. IT should be deployed to update network blacklists with this information to prevent access from locations known to be up to no good.
  • Implement network segmentation. As mentioned above, attackers have no problem starting small and working their way up. As such, mission critical networks – in this case, something like the industrial control system – should be segmented from lower priority items – also in this case, business-facing systems. This way, if attackers are able to gain low-level access, their efforts will be thwarted at the ground floor.
  • Audit credential usage. Attackers love to get their hands on legit credentials and then exploit them for their own gain. IT should audit the access logs of remote systems and make note of anything that looks out of sorts, for example, an inexplicable middle-of-the-night log in attempt. These audits should be extended to include remote desktop and VPN sessions if doubts are raised about activity attributed to a set of credentials.
  • Ensure regular review of deleted system logs. Unusual or unexpected deletions may be a sign of attackers attempting to cover up their tracks on a corporate network. IT personnel should regularly peruse these logs for any signs of suspicious activity.
  • Conduct end user training sessions. Whether they are on the front lines or the C-suite, users are often the easiest way in for attackers. Users must be kept up to date on the latest risks – in terms they can understand – and reminded of best practices when it comes to web browsing and email usage.  
  • Handle admin accounts with care. Admin accounts are undoubtedly high value targets and should be treated as such. Businesses should keep the total number of admin accounts to a minimum and their activity should be closely monitored, particularly in regards to privilege escalations and role changes. Additionally, network admin accounts should be cut off from the outside world to prevent them from being co-opted. Finally, wherever applicable, admin accounts should be further hardened with two-factor authentication.

Next steps: Putting those recommendations into action

These are just some of the recommendations put forth by the DHS and FBI. The full list is long and admittedly time-consuming, something no one in IT, or otherwise, wants to hear. However, these steps can have real, meaningful benefits on the health and well-being of all organizations, not just those who fall under the scope of this warning. That’s where Arraya Solutions can help. Our Cyber Security Practice has real world experience, at both the executive and the hands-on level, building and maintaining security solutions for businesses in high-risk industries. We can help execute the above steps and more to ensure manufacturers, industrial organizations, and beyond are ready for the worst today’s cyber criminals have to offer.

Start a conversation with our Cyber Security team today by visiting: https://www.arrayasolutions.com//contact-us/. Arraya can also be found on social media: LinkedIn, Twitter, and Facebook. While you’re there, leave us a comment on this or any of our posts and follow us to keep up with all of our latest industry insights, exclusive learning opportunities, and more.

by

Microsoft’s Ignite conference bills itself as an “every tech event” and it lived up to that moniker this year. If you made it to Orlando, FL for Ignite last month, you witnessed several key announcements from Microsoft, including a look at what the future holds for its Skype for Business and Teams solutions. However, the folks from Redmond weren’t the only technology leaders making waves at Ignite 2017. Several other leading vendors also got into the act, taking the opportunity to showcase their own solutions as well as their partnership with Microsoft.

VMware & Microsoft: Partners in transformation

Unity was the theme of VMware’s time at Ignite. This was evident in its messaging, which centered on the often-complementary relationship that exists between its solutions and those from Microsoft. The idea here was that all visitors who stopped by VMware’s spot in the exhibition hall would walk away with a better understanding of how the two companies’ solutions work together to create a more modern, intelligent IT environment.

Hot topics included:

  • Hardening  and speeding up Office 365 deployments with Workspace ONE. VMware’s digital workspace platform can streamline rollout while bringing additional layers of security to Office 365 apps, allowing IT to segment off sensitive data while also gaining greater control over the security of devices used to access corporate data. Workspace ONE provides additional security while simplifying access for end users by enabling single sign-on as well as self-service, allowing them to correct issues and resume normal operations quickly. New Windows 10 co-management capabilities allow devices to be managed by both System Center Configuration Manager and Workspace ONE’s unified endpoint management. Workspace ONE’s support for the Windows AutoPilot feature also allows IT to roll out customized and secured corporate devices to end-users without IT staff ever touching them.
  • Running Horizon Cloud on Azure. Organizations are now able to deploy virtual applications and desktops with Horizon Cloud in the Azure cloud. As part of this combination, the Horizon Cloud control panel can sync with Azure Active Directory, allowing both on-premises and Horizon Cloud on Azure to be managed from a single plane.
  • Skype for Business goes virtual. Skype for Business was already a buzzy topic at Ignite as Microsoft detailed their plans for the service and its impending merger with Teams. Before that happened, however, VMware and Microsoft came together to bring an enhanced Skype for Business experience to VMware Horizon environments, creating an efficient low-cost peer-to-peer communication and collaboration vehicle that functions effortlessly across multiple endpoint platforms.

Taking the hybrid cloud journey with Cisco & Microsoft

During the first day of Ignite, Cisco announced it would begin taking orders for its Integrated System for Microsoft Azure Stack offering. This is part of a large, vendor-diverse family of solutions Arraya has had an eye on since we previewed it last summer. Now, that blend of Cisco UCS and Azure Stack is moving closer to becoming a reality for organizations.

Looking at the finer points of Cisco’s Integrated System for Microsoft Azure Stack, this solution:

  • Simplifies cloud-based DevOps. Cisco’s Integrated Systems for Microsoft Azure Stack is a joint solution meant to empower application developers whether they’re working in the public or private cloud. It promises enhanced tools, security, and networking capabilities and simplified management of the development environment.
  • Streamlines data center management. Azure Stack with Cisco is an integrated solution, meaning there are no disparate components to make work together. By leveraging Cisco’s long proven UCS and integrated Data Center technologies, IT ends up with one unified solution that includes hardware, software and services all under a single point of maintenance. Support is also integrated as Microsoft and Cisco can each lend their expertise to issues, either collaborating on fixes or seamlessly passing calls back and forth as needed.
  • Incorporates time-saving automation. Tools built-in to Integrated Systems, including UCS Manager, automate many of the day-to-day data center management tasks. This frees IT to focus their time and efforts on supporting the business as a whole not just the business’ data center.

Data center modernization with Microsoft and Dell EMC

As the week rolled on at Ignite, Dell EMC got into the mix with several announcements growing its infrastructure relationship with Microsoft users. These announcements are meant to facilitate digital transformation and data center modernization for those who rely on Microsoft technology. Two of the bigger news items to come out of Dell EMC during Ignite 2017 were:

  • Expanded Microsoft integrations for Dell EMC XC. Dell EMC’s hyperconverged solution will add data protection capabilities by way of Avamar and Data Domain to Microsoft virtualized workloads. Also, Dell EMC XC has been optimized for Windows 2016 Hyper-V as well as Azure, providing greater insight into the performance and well-being of an organization’s IT environment.
  • New Ready Bundle options for compute and greater storage. Dell EMC also announced that its Ready Bundle for Microsoft SQL Server and its Microsoft Storage Spaces Direct Ready Nodes would both support 14th generation Dell EMC PowerEdge servers. Additionally, support for Dell EMC Unity will soon come to the SQL Server Bundle.

Keep the Ignite conversation going

Want to continue the conversation around the news items coming out of Ignite 2017? Join us on Nov. 9 at The Hub in Conshohocken, PA for a half-day event recapping what we saw and previewing what’s up next! Even though the event is free, registration is required. Click HERE to reserve your spot today. You can also find even more coverage of Ignite on the next episode of our podcast, Arraya Insights Radio. Check back here soon for more details!

If you’d like to leave us a comment on this or any of our blogs, you can do so through social media. We can be found on LinkedIn, Twitter, and Facebook.

 

by

Last week, Arraya Solutions welcomed customers and partners alike to our headquarters in Plymouth Meeting, PA for our seventh Open House and Technology Day – an event packed with good food and better conversations. This annual tradition has grown steadily over the company’s history, with this year’s event featuring our largest crowd yet. That notion of growth and evolution is something that was palpable throughout the day.

“Just as our Open House has changed over the years, so too has the IT industry,” Arraya CEO Daniel Lifshutz said during his opening remarks. He went on to reflect upon some of the more prominent changes that have swept the industry and how Arraya has worked to keep pace.

“When things like security, for example, went from the backburner to mission critical, Arraya was there with our Cyber Security practice to help our customers protect themselves,” Lifshutz explained. “Likewise when IT teams were expected to do a lot more with a lot less, we bolstered what we can do with our Managed Services.”

In terms of the evolution of the Open House itself, this year’s event featured several firsts. Perhaps the most noticeable change was the inclusion of a virtual reality experience. As part of this, attendees were able to strap on a pair of Oculus goggles and step in to a variety of virtual environments. One of the more popular options involved enduring the hairpin turns and stomach-churning drops of a thrilling roller coaster ride – all from the safety of Arraya HQ, of course.

Another first for the Open House was a reimagined, visually oriented cyber security survey. While surveys themselves certainly aren’t unheard of at Arraya events, the execution of this one was unique. At check-in, attendees were given a ping-pong ball marked with a number and asked to drop it in the tube marked with the security issue they struggle with most. One number was then randomly drawn from those who participated in the survey, with the winner receiving a pair of tickets to an upcoming Philadelphia 76ers game. The results of the survey will be published in a future blog; however, the drawing winner was Chris Kohl, Vice President & CIO of Vertex, Inc.

The day’s other big giveaway carried on the theme of virtual reality. Attendees who tweeted out a photo from the event and tagged it #ArrayaOpenHouse were entered to win their own pair of Oculus goggles. Attendees were all too happy to contribute to the visual record of the day, and it was Vince Strausser, Network Engineer for Einstein Healthcare Network, who had his name drawn.

Victory’s Brew Pub on Wheels wasn’t new to attendees who’d joined us for past Arraya Open Houses, but it made its triumphant return this year. The iconic Downingtown, PA-based brewery once again delighted attendees with an array of distinctive craft beers and dining options.

Even with all of these other elements, relationships remained the day’s primary focus. Lifshutz thanked those in attendance, saying: “The reason we do this event every year is to get all of the people together who make it possible for Arraya to do what we do and who give us a chance to do what we love. (Arraya CTO) David Bakker and I want to offer our sincere thanks to all of you: our employees, our partners, and of course our customers.

“The commitment that we’re making is that we’re always going to be on the forefront,” he vowed. “We’re always going to be there for you and be on the cutting edge, helping both our customers and our technology partners get their stories told.”

by

“My advice is for business leaders to get involved now or be prepared to face the music later.” Tom Clerici, Arraya’s Cyber Security Practice Director, wrote those words to cap off his most recent blog post, entitled “All CEOs Should Pay Attention to Equifax Firings – They May Be Next.” In the post, Tom theorized that the fallout from catastrophic data breaches – such as the one still unfolding at Equifax – could soon escape the boundaries of IT and sting those on the business side who previously assumed immunity. It didn’t take long for Tom’s prediction to come true.

Roughly a week after his post was published, Equifax CEO Richard Smith announced his “retirement” following twelve years on the company’s leadership team. Smith joined David Webb (the company’s now ex-Chief Information Officer) and Susan Mauldin (its former Chief Security Officer) as newly minted “retirees.” The trio was seemingly jettisoned following the company’s devastating data breach that left the personal information of more than 145 million Americans, information such as social security numbers, address, phone number, and more, exposed. Despite the terminology used to define his departure, Smith wasn’t headed for a beach and a drink served in a pineapple. Instead, he had a series of dates with a Congress eager for a punching bag.

Smith’s apology tour began with a three-hour grilling by the House Energy and Commerce Committee, the members of which were all too happy to pepper Smith and Equifax with verbal barbs. Things didn’t get any easier when Smith switched chambers and appeared before the Senate’s Banking Committee the following day.

Here are some of the highlights – or lowlights depending on your perspective – of Smith’s appearances:

Next Steps: Making security everyone’s business

Harsh words, however, it’s hard to feel too badly for Smith, who appears set to take home a sizeable amount in long-term bonus money according to a report by Bloomberg. There are a couple of key points contained above that likely jumped out to anyone in the business of handing and securing sensitive data. The comments from Rep. Barton and Sen. Warren seemed to suggest that the government should play a more active role in encouraging better cyber security postures. These statements could indicate stiffer fines could be on the way for organizations that fail in their obligation to keep data safe. Any such threat to the bottom line could succeed in helping another part of Tom’s blog become a reality. In it, he wrote:

“There is a misconception in many organizations that IT owns security and it’s solely their job to keep the bad guys out. That approach is fundamentally flawed and gives executive leadership an easy pass to blame the CIO and CISO when a breach happens… The last time I checked just about everyone uses technology today. The first thing most employees do when they get to the office is log into a computer. In essence, EVERYONE is a part of the IT department.”

Don’t wait for Congress to swing their legislative hammer. Arraya’s Cyber Security team can serve as a bridge between IT and the business. Our team is skilled at aligning security initiatives with organizational goals, ensuring real, meaningful progress. This way, regardless of what Congress elects to do, all sides of the business can come together in order to ensure their data is safe.

Continue the security conversation with Arraya today by reaching out to our team at: https://www.arrayasolutions.com//contact-us/. Leave us a comment on this or any of our blog posts through social media. Find us on LinkedIn, Twitter, and Facebook. While you’re there, be sure to follow us to keep up with our latest industry insights and exclusive learning opportunities.

by

IT = Business. It seems a simple enough equation, one which speaks to the ideal state of equilibrium that should exist between IT’s goals and those of the business, yet in practice it’s more  complicated. Of course, whenever an organization’s technology side is on par with its business team, success is almost certain to follow.

Rather than that ideal state, what we too often see is a business side far out in front of its counterparts in IT. At the core of this situation is a force some call the Digital Shift. This force has reshaped the way organizations operate and the expectations of employees and customers alike. It’s up to IT to balance Digital Shift-inspired demands such as greater access and improved ease-of-use with the need to maintain control and security. Should IT be unable to do so, misalignment can occur.

What can IT do to keep in step with the wants and needs of the business? The answer is to look at some of its own habits and modify them so that tech teams will be better suited for a business world shaped by the constant influence of the Digital Shift.

Tough-to-break habits that are holding IT back

In order to better align itself with the business side, IT must stop:

  • Viewing itself as a cost center. This dated way of thinking about IT has inspired an obsession with doing more with less. More often than not, these decisions limit IT’s bandwidth and put too much red tape between users and the innovations they crave. IT should no longer consider itself a cost center but rather a business enabler. As such, IT must take steps to familiarize itself with business objectives and procedures and determine how it can help.
  • Overlooking how end users work. Data breaches and advanced malware campaigns are an everyday reality. In this environment, who can blame IT for wanting to design a corporate network hardened for anything? That approach overlooks one very important group: end users. While security is vital, so too is usability. If defense mechanisms slow end users too much, they will look for ways around them. Those seemingly harmless timesavers could be a shortcut to something much worse.
  • Using a “What” to “Why” mindset. IT’s approach to solution-finding is to start with the what and work back to the why. It makes sense considering the strong affinity techs have for the latest and greatest equipment and the lure of cutting-edge features. However, for those on the business side, it’s the exact opposite of how they prefer to think. They want conversations to start with the why and then figure out the appropriate solution from there. Ensuring alignment necessitates techs adopt this more mainstream way of thinking about issues.

Next steps: Bring IT and the business into alignment

Need a hand implementing the above changes? Want to ensure that within your organization, IT really does equal Business? Arraya’s Data Center Modernization Assessment can help. This service can provide IT with insight into its role in relation to business objectives as well as document any clear gaps between what IT wants and what the rest of the organization expects. In addition, it can analyze the existing technology environment and assist teams with the development of a three-year road map so they may accurately plan for future success.

Schedule a Data Center Assessment by visiting: www.arrayasolutions.com/contact-us/. Feel free to leave us a comment on this or any of our blog posts by checking us out on social media: LinkedIn, Twitter, and Facebook. While you’re there, click the “Follow” button to keep up with all of our latest blogs, company announcements, and our exclusive IT learning opportunities.

 

 

by

October is National Cyber Security Awareness Month meaning that for one whole month issues such as security hygiene, data breaches, and defense strategies should take center stage. Although, after the September the business world just had, it might be hard to notice much of a difference. Even setting aside the near history-making cyber disaster that is still going on at Equifax – something Arraya’s resident security expert Tom Clerici has covered extensively – last month featured an astonishing number of high-profile incidents.

While there may be precious little awareness left to raise this October, that’s not going to stop us from trying. Let’s delve into the potential impact and the possible takeaways stemming from three recent (and non-Equifax-related) security catastrophes.

Hackers gain an edge on the stock market

Last month, the US Securities and Exchange Commission (SEC) announced one of its databases had been hacked way back in 2016. Attackers took advantage of a software vulnerability in the SEC’s filing system, known as EDGAR, to gain access to yet-to-be-disclosed corporate announcements. This data could have included corporate financial statements, merger news, etc. Or, to put it more plainly, attackers would have had access to exactly the kind of insider information needed to gain an illicit advantage while making trades on the market. This edge is something the SEC now believes the attackers took full advantage of.

The SEC stated that it immediately plugged the breach once it was discovered last year. However, in a report compiled and released earlier this year, the Department of Homeland Security still found five critical weaknesses on SEC computers. Even if these critical vulnerabilities had no connection to the EDGAR breach from 2016, it remains concerning to see so many weak points lingering – particularly so soon after such a painful attack.

Security incidents aren’t merely learning opportunities for everyone else. If there’s any semblance of an upside for the company affected, it should be the ability to use the breach as a learning experience and bolster their posture accordingly. At least on the surface, that doesn’t appear to have happened in this situation.

Security experts seem to fail Security 101

In the waning days of September, news broke that global consulting firm Deloitte had been victimized by cyber criminals. Attackers allegedly leveraged a weakness in Deloitte’s email security to gain access to client emails, user names, passwords, health information, etc. As per Deloitte’s official statement, only a tiny group – six total – of its clients had their data impacted, however some sources are questioning the accuracy of that assessment. These sources believe attackers were able to get their hands on far more data than indicated during the time in which they roamed freely in Deloitte’s network.

The optics on an incident like this are even worse than the average data breach. For one thing, Deloitte’s consulting business includes cyber security advisory work. Additionally, the way in which hackers allegedly gained entry to Deloitte’s system is not exactly flattering. The theory is the company failed to follow basic cyber security best practices, such as instituting multi factor authentication and securing large quantities of data with more than just a single password.

Too many companies – even those who are supposed to be experts – overlook the basic principles of security hygiene. These steps are often easy to execute and, more importantly, can make a big difference. Considering that fact, organizations failing to implement them seem to be making a bold (negative) statement about the value placed on their own reputation and the data they’re entrusted with from internal and external sources.

Attackers hide a backdoor in a seemingly harmless update

Roughly 700,000 users got far more than they bargained for in September when they downloaded the latest version of an application called CCleaner. It turns out the app – which is intended to help users clean junk files off their machines – had been compromised. Cyber criminals injected a malicious code into the update, giving themselves a backdoor into infected systems they could then use for further exploits.

Initially, it was believed the issue was caught before it made it to that second stage, however more recent indications are that at least 20 devices – and possibly more – were infected beyond the initial stage. The second stage of this attack seemed directed at mostly higher-profile targets, including Gmail, Microsoft and others.

It took a month for anyone to detect the compromise. In that time, the malware-laden version of CCleaner remained available to users. A month is far too much runway to afford cyber criminals. Cases such as this one are proof of the need for organizations to gain greater insight into the behavior of applications that are interacting with their network. Without this, hackers may have the ability to disappear into the shadows once they bypass a company’s exterior defenses.

Keep a closer eye on network activity

Timing is everything during a cyber security incident. The sooner an organization identifies malicious activity on its network, the sooner it can respond to and remediate the issue – and then report it to those affected. Delays can amplify the fallout from the incident in terms of actual damage and the negative public perception that follows.

There are many solutions offering organizations the insight they need to speed up response times. Some of these look for known negative behavior on the network. Others leverage machine learning to understand and catalogue the expected activity of applications. Beyond just the option for earlier warnings, many of these solutions can also orchestrate and automate efforts so that, if a malicious actor does breach a firewall, its window of opportunity won’t stay open for long.

Want to learn more about today’s top security trends and tactics? Have another question for our in-house cyber security team? Visit us at www.arrayasolutions.com/contact-us/ to strike up a conversation. Also, you can catch us on social media: LinkedIn, Twitter, and Facebook. Feel free to leave us comments on this or any of our blogs, or follow us to learn all about our upcoming IT learning experiences.

by

Technology doesn’t sit still and so neither does Arraya. That’s why, as a company, we’re always challenging ourselves to come up with new ways to help our customers reach their IT goals. Over the years, we’ve developed a long enough list of services that it can be easy to miss one or two of the ways we provide value.

We reached out to the members of our leadership team to learn more about the ways we can help that, in their opinion, are too often overlooked. Here’s what they had to say.

1. We can phish your organization.
More accurately, we can help you phish your own business. Arraya offers cyber security awareness and training through the KnowBe4 platform. This service includes fully automated mock phishing campaigns, complete with templates, designed to gauge the susceptibility of an organization’s workforce and leadership team to the sneaky method loved by attackers. After the simulated campaign concludes, organizations receive a report on the findings, providing a valuable learning experience without ever putting data in harm’s way.

2. We can help you pass your next security audit.
Arraya’s Vulnerability Management solution automatically scans routers, servers, PCs, and more in search of critical weaknesses. Organizations can then take the results of this assessment and show off their passing grades to auditors in order to satisfy HIPAA, NIST, SOX, and other requirements.

3. We can keep your cloud budget in check.
The cloud has changed everything – including how costs are managed. On prem infrastructure operates in 3-5 year lifecycles which can be planned and budgeted for accordingly. Due to the ease in which new services can be spun up in the cloud, cost can quickly balloon. Arraya’s Cloud Optimization service can prevent that by performing regular audits of cloud environments to help onsite IT right size while identifying opportunities for intelligent growth.

4. We can help ease your email overload.
Email isn’t going anywhere. However, there is a way to lessen the flow of messages, making inboxes far less intimidating. Arraya can work with IT and various lines of business to compile a picture of how these units collaborate and then help the organization craft a plan that utilizes a variety of modern tools – some of which they may already have access to – to lessen their reliance on email.

5. We’ll keep your virtual environment safe from north to south and east to west.
Many businesses only think of security as a constant battle to keep the bad people out, e.g., north to south security. However, organizations also need to be ready to limit the damage in case those perimeter defenses are breached, e.g., east to west security. Arraya can help organizations address this part of their VMware security posture in several ways, including, if appropriate, via one of the hottest industry trends, micro-segmentation.

6. We can be your CISO.
CISOs must wear many hats, including that of expert technologist and strategic thinker. Finding someone with the right mix of skills needed to succeed in that role can be difficult, however, Arraya has you covered. Our Cyber Security practice has years of real world experience and can step in and fill that role, working across departments and levels to align controls with business operations, comply with regulatory requirements, and more.

7. We can make your M&A easier.
In a merger or acquisition scenario, before two companies can become one, IT must first connect their unique technology environments. That’s the foundation upon which everything else must be built. Arraya has helped countless organizations navigate every step of the M&A process, from discovery, implementation and consolidation, all the way through the sun-setting of legacy systems. Our award-winning approach to these engagements can help businesses begin reaping the benefits of an M&A more quickly.

8. We can help earlier than you might think.
Arraya can do more than deploy and support solutions; we can help you find them as well. Our presales teams can engage with organizations during the planning, research, and design phases of an initiative. This enables organizations to leverage our team’s years of experience and expertise to weed out solutions from pretenders.

9. We can provide services globally.
Arraya’s usual stomping ground is the mid-Atlantic region of the United States. We were founded in 1999 just outside of Philadelphia and that’s where our primary headquarters has been located ever since. However, Arraya doesn’t shy away when confronted with a project that occupies a more global scale. Instead, we embrace it, providing further support to users and admins, either remotely or in person, regardless of their location.

10. Our workday doesn’t end at 5pm.
Technology issues don’t stick to a 9-5 schedule and so neither does Arraya’s support team. We have IT resources on call 24/7 to ensure that regardless of when something goes wrong, we’re ready to help handle it. The same is true for weekends because we understand that there are some things that simply can’t be put off until Monday and technology issues frequently fall under that banner.

Next steps: Where to go to learn more

Want to learn more about these or any of the other solutions and services Arraya offers? Visit us at: www.arrayasolutions.com/contact-us/. We can also be reached through our social media presence: LinkedIn, Twitter, and Facebook. While you’re there, feel free to leave us a comment about our posts or follow us to keep up with all of our latest industry insights and unique learning experiences.

 

by

The Arraya team was out in force for Microsoft Ignite last month and, even though I couldn’t make the trip, I did follow along with the blogs and news they sent back. As I read, I started thinking back on my own conference experiences and, while blogs can bring the energy (if the author conveys it well enough), there are few things like being in the room when a major technology advancement or a game-changing solution is announced. I love the adrenaline of those moments and I also love sharing them with customers. One of the great things about conferences is that they let companies like Arraya spend quality time with our customers. We can experience the future of technology together and brainstorm, in real time, how to use these advances to solve business challenges.

Beyond that, conferences also give us a chance to express something to customers we don’t always have a chance to: our gratitude. Now, obviously, we don’t take it lightly when customers open the doors to their IT environments to us and ask for our help. However, as we plan, execute, and support those initiatives, we aren’t always able to take time to show how much that trust means.

Going to a conference lets us slow things down – at least a little bit. There’s still plenty of rushing around, but you do have those times where you bump into someone in the hall between sessions and can catch up for a few minutes. Those chats are just one way to let someone know how much you appreciate what your companies accomplished together over the previous year. We can also set aside one night, book a spot at a local restaurant, and invite customers who are in town to a nice meal. Sure, in the grand scheme of things, these are small gestures, but I like to think they’re meaningful just the same.

It’s great to be a part of a company like Arraya that I know values these same things. Arraya believes strongly in taking the time to say thanks, so much so that it’s become one of our flagship events. Each October, Arraya holds its Open House and Technology Day. It’s an event where attendees can eat, drink, and hang out in a low key, casual environment – and maybe even enjoy a unique experience or two.  Last year, Arraya welcomed Philadelphia Eagle great and ESPN personality Ron Jaworski and “Jaws” regaled the crowd with tales of the football field and the boardroom. This year, attendees will be able to immerse themselves in a simulated world by way of some very cool virtual reality technology.

Even though I’ve been to Arraya’s Open House before, this is going to be my first time as a member of the team and I couldn’t be more excited. This year’s Open House will be held at Arraya headquarters on October 19th from 2:30 pm to 6:30 pm. The event is free, but we’d like you to register so we know how many people to expect. Visit arraya.rocks/events to save your place!

Whether you’ve never been to one before or you come out every year, I know you’ll have a great time. This is one more chance to show all of our partners and customers how appreciated and valued they are and I hope to see you on October 19th!

by

The way in which we consume network resources has fundamentally changed in recent years. Mobile users and IoT sensors and devices have altered the way we connect to and scale our networks. Cloud services have eroded our previously well-defined network edge. Due to these changes, an intelligent network must now be leveraged to provide insight to organizations and security to its users.

Since they were launched earlier this summer, the Cisco Catalyst 9000 series has grabbed a lot of attention. However, they’re not just worth keeping an eye on because they’re the latest and greatest gadget out there. Instead, they have a critical role to play in this transition between the traditional and the modern enterprise campus network.

Here are four reasons the Catalyst 9000 series is worth watching:

Reason #1: It’s a building block of tomorrow’s network

In a software world, hardware still matters. Cisco developed the Catalyst 9000 series with the UADP 2.0 (Unified Access Data Plane) ASIC to be the flexible building block of your next network architecture. The UADP chip is compatible with today’s software defined network, offering twice the performance and a slew of new features compared to its predecessor. As software-defined networking evolves over the coming years, UADP 2.0 will adapt to support the latest technology thanks to its programmable ASIC. A x86-based CPU and removable local storage adds to the elasticity of the platform, allowing for third party container-based apps to add additional insight and value to your enterprise network.

Reason #2: It’s actually three unique families

The Catalyst 9000 platform consists of three families of switches. At the fixed access layer, the Catalyst 9300 platform offers 1, 2.5, 5, or 10Gbps Multi-Gigabit access, including the support of PoE+/UPOE on the multi-gigabit ports. Today, critical enterprise infrastructure like lighting and sensors can be powered by your network infrastructure. Catalyst 9300 switches offer Perpetual PoE that provides continuous inline power in the event the switch reboots, even if the reboot was unplanned.

Reason #3: It can grow as you do

The Catalyst 9400 is built for modular scalability at the access layer, giving you the capacity to add up to 384 access ports and up to 9 Tbps of system bandwidth. Mission critical workloads will benefit from In Service Software upgrades, uplink resiliency, N+1/N+N power supplies, and Perpetual PoE.

Reason #4: It was made for tough workloads

Finally, the Catalyst 9500 platform is a fixed form factor aggregation/core switch that provides the high-speed backbone for the campus network, offering non-blocking 10/40 Gbps with advanced routing, network system virtualization, and software-defined access border capabilities. The 9500 series is designed to handle both today’s and tomorrow’s most demanding workloads.

Next steps: Learn more about tomorrow’s networks

Your network serves a critical role of connecting your expertise with resources needed to grow and adapt in a digital economy. The Catalyst 9000 switch platform will serve as the foundation for you to adapt and grow quickly, easily, and securely. Arraya Solutions is well positioned to help your company through this transition, whether you are just starting, or are already down the path. This platform will also unlock many new capabilities soon.

Want to talk more about the Catalyst 9000 platform and its place in the network of tomorrow? Contact the Arraya team and myself today by visiting us at: https://www.arrayasolutions.com//contact-us/.