Skip to main content

How enterprise networking is changing with a work-at-home workforce



As the coronavirus spreads, public and private companies, as well as government entities, are requiring employees to work from home, putting an unforeseen strain on all manner of networking technologies and causing bandwidth and security concerns. What follows is a round-up of news and traffic updates that Network World will update as needed to help keep up with the ever-changing situation. Check back frequently!

UPDATE 4.3

In an April 2nd call with the Federal Communications Commission chair, the nation’s largest telecom and broadband providers reported network usage during the COVID-19 pandemic had risen about 20–35% for fixed networks and 10–20% for cellular networks in recent weeks. In general, company representatives reported that their networks were holding up quite well, and they expected that resilience to continue. In their conversation with Chairman Ajit Pai, no providers expressed concern about their networks’ ability to hold up to increased and changing demand.
“Operators cited a general migration of traffic to suburban, exurban, and residential areas as more people work, learn, and access services from home during the pandemic. They said they would continue to monitor hotspots to be ready for any issues and proactively increase capacity in case peak traffic rises unexpectedly,” the FCC stated. The call included Altice USA, AT&T, CenturyLink, Charter, Cincinnati Bell, Consolidated Communications, Comcast, Cox, DISH, Frontier, Hughes, Mediacom, Northwest Fiber, Sprint, T-Mobile, TDS Telecom, TracFone, U.S. Cellular, Verizon, ViaSat, and Windstream.
Broadband Now reported on April 1 that more of America’s most populous cities saw decreases in median download speeds this week compared to the last. 117 cities (59%) have now shown signs of potential network strain, up from 88 cities (44%) in the previous week’s report. The company wrote that 117 (59%) of the top 200 cities it was tracking have experienced download-speed degradations over the past week compared to the first 10 weeks of 2020. Five cities have observed download speed dips greater than 40%. In addition, 144 (72%) cities have experienced degradation in upload speeds, with three seeing decreases greater than 40%.
Verizon reported that its Northeast and Mid-Atlantic regions appear to have the most people in the nation staying at home, according to its Verizon Network Report. Online collaboration surge nearly 10X versus a typical day, and growth in other internet uses has started to stabilize.
Meanwhile, AT&T said its core network traffic — which includes business, home broadband and wireless usage — was up 18% through April 1 compared to the same day in March. In a blog AT&T also noted a 700% increase in connections to its secure, cloud-based SD-WAN Static Network Based (ANIRA) service in the past few weeks. ANIRA uses IPSec to authenticate and encrypt data packets over the broadband network.
As many business and consumer users deploy videoconference services one of the most popular — Zoom — has also attracted attackers. So much so that the FBI on April 1 issued a warning saying that as large numbers of people turn to video-teleconferencing (VTC) to stay connected, reports of VTC hijacking, or “Zoom-bombing,” are emerging nationwide.
Malicious actors may target communication tools including VoIP phones, video conferencing equipment and cloud-based communications systems to overload services and take them offline or eavesdrop on conference calls. Cyber actors have also used VTC hijacking to disrupt conferences by inserting pornographic images, hate images or threatening language.
As a result, some companies have banned or limited the use of Zoom, reports say. Reuters for example wrote that Elon Musk’s rocket company SpaceX has banned its employees from using Zoom, citing “significant privacy and security concerns.” The FBI offered the following steps to help mitigate the problem:
  • In Zoom, there are two options to make a meeting private: require a meeting password or use the waiting room feature and control the admittance of guests.
  • Do not share a link to a teleconference or classroom on an unrestricted publicly available social media post. Provide the link directly to specific people.
  • Manage screensharing options. In Zoom, change screensharing to “Host Only.”
  • Ensure users are using the updated version of remote access/meeting applications. In January 2020, Zoom updated their software. In their security update, the teleconference software provider added passwords by default for meetings and disabled the ability to randomly scan for meetings to join.

UPDATE: 3.30

AT&T said its core network traffic — which includes business, home broadband and wireless — was up 24% through March 30 compared to the same day last month. It broke down some mobility traffic patterns as well: voice calls: +33%, instant messaging: +63%, text messaging: +41%, email: -18%, web browsing: -5%, video: +4% (also accounts for over half of all mobility traffic). It also usage for conferencing: AT&T’s global audio-conferencing solution: +200%; audio, web and video conferencing tools: +400%; Large-scale webcast events: +200%.
AT&T said its investment in artificial intelligence technology is helping it keep up with demand. For example, the company said AI is helping remotely troubleshoot and diagnose problems with customer equipment, by identifying the cause or even proactively identifying a potential issue before it occurs. “We’ve expedited deployments of new AI capabilities in certain markets that will allow us to balance the traffic load within a sector and across sectors to help avoid overloading specific cells and improve the experience.”
DNS vendor BlueCat says it has been tracking the use of DNS over HTTPS (DoH) — a method of encrypting queries to prevent visibility into DNS traffic patterns. Over the last week through March 27, the company said it has seen a massive increase in the use of DoH across its customer base wrote Ben Ball, director of strategy and content marketing at BlueCat in a blog about the trend. “In the course of a single weekend, the number of endpoints attempting to use DoH went from an average of 90 to about 1,400. That’s a 1,500% increase in the use of DoH. Around 45% of these queries are from Firefox (which now activates DoH by default). Aside from that, we’re seeing queries to eleven different DoH services from all kinds of applications. DoH usage is fairly uniform across our customer base as well — this isn’t one company or industry vertical; this is a broad trend. While we haven’t seen any clear indications that any of these queries are from DoH enabled malware, that is an emerging threat that we are tracking,” Ball stated.
Ookla’s SpeedTest shows mean download speed over fixed broadband declined only slightly in Mexico and the U.S. when comparing the week of March 23 to that of March 16, while a decline in Canada’s mean download speed over fixed broadband was more evident. Mean download speed over mobile was down in the U.S. and Canada during the week of March 23, while it rose slightly in Mexico during the same period.

UPDATE 3.27

Broadband watchers at BroadbandNow say users in most of the cities it analyzed are experiencing normal network conditions, suggesting that ISP’s (and their networks) are holding up to the shifting demand. In a March 25 post the firm wrote: “Encouragingly, many of the areas hit hardest by the spread of the coronavirus are holding up to increased network demand. Cities like Los Angeles, Chicago, Brooklyn, and San Francisco have all experienced little or no disruption. New York City, now the epicenter of the virus in the U.S., has seen a 24% dip out of its previous ten-week range. However, with a new median speed of nearly 52 Mbps, home connections still appear to be holding up overall.”
Other BroadbandNow findings included:
  • Eighty eight (44%) of the 200 cities it analyzed experienced some degree of network degradation over the past week compared to the 10 weeks prior. However, only 27 (13.5%) cities experienced dips of 20% below range or greater.
  • Seattle download speeds have continued to hold up over the past week, while New York City’s speeds have fallen out of range by 24%. Both cities are currently heavily affected by the coronavirus pandemic.
  • Three cities — Austin, Texas, Winston Salem, N.C., and Oxnard, Calif. — have experienced significant degradations, falling out of their 10-week range by more than 40%.
Cisco’s Talos threat-intelligence arm wrote on March 26 about the COVID security threat noting what it called three broad categories of attacks leveraging COVID with known advanced persistent threat participation in: Malware and phishing campaigns using COVID-themed lures; attacks against organizations that carry out research and other work related to COVID; and fraud and disinformation. From an enterprise security perspective, Talos recommended:
  • Remote access: Do not expose Remote Desktop Protocol (RDP) to the internet. Use secure VPN connections with multi-factor authentication schemes. Network access control packages can be used to ensure that systems attempting to remotely connect to the corporate environment meet a minimum set of security standards such as anti-malware protection, patch levels, etc,. prior to granting them access to corporate resources. Continually identify and remediate access-policy violations.
  • Identity Management: Protect critical and public-facing applications with multi-factor authentication and supporting corporate policies. Verify that remote-account and access-termination capabilities work as intended in a remote environment.
  • Endpoint Control: Because many people may be working from home networks, endpoint visibility, protection, and mitigation is now more important than ever. Consider whether remediation and reimaging capabilities will work as intended in a remote environment. Encrypt devices where possible, and add this check to your NAC solution as a gate for connectivity. Another simple method of protecting endpoints is via DNS, such as with [Cisco’s] Umbrella, by blocking the resolution of malicious domains before the host has a chance to make a connection.
In an FAQ about the impact of COVID-19 on fulfilling customer hardware orders, VMware stated: “Some VMware SD-WAN hardware appliances are on backorder as a result of supply chain issues. As a result, we are extending the option to update existing orders with different appliances where inventory is more readily available. Customers may contact a special email hotline with questions related to backordered appliances. Please send an email to sd-wan-hotline@vmware.com with your questions and include the order number, urgent quantities, and contact information. We will do our best to respond within 48 hours.”
Cisco said it has been analyzing traffic statistics with major carriers across Asia, Europe, and the Americas, and its data shows that typically, the most congested point in the network occurs at inter-provider peering points, Jonathan Davidson, senior vice president and general manager of Cisco’s Mass-Scale Infrastructure Group wrote in a blog on March 26. “However, the traffic exchanged at these bottlenecks is only a part of the total internet traffic, meaning reports on traffic may be higher overall as private peering and local destinations also contribute to more traffic growth.”
“Our analysis at these locations shows an increase in traffic of 10% to 33% over normal levels. In every country, traffic spiked with the decision to shut down non-essential businesses and keep people at home. Since then, traffic has remained stable or has experienced a slight uptick over the days that followed,” Davidson stated.
He said that traffic during peak hours from 6 p.m. and 10 p.m. has increased slightly, but is not the primary driver for the overall increase. Busy hours have extended to 9 a.m. 10 p.m., although the new busy-hour (9 a.m. to 6 p.m.) traffic is still below the traditional peak hours. “Service providers are certainly paying attention to these changes, but they are not yet a dire concern, as most networks are designed for growth. Current capacities are utilized more over the course of the entire day,” he wrote.
Spanish multinational telecommunications company Telefonica ‘ said IP networks are experiencing traffic increases of close to 40% while mobile voice use is up about 50% and data is up 25%. In general, traffic through IP networks has experienced increases of nearly 40% while mobile use has increased by about 50% for voice and 25% for data. Likewise, traffic from instant-messaging tools such as Whatsapp has increased fivefold in recent days.


Originally published at https://www.networkworld.com.

Comments

Post a Comment

Popular posts from this blog

Google can now help you figure out that song stuck in your head - all you have to do is hum (or whistle) into your phone

  Google just launched its “hum to search” feature, which allows users to hum, whistle, or sing for 10–15 seconds in order to identify a song. The feature currently works in 20 languages, and Google hopes to add more. Google has finally launched the perfect feature for when a song is stuck in your head but you don’t know any of the words. “Hum to search” launched today on both the Google app for iOS and Android, according to Google’s blog, The Keyword. Users can also whistle or sing directly into the mic to identify a song. The technology works like this: the user can hum (whistle, or sing) for 10–15 seconds, and then Google’s technology takes the song’s melody and turns it into a numbers-based sequence. From there, the sequence can be used to “identify songs based on a variety of sources, including humans singing, whistling or humming, as well as studio recordings,” according to Google’s announcement. The sequence also strips away any other outside noise, like accompanying instru...
Post a Comment
Read more

Ransomware's Dangerous New Trick Is Double-Encrypting Your Data

  Ransomware groups have always taken a more-is-more approach . If a victim pays a ransom and then goes back to business as usual-hit them again. Or don’t just encrypt a target’s systems; steal their data first, so you can threaten to leak it if they don’t pay up. The latest escalation? Ransomware hackers who encrypt a victim’s data twice at the same time. Double-encryption attacks have happened before, usually stemming from two separate ransomware gangs compromising the same victim at the same time. But antivirus company Emsisoft says it is aware of dozens of incidents in which the same actor or group intentionally layers two types of ransomware on top of each other. “The groups are constantly trying to work out which strategies are best , which net them the most money for the least amount of effort,” says Emsisoft threat analyst Brett Callow. “So in this approach you have a single actor deploying two types of ransomware. The victim decrypts their data and discovers it’s not act...
Post a Comment
Read more

WhatsApp Users Exchanged Over 100 Billion Messages on New Year’s Eve, A New Record

WhatsApp is one of the most widely used communication apps on the planet and as such, clocks an insane number of messages and media exchanges on a daily basis. But the New Year's Eve broke a record that has been standing since WhatsApp's debut a decade ago. WhatsApp has revealed that users exchanged over 100 billion messages on New Year's eve. And out of that number, more than 20 billion messages were shared by Indian users alone. Moreover, around 12 billion out of the 100 billion+ messages shared on the platform were images. WhatsApp wrote in a press release that over 100 billion messages were shared globally on December 31 in the 24-hour duration leading up to the midnight of New Year's Eve. This is a record-breaking volume and is the highest number of messages exchanged in a single day ever since WhatsApp kicked off its services ten years ago. Out of those 100 billion+ messages shared on New Year's eve, WhatsApp says over 12 billion were images. Meanwhile...
Post a Comment
Read more