Low-bandwidth website delights customers

ICICI Securities has been a pioneer in the online share trading business since SEBI permitted this in 2000. The firm felt the need to build a platform which could be used by its customers to trade over slow Internet connections especially in remote locations. To meet the needs of such customers, the firm decided to create a low-bandwidth website that allows customers to access the site over slow Internet connections or on their GPRS-enabled mobile phones.

The firm took care to ensure that the screen size is optimized for mobile devices. There is no need to install any client application software on to the handset as it works through a browser. Today, the low-bandwidth site provides all customers an alternative option to access the site wherein they faced Internet speed issues. This website is also compatible with all mobile handsets and the provision of light pages makes rendering pages extremely fast. On an average, the portal has 10 million hits generating about 500,000 trades per day through 80,000 unique customers. The ICICIdirect.com trading site is the largest online trading platform in India and amongst the top 5 in the world in terms of transaction volume.

Today, 15 percent of the firm’s customers have already used this channel. The firm has also gained from a good increase in trading volumes as a result of this additional channel. The website also gives the firm access to a growing number of mobile users who access the Internet on their mobiles. As of now about 15 percent customers have used the channel. The company expects this to grow to about 25 to 30 percent by the end of 2010. ICICI Securities finds there has been a good increase in trading volumes as a result of this additional channel.

Highlights

• 15 percent of the firm’s customer base has already used this channel. The firm expects this to grow to about 25 to 30 percent by the end of 2010
  
  ICICI Direct is a EDGE award winner. The complete list of EDGE winners has been published in the October 2010 print issue of InformationWeek

Microsoft challenges Google to offer patent indemnification

Skirmishes between Microsoft and Google became more intense this week, first with Google asking Microsoft to stop copying its search results, then with Microsoft ridiculing Google's naivete about patent risks.

Not that any of this is really unprecedented. Google and Microsoft have been locking horns quite frequently of late. Recall Google's ongoing lawsuit against the Department of the Interior for an IT contract that favored Microsoft, which followed Google's complaints about another supposedly rigged contract from the State of California.
 
But a lengthy blog post published Wednesday by Dean Hachamovitch, Microsoft's corporate vice president in charge of Internet Explorer, lays bare a rift that threatens Web browser interoperability. This is more than the usual contract bloodsport; it's about control, of the Web standards process and of the direction of Web innovation.

Software makers using the H.264 video codec, based on patents owned by Apple and Microsoft among others, may be subject to licensing fees. Supporters of open source software typically won't accept such licensing terms. So Google recently decided to cease supporting the H.264 video codec in Chrome. Instead, it will only support WebM and Theora, two open source video codecs.

Chrome users who wish to access video encoded with a different video codec, like H.264, will have to do so using a browser plug-in or extension, which is the way that Adobe Flash content is accessed.

So Microsoft has decided to offer just such an extension, as it has done for Firefox users -- Mozilla, like Google, doesn't want to support H.264. Claudio Caldato, principal program manager for Microsoft's interoperability strategy team, on Wednesday announced a Google Chrome extension to enable Windows 7 users of Chrome to play H.264 video.

But Microsoft is doing so under protest. Hachamovitch suggests that supporting WebM just because it's open is naive and won't save anyone from potential patent claims.

"Offers of 'free' or 'royalty-free' source code and strong assertions that the technology is 'not patent encumbered' don't help when a patent holder files a complaint that your video, your site, or your product infringes on her intellectual property," he wrote." The only true arbiter of infringement, once it's asserted, is a court of law. Asserting openness is not a legal defense."

This is a longstanding complaint raised about open source software, one open source supporters typically characterize as "FUD" -- an effort to create fear, uncertainty, and doubt in order to steer companies away from open source code. It's also not necessarily untrue, as Oracle's lawsuit against Google's alleged misuse of Java in Android demonstrates. The unfortunate reality about patent law is that the potential payout for filing and winning a patent lawsuit is significantly higher than the cost of filing and losing one. For companies with deep pockets and strong patent portfolios, patent litigation is often a gamble at favorable odds.

Given that reality, Hachamovitch insists that Microsoft is willing to work toward a Web standard for video if Google is willing to pay any legal fees and judgements arising from patent claims.

"...Microsoft is willing to commit that we will never assert any patents on VP8 if Google will make a commitment to indemnify us and all other developers and customers who use VP8 in the future," he wrote.

Google did not immediately respond to a request for comment.

57 percent Indian SMEs use websites as a sales channel: Google

Indian SMEs are reaping the benefits of using the Internet to grow their business. According to a recent study conducted by Google India, more than 57 percent of SMEs use their website as a sales channel and to get direct business leads.                  

While accessing email is the number one purpose for using the Internet, a majority of SMEs (71 percent) also use the Internet to search for vendors and suppliers. About 40 percent of them use the Internet to create online listings and advertise online. In terms of mediums used to advertise, traditional media like newspaper and outdoor ads still lead the advertising spends for SMEs, but Internet is emerging as one of the fastest growing medium for advertising with 58 percent of SMEs with websites using the Internet to generate business leads.   

Amongst the SMEs who have an online presence, 56 percent of them feel that the Internet is a cost effective medium as compared to traditional advertising medium like print and television. 79 percent of SMEs believe that Internet advertising can provide greater reach. A closer analysis of the marketing spends of the SMEs reveals that SMEs with marketing spends between Rs 25-70 lakh per annum tend to spend higher on the online medium and rely less on traditional media like print and television. But majority of the spends (43 percent) comes from SMEs who spend between 12 to 25 lakh on advertising on an annual basis, reflecting the low cost benefit of the Internet.

Sridhar Seshadri, Head of Online Sales, Google India said, “While the absolute number of SMEs with an online presence is very low compared to actual businesses in India, we’re pleasantly surprised to see increasing understanding amongst Indian SMEs to use the web for business growth. In the last two years we have seen a significant increase in the number of businesses that have started to advertise online. But with over 35 million SMEs in the country, we have a long way to go. Google India is working on a number of programs to educate more SMEs on how they can get online and use the Internet as a primary sales channel.”
 
Among all the SMEs surveyed, SMEs from Insurance, Technology B2B, IT Hardware, and Travel & Tourism spend around 30-45 percent on online marketing.  Annual average online spends are high among SMEs from Media & Entertainment, Gems & Jewellery and Apparel. Additionally, Banner/Display Advertising and Email Marketing are the most popular form of Internet advertising and 30 percent SMEs use search engine advertising to market their product and services.      

80 percent of browsers have known vulnerabilities

Roughly 80 percent of browsers today are insecure, owing to their having a known vulnerability either in the browser itself, or due to a vulnerable plug-in, such as an outdated version of Shockwave, Flash, the Java runtime environment, or QuickTime.

That finding comes from research conducted by vulnerability management and security policy compliance vendor, Qualys. The results are based on the 200,000 people who, over the past 6 months, used the company's free BrowserCheck tool, which looks for known vulnerabilities in Internet Explorer, Firefox, Chrome, Safari, and Opera browsers, running on Windows, Mac OS X, or Linux machines. About 10 percent of people who used the tool appeared to be doing so from a corporate network.
 
Interestingly, more than half of browser vulnerabilities stem from plug-ins. "The number was very high for the plug-ins, higher than I had expected," said Wolfgang Kandek, CTO of Qualys, in an email interview.
 
The most common insecure browser plug-ins in use are (in order): Java, Adobe Reader, QuickTime, Flash, Shockwave, and Windows Media Player. Many of these plug-ins are widespread -- 97 percent of computers have the Adobe Flash plug-in installed, and 95 percent have one for Windows Media Player.

Meanwhile, only about 20 percent of browsers are insecure due to the native browser application (not counting plug-ins). Kandek said that's testament to browser makers' structured approach to updates, which includes alerting users or simply updating browsers automatically when a new version becomes available.

Unfortunately, few plug-ins auto-update. Accordingly, it's up to IT departments to secure them. "Focus attention on the plug-ins of the browsers, determine if plug-ins are actually necessary, [and] look for plug-ins that have an update program," said Kandek.

One piece of good news from the study is that while 80 percent of consumers today are using insecure browsers, that's down from a high of nearly 90 percent in June 2010. What accounts for the improvement? "A number of factors play a role for the small decline, but we have seen good acceptance of the new Adobe Reader X, which has reduced the exposure for PDF users in general," said Kandek.

HCL Infosystems gets broadband connectivity project from Indian Railways

HCL Infosystems, hardware, services and ICT system integration company, has won a prestigious project of providing broadband connectivity to the Indian Railways. The company will provide end to end ADSL 2+ Broadband Network on Indian Railways enterprise Wide Area Network through RailTel Corporation of India, a PSU under Ministry of Railways. Through this solution, the Indian Railways will be providing dedicated broadband high-speed Internet service to various railway offices and residences across the country at total 108 locations including the 16 zonal railway HQ, 67 divisional railway HQs., Railway’s centralised training institutes and  production units

The company will be a turnkey provider for deploying the ADSL2+ broadband network with full responsibility of the network design and planning, deployment, and service roll out and maintenance of the network.

Rajeev Asija, Chief Operating Officer - Enterprise Business, HCL Infosystems said, “The current solution will be capable of supporting approximately 30,000 users and will provide the operator with network flexibility, scalability for innovation and a rapid return on investment.” 

ICANN's domain name plan could spell trouble

The organization that oversees Internet domain names has approved a plan to dramatically increase the number of top-level domains available for use, eliciting objections from critics.

At present, there are 22 generic top-level domains (gTLDs), such as .com, .net., and .org. The Internet Corporation for Assigned Numbers and Names (ICANN), the non-profit group charged with managing the domain name system, has decided to allow organizations to apply to create custom gTLDs in any language or script, at a cost of about USD 185,000.

ICANN expects that its plan will lead to the creation of several hundred new gTLDs, such as .canon, which Canon, the Japanese electronics company, has said it is seeking to register. Hitachi is another company that has said it will apply for its own gTLD.

Rod Beckstrom, president and CEO of ICANN, in a statement characterized the decision as a way to "unleash the global human imagination" and expressed the hope that "this allows the domain name system to better serve all of mankind."

Lauren Weinstein, co-founder of People For Internet Responsibility and founder of Privacy Forum, believes the plan will serve ICANN and the domain-name industry, enriching the "domain-industry complex" at the expense of everyone else.

"I believe we may see billions of dollars being wasted in ICANN's new gigantic gTLD 'domain name space'--mostly from firms falsely hoodwinked into thinking that new domain names will be their paths to Internet riches, and from firms trying to protect their names in this vastly expanded space, ripe for abuses," Weinstein wrote in a blog post on Monday.

Weinstein argues that the expansion of the domain name space is likely to result in more spamming, phishing, and cybersquatting--the process by which domain speculators purchase domains associated with a brand to profit from searches related to the domain or to profit from the domain's eventual sale to the brand owner.

The Software & Information Industry Association (SIIA), a technology trade group, voiced similar concerns. "This new gTLD program, as currently formulated, represents a significant challenge to trademark and copyright owners," said Scott Bain, SIIA's chief litigation counsel and a participant in ICANN, in a statement. He expects that organizations and individuals with intellectual property interests will have to spend more time and money fighting cybersquatting and policing infringement.

ICANN expects to begin publicizing the coming change in the domain name system shortly and to accept applications starting January 12, 2012.

In the first quarter of 2011, 4.5 million domain names were added to the Internet, according to Verisign, which manages the .com and .net registries, among others. Across all the gTLDs, there are some 209.8 million domain registrations, the company said.

Enterprises are not ready for IPv6

The Internet Society predicts that IPv4 addresses allocated to Regional Internet Registries will run out this year. When that happens, many new applications and services will only support IPv6. Enterprises will be compelled to migrate from the universal IPv4 to IPv6.

IPv6 is the successor to IPv4, which has been the standard Internet communication protocol since 1981. IPv4 uses 32 bit addressing which translates to a few billion addresses. While these addresses were adequate during the years, when the protocol was conceived, given the Internet growth today, they will soon be exhausted.

IPv6 on the other hand uses 128 bit addressing thereby increasing the number of available addresses to an amount large enough to support the addressing for the entire earth’s growing Internet population.

Are enterprises IPv6 ready?

The move to IPv6 is already happening with service providers and some of them are close to implementation stage. Many government organizations have also received mandates to migrate their systems in anticipation of the need to support IPv6 protocol.  

The somber truth is that the majority of business enterprises are not IPv6-ready.  They are either still evaluating or in the planning stage because of a lack of awareness and understanding of how to manage the transition to IPv6.  Nevertheless, these enterprises eventually must make the shift to IPv6 because users, employees and consumers will demand it.  Users and new devices which will be IPv6-capable will drive the change.

For instance, in case of a bank, customers will access internet banking services via newer, IPv6-capable devices. However, if the bank’s applications are still IPv4-based, there will be a breakdown in connection, resulting in the bank not being able to offer online services. This could in turn have a strong negative impact on the bank’s business.

What does it take to move to IPv6?

Migration strategy

It is not as daunting as it seems if enterprises adopt a smart IPv6 migration strategy that consists of three stages.

The first stage is to install a gateway appliance to provide a smooth transition between the two standards. Stage two involves the building of the network infrastructure while the last stage is to get applications to be based on IPv6.

The migration process may take from a few months to a few years. The interim solution of using a gateway appliance allows enterprises to continue with business as usual while giving them time to build a new infrastructure and rewrite applications to be IPv6-capable.

Today, appliances are available as an IPv4 and IPv6 gateway.  This is the ideal solution as the appliance can operate seamlessly in the mixed IPv4 and IPv6 environments.

It gives enterprises the freedom to test, move and migrate their existing infrastructure at a controlled and manageable pace.  Enterprises can also opt for a multi-function appliance that not only acts as a gateway but also, provides application security, high availability and acceleration.

Typically, a gateway appliance is situated between the clients and the servers to provide client applications. Here, the appliance can provide virtualization and high availability functions, making several physical servers with private IP addresses look like a single entity with a virtual IP address. This virtualization capability provides the company the opportunity to migrate either clients or servers to IPv6 networks without changing everything all at once.

Possible migration scenarios

There are two possible scenarios for a smooth, controlled migration strategy. Enterprises can either move the client to IPv6 while keeping the servers on IPv4, or they can migrate servers to IPv6 while leaving the clients in an IPv4 environment. Moving the client to IPv6 requires all clients to be capable of attaching to the network via IPv6-enabled pathways.

Most enterprises will find it easier to begin migrating servers (applications) before client devices, simply because the servers are completely under their control whereas devices are often not.

In migrating servers, the gateway appliance is placed between the servers and the clients, and an IPv6-capable server network is added to the appliance/gateway.  The result is that the network will have IPv4 on the front/client side of appliance, and both an IPv4 and IPv6 network behind it.

Once the IPv6 network is established, the servers can be moved over from the IPv4 network. As all client devices in the future will be IPv6-based, it is imperative that enterprises ensure that their infrastructure and applications are IPv6 capable.

World IPv6 Day aims to raise the awareness of IPv6 and the importance of being ready to make the move. Internet service providers have already laid the groundwork for this new era in the internet. Enterprises too can seize this opportunity to be at the frontier and gain the competitive edge.

Global tech leaders promote open internet

Global government and business IT leaders from 34 countries have put their heads together to come up with a set of policies to maintain the Internet as a forum for open communication and expression.

The policies are similar to ones the Obama administration developed in May to steer the country's own cyberspace-related activities so as to foster a more open, interoperable, secure, and reliable cyberspace through global cooperation. They also are in line with the administration's overall goal to promote government transparency and accountability through the use of the Internet.

A group of public- and private-sector IT leaders--including Internet pioneers Tim Berners-Lee and Vint Cerf--convened last month and developed 14 key policies aimed at ensuring the Internet can continue to foster technological and economic innovation while "concomitantly meeting certain public policy objectives, including the protection of privacy, security, children online, and intellectual property," according to a communique, which is available online.
 
The document was developed at a meeting of the Organisation for Economic Co-operation and Development (OECD), a global organization to promote policies aimed at improving the economic and social well-being of people around the world, according to its website.

In a blog post, White House Deputy Chief Technology Officer for Internet Policy Danny Weitzner and Karen Kornbluh, U.S. ambassador to the Organization for Economic Cooperation and Development, cited recent comments by President Obama to demonstrate the administration's commitment to keeping the Internet open and free for everyone to use.

"As the president told a group of students in China, 'I can tell you that in the United States, the fact that we have free Internet--or unrestricted Internet access--is a source of strength, and I think should be encouraged ... the more freely information flows, the stronger the society becomes,'" according to the post.

The officials decried policy such as that taken by the government of Iran last month to disconnect Iranian Internet services from the rest of the world, and said the new policies are aimed at preventing such activity from happening.

"There are calls for greater governmental and inter-governmental, top-down, one-size-fits-all control over the Internet," they said in the blog. "If these trends continue, they risk balkanizing the Internet--with high costs in both economic opportunity and the realization of human rights."

Indeed, the Obama administration's cyberspace-policy guidelines stressed the value of the Internet in the global economy and aimed to balance openness with privacy protection and security. It was in this same spirit that global leaders developed the new Internet policies, Weitzner and Kornbluh said.
 
Among policies listed in the communique are to promote and protect the global free flow of information on the Internet and to maintain the open, distributed, and interconnected nature on which the World Wide Web was built.

Other policies communicated by the group with the hopes they will be adopted globally include: ensuring transparency, fair process, and accountability; cooperating in a joint Internet policy development process that takes various stakeholders into account; strengthening consistency and effectiveness in privacy protection; promoting creativity and innovation; developing capacities to bring publicly available, reliable data into the policy-making process; strengthening consistency and effectiveness in privacy protection at a global level; and fostering voluntarily developed codes of conduct for Internet behavior.

How IPv6 contributes to a more agile and responsive organization

In today’s hyper-connected world, enterprises and consumers alike are more dependent on technology than ever before. It’s everywhere — as prevalent in our personal lives as our professional ones. We are now accustomed to being constantly connected; regularly demanding more sophisticated Internet-based applications that run on a wide variety of devices from PCs to tablets and smart phones. This prevalence of Internet applications is one force driving organisations towards using the IPv6 internet address protocol, as IPv6 provides a much greater number of internet addresses compared to IPv4. And with unallocated IPv4 address space nearing exhaustion, the move to IPv6 provides the means to ensure the future of IP based applications and the Internet itself. However, if these applications are to be available to the public, organisations need to ensure that their networks and those of their network provider are ready to support them.  So what does a migration to IPv6 really mean and what are the benefits?

IPv4 vs. IPv6
Historically, the driver for the transition to IPv6 has been the depletion of IPv4 addresses. This is rapidly accelerating due to the global expansion of Internet connectivity, particularly in Asia. Current industry forecasts for exhaustion of the unallocated IPv4 address space range from 2011 to 2014. In addition to the address depletion, there’s growing recognition that IPv6 will present significant opportunities for enterprises, as new wired and wireless devices are developed around the world.

IPv6 is capable of handling many more Internet addresses to support both today’s applications and those yet to come.  It will make it possible to increase the current 4 billion IPv4 addresses to roughly 340 trillion trillion trillion IPv6 addresses; this is down to IPv6 using 128-bit addresses in comparison to only 32-bit used by IPv4. This abundance means that globally unique IPv6 addresses can be assigned to objects within an enterprise environment, removing the need for private addressing, and consequently eliminating the capital, operating costs and complexity associated with deploying and maintaining Network Address Translation (NAT) devices.

The road to long term growth, scalability and cost reduction

Although some initial network and system investment may be required, from an overall cost perspective IPv6 can help manage — and potentially reduce — network and IT operating expenses over time. For example, the auto-configuration feature offered by IPv6 can help enterprises improve manageability and also streamline network administration costs.

Potential cost benefits do not stop there. The local support for mobility permits the seamless integration and management of a mobile workforce into an enterprise. Plus IPv6 will enable the continued deployment of multimedia collaborative systems, helping enterprises obtain global greening and IT efficiency benefits by reducing the need for travel - therefore reducing the carbon footprint of the connected enterprise. What’s more, as both public and private IP networks are moving toward the use of IPv6 technology, investment in IPv6 rather than existing IPv4 applications provides investment longevity, fuelling longer term growth and scalability.

Opening new revenue streams and greater communications potential
All indications are that IPv6 will open up additional revenue streams through the development of newer, more sophisticated products to meet the demands of the IPv6 user.

One of the most important value propositions of IPv6 is its role in facilitating the emergence of the “Internet of Things” — also sometimes called “machine to machine communications” — a network interconnecting common objects equipped with embedded miniaturized intelligence modules. The enormous address space of IPv6 will enable support of smart appliances, mobile devices and associated services that will underpin the envisaged Internet of Things. In reality this means that machine-to-machine transactions — conducted without any human intervention — will be possible. In the connected enterprise, this will give rise to improvements in operational automation, productivity and efficiency.

Futurists have speculated the Internet of Things could potentially result in one of the largest transformations of human civilization subsequent to the Industrial Revolution. This evolution will represent a significant paradigm shift in the telecommunications sector and will create ripple effects on other industry segments. Because the number of objects that can be connected to the IPv6 network is infinite, this advancement will create unlimited market spaces for products and services that support machine-to-machine interaction.

An obvious reason for organisations to migrate to IPv6 is the potential to develop, support, and use the new and powerful applications enabled by the technology. These include applications such as sensor networks and telemetry applications for monitoring remote objects (e.g, vending machines, utility meters, etc.); streamlined battlefield communications, including access to real-time information about equipment and personnel vehicle-based applications, such as remote assistance and tracking capabilities, including on-board diagnostics and inventory management and control through integration with radio frequency identification (RFID) systems.
 
IPv6 also enables the deployment and evolution of fourth generation wireless networks such as 4G Long Term Evolution (LTE), which will substantially increase bandwidth capacity available to end-users.

When is it the right time to transition? 
In light of technical developments and the benefits offered by IPv6, one can argue that the transition to IPv6 is inevitable. However, the basic dilemma confronting enterprises is not whether to evolve to IPv6, but when and how to implement the transition.

In essence, major communications carriers must deploy IPv6 in their networks before their customers can take full advantage of its benefits. Organizations should therefore turn to experienced carriers that share their own commitment to IPv6 in order to support their own migration process. Verizon, for example, made an early commitment to evolve its global public and private IP networks to support IPv6, and was one of the first carriers to deploy IPv6 on its public IP backbone.

A key starting point for any organisation migrating to IPv6 is to establish an overall company-wide strategy for a smooth IPv6 adoption. Generally, a phased transition plan will minimize associated incremental costs and risks. Due diligence should include considering what the IPv6 requirements will be in future planned product replacements; ensuring that IPv6 compliance is mandated when procuring new hardware and software; and most importantly allocating investment for staff training and IPv6 competency development. Then, following this initial preparation, an organisation can clearly determine which transition method is right for its individual business.
 
IPv6 is the future
IPv6 is no longer just a solution to IPv4 address depletion; it is a driver for sophisticated new business models that could transform, automate, and optimize the enterprise operating environment. IPv6 can usher in new opportunities for the way people do business and communicate. The key to harnessing this IPv6 potential is preparation, understanding, and developing a clear path for making the initial move.

Is social networking part of the CIO job description?

Were I to ask you whether corporate wikis, video conferencing, and enterprise collaboration tools fall within the bailiwick of the CIO and the IT department, I'm certain you'd say "yes." You might even mutter your assent with an expansive, rueful sigh -- because responsibility for the research, purchase, deployment, training, ROI, and engagement of these tools isn't always happy and fulfilling.

Despite their manifold attractions, corporate wikis, video conferencing, and enterprise collaboration tools continue to suffer from limited, unenthusiastic user engagement. Even so, some of the same users who are loath to use those feature-rich, customizable enterprise tools are eager, active users of free, public, third-party social networking sites like Facebook, LinkedIn, and Twitter.

True, these sites don't necessarily offer all the features of an enterprise tool. True, the IT department doesn't need to buy, deploy, or manage any new equipment every time an employee opens a Facebook account. Nevertheless, shouldn't CIOs and IT managers push those expensive enterprise collaboration plans onto the back burner, and instead take on a bigger role in their business's use of public social networking sites?

Social networking initiatives are often driven by marketing departments (which seem to want everyone happily tweeting about good news all the time, and bad news none of the time). Historically, social networking use has often been discouraged by others in the company -- either because of the assumption that time spent on social networks is time wasted, or because social networks invite new security threats into the network.

The arguments against social networking are now starting to sound rather stodgy and out-of-touch. There are (somewhat surprisingly) real business benefits to social networking -- benefits that extend beyond basic marketing. This week's debut of Google+ is already stirring up fantasies of free, open, easy-to-use, scalable social networking that seamlessly integrates with productivity software and video-conferencing.

So are CIOs responsible for the enterprise's social networking use? Should you be responsible for researching social networks' capabilities? Training employees to use them? Proposing innovative business uses for them?

My instincts tell me that most CIOs and IT managers do not list these tasks in their job descriptions. You might take it upon yourselves to control or monitor enterprise use of social networks, but not to enable or drive that use.

Maybe my instincts are wrong. So tell me, how do you see your role in your company's use of public social networks like Facebook, Twitter, LinkedIn, and Google+?

India ranks 17 globally in terms of unique IP addresses

India ranks 17 globally in terms of unique IP addresses, 7 in terms of attack traffic origination, and 109 in terms of connectivity speed, according to the first quarter, 2011 State of the Internet report released by Akamai Technologies. The report is based on data gathered from the Akamai Internet platform, which carries between 15-30 percent of the world’s web traffic at any time, and highlights the challenges and opportunities for Internet penetration and broadband adoption in India.

Commenting on the report, Sanjay Singh, Managing Director - India, Akamai Technologies, said, “Our global platform of nearly 100,000 servers, in 74 countries, across 1000+ networks, provides us with a unique vantage point of Internet adoption in India and allows us to compare data with other developing and developed countries.  The number of unique IP addresses connecting to our platform from India grew by 21 percent in Q1.  India is clearly at the cusp of a mobile data explosion and it will be interesting to track how the newly launched 3G networks will shape the trends in the coming quarters.” 

The report revealed that global average connection speed increased by 23 percent year on year to 2.1 Mbps, while India’s average connection speed increased by only 0.7 percent to 0.8 Mbps. Also, the percentage of narrowband connections from India (speeds below 256 kbps) was at 35 percent, while the percentage of broadband connections (speeds above 2 Mbps) was at 4.9 percent.

As per the report, in the first quarter of 2011, approximately 7 million unique IP addresses from India connected to the Akamai Internet platform. This equates to six unique IPs per 1,000 people on average and represents 21 percent more IP addresses than connected in the fourth quarter of 2010.

IPv6: The next-generation Internet

It may be ‘time’s up’, but it is far from being ‘game over.’ Industry watchers who have been keeping an eye on the IPv4 exhaustion counter saw the final block of 32-bit IP addresses for the Asia-Pacific region parcelled out in April 2011. The Internet did not break down. The digital world as we know it continued to function. And what we should really be doing now is to make sure that it stays that way.

IPv4 exhaustion is not exactly a Y2K scenario where the entire IT ecosystem held its collective breath as the year 1999 turned to 2000, to see if two-digit date fields used in older IT systems would throw up nasty error messages on New Year’s Day. Still, it is a development that demands our attention and action.

Since the Internet went mainstream in the mid-1990s, we have become increasingly IP-dependent – we use our smartphones to access social networks; we conduct vital business transactions over the Internet; and we access a whole host of e-services through various web portals. Every one of these connections involves an IP address.

If you factor in the exponential increase in the number of Internet connections required in emerging markets like China, India and Indonesia, you get an idea why the pool of 4.3 billion addresses, which is what IPv4 supports, has not been enough. And this does not even begin to take into account the emergence of a whole new generation of machine-to-machine applications such as smart metering and remote management systems, all of which involve devices connected to the Internet.

The good news is that there is a solution to the problem of IPv4 exhaustion. It has been around since 1998 when the Internet Engineering Task Force (IETF) published its specifications for IPv6, the next-generation addressing protocol. With 128 bits of addressing space, IPv6 can provide a theoretical maximum of about 340 trillion, trillion, trillion addresses, which should last us a very, very long time.

Organizations have, however, given IPv6 a wide berth. In the absence of IPv4 compatibility, getting ready for IPv6 would mean, in the interim at least, deploying a dual-stack solution that can support both IPv4 and IPv6 traffic. With their IPv4 systems functioning well, there has been little incentive to do so or to make plans for migrating to IPv6 up till now.

With the Internet Assigned Numbers Authority having allocated the last IP address blocks from the global IPv4 central address pool on 3 Feb 2011, and the Asia-Pacific Network Information Centre allocating its last blocks for the region in April, the reality of IPv4 exhaustion is finally hitting home. Organizations are beginning to appreciate the fact that when IPv4 addresses are completely depleted, any business expansion, any new service, any smart device, any additional end-point, anything Internet-related will need IP addresses that are IPv6.

The bottom line is that one should start planning for one’s organization’s move to IPv6 now, if not already done so.

A typical IPv6 migration goes through several phases.

Phase 1 is to establish the Internet profile of the organization and the systems that will be impacted by IPv6. For example, the Internet is being used to reach customers, partners and suppliers, IPv6 will have an effect on the DMZ addressing, web servers, load balancers, firewalls and Internet-facing routers.

Phase 2 is about enabling internal users to access the IPv6 Internet. For example, if the entire WAN is on IPv4, one way of communicating with IPv6 is to use proxy servers for outbound traffic or to do tunnelling to transmit IPv6 packets between dual-stack nodes on top of the IPv4 network. These measures will help the users get to where they want to on the Internet. However, they are interim solutions. For long-term, one will have to develop a road map for the rest of the IPv6 migration.

Phase 3 involves the creation of a dual stack environment, which means making systems bilingual so that they can talk to both IPv6 and IPv4 traffic, and migrating the WAN to that environment.

A good place to start will be to focus on the areas that one cannot control – the external-facing systems of an organization. For example, if the Unified Communications or Voice over IP systems talk to third-party mobile applications, which are likely to be increasingly IPv6, one should start planning to migrate those to IPv6 first.

The same applies to remote access services and remote site connectivity, because one cannot be certain how long a third-party service provider will continue to support IPv4.

In Phase 4, the focus shifts to migrating internal applications and network management systems to IPv6. For example, 32-bit IPv4 fields in applications and network reporting tools have to be modified to support 128-bit IPv6 addresses.

Phase 5 culminates in the creation of a pure IPv6 environment. However, there will still be a need to communicate with lingering legacy IPv4 systems, and this can be done using transition technologies such as NATv4.

NAT (network address translation) has, in general, been a popular tool for managing the issue of IPv4 exhaustion by allowing multiple hosts on a private network to access the Internet using a single public IP address. However, it is not viable as a long-term alternative to IPv6 migration.

With NAT, entire networks are sometimes hidden behind a single IP address, providing little visibility into the end-user experience. The network will not be able to fully support peer-to-peer or machine-to-machine applications which require or work best with end-to-end IP connectivity. The fact that multiple hosts can ‘hide’ behind a single IP address also obstructs the deployment of end-to-end security.

Many of these issues are being taken care of with IPv6. It has more than enough addresses to support the end-to-end connectivity required for emerging applications. IP Security – the protocol for IP network-layer encryption and authentication – is embedded in the base protocol, as is support for multicast, which allows for a more efficient way of delivering audio, video or any other data simultaneously to a group of destinations.

IPv6 does not just address the issue of IPv4 exhaustion; its larger address space also paves the way for improved connectivity and greater flexibility in IP deployments. In planning an organization’s migration to the IPv6 world, therefore, one should also be looking to take full advantage of the inherent strengths of the new protocol in order to get the most out of the next-generation Internet. Before the new begins, find out how the rules have changed, and parlay that to your advantage!

Security issues to consider while migrating from IPv4 to IPv6

From a security point of view, the new IPv6 protocol stack represents a considerable advance in relation to the old IPv4 stack. However, despite its innumerable virtues, IPv6 is still vulnerable.

Dual Stack Attacks

Though, the Internet is mostly IPv4-based, the adoption of IPv6 as the Internet protocol will increase. During the lengthy transitioning process, ‘6 to 4’ stacks will take care of this, by implementing IPv6 and IPv4 separately, or in a hybrid manner, which allows applications to work transparently over both IPv4 and IPv6. However, a dual stack transition deals with two non-interoperable protocols and their specific sets of security issues. This leads to more technical complexity, which will make configuration even harder and more prone to failure.

Spoofing attacks

The modification of a source IP address, as well as the ports on which they are communicating, can be done to make it appear as if traffic originated somewhere else. There are best practice methods for filtering, as in RFC 2827, but this isn’t mandatory, which means many ISPs won’t implement it. The use of strong cryptography can thwart these attacks. On the other hand, even though IPSec support is mandatory on IPv6 (whereas it was optional for IPv4) it’s likely to experience the same hurdles as with IPv4 and not be widely deployed.

Flooding attacks

Due to IPv6’s massive address space, it would take years to scan a single IPv6 block, versus seconds for an IPv4 block. Due to multicast traffic, which allows the user to send a packet to multiple destinations with a single send operation, distributed denial of service (DDoS) attacks, like Smurf, are possible.

With a Smurf attack (a type of broadcast amplification attack), a victim’s IP address is used to send an echo-request message with subnet broadcast’s destination address, along with a spoofed source address, causing all of the subnet’s end hosts to respond to the spoofed source address and flood the victim with echo-reply messages.

Header manipulation and fragmentation

Attacks exploiting header manipulation and fragmentation can do everything from bypassing intrusion detection systems (IDS), intrusion prevention systems (IPS) and firewalls, by using out-of-order fragments, or even go after the network’s infrastructure itself. Also, in IPv6, there are extension headers, which can be used to get around access control lists (ACL) on routers and firewalls, by causing devices at the end host to process router headers and forward them elsewhere.

Internet as important as food and water, says Cisco study

Demonstrating the role of the network in our lives, the second annual Cisco Connected World Technology Report revealed that one in three college students and young professionals consider the Internet to be as important as fundamental human resources like air, water, food and shelter. Also, half of the study’s respondents admitted Internet to be an integral part of their lives – in some cases even more integral than cars, dating, and partying.

The findings of second annualCisco Connected World Technology Report are based on surveys of college students and professionals up to the age of 30 in 14 countries. As per the report, four of every five college student and young employees believe the Internet is vitally important and part of their daily life’s sustenance. Interestingly, about two of three (64 percent) said they would choose the Internet connection instead of a car, if forced to make a choice.

Whereas previous generations preferred socializing in person, the next generation is indicating a shift toward online interaction. More than one in four college students globally (27 percent) said staying updated on Facebook is more important than partying, dating, listening to music, or hanging out with friends.

Mahesh Gupta, Vice President, Borderless Networks, Cisco India and SAARC, said, “Internet is no longer ‘good to have,’ it is now a ‘must have.’ There is a conscious need to be connected at all times from all locations, accelerated by the growth of social media and smart mobile devices which provide easy access to the Internet.”

As per the report, two-thirds of students and more than half of employees (58 percent) cite a mobile device (laptop, smartphone, tablet) as “the most important technology in their lives.” For young employees, India came second globally when it comes to the importance of mobile device usage (71 percent), behind the U.K. (74 percent), but ahead of Australia (66 percent), China (62 percent), and the U.S. (62 percent).

Marie Hattar, Vice President, Borderless Networks, Cisco, said, “The results should make businesses re-examine how they need to evolve in order to attract talent and shape their business models. CIOs need to plan and scale their networks now to address the security and mobility demands that the next generation workforce will put on their infrastructure.”

Malware attacks up due to social media, reveals Global Survey

Most respondents of the survey in India agreed that the use of social media in workplace is important to achieve business objectives. However, 64 percent of the respondents believed employees’ use of social media in the workplace represents a serious security threat to the organization. However, only 33 percent believed they have the necessary controls in place to mitigate or reduce the risk posed by social media.

Social media in workplace represents a serious security risk and most organizations do not have necessary security controls in place to mitigate the risk, according to Global Survey on Social Media Risks. The survey was conducted by the Ponemon Institute and sponsored by Websense.

The study includes inputs of 4,640 IT and IT security practitioners, with an average of 10 years experience in the field, from Australia, Brazil, Canada, France, Germany, Hong Kong, India, Italy, Mexico, Singapore, the United Kingdom and the United States.  

More than 50 percent of the respondents report an increase in malware due to social media use. In India, 48 percent of the respondents said viruses and malware infections are increasing as a result of the social media use and 30 percent said they were not sure.

Nearly 65 percent respondents said that their organizations do not enforce a policy that addresses the acceptable use of social media in the workplace. In India, 39 percent of the respondents said they were not aware of a policy that informs employees about the acceptable use of social media in the workplace or were unsure if such a policy existed (24 percent). Of those organizations that have a policy, 49 percent of respondents said the policy is enforced.

As per the study, 47 percent of employees in India spend more than 30 minutes each day on non-business social media activities. Approximately 90 percent of the respondents said that increase in the use of social media in the workplace has diminished employee productivity and 73 percent of the respondents said that it affected IT bandwidth.

Worldwide social media revenue to reach USD 14.9 billion in 2012

According to the Gartner report, advertising revenue is, and will remain, the largest contributor to overall social media revenue. It is forecast to total USD 5.5 billion in 2011, and grow to USD 8.2 billion in 2012. Advertising revenue includes display advertising and digital video commercials on any device including PCs, mobile and media tablets.

Worldwide social media revenue is set to grow to USD 10.3 billion in 2011, a 41.4 percent increase from 2010 revenue of USD 7.3 billion, according to a report released by Gartner. As per the report, worldwide social media revenue is forecast for a consistent growth with 2012 revenue totaling USD 14.9 billion, and the market is projected to reach USD 29.1 billion in 2015.

“Marketers will begin to transition from ‘onetime placement and click of ads’ toward ‘ongoing engagement’ with the Internet user and will therefore allocate a higher percentage of their advertising budget to social networking sites,” said Neha Gupta, Senior Research Analyst at Gartner. “This is mainly because social networking sites, with the help of social analytics firms, are able to unlock the interconnected data structures of users — mapping lists of friends, their comments and messages, photos and all their social connections, contact information and associated media.”

In order to calculate social media revenue, Gartner analysts defined social media as including websites where content is created, consumed, promoted, distributed, discovered or shared for purposes which are primarily related to communities and social activities, rather than functional, task-oriented objectives; content usually takes the form of words, pictures or videos; the website may be a closed or an open platform; and the flow of expression can be unidirectional or multidirectional.

As per the report, social gaming revenue is on pace to reach USD 3.2 billion in 2011 and grow to USD 4.5 billion in 2012. Social gaming includes revenue that social networking sites earn directly from users who play games that are developed in-house, and the revenue earned by allowing game developers/publishers to use their sites as a platform to let users play with friends on the network. 

Social media subscription revenue is forecast to reach USD 236 million in 2011 and total USD 313 million in 2012. Few social sites charge subscription revenue, mostly for premium services. Some professional sites such as LinkedIn, Xing in Germany and Vladeo in France, charge a subscription fee from their users for enhanced services, such as an expanded profile view.

“From a revenue perspective, the social media market is still in its early stages, even though it has a large number of users who, in some cases, are exhibiting increasingly mature usage patterns. Market participants need to build new business models to tap into this increased usage and users’ increased level of engagement,” said Gupta.