Network Barometer Report A gauge of global networks readiness to accelerate business

Transcription

1 Network Barometer Report 2015 A gauge of global networks readiness to accelerate business

2 The Network Barometer Report 2015 can be downloaded at: dimensiondata.com/networkbarometer About Dimension Data Founded in 1983, Dimension Data plc is a global ICT services and solutions provider that uses its technology expertise, global service delivery capability, and entrepreneurial spirit to accelerate the business ambitions of its clients. Dimension Data is a member of the NTT Group. It has designed, built, and manages over 9,000 networks worldwide to enable more than 13 million users to connect to their organisations networks. Dimension Data has delivered over 2,000 Technology Lifecycle Management Assessments to date. Visit dimensiondata.com Copyright notice and disclaimer Dimension Data Copyright and rights in databases subsist in this work. Any unauthorised copying, reproduction, or other dealing in this work, or any part thereof, without the prior written consent of the copyright owner, is an act of copyright infringement. Copying of certain portions of this work, such as tables, graphs, and certain extracts, is permissible subject to the conditions that (1) such portions do not constitute a substantial reproduction of the work (or a section) as a whole and (2) the following notice accompanies all such portions: Dimension Data Network Barometer Report 2015, Dimension Data Any unauthorised copying, communication to the public, reproduction, or other dealings in this work, or any part thereof, renders the person who is responsible for such acts liable for civil law copyright infringement and, under certain circumstances, liable for criminal prosecution. All rights of the copyright owner are reserved. The data and information contained in the Network Barometer Report are for information purposes only. While the commentary and hypotheses in this Report are based on rigorous data analysis and market experience, the Report also contains opinion. Furthermore, while reasonable steps are taken to ensure the accuracy and integrity of the data and information provided, Dimension Data accepts no liability or responsibility whatsoever if such data or information is incorrect or inaccurate, for whatsoever reason. Dimension Data does not accept liability for any claims, loss, or damages of any nature arising as a result of the reliance on, or use of, such data or information by any individual or organisation.

3 Executive summary 7 Results Dimension 1: Technology lifecycle management How old are today s networks? 14 This year s results 15 How we interpret the results 19 Summary 20 Dimension 2: Support services What causes today s networks to fail and how well are those incidents handled? 22 This year s results 23 How we interpret the results 28 Summary 30 Dimension 3: Security How vulnerable are today s networks? 32 This year s results 33 How we interpret the results 36 Summary 38 Dimension 4: Architecture Are organisations preparing their networks for enterprise mobility and the Internet of Things? 40 This year s results 42 How we interpret the results 45 Summary 46 Recommendations 48 Appendix A: Sample distribution 54 Appendix A.1: Technology lifecycle, type, and vulnerability data 54 Appendix A.2: Services data 57 Appendix B: Top 10 PSIRTs 58 List of figures and tables 59

4 Executive summary

5 5

6 About the 2015 Network Barometer Report Technology data gathered from technology assessments discovered devices 5 regions 11 industries Support services data gathered from Global Service Centres: Boston Frankfurt Bangalore Johannesburg A sample of more than 175,000 service incidents A sample size of 105 countries We investigated 4 dimensions technology lifecycle management support services security architecture * See Appendix A for a detailed breakdown

7 Executive summary Remote monitoring and automated management drastically reduce network support time The Network Barometer Report 2015 gauges the readiness of today s networks to support business. The Report is based on network discovery data gathered from Dimension Data s Technology Lifecycle Management Assessments conducted for organisations around the world. We combined this with information from our Global Service Centres, which relate to support service requests, or incidents, logged against organisations devices managed by us. The result is a multidimensional view of today s networks. This year, we added four new aspects to our enquiry: services data to compare how devices managed on Dimension Data s remote infrastructure management platform fare in terms of the average time they take to troubleshoot and repair when they fail, compared with devices not managed by us an analysis of the configuration errors that occur most commonly on network devices across the categories of access management, intrusion management, network services, session management, and system settings a detailed breakdown of the number of network devices across different models to gain a better view of organisations readiness for enterprise mobility an analysis of IPv6 adoption across networks in order to determine how well prepared corporate infrastructures are to accommodate the Internet of Things Our interpretation of the results is influenced by our strategic focus on ICT services, and our extensive experience in monitoring, maintaining, supporting, managing, and outsourcing our clients networks. Our overall conclusion: Overall, our data suggests that there s a growing need for more effective day-to-day network management across all corporate infrastructures. Remote monitoring and automated management are the most effective ways to improve network service levels by drastically reducing support time. We reached this conclusion by investigating and comparing four dimensions of network management and strategy: 1. technology lifecycle management 2. support services 3. security 4. architecture 7

8 Remote monitoring and automated management drastically reduced the time to troubleshoot and repair all devices, compared with devices that weren t managed in this way. Dimension 1: Technology lifecycle management How old are today s networks? Networks have aged for the fifth year in a row. Organisations tend to focus technology refresh initiatives on obsolete devices, and sweating ageing equipment. Our results show that: Of all devices, 53% are now ageing or obsolete up from 51% in our last Report. The percentage of ageing devices has grown by four points, while the percentage of obsolete devices has dropped marginally by two points. Over the past few years, the percentage of ageing and obsolete devices has steadily increased. The conventional assumption was that a technology refresh cycle was imminent. However, our data shows that organisations are refreshing mostly obsolete devices, and are clearly willing to sweat ageing devices for longer than expected. Possible causes of this strategy are: a sustained focus on cost savings, particularly evident in reduced capex budgets, which may have disrupted normal refresh patterns the growing availability and uptake of as-a-service ICT consumption models which reduce the need for organisations to invest in their own IT infrastructure the introduction of programmable, software-defined networks which may be causing organisations to wait and see before selecting and implementing new technology a factor we expect will become more influential in the next 18 to 36 months (also see About software-defined networking in our Recommendations section.) Dimension 2: Support services What causes network devices to fail and how well are such incidents handled? There s been a sharp increase in the proportions of both hardware and software failures across devices since last year. However, most incidents are still caused by factors that would fall outside the terms of a conventional support services contract. Current devices again took longer to repair than both ageing and obsolete devices. Remote monitoring and automated management drastically reduced the time to troubleshoot and repair all devices, compared with devices that weren t managed in this way. Our results show that: The largest proportion of service incidents (55%) aren t device-related, but are caused by factors that fall outside the remit of a conventional support contract. Organisations would have to handle these incidents by themselves. Avoidable human error causes almost one-third of all incidents. Dimension Data s remote network monitoring and automated management reduce the time to troubleshoot faulty devices by a massive 75%, and the time they take to repair by 32%, compared with devices not managed by us. 8

9 Dimension 3: Security How vulnerable are today s networks? While networks are marginally less vulnerable than last year, the percentage of devices with security vulnerabilities has remained relatively stable over the last four years. Networks are therefore not improving their security status significantly. Ageing devices are more vulnerable than current or obsolete devices. In addition, the highest number of security advisories were published for data centre switches and edge/branch office devices. However, security advisories affected a larger proportion of wireless access points and data centre switches, which makes them the most vulnerable parts of networks today. Our results show that: Of all devices, 60% have at least one security vulnerability down from last year s 74%. Over the last four years, the average percentage of devices with at least one security vulnerability has remained relatively stable at 60%. Ageing devices are more prone to having vulnerabilities than current or obsolete devices. Data centre switches and edge/branch office routers had the most published security advisories. However, security advisories for data centre switches and wireless access points had the highest penetration rate across all device types. Dimension 4: Architecture How well are networks prepared for enterprise mobility and the Internet of Things? Despite the general tendency to sweat assets, organisations are slowly expanding the wireless capabilities of their network access points. However, 74% of wireless access points are still older models (802.11g and older) that don t support a sound mobility strategy. In addition, the majority of devices are not IPv6-capable yet, many of which require a simple software upgrade to be so. Combined, these factors point to organisations not giving the impact of enterprise mobility and the Internet of Things on the network due strategic consideration yet. Enterprise mobility requires pervasive wireless connectivity which, in turn, requires at least three basic features in access ports: power-over-ethernet, gigabit Ethernet on the client side, and 10-gigabit uplinks. This year, we found that: 65% of all ports support power-over-ethernet up by 14 percentage points since last year 25% of switches support 10-gigabit uplinks up by 2 percentage points 37% of ports support gigabit Ethernet down by 8 percentage points We maintain that this slight improvement is a reaction to the increased number of mobile devices used in the workplace, rather than the result of a planned and proactive strategy to prepare for enterprise mobility. 9

10 Only 21% of all network devices are currently IPv6- enabled, while 48% need a simple software upgrade to become IPv6-ready. In addition to the impact of enterprise mobility on corporate networks, The Internet of Things will see an increasing number and variety of business-enabling and enhancing technologies interconnecting via networks. Non-human objects will be able to gather data from their environment, interact with one another, and make intelligent decisions, all without human intervention. To leverage the benefits this will offer, organisations will need to adopt IPv6 more broadly across their infrastructures, as the number of potentially connected devices will increase exponentially. Public IPv4 addresses are becoming a rare commodity; in fact, in some parts of the world they re already depleted. Here too, we re seeing strong adoption of public IPv6 address space, especially driven by legislation in certain regions and proactive architectural changes in others. Organisations with mostly IPv4-based networks, which haven t architected the underlying environment with IPv6 in mind, have limited visibility of, and control over, IPv6-enabled technologies. This exposes them to unnecessary risk, as they won t be able to monitor and manage those devices, nor control the traffic flow, as well as in an IPv4-based environment. We found that: Only 21% of all network devices are currently IPv6-enabled, while 48% need a simple software upgrade to become IPv6-ready. What we recommend To ensure their networks are able to support business in the most effective, efficient, and secure way possible, organisations should consider four steps to raise the maturity of their operational support environments: 1. Achieve visibility of the entire networking estate through an accurate and well-maintained inventory. 2. Standardise the types of technologies used in the network and their configurations as much as possible. This will shorten the time to repair and reduce support costs, when devices fail. 3. Automate as many of day-to-day management tasks as possible through outsourced managed services or software-defined networking. 4. Monitor networking devices more closely, either in-house or through remote monitoring services, to reduce the time it takes to troubleshoot and repair faulty devices. For more detailed advice, see our Recommendations section. 10

11 About the Network Barometer Report The Network Barometer Report 2015 presents the aggregate data gathered from Dimension Data s Technology Lifecycle Management Assessments conducted for clients around the world in It also contains data relating to service incidents, logged at our Global Service Centres, for client networks that we support. Dimension Data compiles, analyses, compares, and interprets the data in order to gauge the readiness of today s networks to support business. About the Technology Lifecycle Management Assessment This ICT assessment service from Dimension Data discovers installed assets on the network, identifies their lifecycle statuses, determines maintenance coverage, and flags potential security vulnerabilities. The Assessment assists organisations to align their IT infrastructure with best practices for configuration, security, and patch management, thereby ensuring that they re not exposing themselves to unnecessary risk. The technology lifecycle data used in this Report comes from these automated Assessments, not from a survey. Click here for more information. 11

12 Results

13 13

14 Dimension 1: Technology lifecycle management How old are today s networks? About technology lifecycles In order to establish the age and viability of technology assets, most vendors have standardised milestones through which they progress their products towards obsolescence. For example, Cisco uses six technology lifecycle milestones. These run from future-end-of-sale, the announcement of the lifecycle milestone dates; to last-day-of-support, the date after which Cisco s Technical Assistance Center will no longer support the product. Common to all vendors are end-of-sale and end-of-support. To normalise the data for this Report, we ve defined three lifecycle categories: Current These devices are presently shipping and have full access to vendor support services. Ageing Vendors have announced that these devices are past end-of-sale. The devices haven t passed end-ofsupport yet, but vendor support decreases gradually as the device ages further. Obsolete These devices are past end-of-support. Table 1 lists these three categories, and the maintenance and support requirements typical of each. Table 1: Technology lifecycle stages, associated risk levels, and required support environment maturity Lifecycle status Time (years) Risks Required support environment maturity Current 0 3 settling period during which product bugs and hardware stability issues are identified organisation s support teams learn new features of the device Ageing 3 5 increased support costs with some vendors decreasing support later in this stage (for example, no more software bug fixes) Obsolete 5+ no, or limited, access to spares no, or limited, vendor support for complex issues controlled introduction into the environment, requiring mature release and deployment processes new and/or advanced technology requires updated, technology-specific training mature change management processes needed to handle updates and patches, as required all business-as-usual processes apply, including capacity and change management some local sparing might be required for laterstage equipment logistics and change management relating to local spares warehousing 14

15 This year s results Figure 1: Percentage of ageing and obsolete devices, global average Global For the fifth consecutive year, the devices in today s networks have aged slightly in terms of their lifecycle status. Of all devices, 53% are now ageing or obsolete up by a marginal two percentage points from last year. Figure 2: Percentage of ageing and obsolete devices by region Americas Asia Pacific Australia Europe Middle East & Africa Global

16 In Asia Pacific, Australia, and Middle East & Africa, there are slightly fewer ageing and obsolete devices than last year. The global increase is mainly due to higher percentages of ageing and obsolete devices in two regions: the Americas, which rose by a significant 16 percentage points; and Europe, which increased modestly by two percentage points. In Asia Pacific, Australia, and Middle East & Africa, there are slightly fewer ageing and obsolete devices than last year. A closer analysis of the data gathered from the Americas revealed that the 16-point increase in ageing and obsolete devices in that region came from a single assessment conducted for a large organisation in the government sector. However, normalising the data by removing this assessment from this region s sample set didn t make a significant difference: the percentage of ageing and obsolete devices still showed a 9-point increase. This highlights the trend we ve seen in relation to the lack of, or delay in, spending on technology refresh in the public sector of the Americas, attributable to widespread budget cuts and a delayed reaction to the global economic crisis. Figure 3: Percentage of ageing and obsolete devices by industry Automotive and manufacturing Business services Construction and real estate Consumer goods and retail Financial services Government health care and education Mediaentertainment and hospitality Resources utilities and enegy Service providers and telecommunications Technology Travel and transportation Overall

17 Figure 4: Percentage of devices by lifecycle stage, This indicates that organisations focus their refresh initiatives mostly on technology that has reached critical lifecycle stages when vendor support is no longer available Current Ageing Obsolete Figure 4 compares the percentage of discovered devices by lifecycle category over the last three years. While we ve seen a slight drop in the percentage of obsolete devices down to 9% from last year s 11% the percentage of ageing devices has increased by 4 points. This indicates that organisations focus their refresh initiatives mostly on technology that has reached critical lifecycle stages when vendor support is no longer available. In general, organisations are sweating ageing assets, while the percentage of current devices is at its lowest in three years Current Ageing Obsolete During the seven-year history of the Network Barometer Report, organisations average tolerance level for obsolete devices in their networks has always been in the region of 10%. Rarely do organisations allow this to increase beyond 11% before they refresh the relevant devices. Historically, there s been a greater degree of yearly fluctuation in the percentages of current and ageing devices, than in obsolete devices. We ve correlated this figure with services information gathered from devices under Dimension Data s management to investigate these tolerance levels in networks monitored and managed by us Current Ageing Obsolete 17

18 Figure 5: Percentage of devices by lifecycle stage, when Dimension Data manages the devices, Current Ageing Obsolete 46 Current Ageing Obsolete Figure 6: Percentage of devices by lifecycle stage, per region, when Dimension Data manages the devices Americas Asia Pacific Europe Middle East & Africa Global Current Ageing Obsolete Of the more than 1.5 million devices managed by Dimension Data on behalf of its clients, only 5% were obsolete this year a significant decrease from last year s 9%.This reduction correlates with the emphasis organisations have placed on refreshing mainly obsolete devices over the last year. Although Dimension Data may be managing the devices on behalf of its client, the decision to purchase replacement technology remains with the client. The smaller proportion of obsolete devices also shows that Dimension Data has a lower tolerance for these devices in the networks it manages than client organisations would have if they manage their networks themselves. This is because Dimension Data is familiar with the risks involved in managing obsolete devices which are no longer subject to vendor support. However, at 46%, the proportion of ageing devices is larger in networks managed by Dimension Data than in clientmanaged environments. This indicates a stronger tendency to sweat assets for which vendor support is limited. The combination of maintenance best practices and available, if limited, vendor support allows Dimension Data a greater degree of confidence in its ability to manage ageing devices. 18

19 How we interpret the results Today s networks are again marginally older than in previous years. In last year s Network Barometer Report, we argued that it s a sound strategy to sweat ageing assets for as long as possible and not to refresh technology simply for the sake of doing so. The caveats to this approach are still that the organisation should: have an accurate inventory of its entire network estate including each device s product lifecycle stage, which is often not the case understand the function of each device and how critical it is to the network s uptime the more critical the device, the more urgent the need to keep it up to date have the appropriate operational support strategy in place to resolve any performance issues or outages that may occur, as vendor support will be either limited or unavailable during later lifecycle stages ensure that the device s capabilities aren t constraining architectural changes, which have driven upgrades in other areas of the network This year s results show that organisations are following this approach but, although they re focusing refresh efforts mostly on obsolete devices, they still have a greater appetite for the risks involved in keeping such devices in the network. Mature monitoring, support, and maintenance processes would allow for a higher tolerance of ageing devices in the network. As seen from the data gathered from devices managed by Dimension Data, mature monitoring, support, and maintenance processes would allow for a higher tolerance of ageing devices in the network. This proves the viability of managing an older network overall. That is, provided that there s sufficient visibility of the lifecycle status of all devices, an understanding of their risk profile depending on their criticality to the infrastructure as a whole, and the proactive management of that risk. These questions remain, though: Why and when do devices most often fail, and how well are those incidents handled? 19

20 How old are today s networks? Networks have aged for 5 consecutive years. 53% fewer are obsolete than last year BUT more are ageing We recommend... of devices are now ageing or obsolete (-2 ) points (+4 percentage percentage points Organisations have a higher tolerance of obsolete devices than Dimension Data has when managing networks on clients behalf. Sweating your assets is okay, BUT... ) Know your devices and their lifecycle stages Understand potential network impacts if devices fail Manage the risk of device failure proactively 20

21 Today s networks are again marginally older than in previous years In last year s Network Barometer Report, we argued that it s a sound strategy to sweat ageing assets for as long as possible and not to refresh technology simply for the sake of doing so. This year s results show that organisations are following this approach but, although they re focusing refresh efforts mostly on obsolete devices, they still have a greater appetite for the risks involved in keeping such devices in the network. 21

22 Dimension 2: Support services What causes today s networks to fail and how well are those incidents handled? This year, we analysed over 175,000 service incidents or trouble tickets handled by Dimension Data s Global Service Centres. While the number of devices under our management has grown since last year, we also had access to a greater data set, which contributed to the increase in the number of incidents analysed. We wanted to understand the types of incidents encountered while maintaining our clients networks and how these relate to device lifecycle data. (Please refer to Appendix A for detailed information and commentary on the sample size of our services data.) About Dimension Data s Global Service Centres Dimension Data s Global Service Centres are organisational hubs situated at eight central locations in five regions around the world: Americas: Boston, US; and Santiago, Chile Asia Pacific: Auckland, New Zealand; Bangalore, India; and Singapore Australia: Melbourne, Australia Europe: Frankfurt, Germany Middle East & Africa: Johannesburg, South Africa At these Centres, Dimension Data s service delivery and technical support experts receive calls from clients and resolve technical service tickets, requests, and problems in 13 local languages (depending on location). The Centres receive over a million such requests from 10,000 clients every year, which translates to more than 2,500 incidents each day. Dimension Data s Global Service Centres are organisational hubs situated at eight central locations in five regions around the world. 22

23 This year s results Figure 7: Root causes of incidents, Application issue Asset capacity Cable fault Application issue Asset capacity Cable fault Configuration error Environmental Hardware failure Other human error Scheduled outage Software bug Telco failure Configuration error Environmental Hardware failure Other human error Scheduled outage Software bug Telco failure Table 2: Root causes of incidents Root cause Application issue Asset capacity Cable fault Configuration error Environmental Hardware failure Other human error Scheduled outage Software bug Telco failure What it means The device failed due to an error in an application that runs on the device itself, other than the core operating system, or due to an error in relaying information from an application that runs remotely. The device failed due to network traffic requiring a higher capacity than device is able to handle. Failure owing to damage to the cable of some kind, for example, the cable was severed between floorboards or cut by mistake. The device failed owing to an incorrect or sub-optimal configuration. This includes failures due to power cuts, cooling problems, flooding, and so on, either within the immediate or wider environment of the device. This includes all failures related to the device chassis itself, or to modules added to it to extend or change its functionality. Mistakes made by people, such as incidents logged incorrectly, duplication of support calls, incidents logged against devices not managed by Dimension Data, and so on. This includes all planned and predictable routine maintenance downtime. The device failed due to an error in its core operating system, excluding application software. Failures due to outages in the wide area network that connects the corporate network to telecom service provider networks. 23

24 The largest percentage of incidents a total of 55% across all networks would need to be handled and remedied by organisations themselves. Figure 7 shows the breakdown of incidents by resolution category. The most obvious change from our last results is the dramatic increase in the proportion of hardware failures compared to other root causes, which rose by 26 percentage points. The larger proportion of hardware incidents is due to a general increase in devices managed by Dimension Data, in combination with an overall reduction in obsolete devices, which are less prone to failure. However, when comparing only the number of incidents per device on a like-for-like basis, the number of hardware failures has remained relatively stable compared to our last Report. Adding to the larger proportion of hardware failures we ve seen this year, are the decreases in the proportion of telco failures (-14 percentage points), environmental factors (-11 percentage points), and other human errors (-6 percentage points). However, the proportion of incidents caused by configuration errors and software bugs has increased by eight and two percentage points respectively. The larger proportion of incidents caused by software bugs may be due to a slight increase in current devices managed by Dimension Data. The earlier the device is in its lifecycle, the more prone it would be to software problems that haven t been identified and solved yet during its shorter lifespan. Counting together other human errors and configuration errors, mistakes made by people account for 30% of all failures, which shows that nearly onethird of incidents are still potentially avoidable. Of all root causes, only software bugs (3%) and hardware errors (42%) would fall within the terms of a basic support contract, adding up to a total of 45%. This implies that the largest percentage of incidents a total of 55% across all networks would need to be handled and remedied by organisations themselves. That is, if they don t have network monitoring, support, and management services in place. Delving deeper into the types of configuration errors over the last year, we noted a slight increase in critical errors in voice gateways and industrial switches. This is concerning, as voice gateways are often exposed to external parties and therefore more open to attack. Given the criticality of keeping industrial manufacturing environments up and running without interruption, we d also expect to see more rigorous controls in relation to the configuration of underlying infrastructures in this type of environment. We also analysed the most common configuration errors seen in networks today. These can be broadly grouped into two categories of device configuration: network services and system settings; and access management. Network services and system settings allow for the remote management and basic functioning of the device. Of all discovered wireless devices, routers, and switches, 31% had critical configuration violations, which will allow a malicious user to gain unauthorised access to the device, or misuse or bypass security controls for network traffic. As far as access management configurations are concerned, over 49% of analysed networks don t have a centralised authentication strategy in place. System administrators would have to manually maintain authentication details for each device, as there s no central policy to manage and audit configuration changes. This, in turn, hinders the organisation s ability to maintain visibility of changes in the network and secure the environment against unauthorised configuration changes that may cause downtime. In almost all cases, a lack of centralised access management increases the cost of managing the network. There's a strong correlation between the application of configuration standards and best practices in the network and an organisation s ability to reduce the duration and impact of network device outages. The combination of organisations allowing critical configuration violations to remain within a productive environment, and not centrally managing network assets, points towards a broader concern: networks aren t as well maintained as they ought to be. There s also a correlation between the failures caused by devices and their lifecycle stage. 24

25 Figure 8: Percentage difference in failure rate by lifecycle stage, in relation to current devices Current Ageing Obsolete Obsolete devices failed least of all, which supports the argument for sweating assets as long as possible, as long as the organisation has a thorough operational support strategy in place. For the purposes of this analysis, we filtered the data to show only hardware and software failures. All other incidents are caused by factors that can t be regarded as device-related. Figure 8 shows that obsolete devices failed 0.36% less often than current devices, while ageing devices failed 0.41% more often than current devices. This emphasises the need for advanced monitoring and management of ageing devices in particular. While the percentage differences may seem small, the impact that these failures may have on a large network containing hundreds of devices in each category can be significant. Obsolete devices failed least of all, which supports the argument for sweating assets as long as possible, as long as the organisation has a thorough operational support strategy in place to repair or replace such devices promptly should they fail, as there will be no vendor support. 25

26 Figure 9: Average mean-time-to-repair by lifecycle stage, Current Ageing Obsolete Average Lifecycle stage Current Ageing Obsolete Average Lifecycle stage Looking only at hardware and software failures combined, we ve seen an overall improvement in the average time it takes to repair devices: from an average of 3.4 hours last year to 2.1 hours this year. Current devices still take the longest to repair at 3.8 hours, followed by ageing devices at 2.3 hours, and obsolete devices at 1.8 hours. This represents a change from last year s results, when ageing devices took less time to repair than obsolete devices. In summary, current devices fail more often than obsolete devices and, when they do fail, they take the longest to repair out of all devices. However, a crucial finding this year indicates a massive difference in the time it takes to troubleshoot and repair devices, across all lifecycle stages, when the devices are managed by Dimension Data, versus devices not managed by us. 26

27 Figure 10: Average time to troubleshoot and repair non-managed versus managed devices Non-managed Managed Average time to troubleshoot 62.9 minutes % Average time to repair 15.2 minutes 165 minutes % minutes Devices managed via Dimension Data s remote infrastructure management platform took an average of 75% less time to troubleshoot when they fail than devices not managed on this platform. In Figure 10, the time indicated for repairing a faulty device includes the full support process: from when the incident is first logged to when it s resolved, including troubleshooting. Our data shows that devices managed via Dimension Data s remote infrastructure management platform took an average of 75% less time to troubleshoot when they fail than devices not managed on this platform. Consequently, managed devices then took 32% less time to repair overall. The implications of this finding is far-reaching. It indicates an opportunity for organisations to save massively on both support time and costs by making use of professionally delivered remote monitoring and automated management services as an integral part of their support contracts. 27

28 How we interpret the results The technology lifecycle information we gathered this year shows that organisations are concentrating their technology refresh efforts on obsolete, rather than ageing or current, devices. In spite of this, networks overall have continued to age for the fifth consecutive year. However, this doesn t imply that these networks necessarily run a greater risk of downtime, because: Our data proves that obsolete devices are still less likely to fail than devices that are either current or ageing. It took, on average, two hours less to resolve issues on obsolete devices than on current devices. Most importantly, this year s analysis showed that devices of all lifecycle stages that are managed by Dimension Data take on average 75% less time to troubleshoot when they fail than devices not managed by us. Consequently, these devices take 32% less time to repair. Our conclusion is thus the same as, if not stronger than, last year: a refreshed network places a heavier burden on an organisation s support services than an ageing network does, particularly given that current devices take longer to repair than both ageing and obsolete devices. This raises support time and costs. If an organisation therefore decides to refresh a large portion of its infrastructure, we highly recommend that it considers remote monitoring and automated management to augment its proactive incident prevention and/or resolution capabilities. However, it s also crucial to consider the root causes of service incidents. While our data indicates that 45% of all failures were device-related more so than last year 55% of incidents are still due to factors outside of a support provider s traditional remit. These problems would therefore be up to the organisation itself to resolve, unless it makes use of advanced managed services provided by an external service provider. In addition, a significant 30% of service incidents are caused by human error, which means they were entirely preventable through more effective day-to-day network management. This is compounded by the fact that devices that aren t monitored would take longer to troubleshoot and repair. 28

29 Should organisations choose to continue managing their own infrastructures, we recommend that they standardise device models where possible, as well as configuration baselines. They should also frequently test for, and remedy, any deviations from the corporate device configuration policies. The sharp increase in hardware failures we ve seen this year can be explained by the growth in the overall number of devices managed by Dimension Data, as well as the slight rise in the percentage of current devices managed by us. Current devices are more prone to failure and therefore need more support than obsolete devices. This explains the higher number of configuration errors and software bugs also seen this year, because the complexity of devices increases in newer iterations. A current device is usually more complex, more difficult to configure, and more likely to suffer software failures. This places a heavier burden on the general time, skills, and expertise required of the organisation to manage and maintain an increasingly complex network. Again, remote monitoring can dramatically reduce the time to diagnose and resolve a problem, while automated configuration and/or change management can lower the number of incidents related to human error, which currently represents 30% of all incidents. Should organisations choose to continue managing their own infrastructures, we recommend that they standardise device models where possible, as well as configuration baselines. They should also frequently test for, and remedy, any deviations from the corporate device configuration policies. Why do current devices fail more and take longer to repair than obsolete devices? In our experience, current devices are subject to a burn-in period in which software bugs and operating system problems are still prevalent. Generally speaking, a new device is most likely to fail during the first 90 to 180 days after installation. Any issues related to the first version of a device or operating system, or arising from manufacturing or shipping the device to site, will manifest shortly after it was installed. Once a device is past this burn-in period, fewer incidents occur. Later, when the device is obsolete, there s usually only one remediation plan if it fails: to immediately be swapped with a spare. This reduces mean-time-to-repair, as it s generally quicker to replace a device than diagnose and troubleshoot the particular software bug or hardware problem. This, however, requires a mature sparing strategy on the part of the support organisation, such as those offered by Dimension Data. Without such programmes, obsolete devices would take much longer to repair. 29

30 What causes today s networks to fail? Of all incidents... 45% = device failures 55% = factors outside of a support contract s terms Almost 1/3 of incidents are caused by human error, therefore avoidable through proper configuration and change management tools and processes. Devices managed by Dimension Data took 75% less time to troubleshoot 32% less time and, consequently, to repair. We recommend... Conduct a thorough audit to understand the maturity and suitability of your support systems and processes. Partner with a support services expert to fill any support gaps you may have. Investigate automated management and remote monitoring capabilities of managed services providers. 30

31 The technology lifecycle information we gathered this year shows that organisations are concentrating their technology refresh efforts on obsolete, rather than ageing or current, devices. In spite of this, networks overall have continued to age for the fifth consecutive year. 31

32 Dimension 3: Security How vulnerable are today s networks? What are security vulnerabilities and why are they important? One indication of a network s vulnerability is the number and degree of criticality of device software vulnerabilities it contains. As vulnerabilities become known, and following extensive lab testing and research, original equipment manufacturers publish related notifications to alert the wider market. Cisco, for example, has named its vulnerability announcements PSIRTs (referring to its Product Security Incident Response Team), while F5, Riverbed, and Arista publishes Security Advisories, and Juniper publishes SIRT Advisories. Each vulnerability denotes a particular operating system weakness that may also pose a security risk. Hackers may discover and exploit such vulnerabilities in a network, which can lead to a denial of service attack or allow the hacker to gain access to sensitive data. The more vulnerabilities identified on a device or in a network, the higher the risk of a security breach due to the increased attack surface available to exploit. In all security publications, the manufacturer discloses the minimum amount of information required for an end user to assess the impact of a vulnerability and any potential steps needed to protect the environment. Manufacturers don t provide vulnerability details that could enable someone to craft an exploit. The more vulnerabilities identified on a device or in a network, the higher the risk of a security breach due to the increased attack surface available to exploit. Types of security vulnerabilities The risk posed to your network by a particular vulnerability depends on the type of vulnerability and where in the network the devices are positioned that have that vulnerability. Also, the longer a vulnerability has been known, the higher the risk, as it gives attackers more time to learn how to exploit it. See Table 3 in Appendix B for more information about the 10 most prevalent Cisco PSIRTs in Patches shouldn t be applied only for the sake of doing so. Rather, patch devices based on a calculated risk. For example, if a device is vulnerable, but it doesn t support critical systems or interconnect with an important part of the network, the priority to patch might be lower than for a device that does. 32

33 This year s results Figure 11: Percentage of devices with at least one vulnerability, global average There s been a slight improvement in the security status of networks this year: the percentage of devices with at least one vulnerability is down to 60% from 74% last year. This change may be mostly attributable to the trend we ve seen in organisations refreshing obsolete devices which generally have more identified vulnerabilities because of their age. Replacing them would naturally lead to fewer vulnerabilities in the network overall. However, in spite of this improvement, the percentage of devices with at least one vulnerability has remained relatively stable over the last four years at an average of 60%. There s been a slight improvement in the security status of networks this year: the percentage of devices with at least one vulnerability is down to 60% from 74% last year. 33

34 Figure 12: Number and penetration rate of security advisories by device type Number of security advisories Data centre switches Edge routers Aggregation routers Voice gateways Access switches Other Wireless Device category Delving deeper into the vulnerability of specific device types helps to draw a more compelling picture. Figure 11 shows the number of security advisories per device type (represented by the height of each circle above the X-axis), as well as the penetration rate of security vulnerabilities within each device type (represented by the relative size of each circle). The highest number of security advisories were published for data centre switches, at 190, with the fewest for wireless devices, at 20. This, however, doesn t accurately reflect the risk that these devices may pose for a network and the impact it could have if these vulnerabilities were to be exploited. Although the number of security advisories for wireless devices may be low, their penetration rate within this device category is high. This means that a large proportion of wireless devices would have these vulnerabilities. Hence, this device category has the largest circle on the chart and may pose a bigger risk to networks overall. Both data centres and wireless infrastructures are critical in any organisation. The data centre network typically interconnects the application servers that support important business applications. An incident in the data centre switching infrastructure could have a serious and detrimental effect on the organisation s ability to operate effectively, should the data centre stop functioning. Wireless access points are also crucial because wireless signals aren t often confined to the physical boundaries of a building. When exploited, security vulnerabilities in the wireless infrastructure could lead to a security breach and associated risks of reputational damage, and/or data loss. In deciding which devices with vulnerabilities to patch, organisation should therefore consider the criticality of the relevant device to the overall functionality of the network. 34

35 While the obsolete devices may therefore be more secure, the risk is that vendors won t provide assistance with any new vulnerabilities discovered on these devices, as the technology has passed its last day of support. Figure 13: Percentage difference in vulnerabilities in devices by lifecycle stage, in relation to current devices Current Ageing Obsolete Considering the vulnerability of devices by lifecycle stage, Figure 13 shows that obsolete devices have 2% fewer security advisories than current devices, while ageing devices have a 5% more security advisories than current devices. Current devices haven t been in the market long enough to be tested comprehensively by security researchers. But as time passes, devices are exposed to more testing, and even attacks, which would increase their number of known vulnerabilities. As these devices age further, organisations often patch their vulnerabilities so that, by the time a device reaches obsolescence, its operating system achieves its optimal age in terms of security. While the obsolete devices may therefore be more secure, the risk is that vendors won t provide assistance with any new vulnerabilities discovered on these devices, as the technology has passed its last day of support. So, more published advisories for ageing devices don t necessarily mean this device lifecyle stage carries more risk. Their vulnerabilities are usually fixed in updated software releases issued by the vendor. The differences in the numbers are more indicative of organisations not patching/updating the device software in line with the updates provided by the vendor, which shows a lack of basic, day-to-day network maintenance. 35

36 How we interpret the results The constant vulnerability we ve seen in networks over the last few years isn t surprising, given that organisations are still sweating their assets in general. There s a correlation between the higher number of ageing devices and the percentage of devices with vulnerabilities. Also, as more services are added to the network, more software is required to effectively operate the infrastructure. This increases the overall operational risk of owning an unmaintained network. While it s not possible to know about every security threat in advance, it s best to build the relevant security capabilities in your organisation to minimise exposure to vulnerabilities. Key security capabilities to consider: visibility and discovery tools both network- and application-based incident response plans and automated workflow vulnerability and remediation management risk profiling appropriate to business context network-, application-, and data-centric protection controls that can be rapidly applied when risks are discovered and assessed While the findings of the Network Barometer Report 2015 show that organisations networks remain vulnerable, the NTT Group s 2015 Global Threat Intelligence Report, based on the Group s observations of security attacks, vulnerabilities, and related responses in 2014, shows that most organisations are not adequately prepared to handle major [security] incidents in their environment. Even more telling is that, during 2014, 76% of identified vulnerabilities throughout all systems in the enterprise were more than two years old, and almost 9% of them were over 10 years old. (Also see Key Findings of the NTT Group s 2015 Global Threat Intelligence Report for more detail, or read the full report.) These findings are supported by our data relating to the top 10 identified Cisco PSIRTs across all networks, and their respective release dates (see Table 4 in Appendix B).With only one exception, all of the most common vulnerabilities have been known for two years or more but haven t been patched. This proves that organisations in general aren t paying enough attention to managing known vulnerabilities in their infrastructure and are exposing themselves to unnecessary risk. We recommend that it s best to standardise on hardware and software as much as possible, as this reduces both risk and operational complexity in the long run. The more software and hardware versions used on the network, the higher the risk and the harder it becomes to maintain. Operational efficiency is also hampered due to feature disparity. 36

37 Key findings of the NTT Group s 2015 Global Threat Intelligence Report Geographic and vertical market trends Throughout its Report, NTT Group provides insight into the different threats it observed against its clients, both by geographic location and business sector. It found the following: Financial services continues to represent the number one targeted sector representing 18% of all detected attacks. Attacks against business and professional services moved from 9% to 15%. Malware-related events in the education sector dropped from 42% to 35%. Of all attacks, 56% originated from IP addresses within the US. Vulnerabilities, attacks, and exploitation An exploit kit is a malicious toolkit which bundles exploits so that those exploits can be more readily and consistently executed against the targeted end-user systems. The NTT Group s vulnerability data and analysis brought into view the impact that exploit kits can have in attacks against organisations: Exploit kits were published in 2013 and 2014 for over 80% of vulnerabilities in There s been an increase in Adobe Flash exploit usage in exploit kits from 2012 to Network Time Protocol (NTP) amplification attacks contributed to 32% of all distributed denial-of-service (DDoS) attacks observed by NTT Group in DDoS amplification attacks using User Datagram Protocol (UDP) accounted for 63% of all DDoS attacks observed by NTT Group. During 2014, 76% of identified vulnerabilities throughout all systems in the enterprise were more than two years old, and almost 9% of them were over 10 years old. Of observed web application attacks in 2014, 26% were injection-based up from 9% in Incident response An organisation s ability to identify attacks isn t always equal to its ability to respond to an attack. Detailed findings are: Incident response efforts were focused in three core areas: malware, DDoS, and breach investigations. Support for DDoS attack response sharply decreased from 31% in 2013 to 18% in Incident response engagements involving malware threats increased from 43% to 52%. Basic controls are still not implemented in all cases 75% of organisations don t have formal incident response plans. Read the full NTT Group 2015 Global Threat Intelligence Report. 37

38 How vulnerable are today s networks? = 60% devices with at least one security vulnerability Slight improvement from last year BUT vulnerability has remained fairly constant over last 4 years. Ageing devices = more vulnerable than current or obsolete devices. Data centre switches and edge/branch office routers = most published security advisories. Data centre switches and wireless access points = highest penetration rate = most at risk. We recommend... Standardise on hardware and software as much as possible. Don t patch every vulnerability. BUT Build security and incident response capabilities to minimise exposure. 38

39 The constant vulnerability we ve seen in networks over the last few years isn t surprising, given that organisations are still sweating their assets in general. There s a correlation between the higher number of ageing devices and the percentage of devices with vulnerabilities. Also, as more services are added to the network, more software is required to effectively operate the infrastructure. This increases the overall operational risk of owning an unmaintained network. 39

40 Dimension 4: Architecture Are organisations preparing their networks for enterprise mobility and the Internet of Things? In previous Reports, we argued that the move to enterprise mobility would necessitate an evolution in the access switching network architecture from largely wired to mostly wireless infrastructures. In an environment where the great majority of end users connect to the network wirelessly, the traditional campus access-switching network must evolve because users simply don t want to be tethered to their desks any longer. In the old model, 80% of switch ports were for dedicated, wired users while 20% were for shared, wireless users. This ratio will need to change: 80% of switch ports will have to be for shared, wireless users, and 20% for dedicated, wired users. This 80/20 flip is described in Figure 14. Figure 14: From wired to wireless the architecture of current versus future networks Current traditional wired and wireless access networks wireless networks ( devices) wired network (100 users) cabling (1 point per access point) cabling (140 points) smartphones IP phones Wireless LAN controller 48-port LAN switches tablets laptops printers video endpoints security systems Future predominantly wireless access networks 48-port LAN switch with built -in controller wireless networks ( devices) cabling (1 point per access point) smartphones tablets laptops printers video, etc. wired network (10 users) cabling (20 points) video endpoints (some could be wireless) security systems 40

41 The type of technology that organisations choose to refresh can therefore indicate whether they re preparing for this change to pervasive wireless connectivity. For this change to occur, network devices in the access layer require at least three wireless-supporting features: power-over-ethernet to power the access points gigabit Ethernet ports on the client side to enable the MB speeds of n/ac 10-gigabit uplinks as more users access the network via fewer ports, uplinks need greater capacity in order to avoid congestion The type of technology that organisations choose to refresh can therefore indicate whether they re preparing for this change to pervasive wireless connectivity. 41

42 This year s results Organisations continue to expand the wireless capabilities of their network access points. This is evidenced by increases in two of the three key device requirements for mobile connectivity. Figure 15: Network access point wireless capabilities of all access switches support power- 65% over-ethernet 14-percentage point increase from % of the port support PoE (compared to 51% in 2013). 25% of all access switches support 10GB uplinks 2-percentage point increase on the previous year. of all access switches support gigabit 37% Ethernet Decreased to 37% of all ports compared to 45% the previous year. This is a 8-percentage point decline. 14.5% growth in wireless bookings Of all access switches analysed, 65% now support power-over-ethernet up by 14 percentage points since last year. Another improvement was in the percentage of access switches able to support 10-gigabit uplinks, which rose to 25% up by two percentage points. However, the percentage of access switches able to support gigabit Ethernet has dropped to 37% this year, representing a 8-percentage point decrease since our last Report. Another improvement was in the percentage of access switches able to support 10-gigabit uplinks, which rose to 25% up by two percentage points. 42

43 The most important indicator that organisations are growing their networks mobile capabilities, however, is the increase in access switches able to support power-over-ethernet. While all new devices come with 10-gigabit uplink speeds, there s an active choice to be made between more cost-effective devices that don t support power-over- Ethernet and more expensive devices that do. This choice of a more sophisticated, more expensive device indicates a conscious decision on the part of the organisation to opt for expanded functionality. However, whether this forms part of a broader architectural strategy to transform the network in its entirety to reach the 80/20 wireless/wired split remains an open question, especially since we didn t see an improvement in gigabit Ethernet ports. This is highlighted by the data that indicates the overall number of discovered devices, according to model number, that can support mobility. Figure 16: Percentage of devices that support mobility g (LDoS) g n ac 63 Only devices with the later model numbers n and ac can fully support wireless connectivity. However, there were no ac devices discovered this year, and only 26% of discovered devices were of the n type. This implies that the vast majority of network devices (74%) are still not able to support advanced wireless and mobility requirements. This data also explains why there s still so much access switching infrastructure that doesn t support power-over-ethernet, gigabit Ethernet, and 10-gigabit uplinks: most access points are still of the g variety, which only delivers a theoretical maximum throughput of 54Mbps. While not strictly an architectural trend like enterprise mobility, the Internet of Things is also predicted to have an influence on corporate infrastructures, particularly in the adoption of the new Internet protocol, IPv6, across network devices. 43

44 Figure 17: Percentage of devices that support IPv Further analysis Not supported Requires upgrade Supported 48 IPv6 is the most recent version of the Internet Protocol (IP) which provides an identification and location system for devices on networks, and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force to deal with the long-anticipated problem of IPv4 address exhaustion. IPv6 is intended to replace IPv4. Our results show that only 21% of devices currently support IPv6. The largest proportion of devices (48%) can be switched to IPv6 through a simple software upgrade, but currently remain as is, which again indicates a lack of basic network maintenance. The Internet of Things will see an increasing number and variety of business-enabling technologies interconnecting via networks, including over the Internet. Non-human objects will be able to gather data from their environment, interact with one another, and make intelligent decisions, all without human intervention. This evolution in networking is projected to have many business benefits: from generating useful big data that will enable better decision-making, to increasing visibility and control of systems and processes, which will reduce management time and cost. However, the challenge is that the rise in the number of interconnected devices will lead to a scarcity and, eventually, unavailability of IPv4 addresses. This will compel organisations to adopt the new standard, IPv6. In addition, organisations with mostly IPv4-based networks, which haven t architected the underlying environment with IPv6 in mind, have limited visibility of, and control over, IPv6-enabled technologies. This exposes them to unnecessary risk, as they won t be able to monitor and manage those devices, nor control the traffic flow, as well as in an IPv4-based environment. Typically, between 4% and 9% of data traffic within modern data centres is IPv6- based. We derived these figures from data generated by Dimension Data s Network Optimisation Assessment. In these data centres, the organisation is typically early in the architectural phase and has either not started monitoring, or remains unaware of the percentage of IPv6 traffic within the environment. The primary source of IPv6 traffic is intermachine communication for Microsoft software, and various other vendors software. The lack of visibility of this traffic, and its associated communications profile, introduces a significant security risk, as these controls are developed based on device profiles, risk tolerance, and visibility required to maintain the device. Older controls may not be IPv6 compliant, nor able to provide the required visibility and control to effectively protect the data. 44

45 How we interpret the results Organisations tend to sweat their network assets for as long as possible to save costs, unless the need for specific new features becomes pressing. For example, if an organisation requires greater bandwidth to support pervasive wireless connectivity thanks to a host of new mobile devices brought to work by employees, it would have no choice but to refresh those devices sooner. Our data is evidence of this approach. Organisations approach mobility more reactively than strategically by focusing more on the access layer of the infrastructure possibly to accommodate an influx of new smartphones, laptops, and tablets into the organisation. The rest of the infrastructure, however, lags behind. Similarly, the adoption IPv6 across all networks is slow, even though in many cases it would require a simple software upgrade on a large portion of devices. This lack of basic network management exposes organisations to unnecessary risk, particularly given the dawn of the Internet of Things and the demands this will place on corporate networks to adopt the new standard. Our recommendation is that preparing the infrastructure for enterprise mobility and the Internet of Things should form part of a coherent network architecture strategy. It shouldn t be handled reactively, but approached in a more planned and organised way by creating and implementing a comprehensive roadmap for development. 45

46 Are today s networks prepared for enterprise mobility and the Internet of Things? Organisations are expanding two wirelesssupporting capabilities in their access switches: 65% 25% 37% Power-over-Ethernet 10GB uplink speed Gigabit Ethernet up by up by down by percentage percentage percentage points points points % of all wireless access points are older models that can t support advanced enterprise mobility requirements. Only 21% of devices support IPv6. 48% of devices can be switched to IPv6 through a simple software upgrade. We recommend... Have an accurate inventory of your network estate and its associated lifecycle status. Regularly review your long-term enterprise mobility requirements. Understand your as-is state, define your to-be state, and plan the steps to get there by creating a comprehensive architecture roadmap. 46

47 Organisations tend to sweat their network assets for as long as possible to save costs, unless the need for specific new features becomes pressing. For example, if an organisation requires greater bandwidth to support pervasive wireless connectivity thanks to a host of new mobile devices brought to work by employees, it would have no choice but to refresh those devices sooner. 47

48 Recommendations 48

49 49

50 Dimension Data maintains that the most effective way to improve your network s ability to support your business is to invest in maturing your organisation s network monitoring, support, and management systems and processes, rather than refreshing technology simply for the sake of avoiding obsolescence. It makes sense to sweat assets for longer, as long as the risks are known and properly managed, which places a heavier burden on your operational support environment. Based on our experience in evaluating organisations operational support maturity, the vast majority (90%) of organisations are still at the first or second level of maturity. These levels are characterised by a lack of standard processes, ad hoc troubleshooting tools, and ambiguous roles and responsibilities for IT employees, resulting in extended network downtime and increased operational costs. Undoubtedly, this is also the reason that 30% of all service incidents are still related to human error. Figure 18: Dimension Data s operational support maturity model Whether an organisation chooses to sweat its network assets as long as possible or decides to refresh some or all of its network, robust and mature operational support processes will ensure maximum availability. Initial ad hoc undocumented unpredictable poorly controlled reactive no automation roles and responsibilities undefined Repeatable some documented processes processes not uniformly used some automation limited definition of roles and responsibilities Defined processes are proactive automation exists for defined processes roles are well defined mature asset and change management processes Managed set quality goals guaranteed SLAs monitoring and reporting processes are integrated automation tools are integrated capacity planning Optimised IT and business metric linkage continuous service improvement IT improves business process business planning Complete lack of organisation Holding down the fort Well-run cost centre Business alignment Business driver 50

51 Moving towards the optimised level doesn t necessarily require you to have all capabilities in-house. In many cases, it s best to partner with an expert provider of network managed or outsourcing services. This will free up your own IT resources to focus on strategic projects that substantially build your competitive advantage. You can improve your operational support maturity level by considering the following four steps: 1. Achieve maximum visibility of your entire networking estate. Create and maintain an accurate inventory of all networking devices in your estate, their lifecycle stage, position within the network, known security vulnerabilities, and criticality to the network s overall uptime. 2. Standardise the types of technologies used in your network, as well as their configurations, as much as possible. A greater degree of standardisation will reduce not only risk in terms of fewer possible operating system vulnerabilities and configuration errors, but also reduced support costs and average time to repair, should devices fail. 3. Automate as many of your day-to-day management tasks as possible. Automation is dependent on standardisation. Automating simple tasks such as configuration management, password change management, configuration backups, or other scheduled maintenance tasks will help to reduce human error, thereby increasing the efficiency with which your network is maintained and supported. Investigate various options such as managed services delivered by a competent services partner, or even moving to a software-defined network. 4. Monitor your network devices more closely and proactively. This could be achieved through either internal or outsourced remote monitoring services. Proactive monitoring of devices can help predict when devices may fail, and reduces the time it takes to troubleshoot and repair faulty devices. Consider allowing your support provider to monitor the devices it supports. 51

52 To help you with all your network assessment, maintenance, and support requirements, Dimension Data offers the following Figure 19: Dimension Data s networking services portfolio plan build support manage Technology assessments Development models and roadmaps Technology Lifecycle Management Assessment Network Optimisation Assessment Best practice project design Software-defined Networking Development Model Data Centre Development Model End-user Computing Development Model Turnkey project management Asset-based services Maintenance Services Premium Support Services Outcomes-based services Infrastructure Managed Services Network-as-a-Service Carrier Managed Services 52

53 About software-defined networking Software-defined networking makes networks more intelligent, programmable, and automated. It s brought about by changes at the networking device level. The intelligent, programmable part of each device the software that determines how the device controls and directs data is split from the packet-forwarding engine, and centralised. Software-defined networks therefore use networking devices configured by a central, software-based controller. Hence the term software-defined : the network is no longer configured by manually adjusting individual devices, but controlled by software. Read more about Dimension Data s Software-defined Networking Development Model, which can help you take the first step in preparing your network for the future of networking. 53

54 Appendix A Sample distribution This appendix provides details about the sample data sets used for the information in this Report. Appendix A.1 Technology lifecycle, type, and vulnerability data The technology lifecycle information published in this Report was gathered during the 2014 calendar year through 354 Technology Lifecycle Management Assessments conducted for clients around the world, covering over 70,000 devices. Dimension Data s Technology Lifecycle Management Assessment is a highly automated service that uses technology tools to scan our clients networks. The information gathered from these scans is analysed on a centralised portal, using a standardised process and framework. Figure 20: Percentage of devices by organisation size Enterprise Large Medium Small 85 The majority of our data came from enterprise and large organisations, reflecting Dimension Data s traditional client base. 54

55 Figure 21: Percentage of assessments by region Americas Asia Pacific Australia Europe Middle East & Africa Figure 22: Percentage of devices by vertical Automotive and manufacturing Business services 8 0 Construction and real estate Consumer goods and retail Financial services 1 2 Government health care and education Media-entertainment and hospitality Resources utilities and enegy 8 Service providers and telecommunications Technology 34 Travel and transportation 55

56 Figure 23: Percentage of assessments by vertical Automotive and manufacturing Business services Construction and real estate Consumer goods and retail 1 Financial services 9 3 Government health care and education Media-entertainment and hospitality 4 Resources utilities and enegy Service providers and telecommunications Technology Travel and transportation The top three contributing sectors to this year s data sample (both in terms of discovered devices and assessments conducted) were financial services, automotive and manufacturing, consumer goods and retail, and government healthcare and education. This, again, represents Dimension Data s strong presence in these particular industries. Figure 24: Number of assessments by country Australia Austria Belgium Brazil Chile Czech Republic France Germany India Italy Kenya Korea Luxembourg Malaysia Mexico Netherlands New Zealand Nigeria Portugal Saudi Arabia Singapore South Africa Spain Switzerland Thailand UAE UK US This year s technology data covered 28 countries in five regions. 56

57 Appendix A.2 Services data We used a service incident data set to corroborate the assessment results with helpdesk data. Our aim is to review the business impact of obsolescence on network failures and downtime. We analysed over 175,000 service incidents or trouble tickets handled by four of our Global Service Centres, to understand the types of incidents we ve handled in maintaining our clients networks, and the relationship of these incidents to the lifecycle data. The analysis of the incident data was based on a subset of Dimension Data's total maintenance base. We chose a selected set of network asset types in order to align with the technology aspects of this report, and account for the unification of systems following mergers and acquisitions. With 1.5 million devices creating an incident volume of over 175,000 across 105 countries, this represents a statistically relevant sample. Figure 25: Percentage of service incidents by region Americas Asia Pacific Australia Europe Middle East & Africa

58 Appendix B Top 10 PSIRTs Table 3: Top 10 Cisco PSIRTs and their penetration rates Title Distinct count of device ID (psirt.csv) Penetration rate Last year s rank Published Cisco IOS Software DHCP Denial of Service Vulnerability % 25 Sep 13 Cisco IOS Software Command Authorization Bypass % 5 28 Mar 12 Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products IOS & IOS-XE Cisco IOS Software Network Address Translation Vulnerabilities Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability Cisco IOS Software Network Address Translation Vulnerability Cisco IOS Software Network Address Translation Vulnerabilities OSPF LSA Manipulation Vulnerability in Multiple Cisco Products IOS/IOS-XE % 25 Sep % 08 Sep % 26 Mar % 2 25-Mar % 27 Mar % 1 28 Sep % 01 Aug 13 Cisco VLAN Trunking Protocol Vulnerability % 3 05 Nov 08 Cisco IOS Cross-Site Scripting Vulnerabilities % 6 14 Jan 09 Cisco IOS Software Multicast Source Discovery Protocol Vulnerability % 7 28 Mar 12 58

59 List of figures Figure 1: Percentage of ageing and obsolete devices, global average 15 Figure 2: Percentage of ageing and obsolete devices by region 15 Figure 3: Percentage of ageing and obsolete devices by industry 16 Figure 4: Percentage of devices by lifecycle stage, Figure 5: Figure 6: Percentage of devices by lifecycle stage, when Dimension Data manages the devices, Percentage of devices by lifecycle stage, per region, when Dimension Data manages the devices Figure 7: Root causes of incidents, Figure 8: Percentage difference in failure rate by lifecycle stage, in relation to current devices 25 Figure 9: Average mean-time-to-repair by lifecycle stage, Figure 10: Average time to troubleshoot and repair non-managed versus managed devices 27 Figure 11: Percentage of devices with at least one vulnerability, global average 33 Figure 12: Number and penetration rate of security advisories by device type 34 Figure 13: Percentage difference in vulnerabilities in devices by lifecycle stage, in relation to current devices Figure 14: From wired to wireless the architecture of current versus future networks 40 Figure 15: Network access point wireless capabilities 42 Figure 16: Percentage of devices that support mobility 43 Figure 17: Percentage of devices that support IPv6 44 Figure 18: Dimension Data's operational support maturity model 50 Figure 19: Dimension Data's networking services portfolio 52 Figure 20: Percentage of devices by organisation size 54 Figure 21: Percentage of assessments by region 55 Figure 22: Percentage of devices by vertical 55 Figure 23: Percentage of assessments by vertical 56 Figure 24: Number of assessments by country 56 Figure 25: Percentage of service incidents by region List of tables Table 1: Technology lifecycle stages, associated risk levels, and required support environment maturity Table 2: Root causes of incidents 23 Table 3: Cisco PSIRTs and their penetration rates

60 60 network barometer report 2015