Alastair Cooke, Author at Gigaom Your industry partner in emerging technology research Tue, 24 Jan 2023 21:55:14 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 GigaOm Radar for Hyperconverged Infrastructure: SMB Deployments https://gigaom.com/report/gigaom-radar-for-hyperconverged-infrastructure-smb-deployments/ Mon, 23 Jan 2023 21:51:50 +0000 https://research.gigaom.com/?post_type=go-report&p=1011497/ Hyperconvergence has quickly become a popular option for IT infrastructures, no matter the size of the company or the industry in which

The post GigaOm Radar for Hyperconverged Infrastructure: SMB Deployments appeared first on Gigaom.

]]>
Hyperconvergence has quickly become a popular option for IT infrastructures, no matter the size of the company or the industry in which it operates. Users like the simplicity and cloud-like experience offered by most advanced solutions. Moreover, several vendors are now working on solutions that keep the user experience similar across multiple environments—including major public cloud platforms—to help customers reach their hybrid and multicloud goals.

Hyperconverged infrastructure (HCI) solutions for large-enterprise deployments and those specifically designed to address small-to-medium business (SMB) use cases share most of the same core characteristics. The main differences involve the scale of deployment required for SMBs. SMBs care more about minimum cluster size, high efficiency, and small configurations. The minimum size of the cluster is very important for many organizations to meet so they can keep the purchase price low. Often, users just want to run a bunch of VMs in a remote site or branch office, and they want the best availability at the lowest cost. For such users, HCI vendors created specialized solutions that can start very small, often with just two or three tiny nodes, while maintaining the resources necessary to run applications.

Integration is another important aspect of HCI solutions. SMB IT organizations tend to prefer that data protection and disaster recovery (DR) are integrated into the HCI platform. SMB organizations generally have only a few locations to manage rather than the hundreds of locations that enterprises use or the thousands for edge deployments.

With this orientation in mind, it’s clear that SMB HCI differs from standard enterprise deployments, which are not limited by strict budgets and available cluster resources.

This GigaOm Radar report highlights key SMB HCI vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Hyperconverged Infrastructure Solutions,” we describe in more detail the key features and metrics used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post GigaOm Radar for Hyperconverged Infrastructure: SMB Deployments appeared first on Gigaom.

]]>
Key Criteria for Evaluating Hyperconverged Infrastructure Solutions https://gigaom.com/report/key-criteria-for-evaluating-hyperconverged-infrastructure-solutions-2/ Fri, 30 Dec 2022 20:51:12 +0000 https://research.gigaom.com/?post_type=go-report&p=1010826/ Traditional infrastructures are too complex, too difficult to manage, too slow to adapt to changes, and too expensive to adequately respond to

The post Key Criteria for Evaluating Hyperconverged Infrastructure Solutions appeared first on Gigaom.

]]>
Traditional infrastructures are too complex, too difficult to manage, too slow to adapt to changes, and too expensive to adequately respond to evolving business needs. Information technology (IT) departments everywhere are looking to save money while becoming more efficient in terms of both resource provisioning and reaction time. Moreover, recent global events have accelerated many digital transformation initiatives, and now more than ever, enterprises need an IT infrastructure that can adequately support legacy and modern applications simultaneously while providing a consistent user experience across different on-premises and cloud environments.

A cloud-only IT strategy is not viable for many organizations. Even the most aggressive cloud-only strategies of today are refocusing on a more balanced hybrid and multicloud approach. Unfortunately, mixing cloud and traditional IT infrastructures heightens the risk of creating silos, heading in exactly the wrong direction and complicating the overall infrastructure even more. Unlike traditional infrastructure patterns, however, hyperconverged infrastructure (HCI) is a step forward in simplicity and flexibility. HCI lets organizations hide IT infrastructure complexity while realizing the benefits of a cloud-like environment. HCI simplifies operations and facilitates the transport of data and applications between on-premises and cloud environments.

While choosing the right HCI infrastructure remains challenging, the core technology is consolidated, and most of the vendors have mature stacks. As we will see, what really makes the difference now are services and features built on top of this stack. Often, new services are built using containers and require an orchestration layer such as Kubernetes for production deployment. The HCI approach is being applied to bridging the gap between cloud-native Kubernetes deployments and enterprise application development and operations methodologies. Application deployment at the edge (beyond corporate data centers) requires an HCI platform that can manage a larger number of smaller clusters for the distributed nature of edge computing.

The GigaOm Key Criteria and Radar reports provide an overview of the HCI market, identify capabilities (table stakes, key criteria, and emerging technology) and evaluation metrics for selecting a HCI platform, and detail vendors and products that excel. These reports give prospective buyers an overview of the top vendors in this sector and help decision-makers to evaluate solutions and decide where to invest.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post Key Criteria for Evaluating Hyperconverged Infrastructure Solutions appeared first on Gigaom.

]]>
GigaOm Radar for Hyperconverged Infrastructure: Enterprise Deployments https://gigaom.com/report/gigaom-radar-for-hyperconverged-infrastructure-enterprise-deployments/ Wed, 21 Dec 2022 16:27:02 +0000 https://research.gigaom.com/?post_type=go-report&p=1010639/ Hyperconvergence for the enterprise market is both mature and consolidated. VMware vSphere holds the lion’s share of the market in terms of

The post GigaOm Radar for Hyperconverged Infrastructure: Enterprise Deployments appeared first on Gigaom.

]]>
Hyperconvergence for the enterprise market is both mature and consolidated. VMware vSphere holds the lion’s share of the market in terms of enterprise deployments and boasts technology leadership as well. Most vSphere deployments integrate with a hardware vendor’s tooling to simplify updates and upgrades, and some are tightly integrated with the VMware tool set. At the same time, alternative solution stacks are gaining popularity by offering compelling value and innovative approaches.

In fact, interest has shifted from core virtualization features to the platform ecosystem and integration of core, cloud, and edge components. Other aspects of hyperconvergence infrastructure (HCI) that are quickly gaining traction include automation, orchestration, and cloud integration. Kubernetes support is commonplace, with container orchestration deployed alongside virtual machine (VM) orchestration as key infrastructure services. The overall goal is to build hybrid cloud infrastructures that can provide a consistent user experience (UX) across different environments while further enabling applications and data mobility.

As the Covid-19 pandemic persisted and remote work became the new normal, it accelerated efforts around digital transformation and uptake of virtual desktop infrastructure (VDI) farms. This trend has created some intriguing opportunities around HCI, as newly optimized infrastructures add resources that can support cutting-edge applications. For example, adoption of VDI has increased the number of GPUs available in the data center. Most of these graphical processing units (GPUs) are engaged with VDI workloads during working hours, leaving them available at other times to drive machine learning (ML) and artificial intelligence (AI) processing for improved business and industrial processes.

This GigaOm Radar report highlights key enterprise HCI vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Hyperconverged Infrastructure Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post GigaOm Radar for Hyperconverged Infrastructure: Enterprise Deployments appeared first on Gigaom.

]]>
GigaOm Radar for Hyperconverged Infrastructure: Edge Deployments https://gigaom.com/report/gigaom-radar-for-hyperconverged-infrastructure-edge-deployments/ Wed, 21 Dec 2022 16:21:14 +0000 https://research.gigaom.com/?post_type=go-report&p=1010660/ Edge deployments are among the most dispersed hyperconverged infrastructure (HCI) environments, with small clusters at many locations and usually without technical staff

The post GigaOm Radar for Hyperconverged Infrastructure: Edge Deployments appeared first on Gigaom.

]]>
Edge deployments are among the most dispersed hyperconverged infrastructure (HCI) environments, with small clusters at many locations and usually without technical staff readily available. One area of differentiation is between near edge and far edge. The near edge is a data center that’s not on-premises, while far-edge locations typically depend on the function. Near-edge deployments could be in co-location or telco data centers spread around the country or around the world. Far-edge environments might be in trucks, retail stores, or oil exploration platforms. The available facilities vary greatly among these locations, and so there is variation as well among solutions.

The usual data center HCI vendors are well represented for near-edge environments, which require rack-mount servers and extensive resources. Just like in an on-premises data center, HCI at the near edge is a general-purpose platform that accommodates multiple applications. The difference is that there tend to be far more edge locations than on-premises data centers and visiting these locations for maintenance is usually impractical, so hands-off management of large numbers of HCI clusters is essential.

The far edge requires hardware that does not rely on the niceties of a data center; power, cooling, and space may all be limited. Far-edge clusters are also more likely to run exclusively custom applications. Often, applications are deployed in containers, with or without Kubernetes, alongside virtual machines (VMs) or possibly without any VM-based applications. At the far edge, hands-off management may not be enough; these locations may require hands-off deployment for clusters never visited by IT staff. Finally, far-edge locations may have only intermittent connectivity and must be able to operate for extended periods in disconnected mode. For example, a fishing boat on a two-week expedition might have internet connectivity only when in port.

The more established server vendors may have some products not included in this report that target the far edge, not relying on their data center-focused HCI to scale down to far-edge requirements. The data center HCI products still operate at the near edge where rack-mount servers are viable and consistency with data center HCI platforms is beneficial. Whether your environment consists of 500 clusters in 500 telco points of presence (PoPs), or 10,000 delivery trucks, edge deployments scale out. Policy-based management of large numbers of clusters is vital. Automation of every aspect of operations and application updates is essential.

This GigaOm Radar report highlights key edge HCI vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Hyperconverged Infrastructure Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post GigaOm Radar for Hyperconverged Infrastructure: Edge Deployments appeared first on Gigaom.

]]>
GigaOm Radar for Disaster Recovery and Business Continuity as a Service https://gigaom.com/report/gigaom-radar-for-disaster-recovery-and-business-continuity-as-a-service/ Fri, 09 Dec 2022 19:33:41 +0000 https://research.gigaom.com/?post_type=go-report&p=1009982/ Very few organizations see providing disaster recovery (DR) for their information technology (IT) systems as a business differentiator, so they often prefer

The post GigaOm Radar for Disaster Recovery and Business Continuity as a Service appeared first on Gigaom.

]]>
Very few organizations see providing disaster recovery (DR) for their information technology (IT) systems as a business differentiator, so they often prefer to outsource the process and consume it as a service that’s billed monthly. There are many disaster recovery and business continuity as a service (DR/BCaaS) providers with varying backgrounds whose services are often shaped by that background. Products that started as customer-managed DR applications tend to have the most mature orchestration and automation, but vendors may face challenges transforming their application into a consumable service.

Backup as a service (BaaS) providers typically have great consumption models and off-site data protection, but they might be lacking in rich orchestration for failover. Other DR/BCaaS providers come from IaaS backgrounds, with well-developed, on-demand resource deployment for recovery and often a broader platform with automation capabilities.

Before you invest in a DR/BCaaS solution, you should attempt to be clear on what you see as its value. If your motivation is simply not to operate a recovery site, you probably want a service that uses technology similar to what you’re using at the protected site. If the objective is to spend less effort on DR protection, you will be less concerned about similarity and more with simplicity. If you want to enable regular and granular testing of application recovery with on-demand resources, advanced failover automation and sandboxing will be vital features.

Also be clear on the scale of disaster you are protecting against. On-premises recovery will protect against shared component failure in your data center. A DR/BCaaS location in the same city will allow a lower recovery point objective (RPO) and provide lower latency after failover, but it might be affected by the same disaster as your on-premises data center. A more distant DR location would be immune to your local disaster, but you need to consider the rest of your business. It doesn’t help to have operational IT in another city if your only factory is under six feet of water.

DR services are designed to protect enterprise application architectures that are centered on virtual machines (VMs) with persistent data and configuration. A lift-and-shift cloud adoption strategy leads to enterprise applications in the cloud, requiring cloud-to-cloud DR that is very similar to DR/BCaaS in an on-premises environment. Keep in mind, however, that cloud-native applications have different DR requirements.

This GigaOm Radar report highlights key DR/BCaaS vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Disaster Recovery and Business Continuity as a Service Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post GigaOm Radar for Disaster Recovery and Business Continuity as a Service appeared first on Gigaom.

]]>
Key Criteria for Evaluating Disaster Recovery and Business Continuity as a Service Solutions https://gigaom.com/report/key-criteria-for-evaluating-disaster-recovery-and-business-continuity-as-a-service-solutions/ Fri, 18 Nov 2022 18:41:56 +0000 https://research.gigaom.com/?post_type=go-report&p=1009481/ Disaster recovery (DR) provides rapid restoration of one or more applications or systems when the data center where they reside is, or

The post Key Criteria for Evaluating Disaster Recovery and Business Continuity as a Service Solutions appeared first on Gigaom.

]]>
Disaster recovery (DR) provides rapid restoration of one or more applications or systems when the data center where they reside is, or might become, unavailable. The recovery usually happens by transitioning into a different data center that is not affected by the outage at the primary location. Business continuity (BC) adds more awareness of the business and its requirements for continued operation. DR/BC as a service (DR/BCaaS) lets customers outsource this protection and recovery to a service provider who manages the recovery location and charges on a consumption basis for the protection of resources and any use of the recovery data center. The as-a-service nature of DR/BCaaS means that customers can easily increase or decrease the number of protected systems as business requirements change.

Many customers adopt DR/BCaaS to take advantage of an operational expense (OpEx)-based cloud consumption model, rather than incur the capital expense (CapEx) of building and operating a recovery data center. Often DR/BCaaS providers have a backup as a service (BaaS) background and use their backup store as the source for recovery, adding value to the BaaS product.

Recovery as a service means that recovery capacity is allocated as tests or failovers occur, with fees being charged only when recovery resources are provisioned. DR/BCaaS is useful to small businesses that require a DR strategy but do not have the resources for a second site. Medium-sized businesses may well standardize on DR/BCaaS because they do not see managing a DR solution as differentiating to their business. Both small and medium businesses will tend to use DR/BCaaS for all their DR requirements. Enterprise-scale organizations may have on-premises DR capability but use DR/BCaaS in places where their main DR is not well suited, such as where failover to another on-premises data center might introduce excessive latency or violate data sovereignty regulations.

Ransomware has overtaken human error and natural disasters as the top cause of DR failover. DR/BCaaS can provide a better ransomware recovery than on-premises recovery because there is often a much more restricted network connecting the infected on-premises environment and the DR/BCaaS recovery solution, which reduces the risk of reinfection. For established DR/BCaaS vendors, improving ransomware response is a significant area of development.

This GigaOm Key Criteria report details the criteria and evaluation metrics for selecting an effective DR/BCaaS solution. The companion GigaOm Radar report identifies vendors and products that excel in those criteria and metrics. Together, these reports provide an overview of the category and its underlying technology, identify leading DR/BCaaS offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post Key Criteria for Evaluating Disaster Recovery and Business Continuity as a Service Solutions appeared first on Gigaom.

]]>
GigaOm Radar for DDoS Protection https://gigaom.com/report/gigaom-radar-for-ddos-protection-2/ Tue, 13 Sep 2022 22:29:14 +0000 https://research.gigaom.com/?post_type=go-report&p=1007688/ With ransomware getting all the news coverage when it comes to internet threats, it’s easy to lose sight of distributed denial of

The post GigaOm Radar for DDoS Protection appeared first on Gigaom.

]]>
With ransomware getting all the news coverage when it comes to internet threats, it’s easy to lose sight of distributed denial of service (DDoS) attacks even as they become more frequent and aggressive. In fact, the two threats have recently been combined in a DDoS ransom attack, in which a company is hit with a DDoS, and then a ransom is demanded in exchange for not launching a larger DDoS.

Clearly, a solid mechanism for thwarting such attacks is needed, and that’s exactly what a good DDoS protection product provides. It will allow users, both staff and customers, to access their applications without indicating that a DDoS attack is underway. To achieve this goal, the DDoS protection product needs to know about your applications and, most importantly, be able to absorb the massive bandwidth generated by botnet attacks.

All the DDoS protection vendors we evaluated have a cloud-service element in their products. The scale-out nature of cloud platforms is the right response to the scale-out nature of DDoS attacks using botnets, thousands of compromised computers, and/or embedded devices. A DDoS protection network that is larger, faster, and more distributed will defend better against larger DDoS attacks: 3.45 Tbps is the largest yet reported attack and was sustained for around 15 minutes.

Two public cloud platforms we review have their own DDoS protection, both providing it for applications running on their public cloud and offering only cloud-based protection. We also look at two content delivery networks (CDNs) that offer only cloud-based protection but also have an extensive network of locations for distributed protection. Many other vendors offer on-premises and cloud-based services that are integrated to provide unified protection against the various attack vectors that target the network and its application layers.

Some vendors have been protecting applications since the early days of the commercial internet. These vendors tend to have products with strong on-premises protection and integration with a web application firewall (WAF) or application delivery capabilities. These companies may not have developed their cloud-based protections as fully as the born-in-the-cloud DDoS vendors.

In the end, you need a DDoS protection platform equal to the DDoS threat that faces your business, keeping in mind that such threats are on the rise.

This GigaOm Radar report highlights key DDOS protection vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating DDoS Protection Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post GigaOm Radar for DDoS Protection appeared first on Gigaom.

]]>
Key Criteria for Evaluating Distributed Denial of Service Protection Solutions https://gigaom.com/report/key-criteria-for-evaluating-evaluating-distributed-denial-of-service-protection-solutions/ Fri, 02 Sep 2022 13:43:03 +0000 https://research.gigaom.com/?post_type=go-report&p=1007397/ Although ransomware is making all the headlines today, it’s not the only kind of attack that businesses should arm themselves against. Distributed

The post Key Criteria for Evaluating Distributed Denial of Service Protection Solutions appeared first on Gigaom.

]]>
Although ransomware is making all the headlines today, it’s not the only kind of attack that businesses should arm themselves against. Distributed denial of service (DDoS) attacks, in which a target website or application is overwhelmed with spurious traffic, have become increasingly common and are growing in size.

Websites and online applications are critical to the way businesses communicate with their customers and partners. If those websites and applications are not available, there’s a dollars and cents cost to the business, both directly in lost transactions and indirectly through loss of reputation. The attackers’ motivations don’t matter to the users of the website—whether the attacker has a political point to make, wants to hurt the business financially, or is motivated by ego—if the website is unavailable, users are not happy.

A DDoS protection platform must inspect all of the traffic destined for a protected site or application and discard or absorb hostile traffic while allowing legitimate traffic to reach the site.

Often, an attack simply aims vast amounts of network traffic at the operating system under the application. These “volumetric” attacks usually occur at network Layer 3 or 4 and originate from compromised computers called bots. Recent DDoS attacks have used thousands of compromised computers, and they can involve hundreds of gigabits per second of attack bandwidth. The largest DDoS attack to date peaked at 2.3 terabits per second.

Few companies have enough internet bandwidth to mitigate an attack of this magnitude on-premises, so DDoS protection needs to be distributed to multiple data centers around the world to be effective. The sheer scale of infrastructure required means that most DDoS platforms are multitenant cloud services.

Other attacks target the application itself, at Layer 7, with either a barrage of legitimate requests or with requests carefully crafted to exploit faults in the site. These Layer 7 attacks look superficially like real requests and require careful analysis to separate them from legitimate traffic.

Attackers don’t stand still. As DDoS protection platforms learn to protect against one attack method, attackers will find a new way to take down a website. So DDoS protection vendors can’t stand still either. Using information gathered from all of their protected sites, vendors are able to develop new techniques to protect their clients.

This GigaOm Key Criteria report details the criteria and evaluation metrics for selecting an effective DDoS protection platform. The companion GigaOm Radar report identifies vendors and products that excel in those criteria and metrics. Together, these reports provide an overview of the category and its underlying technology, identify leading DDoS protection offerings, and help decision-makers evaluate these solutions and decide where to invest.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post Key Criteria for Evaluating Distributed Denial of Service Protection Solutions appeared first on Gigaom.

]]>
GigaOm Radar for Privileged Access Management https://gigaom.com/report/gigaom-radar-for-privileged-access-management-2/ Mon, 22 Aug 2022 23:33:58 +0000 https://research.gigaom.com/?post_type=go-report&p=1007160/ Privileged credentials (or administrator rights) are a top target for attackers from outside an organization, and even from among unhappy staff within,

The post GigaOm Radar for Privileged Access Management appeared first on Gigaom.

]]>
Privileged credentials (or administrator rights) are a top target for attackers from outside an organization, and even from among unhappy staff within, because of the full access they provide. A privileged access management (PAM) solution is implemented to reduce or remove the need for humans to know privileged credentials, thus reducing the chance that they might be misused.

The PAM system becomes the keeper of all privileged credentials, with policies that allow specific identified individuals access to use the appropriate credentials. To be the single source of privileged access, a PAM solution should support all of the authentication sources an organization uses and all of the target systems to which elevated access permission is required. User acceptance is also important, and so the PAM solution should support or improve existing methods of accessing privileged systems; otherwise authorized staff will seek ways around the PAM solution.

A basic function of PAM is to maintain an encrypted vault with the privileged credentials and other protected resources. Logging and session recording are crucial PAM features, and they allow auditing of privileged actions and forensic analysis following a privilege misuse event. Simply having logs and recordings is not sufficient; searchability is crucial for verifying compliance and identifying the scope of any malicious access. Ideally, these logs would integrate into wider security analysis tools as part of a more holistic security approach.

Often, the PAM platform will act as a proxy or jump host to connect the unprivileged network where users operate to the privileged network that requires managed privilege credentials. The proxy function may support native tools, such as secure shell (SSH) or remote desktop protocol (RDP) gateways, or it may provide an HTML5 browser-based interface. The proxy may be part of the main vault application or it may be deployable as a separate server, and can access the PAM vault as credentials are required. The separation of vault and proxy is essential when the PAM solution is used to bridge different trust levels such as internet-based privileged access, or any multitenant deployment such as PAM as a service (PAMaaS).

No matter how secure a PAM system is, there’s always a risk of unintended disclosure of credentials or authorized staff who misbehave, whether accidentally or maliciously. Behavior analytics is a common method used to identify access that’s being exploited inappropriately, and is commonly integrated with a PAM solution. Ideally, the user behavior analytics (UBA) would be able to identify the individual user’s actions both with their own credentials and using the PAM to exercise privileged credentials.

This GigaOm Radar report highlights key PAM vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating PAM Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post GigaOm Radar for Privileged Access Management appeared first on Gigaom.

]]>
Key Criteria for Evaluating Privileged Access Management Solutions https://gigaom.com/report/key-criteria-for-evaluating-privileged-access-management-solutions/ Wed, 01 Jun 2022 22:40:45 +0000 https://research.gigaom.com/?post_type=go-report&p=1005348/ Privileged access management (PAM) enables administrative access to critical IT systems while minimizing the chances of security compromises through monitoring, policy enforcement,

The post Key Criteria for Evaluating Privileged Access Management Solutions appeared first on Gigaom.

]]>
Privileged access management (PAM) enables administrative access to critical IT systems while minimizing the chances of security compromises through monitoring, policy enforcement, and credential management.

A key operating principle of all PAM systems is the separation of user credentials for individual staff members from the system administration credentials they’re permitted to use. PAM solutions store and manage all of the privileged credentials, providing system access without requiring users to remember, or even know, the privileged password. Of course, all staff have their own unique user ID and password to complete everyday tasks such as accessing email and writing documents.

Users permitted to complete system administration tasks that require privileged credentials log into the PAM solution, which provides and controls such access according to predefined security policies. These policies control who can use which privileged credentials and when, where, and for what tasks. An organization’s policy may also require logging and recording of the actions taken while accessing data with the privileged credentials.

Once implemented, PAM will improve your security posture in several ways:

  • Day-to-day duties are segregated from duties that require elevated access, reducing the risk of accidental privileged actions.
  • Automated password management reduces the possibility that credentials will be shared, while it lowers the risk in case credentials are accidentally exposed.
  • Extensive logging and activity recording in PAM solutions assists with audit of critical system access for both compliance and forensic security.

This GigaOm Key Criteria report details the criteria and evaluation factors for selecting an effective PAM platform. The companion GigaOm Radar report identifies vendors and products that excel on those criteria and factors. Together, these reports provide an overview of the category and its underlying technology, identify leading PAM offerings, and help decision-makers evaluate these platforms so they can make a more informed investment decision.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

The post Key Criteria for Evaluating Privileged Access Management Solutions appeared first on Gigaom.

]]>