Cloud Sherpas funding, acquisition points to hot SaaS market

Atlanta-based consultancy Cloud Sherpas today announced $40 million in new funding and the acquisition of another consulting firm in California named Cloud Trigger.

Cloud Sherpas helps customers migrate workloads to the cloud, specifically SalesForce.com's CRM cloud, and to Google's cloud. Since founding in 2008, Cloud Sherpas says it now has 3,000 customers and that it expects to surpass $100 million in revenue in 2013. The company has 350 employees at offices in Atlanta, Brisbane, Chicago, Manila, New York, San Francisco, San Diego, Sydney and Wellington.

CLOUD STARTUPS: 12 Hot cloud computing companies to watch 

CLOUD TOOLS: 16 of the most useful cloud management tools 

The latest $40 million funding round doubles the venture capital financing the company has received in the past. Investors include Columbia Capital, Delta-V Capital and new investor Greenspring Associates. The funding announcement points to the continued interest venture capitalists have in enterprise-geared startups and emerging technologies, including cloud computing and specifically software as a service (SaaS). Cloud Sherpas has had three previous rounds of funding totaling about $23 million in the past, including a $20 million round in March.

The CloudTrigger acquisition is the eighth consulting practice the company has purchased since 2007. CloudTrigger helps customers migrate to SalesForce.com and is the maker of G2Maps, a geographic mapping analytics and visualization app available on the Salesforce AppExchange.

Network World staff writer Brandon Butler covers cloud computing and social collaboration. He can be reached at BButler@nww.com and found on Twitter at @BButlerNWW.

iPhone 6 rumor rollup for the week ending Dec. 21

The holiday preparations took their toll on the iOSphere this week, as rumorers, distracted by ordering and buying the latest Apple products, cut back on their speculative output about future ones.

There are new and still completely unjustified rumors that Apple plans to release the next iPhone, which will be either iPhone 6 or iPhone 5S, in the January-March time frame. Also this week: a news report that an interim model, the 5C, with pre-shattered touchscreens, will be released before the iPhone 6; and dual-LED, dual-color flash for iPhone 6.

You read it here second.

__________

"The rumor came with no evidence (certainly no photos) but it's seemingly too odd to be made up."

~ "Peter," at GSMArena, posting about an anonymous tip and providing this week's most compelling iOS rumor assessment criteria: its credibility is directly proportional to its oddness.

__________

iPhone 6 will be released Q1 2013

International Digital Times asserts that the Next iPhone will be released in the January-March 2013 time frame because of a "report" released by independent analyst Horace Dediu, founder of Asymco.

The post is headlined "iPhone 6 Release Date 2013: First Quarter Launch For New Apple Smartphone [REPORT]." As is often the case, the text of the post is somewhat different. Dediu "has released a report stating that starting in 2013 Apple will release a new generation of each device (iPhones and iPads) every six months, as opposed to the one year product cycle we've seen since the first iPhone debuted in 2007."

And what's more, "Dediu's report is based on an official statement from former Apple CEO John Sculley."

IDT is pretty dismissive of Sculley. "We're not sure how credible Sculley, who left Apple back in 1993, is when it comes to the electronics company's current inner workings."

But. "However, we've been predicting that Apple will speed up its product cycle for weeks."

The confusion in and with this post is emblematic of iOSphere rumors. First, Sculley didn't make an "official statement." The TUAW website interviewed him and he answered some question. He gave his opinion.

Secondly, Dediu didn't "release a report." He composed on his blog, as is his wont, a reflective, informed speculation, triggered by the Sculley opinion, about what he frankly called "circumstantial evidence" that Apple may be moving to a semi-annual product release cycle; and the scale and impact of such a change. His full post, "Does S stand for Spring," is here. 

The last bit of evidence he considered: "Rumors of 5S products in pre-production. This is the least valuable piece of evidence but it might indicate that the 'S' variant is targeting spring launch." That puts a different perspective on the "we've been predicting that Apple will speed up its product cycle for weeks" claim by IDT.

One of the issues Dediu doesn't touch on is what impact a twice-a-year iPhone introduction would have on Apple's pricing, not so much for the newest iPhone but for the one or more preceding models, and on the length of each model's life cycle.

iPhone 6 will be preceded by iPhone 5C

The 5C is being targeted at college-age women, who have a greater than average penchant for breaking their iPhones. To address this problem, the 5C will come in several pre-shattered touchscreen options, all of which make it nearly impossible to use. Yet it relieves iPhone owners of breakage angst.

Trust the parody site The Onion to track down the really interesting rumors. 

iPhone 6 will have dual-LED, dual-color flash

Then, there's the almost-as-entertaining unintentional self-parodies.

iOSphere Rumor Rule 17 (RR17) says that if a rumor doesn't pan out, then wait, tweak, and recycle: eventually you're bound to be right.

"We received an anonymous tip," begins the post at GSMArena, by "Peter." He provides this week's most compelling iOS rumor assessment criteria: Its credibility is directly proportional to its oddness.

"The rumor came with no evidence (certainly no photos) but it's seemingly too odd to be made up," he writes.

The tipster, let's give him the codename OddJobs, says "that the next Apple smartphone (whether it's the iPhone 6 or 5S) will have a dual-LED flash...."

But there's more. It will be "unlike any other dual-LED flash we've seen before," Peter declares. "It's going to have LEDs of two different colors."

Think of it. Two LEDs. And two different colors. There will be a "regular LED" which is, you know, just regular. And one "with a slight blue tint." And why you ask? "The idea behind this is to improve white balance when snapping photos," Peter assures us, authoritatively.

Wow! Or more precisely, "Wow, again!"

Dual LEDs for what became the iPhone 5 were widely rumored throughout 2011. Hence the "wait" part of RR17. But these LEDs will be differently colored, hence the "tweak" of RR17. All that's left is to ignore Google's search history and recycle.

"We're not quite sure how this is supposed to work - use both LEDs at the same time to produce a brighter, slightly blue illumination, or light them up one at a time to get two different illuminations in an HDR-type strategy (instead of combining two exposures to get better dynamic range, combine two photos with different color to get better color accuracy)," Peter confesses.

It's a puzzle. That's often the case with rumors, especially those falling under RR17.

Some smartphones today use two LEDs for their camera flash. According to a 2011 forum posting at StackExchange's Photography community, "a dual LED flash can emit twice as much light as a single LED, which means you can [light] subjects 1.4 times further away. It also draws twice as much power."

One forum member linked to a 2008 post by Steve Litchfield at AllAboutSymbian.com, comparing LED, dual-LED, and Xenon flashes in camera phones. He posted three photos of the same interior scene (a drumset) shot using the three different flash techniques. The dual-LED is indeed much brighter, with fewer and less intense dark areas. The Xenon flash is brighter still but also yields much more true-to-life colors compared to dual-LED.

Peter doesn't weigh down his blog post with things like details.

"It's an odd rumor as we said - it's unlikely, but why would someone make it up?" Peter asks, presumably rhetorically.

Why indeed? Why make something up and then contact a tech blog and convince them that it's real or being considered or in a prototype?

"Thanks to our anonymous tipster!" Peter concludes his post.

Oh. Maybe...that's why.

John Cox covers wireless networking and mobile computing for Network World.

Twitter: http://twitter.com/johnwcoxnww

Email: john_cox@nww.com

Read more about anti-malware in Network World's Anti-malware section.

Nokia settles Wi-Fi patent disputes with RIM

Nokia has signed a new patent license agreement with Research In Motion, which will end all existing patent litigation between the two companies.

RIM will make a one-time payment and on-going payments to Nokia, but the specific financial terms of the agreement are confidential, Nokia said in a statement on Friday.

The deal seems to have come together quickly.

In November, Nokia asked a California court to enforce an arbitration award that could have prevented RIM from selling products with wireless LAN capabilities until the companies agreed on patent royalty rates, according to documents obtained by IDG News Service.

Nokia said it was happy with the deal, and will look for other ways to make money from its patent portfolio in future. RIM declined to comment.

RIM reported falling unit sales for its fiscal third quarter on Thursday, further highlighting the importance of its upcoming BlackBerry 10 operating system.

Both RIM and Nokia have an important year in front of them; Nokia needs to sell more smartphones based on Microsoft's Windows Phone platform than it managed this year and RIM will have to turn BlackBerry 10 into a hit.

"Doing that is absolutely critical for their survival. If RIM and Nokia are going to continue to exist in their current forms they need their respective platforms to be a success," said Ben Wood , director of research at CCS Insight.

Foxconn pays $200M for 9 percent stake in action camera company GoPro

Taiwanese manufacturing giant Foxconn Electronics said it could integrate more camera features into its devices after making a US$200 million investment in a U.S. company that makes cameras for action sports enthusiasts.

Foxconn's investment, announced on Thursday, buys the company a 8.88 percent stake in GoPro, a company that sells wearable cameras to take video and pictures of outdoor activities such as skydiving, surfing, and skiing.

Foxconn's major clients include Apple, Microsoft, Sony and other electronics vendors, and is producer of smartphones, tablets, TVs and video game systems. The company foresees the consumer tech industry moving toward more products capable of "content creation", and expects GoPro can help Foxconn better tap into this market, said Foxconn spokesman Simon Hsing.

The investment will also pave the way for GoPro to expand U.S. sales by leveraging Foxconn's manufacturing capacity, he added.

Turn your Raspberry Pi into a tiny Linux laptop

Ever since the tiny $35 Raspberry Pi PC began shipping earlier this year, there's been virtually no limit to the fresh uses and extensions that have been envisioned for it.

We've seen the credit card-sized device used in a DSLR battery grip, a Minecraft server, and a gaming console. Since its release it's been enhanced with an optimized OS, an overclocking tool, more RAM, and an app store.

The latest innovation? None other than a way to turn a Raspberry Pi into a tiny Linux laptop.

A 10-hour battery

"I just wanted to see if it was possible to make an ultraportable, mobile Raspberry Pi that you can take to go," explained Nathan Morgan, founder and CEO of Dell laptop specialist Parts-People.com, in ablog post on Thursday.

"My mobile Raspberry Pi computer is now complete, and because this is an open source project I wanted to show you everything, including how to build one yourself," Morgan added.

The resulting device includes a 3.5-inch LCD screen and keyboard as well as a 64GB solid state drive, Wi-Fi, Bluetooth, an integral touchpad, and a 10-hour battery. Raspbian Linux downloaded from Raspberrypi.org is the operating system used by Morgan, who tapped Google SketchUp  and a 3D printer to create a case for what he calls the mobile "Pi-to-Go."

'Really slick'

Full schematics and instructions for building the device are included in Morgan's post, as are STL files for the 3D printing and links to where the parts can be purchased.

"This project is a really slick, professional-looking piece of work, and we're very grateful to [Morgan] for making all the information necessary to make your own available to the community," reads the Raspberry Pi Foundation's own post on the topic.

The total cost for the resulting device amounts to almost $400, but if you find a Raspberry Pi in your stocking this year, this could be just the project you're looking for.

Yahoo's Flickr offers 3 free months of its Pro service

Yahoo's holiday gift to the masses is three free months of its Flickr Pro photo and video hosting service, which normally costs $24.95 a year.

Sign up and you get unlimited uploads up to 50MB per photo, unlimited viewing of your photo library, the ability to post photos in as many as 60 groups as well as download high-resolution images and upload and play unlimited HD videos.

It's a pretty good deal for photo and video enthusiasts considering a free Flickr account normally only lets you upload 300MB every month, only view your most recent 200 photos, post photos in up to 10 groups, download smaller resized images and upload up to two videos a month.

There's a small catch, as Yahoo includes a disclaimer with the deal.

"To avoid abuse of our unlimited storage, we do monitor accounts for excessive usage. Yahoo! limits the number and size of photos allowed from an account within a given timeframe. While our goal is to ensure that everyone benefits from unlimited storage, Flickr is not intended to be used as a content distribution network," reads the fine print that accompanies the offer.

The free holiday gift is even open to people who don't yet have a Flickr account. You can sign up using a Yahoo, Facebook or Google account and you don't need to lay down a credit card number.

After signing on, pick a Flickr screen name and choose the holiday gift. After three months, your account reverts to a free Flickr account -- no strings attached.

It's a smart move on Yahoo's part, considering that just a few days ago masses of people were ditching Instagram because of poorly worded updated Terms of Use it announced last week. The photo sharing service later reversed course and said it would reword its policies, although as PCWorld's Ian Paul pointed out, Instagram's older terms are more liberal than the newer version it wanted to implement.

The older terms could give the company just as much license to control your content as before.

Get Yahoo's holiday gift here .

Chrome 25 blocks sneaky add-ons

Google on Friday said Chrome 25, now in development, automatically blocks browser add-ons installed on the sly by other software.

The measure mimics what rival Mozilla did for Firefox over a year ago.

Auto-blocking has already appeared in Chrome 25 for Windows on the "dev" channel -- Google's least-polished public version -- which debuted last month. By the browser's semi-regular release schedule, Chrome 25 will reach the final "stable" channel, and thus the bulk of users, in the second half of February 2013.

According to Peter Ludwig, a Chrome product manager, Chrome 25 will automatically disable any browser extensions silently installed by other software. Extensions previously installed by third-party software will also be barred from running.

Chrome users can switch on such extensions manually, or remove them from the browser and their PC.

Although Ludwig never used the word "security" in his Dec. 21 blog post, the change's provenance was clear.

"[Silent installation] was originally intended to allow users to opt-in to adding a useful extension to Chrome as a part of the installation of another application," Ludwig explained. "Unfortunately, this feature has been widely abused by third parties to silently install extensions into Chrome without proper acknowledgment from users."

Google was more than a year behind rival Mozilla in banning extensions installed behind users' backs. In Aug. 2011, Mozilla said Firefox 8 would automatically block browser add-ons installed by other software. Firefox 8 shipped three months later.

Add-ons bundled with third-party software had been a problem for Firefox users, who complained loudly when they found mysterious extensions on their computers.

A toolbar installed in Firefox alongside Skype, for example, caused so many crashes in Jan. 2011 -- 40,000 in only one week -- that Mozilla blocked the add-on after calling the Internet phone company a "repeat offender." In 2009, Microsoft silently slipped an add-on into Firefox that left browser users open to attack.

Google has also made other moves this year to lock down extensions. As of Chrome 21, which launched last July, the browser will not accept add-ons installed directly from websites, but only from the Chrome Web Store. Previously, any website could prompt a Chrome user to install an extension.

"Online hackers may create websites that automatically trigger the installation of malicious extensions," Google noted in a Chrome Help page that explained the new rules. "Their extensions are often designed to secretly track the information you enter on the web, which the hackers can then reuse for other ill-intended purposes."

That security measure has not been foolproof, however, as a Facebook-theme scam detailed by Webroot last week illustrated: The rogue add-on was placed on the Chrome Web Store, even though Google had said on the same Help page that, "We have started analyzing every extension that is uploaded to the Web Store and take down those we recognize to be malicious."

Chrome 25's dev version for Windows can be downloaded from Google's website.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His e-mail address is gkeizer@ix.netcom.com.

Read more about internet in Computerworld's Internet Topic Center.

The five best productivity apps of 2012

It's been a big year for smartphones--the iPhone 5, the Galaxy S III, the debut of Windows Phone 8--but as always, it's the apps that matter.

Thankfully, 2012 witnessed the arrival of many killer apps for business users, tools that can save time, lower costs, and turbocharrge your overall productivity. Best of all, those that aren't free cost only a few bucks.

Below I've rounded up my picks for the five best business apps of the year--a mixture of gems for Android and iOS alike. These aren't the typical mainstream picks like Evernote and LogMeIn, which, though often invaluable to business users, have been on the scene for ages. No, I've got five lesser-known apps that deserve greater recognition. And that starts right here.

1. CallFlakes (Android)

Think about what you normally do after a phone call. CallFlakes does it for you. This clever ad-supported app swoops in whenever you end a call, offering six handy follow-up options: Text, Reminder, Email, Meeting, Share, and Call. (There's also a Web-search button in case you want to immediately Google something.)

It's literally a one-tap affair to launch any of those functions--incredibly useful for anyone who makes and takes a lot of calls.

2. Glyder (iOS)

Marketing can make or break a small business. With Glyder, you can create and distribute a variety of marketing messages--a daily deal, a coupon, a thank-you note, etc.--across a variety of platforms (email, Facebook, text message, etc.), all with a few taps on your iPhone. The app is incredibly easy to use and a real boon to any on-the-go business owner seeking a quick and effective marketing tool.

3. MailShot (iOS)

It's kind of ridiculous that iOS doesn't let you create email groups. MailShot does. With it you can build mail distribution groups (sales team, marketing department, key clients, etc.) right on your iPhone, then adds those groups to your address book, where they're accessible from all other apps. It's even Siri-friendly. The free version limits you to three groups with five recipients each; for all of $3.99, MailShot Pro raises the cap to 100 groups and 100 contacts. That's four bucks very well spent.

4. Maluuba: Your Siri Alternative (Android)

It may look like a Windows Phone app, but Maluuba has Apple in its crosshairs--specifically Siri, as evidenced right in its name. This voice-powered helper app that can do everything from checking the weather to scheduling appointments to finding the closest Fedex box. And unlike Siri, it doesn't yammer on and on; it just works. For free.

5. WorkFlowy (iOS)

WorkFlowy is little more than a browser-based outliner, but it's precisely that stripped-down simplicity that makes it such a powerful organization tool. I'll be honest: the WorkFlowy app is barely better than the mobile browser-based version. But it doesn't have to be. However you interact with WorkFlowy on your smartphone, you'll quickly come to find it indispensable.

Well, those are my picks. Now hit the comments and tell me which business apps rocked your world in 2012.

Five reasons 2012 was a great year for Linux

The end of the year is always a good time to take stock of where things stand in any niche or field, andLinux is no exception.

There's no doubt that there have been challenges for the free and open source operating system over the course of 2012--the Secure Boot challenge  comes immediately to mind--but so, too, have there been numerous successes.

All in all, I believe the good has outweighed the bad for Linux this past year. Here are five specific reasons.

1. One *billion* dollars

Perhaps most obvious among Linux's accomplishments this year was the fact that Red Hat finally and officially attained its long-anticipated status as the first billion-dollar open source company. That's a testament not just to Red Hat's own business acumen, but also the fact that Linux can be profitable--and that's a big deal for increasing future business interest in the platform.

2. The Digital Divide

Those of us in the tech industry can argue over the merits and penetration of desktop Linux until we're blue in the proverbial face, but meanwhile a momentous shift has quietly begun.

I'm talking about the wave of tiny, inexpensive, Linux-powered PCs that flooded the market this year, putting significant computing power within closer reach not just for enthusiasts but also for those who would not otherwise be able to afford it.

It's truly a revolution in computing, as I've said before, and it's expanding Linux's reach even beyond the countless Android-using masses. Not only that, but it's surely going a long way toward bridging theDigital Divide.

3. Gaming acceptance

Gaming platforms may not matter much to many in the business world, but the fact is, gaming is extremely important to a whole lot of PC users. Over the years, in fact, a relative lack of games has been a key reason held up by many to explain why they didn't make the switch to Linux.

Well, this year all that changed when Valve announced that it was porting Steam to Linux, citing theWindows 8 "catastrophe" as a big part of its reason.

More recently, THQ is considering making a similar move, according to reports.

What it means: Linux users are increasingly being viewed as a market worth catering to, and that will only mean more and better applications across the board in the future.

4. Preloaded prevalence

This past year has also seen a dramatic increase in the number of hardware options offering Linux preloaded. Over the course of 2012, in fact, we saw machines from not just specialty makersZaReason, System76, and ThinkPenguin offer this option, but also Asus, Dell, and more.

With every new entry that arrives, consumers' choices expand, and that can only be a good thing.

5. An open window

Finally, it's become patently obvious that Windows 8 has encountered a cooler reception than Microsoft might have liked, and that means nothing but opportunity for Linux. With Ubuntu 12.10 "Quantal Quetzal," in fact, Canonical's popular Linux distribution has actually surpassed Windows 8 in many respects, particularly from a business user's perspective.

Tremendous inertia will allow Windows' dominance to continue for years to come, of course.

Still, with Windows 8 the landscape shifted, I believe, and desktop Linux has begun to compete on an even footing. I can't wait to see where that leads in 2013 and beyond.

Toshiba developing Lytro-like phone camera with over 30,000 mini-lenses

Toshiba is developing a tiny digital camera module similar to the Lytro camera, which shoots tens of thousands of individual photos and then allows the user to pick the point of focus.

The new camera will have from 30,000 to 50,000 tiny lenses, yet still be small enough to fit in modern smartphones and tablets. The company aims to have a product ready for sale by March of 2014.

The concept is similar to that behind a much-hyped camera launched by California-based Lytro earlier this year. Lytro calls its technology "light field capture," and photos taken by the device can be adjusted for focus and perspective after they are taken.

"Lytro doesn't make semiconductors, so the camera module is a product that Toshiba is probably better-suited to make," said Toshiba spokesman Atsushi Ido.

Ido said the concept behind the camera module is similar to the compound eyes found in many insects. He said much of the processing involved in taking and combining the individual images with the new camera would likely be handled by the module's hardware.

Toshiba is among the world's largest manufacturers of CMOS image sensors, where it competes with rivals including Sony, Samsung and OmniVision. Toshiba is better known for its massive NAND flash operations, where it cranks out memory chips for hard drives and memory cards.

In January, Lytro executive Charles Chi told PCWorld that his company was focused on branded cameras aimed at consumers, and any entry into the smartphone market would probably involve a tie-up with an established player.

Earlier this week, Toshiba announced it is readying a 20-megapixel CMOS image chip aimed at the digital camera market, where it hopes to challenge the dominance of Sony. The new chip will also be able to shoot 30 frames per second at full resolution, or 60 frames at 1080P. Toshiba said it will ship samples of the new CMOS sensor next month, with mass production to begin in August.

Security in 2013: The rise of mobile malware and fall of hacktivism

It's always fun this time of year to look back on the year we're about to leave behind, and to make some predictions about what we might expect the year ahead to look like. We already have a comprehensive look back at the biggest security stories of 2012, and now here's a look at some trends to watch for 2013.

These prognostications come from McAfee--the respected information security and antimalware company, not its international man of mystery founder. McAfee is one of the companies with a global presence and the skills and knowledge required to distill evolving trends and determine where things are headed.

For starters, McAfee believes that mobile malware will both evolve in technique and grow in volumeby leaps and bounds in 2013. The explosion of mobile devices--iPhones, iPads, Android smartphones and tablets, etc.--have driven malware developers to expand their horizons and focus on new, fertile ground.

The attackers seem to have an advantage here. Malware developers can apply the lessons learned from years of evolving exploits against PCs to target the weaknesses of mobile devices, but users seem to be oblivious to the threat and feel like mobile devices are somehow just inherently secure.

One thing to watch for in the year ahead is an increase in ransomware attacks. These attacks basically lock you out of your smartphone or tablet unless you agree to pay the ransom. A McAfee spokesperson explained, "The harsh reality of these schemes is that users have no way of knowing if their device will be unlocked even if they do meet the perpetrator's demands," adding, "Since attackers hijack the users' ability to access data, victims will be faced with either losing their data or paying a ransom in the hope of regaining access."

McAfee predicts that the concept of a Trojan app will evolve to a more pernicious threat when attackers merge it with a mobile worm so it can spread itself without relying on users to install the app. McAfee also warns that malware developers will create mobile worms capable of spreading through NFC-enabled devices to spread wirelessly and steal money from "digital wallets".

On the other side of the coin, McAfee suggests that Anonymous will fade away in the next year. McAfee doesn't expect hacktivism itself--or even Anonymous--to disappear completely, but some of the more malicious attacks attributed to hacktivist groups have fallen short of the "Robin Hood" aura that initially made Anonymous popular. Potential victims have also learned more about hacktivist tactics and are more prepared to defend against such attacks.

These aren't the only trends in security for 2013, though. McAfee says the trend of cyber attacks as a political or military tool will become more sophisticated, and suspicions of state-sponsored cyber attacks will continue to grow, and warns that crimeware and hacking-as-a-service business models will become more mature.

For more about what to expect in 2013 according to McAfee, check out the 2013 Threat Predictions report from McAfee Labs.

Cisco acquires network planning company for $141M

Cisco this week announced its intent to acquire privately held Cariden Technologies, a Sunnyvale, Calif., developer of network planning, design and traffic management software for service providers.

Under terms of the deal, Cisco will pay approximately $141 million in cash and retention-based incentives in exchange for all shares of Cariden.

DEAL MAKERS: Top tech M&A deals of 2012

Cariden develops capacity planning and management tools for IP/MPLS networks. Cisco says it will integrate these products with its own nLight technology for IP and optical convergence so service providers can enhance the visibility and programmability of their converged IP/optical networks.

The combination of these products will enable multilayer modeling and optimization of optical transport and IP/MPLS networks, Cisco says.

The Cariden acquisition also supports Cisco's Open Network Environment network programmability strategy by providing WAN orchestration capabilities across the IP and optical transport layers.

Cariden has partnerships with Cisco rivals Juniper Networks and Big Switch Networks.

The acquisition is expected to close in the second quarter of Cisco's fiscal year 2013. Cariden employees will be added to Cisco's Service Provider Networking Group, reporting to Shailesh Shukla, vice president and general manager of the company's Software and Applications Group.

Jim Duffy has been covering technology for over 25 years, 21 at Network World. He also writes The Cisco Connection blog and can be reached on Twitter @Jim_Duffy.

Read more about lan and wan in Network World's LAN & WAN section.

Cisco's internal security team fights to corral BYOD, malware and Wild West environment

Many organizations have a computer security incident response team (CSIRT) that swoops into action to battle malware outbreaks, other types of cyberattacks and possible insider threats, and at networking giant Cisco, that CSIRT team is made up of about 60 people trying to protect a business with about 75,000 employees.

"We're tasked with monitoring for and investigating policy violations against Cisco," says Matthew Valites, Cisco's CSIRT manager for information security investigations. That means protecting corporate IT assets used directly by employees or the business for processing purposes so that sensitive information isn't compromised. However, since Cisco has embraced a "bring your own device" (BYOD) strategy, policy enforcement matters for Cisco's CSIRT have become more complicated.

IN THE NEWS: Alcatel-Lucent to take on Cisco, VMware in crowding SDN field

"With user-owned devices, enforcement has become an issue," acknowledges Valites, in the course of discussing some of Cisco's security incident response practices. "BYOD is a real problem." In what's regarded as a cost-saving move, Cisco typically doesn't supply smartphones to any employee anymore, expecting them to use their own, unless their job falls under government regulatory restrictions where it's plainly spelled out an employee must be using a corporate-issued device. "This is a really big problem for my team," acknowledges Valites.

Above and beyond the BYOD conundrum, the Cisco CSIRT group each day faces the prospect of stopping desktop malware outbreaks, monitoring for unauthorized traffic on the network and guarding against stealthy online attacks from attackers going after key assets. There's also the inevitable spate of things like faulty log-ins but CSIRT's hard job is trying to ascertain unauthorized access.

This all has to be done within the framework for regulatory compliance. "We have a healthcare center in San Jose on premises with nurses and doctors," points out Valites, saying making healthcare professionals available on site is seen as a benefit for employees. And this means that security and privacy policies related to any data associated with it must adhere to federal HIPAA rules, he notes.

Valites says high-level executives at Cisco, not surprisingly, get special attention in terms of whatever computer or network they use since these executives are recognized as being valuable targets for cyber-espionage and the like. In comparison to other employees, "we pay more attention to their assets," says Valites.

And then there are whole groups at Cisco, such as an entire lab, that are known to all too frequently be getting into trouble, breaking with usage policies and their computers erupting with malware. "The labs are a little like the Wild West," acknowledges Valites. With repeat offenders there, Cisco CSIRT has no choice but to clamp down with additional controls, such a blackholing an entire lab on the network so they can't get online or shutting off network segments so they're restricted to an internal LAN.

But the main day-to-day challenge is in getting visibility into security events of any type and quickly deciding when and how to escalate the response. Cisco designed its own incident-response tracking system, where trouble of any type is recorded and pushed toward closure.

When an incident arises, the first task is to associate the computer device in question with its specific owner, says Valites. "We need the asset owners to provide that information to us," and in a large organization of global scope, that can be a challenge. Although lots of technical tools for antivirus, VPN, Web application control, intrusion detection and the like are in use, in the end much often rides on communication between people to share information accurately and quickly.

The CSIRT division also has to be mindful that there's the potential for an insider threat as there would be in any organization. That's the rogue employee or contractor with access to the network willing to steal data or do other damage. It's a prickly situation where escalation would mean reaching out to human resources and legal.

"We have good partnerships there," says Valites, noting that at Cisco, the legal counsel has made it clear about their role in incident response investigation and they want to be involved in the potential investigations into things such as leaks of sensitive information. Investigations of all sorts could require computer forensics, and Cisco's CSIRT is equipped to do that.

As Cisco is a global company, there is the need to coordinate the CSIRT across time zones and continents spanning North America to the Asia-Pacific region. "It's a follow-the-sun model," says Valites, adding that Cisco would benefit from physical security operations centers (SOCs). He says Cisco is now undertaking to construct two such SOCs -- one in San Jose, Calif., and the other in India -- that will make use of technologies of many types, including Cisco's own dedicated TelePresence systems for collaboration.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: @MessmerE. Email: emessmer@nww.com.

Read more about wide area network in Network World's Wide Area Network section.

Dell's 'Sputnik' Ubuntu Linux ultrabook: First in a new line?

Linux fans may recall the excitement that greeted the launch of Dell's "Project Sputnik" earlier this year.

Made possible through an internal skunkworks effort, the project aimed to create an Ubuntu-preloadedlaptop targeting developers, in particular, with what Dell has called a "client to cloud" solution.

By midsummer, Dell said the associated beta program was exceeding expectations, and today the resulting ultrabook officially launched in the U.S. and Canada.

I spoke earlier this week with Barton George, director of the Web vertical at Dell, along with Michael Cote, its director of cloud strategy, about Dell's strategy and goals for the new release.

Deploying to the cloud

First, some specs: Dubbed the XPS 13, Developer Edition, the new device sports an i7 CPU, 8GB of RAM, and 256GB memory. Pricing is $1,549, which includes a year of professional support. International availability will be extended early next year, Dell says.

Ubuntu 12.04 LTS "Precise Pangolin" is the operating system, of course, and on the software side it's accompanied by a basic set of drivers, tools, and utilities along with the cloud launcher and profile tool that have been a big part of the project's focus all along.

"The idea behind the profile tool is to provide access to a library of community-created profiles on GitHub, such as Ruby and Android, to quickly set up your development environments and tool chains," George explained. The cloud launcher, meanwhile, lets developers create "microclouds" on their laptop, simulating an at-scale environment, and then deploy that environment seamlessly to the cloud.

Both tools were also recently launched on GitHub. The video below provides a brief introduction to the new machine.

'As open as possible'

Since the launch of the Sputnik project, Dell's goals have stayed essentially the same, though a few tactics have changed, George told me.

During the testing process, for example, "at least half the people wanted more RAM," he noted, resulting in the full 8GB in the product launching today. 4GB is the base standard in the XPS 13 line.

Another thing Dell learned through feedback is that "it's critical for developers that the overall packaging works out of the box," Cote pointed out. "We're trying to make everything as open as possible and provide a good Ubuntu experience for developers."

'Something we're looking at'

Then, too, there's the "big pent-up desire for this outside the U.S.," George said. "We're working on how to do that."

Meanwhile, developers with "beefier work" to do frequently requested a "big brother version" of the device launching today, he added. "That's something we're definitely looking at."

Given that the new machine is marketed toward developers, I asked if Dell would be making any effort to ensure that only developers get to buy it. In fact, Dell has set it apart slightly from the rest of the XPS line on its site "so people don't get confused," George said, and will be promoting it primarily through developer-oriented publications.

'We have struck a nerve'

At least in theory, however, anyone--regardless of their skills--could purchase one.

In fact, "if this inspires use cases that are different, that's one of the things we're hoping for," George concluded. "We have struck a nerve and found something people are very interested in and passionate about."