I recently had the opportunity to talk to Mark Wutzke, chief solution architect with Allied Telesis, to learn about the company\u2019s smart networking offerings. Perhaps you, like me, don\u2019t know much about this networking company, though it\u2019s been in business since 1987. That might be because the global company, until recently, has focused its efforts outside the U.S. However, that focus is beginning to change, so I wanted to learn what the company brings to the table that enterprises would be interested in.\nFirst, a little background on the company. Allied Telesis is headquartered in both Japan and the U.S. The company has global R&D centers and manufactures its own products. Among the products are intelligent switches and stackable chassis, industrial switches, wireless solutions, firewalls and routers, optics, NICs and media converters\u2014basically end-to-end solutions from edge to core for LAN, WLAN and WAN. In addition, Allied Telesis writes its own operating system software for its equipment, as well as the network management software that provides many of the smart networking features the company is touting today.\n\u201cWe aren\u2019t very well known among enterprises in the U.S. market today, but we do work with a lot of federal and government agencies here,\u201d says Wutzke. \u201cTo be considered for those tenders, we have to meet certain security and performance standards, which we validate through a number of industry certifications. We\u2019ve also garnered quite a few industry awards and are recognized in the Gartner Magic Quadrant for WAN and wireless LAN products. We believe we have some real innovations that enterprises can benefit from.\u201d\n\nHe says many of those innovations are based on the company\u2019s AlliedWare Plus operating system, a Linux-based next-generation network OS. It\u2019s the common OS that underlies Allied Telesis\u2019 switching and routing platforms, and it supports some interesting features designed to improve usability and reduce the burden of network management.\nGiving the network autonomy\nOne of those features is the Autonomous Management Framework, or AMF.\n\u201cConventional network management requires skilled resources, particularly at the network edge, doing repetitive or time-consuming tasks,\u201d says Wutzke. \u201cAMF simplifies the management of a network by automating and assisting with everyday tasks like making configuration changes to multiple units, backing up configurations, adding new units, recovering a failed unit, or rolling out a firmware upgrade.\n\u201cFor example, AMF automatically backs up the configuration on every single device every 24 hours and stores it away in a network repository. If a device in your network fails, you can pull out a spare unit, install the device and AMF will automatically push the correct configuration onto that device for you. You can have the new device operating like the previous one in that location within minutes,\u201d he says.\nAMF also can be used to configure multiple units at the same time. Instead of having to log into each device, the network engineer can tell AMF to talk to all the edge devices at once; for example, to add a VLAN to all the edge switches. Then commands can be issued as if talking to a single device, saving time and reducing the likelihood of mistakes.\nA self-defending network\nAnother example of Allied Telesis\u2019 innovation is the self-defending network with Secure Enterprise SDN (SES).\n\u201cFirewalls protect networks from a lot of threats by blocking traffic, but they can\u2019t protect against threats that originate at a user\u2019s device, which don\u2019t go through the firewall initially,\u201d says Wutzke. \u201cSay that someone plugs in a USB stick with malware on it. The virus is trying to reach out to its C&C server, so the firewall sees that outbound traffic but at this stage it can\u2019t do anything to affect the now-infected device. The bad actor is still connected to the network and can spread his malware to other devices. The SES controller looks at log messages from the firewall, sees the C&C outreach and determines there is a security issue. It figures out which switch port to shut off to disable the offending device. It can either block it completely or move it to a quarantine network.\u201d\nThe self-defending network can take action within a split second to switch off an offending endpoint.\u201d \u2014 Mark Wutzke, Allied Telesis\nWutzke says the SES controller can work with many firewalls to read log messages and look for security issues. This solution doesn\u2019t require any agent software on the user devices because SES controls the switch, not the endpoint itself. SES also can work with large data center or corporate-type traffic by mirroring the traffic going through the core switch. Again, SES detects issues on the mirror traffic and then influences the edge switches to block or quarantine the endpoint that\u2019s causing the problem.\n\u201cThe self-defending network can take action within a split second to switch off an offending endpoint. The network or security administrator can be alerted to come in later to take control of the situation, but SES neutralizes the problem before damage can be done,\u201d explains Wutzke.\nActive Fiber Monitoring\nThe idea for Active Fiber Monitoring came to Allied Telesis from a European military organization that was worried about adversaries eavesdropping on their network fiber, Wutzke says.\n\u201cIf you bend fiber to a certain degree, a small but detectable amount of light escapes. Someone can pick up that light and read what\u2019s happening on the fiber, and the owner of the fiber would never know. This is a concern for anyone who sends sensitive information over long distances in remote locations using fiber,\u201d he says.\nThe obvious solution would be to encrypt everything traveling on the fiber, Wutzke says, but that\u2019s expensive and it introduces latency. Another approach is to detect fluctuations in the light. Allied Telesis implemented a feature on switches using AlliedWare Plus that monitors the amount of light being received on a port, and depending on the sensitivity you choose, the switch can take actions such as logging the results, shutting the port down, sending an SNMP trap, and so on. By monitoring the fiber links, Allied Telesis can look for any instances of tampering or light fluctuations. The process also is useful for detecting that a fiber-optic module is beginning to fail as the light level begins to drop.\nOther features of AlliedWare Plus\nThe AlliedWare Plus operating system has numerous other features that increase network intelligence, such as smart diagnostics, log-defined triggers, continuous Power Over Ethernet, and CPU control plane protection. \u201cWe have a lot of individual features that are unique to Allied Telesis, and collectively this combination of smart tools reduces management effort and time,\u201d says Wutzke.\n\u201cNo compromise\u201d Wi-Fi\nAllied Telesis also has a hybrid wireless solution that addresses many of the technical issues of Wi-Fi today, such as configuration complexities, interference of devices on the same frequency, dead spots, and the need for careful planning of placement of the access points. Zeus Kerravala did a great job describing the problems and the exact approach that Allied Telesis takes in solving them with his recent article, When Wi-Fi is mission-critical, a mixed-channel architecture is the best option. Kerravala covered all the details, so I\u2019ll just summarize by saying that Allied Telesis supports both multi-channel and single-channel wireless architectures to give customers the flexibility of choosing the model that best fits their needs.\nUse case: Naka City, Japan, deploys an Allied Telesis network\nNaka City in Japan recently updated its network based on solutions from Allied Telesis. The city\u2019s technology infrastructure team manages the public computer network for schools, local government offices, and public buildings, providing both wired and wireless access for the city\u2019s residents. Following a cyber attack on a different Japanese government network, Naka City wanted a more robust network that incorporated better security and easier administration. They chose an Allied Telesis solution in large part for the Autonomous Management Framework and the Secure Enterprise SDN technology.\nThe system was rolled out in 39 locations over a two-week period and was successfully commissioned after a one-week trial period.\n\u201cWith AMF, we can manage and operate all our devices remotely, enabling a swift maintenance response,\u201d according to Wataru Kobayashi, infrastructure engineering department manager with the VAR Osaki Computer Engineering. \u201cSES lets us implement internal security measures, including behavior detection and anti-proliferation of security threats, which is a major advantage.\u201d\nThe city\u2019s future plans for SES include an automatic remediation process to fix a device and allow it to re-join the network. Not only will this remove threats, but it will also reduce disruption by making services available again as quickly as possible.