Reflections on Cisco Live

Cisco Live was held this week in Orlando Florida. It was a well-attended event with over 20,000 people in person and another 250,000 viewing over the web. Over the course of several days Cisco described its overall direction, announced a number of new products, and even provided a sneak peek at upcoming Insieme solutions.

Topics: IT Infrastructure Networking

Next-generation wLANs will drive productivity gains

As our vendor clients already know, I’ve been busy surveying over 20 enterprise wireless LAN providers to learn more about their wLAN offerings and support plans for 802.11ac, BYOD, UC, etc. for ESG’s upcoming wLAN Market Landscape Report. I’m happy to report that from the supply-side, there are plenty of innovative enterprise wireless systems to choose from and a very competitive marketplace. And we will be fielding our enterprise wireless networking survey shortly, so we’ll be able to better match enterprise wireless needs to vendor offerings.

However, I do have concerns about the demand-side, where many enterprise CFOs are still concerned about continued economic uncertainty, and are holding the line on IT budgets. Recently, change in information and communications technologies (ICT) seems to be accelerating toward light-speed, but many CFOs just want to spend to keep the lights on in the IT department. Organizations that don’t invest in new IT technologies will find themselves at a competitive disadvantage - period.

Topics: Cisco IT Infrastructure Networking Juniper HP BYOD Aruba Huawei Aerohive Adtran Alcatel-Lucent NEC Brocade Enterasys Extreme Ruckus

Cisco Unveils a New Security Architecture at CiscoLive

As someone with more than 25 years in the IT industry, I have to give strong kudos to Cisco for putting on a great show this week. CiscoLive is being held in Orlando which is totally appropriate as Cisco has made the event the “magic kingdom” of all things IT. Surrounded by abundant symbols of the “Internet of Everything,” Cisco really presents itself as the one vendor CIOs should look to for the future. Heck, even the incredibly tacky and inappropriate dance routine before John Chambers’ keynote featured humanoid women, cyborgs, and a comic book image of 2050 or so. Everything screams a common message; Cicso is perfectly aligned with long term IT strategy.

So how does Cisco’s security strategy line up with the “Internet of everything” and future shock? Surprisingly well. I heard some common themes in Chris Young’s keynote presentation on Monday that were supported throughout the event. Henceforth, Cisco security will feature:

  1. An architectural approach. Cisco security products will be integrated together through common APIs, services, and management consoles to cooperate in policy management, enforcement, and reporting. Even Cisco switches and routers can be included in this architecture, acting as policy enforcement points for blocking malicious IP packets.
  2. Integrated intelligence. Cisco introduced something called PXgrid which appears to be publish/subscribe-type middleware. Cisco will publish network metrics here, which can then be consumed by analytics, SIEM, and risk management systems. Additionally, the Cisco security architecture will be supported by Cisco Security Intelligence Operations (SIO), and recently acquired Cognitive Security for machine learning. These on-premises and cloud intelligence sources can collaborate and provide rich correlated data for anomaly detection, accelerated response, and automated remediation.
  3. Lots of opportunities for integration and enhanced functionality. Cisco will use CiscoONE and other APIs to open its architecture to partners. The goal? Become a security integration hub and establish a strong partner ecosystem. For example, Cisco is already partnering with several SIEM vendors including HP/ArcSight, LogLogic, and Splunk. Cisco also discussed a future that includes integration with its OnePK which may act as a catalyst for numerous SDN/security use cases.
Topics: Information and Risk Management Security and Privacy

IBM Wants a Smarter Planet? Sure, But With an Edge

OK, so IBM isn’t actually asserting the world is flat, but it did hold its second ‘Edge’ event earlier this month (as I’ve said before, I like writing about these big industry events after the Kool Aid has had a chance to leave my system!). Edge started life as very much a storage event last year with somewhere around 2000 attendees, but this year had grown in both coverage (still with storage – rightly! - at the center of things) and also attendance, with close to 5000 end-users on hand at one end of the Vegas strip while HP’s Discover was a few stop-lights away at the other end.

The Edge event was very much focused on users and practical implementations, so much of the material (or at least the context and content) was familiar to those of us that get pre-briefed and kept up to date. Of course, there were still plenty of specific announcements, but it’s the big themes that interest me. So let’s get to it. After the [what is becoming requisite] loud start – in this case a rock group (don’t touch that dial: yes, this is IBM with its corporate tie loosened) – there were the [also requisite] mentions of a focus on data, the arrival of software-defined environments and the need for ‘smarter computing’ in general. But, the first specific technology to get a mention was…..flash. Yup, the world of IT and storage is ultimately all about economics, and since (as IBM – rightly IMHO - put forth in its Flash Ahead initiative this last April) flash is all about economics then ergo the world is all about flash! Or as Ambuj Goyal, the disarming and knowledgeable leader of IBM’s storage division, jokingly put it “The answer is flash…now, what’s the question?”! And flash did indeed get a lot of attention – one of the on-stage clients called it “the answer to the poorly written software we’ve had for ages.” While this won’t win that particular gentleman many friends in his software team it did strike a chord with some interesting research IBM showed; quoting from its regular CEO Study, IBM showed a chart that asked CEOs to rank the most strategic factors/components impacting organizations – this covered such things as people skills, macro-economics, market factors and so on. Back in 2004 “Technology Factors” was number 6, but it has climbed steadily over recent years to be #1 in 2012. I hear a sigh of relief from the software team, since I’m sure they count in this respect!? However the takeaway is that technology is absolutely crucial.

Topics: IBM Storage IT Infrastructure flash IBM Edge

Alcatel-Lucent is shifting but needs to pivot

This week, Alcatel-Lucent’s new CEO Michel Combes announced The Shift Plan, a three-year plan to reposition ALU from a “telecom generalist” to an “industrial specialist” in IP networking and broadband fixed and wireless access. Monsieur Combes, who came from Vodaphone, joined beleaguered ALU in February to replace outgoing CEO Ben Verwaayen. Combes’ shift plan is to prune underperforming lines of business to turn around the company’s declining fortunes. This will free-up R&D spend to invest in better performing IP routing and ‘ultra’ broadband access technologies like 4G mobile and fixed DSL/FTTC.

Such cuts are difficult but need to be done and should placate ALU investors with improved quarterly results, however I can’t help but wonder if ‘double-downing’ on ALU’s cash cows will be enough or if it needs to find greener pastures with rising stars? Other ‘old tech’ companies like Cisco, Juniper, etc. with healthier balance sheets and piles of cash have been investing in diversification. And new entrants like Arista and Oracle are targeting the ‘next generation’ telecom equipment market.

Topics: IT Infrastructure Networking

CISOs Need More Control as CIOs Lose Control of IT

First it was the “consumerization of IT” around 2009, followed by cloud computing, SaaS, BYOD, and mobile computing. In aggregate, these trends are truly leading to an environment where IT is losing control.  Devices, personal productivity software, business applications, and file servers have taken on a life of their own.

On balance this is a good thing – employees become more productive, capital costs decrease, new applications improve communications, etc. Of course these are great business benefits but they create one big Excedrin headache for CISOs. Diminished IT control leads to grey areas and blind spots. It’s hard to add strong security when you have little understanding of what’s going on.

Topics: Information Security Information and Risk Management Security and Privacy security analytics

The China Syndrome

Chinese hacking exploits became mainstream news over the past few months leading up to last week’s meeting between U.S. President Obama and Chinese President Xi Jinping. Cybersecurity was a primary topic however, there was no breakthrough deal coming out of the tete-a-tete. The two countries did agree to work together on cybersecurity issues in the future.

With no concrete progress, China is bound to remain a poster child as a cyber adversary here in the U.S.A. but those of us who live in cybersecurity have known about Chinese cybersecurity activities for years. Why the recent demonization? Clearly cybersecurity issues have become more visible and it has been suggested that Chinese hackers were involved in breaches at the NY Times, Wall Street Journal, and both Democratic and Republican computers during the 2008 election. There was also the damning Mandiant paper which fingered a unit of the Chinese military down to street addresses and buildings.

Topics: Cybersecurity Information and Risk Management Security and Privacy

On Juniper’s June 11th Analyst Day

I attended Juniper’s analyst day at its impressive new Sunnyvale, CA headquarters along with Jon Oltsik…

CEO Kevin Johnson put Juniper’s progress into perspective: for the five year (recessionary) period 2008-2013, Juniper grew its enterprise business from $800M to $1.6B per year and now counts over 20,000 enterprise customers, gained by expanding beyond high performance routing into security, switching, data center, and wireless LAN. In the service provider space, Juniper has grown from $2B to $2.8B during the same period. Juniper believes the industry is at a key inflection point due to SDN, which is currently subject to inflated market expectations. However, Juniper says it's prepared, thanks in part to its Contrail acquisition (but of course will interoperate with any OpenFlow based controllers). Juniper’s current customer pitch is to change the decision of networking performance vs. agility to having it both with Juniper.

Topics: IT Infrastructure Networking mobile Public Cloud Service

Why Aren’t We Questioning the Effectiveness of the NSA Program?

Full disclosure, I am extremely uncomfortable with the intrusive intelligence programs going on at NSA. If it weren’t for Edward Snowden and Mark Klein (former AT&T technician) we wouldn’t know about NSA activities on telephony and data networks. It makes you wonder what additional data the NSA is collecting that we don’t know about.

Beyond the privacy issue however, there are a few other fundamental questions here and I don’t hear anyone asking them. Allow me to chime in:

  1. How effective are these programs? PRISM is just one of several programs based upon data collection and mining. We’ve heard rhetoric about how these programs have protected us by detecting and preventing terrorist attacks but no one has provided any detail. Yeah, I know this is classified information but this means that we U.S. Citizens have to take the government’s word for it which has proved to be a fool’s choice in the past. We do know that in spite of these massive programs, the intelligence community missed the underwear bomber (spelling error in database), the Time Square bomber, and Tamerlan Tsarnaev. Given these “swings and misses,” how often did the intelligence community deliver base hits?
  2. How much does it cost? The NSA budget is classified but you've got to figure that the U.S. is spending multiple billions of dollars on data collection, storage, and mining. Heck, the NSA is building a $1.2 billion data center in Utah, capable of holding yottabytes of data. Big dollars for government integrators but is this investment really worth it in an era of budget deficits and bridges falling apart? Without an answer to question #1, we can’t understand whether we are throwing good money after bad to keep K Street lobbyists and “Beltway Bandits” fat and happy.
  3. How secure are these programs? In my mind, Booz Allen has a bit more explaining to do. How was Edward Snowden, a new employee, able to walk out the door with classified data so easily? At a higher level, how many others working at L3, CACI, and SAIC could expose similar data to the press or sell it to Iran, North Korea, or other nations? A disgruntled worker could make the damage caused by Bradley Manning look like nothing.
Topics: Information and Risk Management Security and Privacy Security Booz Allen saic nsa cybercrime Edward Snowden

HP's New All-Flash 3PAR Is 'All-Integrated' Under Existing Management Umbrella

As most of my recent blogs have demonstrated (and a few more will continue to do so over the next couple of weeks) we are right in the midst of the IT vendor event season. One of the bigger events is HP Discover, the venerable vendor’s annual customer and partner shindig. One has to feel a little sorry for taxi drivers in Vegas this week – after all there are at least two (that I know of) large IT events going on this week…and it’s not that easy for the uninitiated to strike up a conversation with all us geeks about low latency or the pleasing reduction in the use of quiescing as a ‘Plan B’ management tool: they’ll be glad when the porn, cars, and music award events are back, I’m sure!

Meantime, back to the topic in hand…

HP is of course an extremely diverse organization, but I’m mainly going to focus my comments on what it is doing in storage. That said, much of the commentary here centers on the company’s embrace of converged IT…something it loves as only an extremely diverse vendor can! Now, HP also loves its opportunity in storage as only a company that hasn’t historically fulfilled its potential well can. Much as HP has had some very robust storage successes down the years (think MSA, XP, and EVA) at HP success is a relative thing. To smaller organizations the literally hundreds of thousands of the above systems that have been sold would be great. But at HP the company’s share of the external storage market has for many years dramatically trailed its market share in servers and blades – meaning that it wasn’t even gaining what should have been its ‘captive’ share in storage. However, more recently, the situation has been showing signs of improvement – there’s been the acquisition of 3PAR, and the focused strategy of a renewed management team.

Topics: Storage IT Infrastructure HP flash 3PAR convergence

Dell Remains Publicly Optimistic as Privatization Draws Nearer

It is that season when big IT vendors parade their wares and their future plans in front of analysts, press and/or their customers. Just in the arena of storage it was EMC World last month, Microsoft after that (oh yeah, we’re hearing more and more about storage from this quarter…) and IBM, HP, Apple (it certainly causes a lot of storage!), and NetApp all have events of varying scales and intents this week. In the midst of this volume of ‘vendordom’ Dell managed to squeeze in not just one, but two events. At the tail end of May it held its analyst gathering just outside Austin, while the first week of June brought the Dell Enterprise Forum in Silicon Valley.

So, what did we learn? Well even the title of the latter event tells you plenty; Dell hasn’t always had much involvement in such events in the past but ‘real industry players’ conduct these sorts of things – and we know Dell wants to be a ‘real industry player’. Now of course you might say it’s odd that an organization that produces north of $50 billion in annual revenue wants to be a ‘real industry player’….clearly it is already one in many respects. But it’s an area where it has never really ‘cracked the code’ that clearly has its focus now: and that is to not only be a vendor that is just a supplier of things (albeit very useful things!) to enterprise organizations, but to be an enterprise vendor. As we all know that’s both a subtle distinction but it’s also a huge subtlety! After all, the ‘club’ doesn’t publish joining requirements – it kinda just happens. Much of the takeaway from the Austin get-together focused on how Dell is continuing its commitment to join the ‘enterprise club’ by moving its emphasis from ‘bits’ to ‘business.' It doesn’t just want to become an IBM or an HP, it wants to overcome them by applying to ‘enterprise capabilities’ exactly the same sort of M.O. that has worked for it elsewhere in the IT spectrum – in other words to achieve that rare mix of operational sophistication and efficiency together with excellent price performance. It sounds easy enough but actually delivering such a thing (and not just proclaiming it - as nearly every vendor does) is indeed tough. The combination even has a Dell name – “The Optimized Enterprise." Oh, and back to the name of the recent Dell event….it has morphed from various other component events (notably the Dell Storage Forum) so that now it is the Dell Enterprise Forum.

Topics: Storage IT Infrastructure Dell

Dell VRTX Enables IT to Get Its House Back in Order

On June 4, 2013, Dell announced VRTX as a critical piece of IT infrastructure that is poised to alter the way IT consumes and deploys IT infrastructure and to bring some sanity back to IT management and daily operations. The tiers of IT infrastructure continue to collapse in an effort to simplify IT procurement, implementation, management, and daily operations. IT pros may still want to cobble pieces together and stick with do-it-yourself (DIY) type for deployments, but let’s face it, this has led to a rats nest of equipment piled high and although it may all work, it creates risk for the business.

Dell VRTX is primarily suited for ROBO (remote office branch office), departmental IT, and for businesses that can consolidate the multiple facets of their business applications on to a single platform. You can look at the Dell VRTX website for all the speeds and feeds of the box, but the value is ultimately in simplifying IT infrastructure and the life of the IT administrator.

Topics: Cloud Computing Storage IT Infrastructure Private Cloud Infrastructure infrastructure

Mobile Data + Wi-Fi = f (SDN+Policy+Apps + NFV); a formula for convergence

Although asked in many different ways, questions about integration of mobile and Wi-Fi keep popping up from end-users, enterprises, service providers, and regulators. Mobile device users mostly ask about apps to avoid exceeding mobile data caps or the relative security of mobile vs. Wi-Fi networks. Enterprises want to know if they should consider adding small cells when upgrading access points for unified wireless communications or rather explore distributed antennae system (DAS) providers for in-building mobile coverage. Wire-line service providers building out public Wi-Fi are interested in monetizing mobile offload and ask, what's up with FMC, VoLTE, VoWi-Fi, and HD voice? Wireless spectrum regulators are concerned about for-profits "hijacking" Wi-Fi based free public Internet access but acknowledge the need to fund build-outs. And technology disruptor Google is exploring flying blimps with wirless gear over emerging nations to bring the next billion people online. Quite a few tough but interesting questions and issues for a wireless analyst to opine on!

Topics: End-User Computing IT Infrastructure Networking mobile software-defined networking

The Amazon Effect....Continued

This article was posted on Computerworld this AM (by me). It made me think about other crazy business models that aren't overtly logical - and how our behavior makes them take shape.

Topics: Cisco IT Infrastructure Networking Amazon software-defined networking SDN

Checking out my newest Storage Platform for under $2,000

After 22+ years in backup, I have become something of a storage geek on the side (or at least pretend to be one).

Topics: Storage Microsoft Replication IT Infrastructure Data Protection Information and Risk Management Jason Buffington Windows Server storage tiering

Why Blue Coat Acquired Solera Networks

A few weeks ago, Blue Coat Systems acquired Solera Networks. No one was surprised about the acquisition of Solera as it plays in the white hot big data security analytics market. That said, many people remain perplexed by the acquiring company. Several dozen reporters, vendors, and end-users have already posed a common question to me: Why Blue Coat?

Topics: Information and Risk Management Security and Privacy risk management incident detection

My thoughts on the Dell Annual Analyst Conference 2013

Even though I’m fairly new to all this, I find it interesting when large technology companies hold analyst events. Interesting because the events present a great opportunity for us to learn what the major message and strategy are going to be for the next 6-12 months. Sometimes these presentations are all very slick and polished and hard to get much out of them other than a few good sound bites. It is always important to listen for patterns and in the end, it is more about what the companies we follow do than what they say. Questions that come to mind are things like: Are they all on message? Is there passion and consistency in their strategies? Is it coming from the top down? What’s the hallway chatter around the coffee table? Etc.

This was my first time to Dell's analyst event so I can’t compare it to previous years. What I can say is the event was well run event with excellent access to executives. Heck, I even got to chat face-to-face with Michael Dell himself on the first morning. The presentations were not-kill-you-with-slide-ware, timed well, and had adequate time allotted for questions. All the execs spent time talking to us at the breakfasts, hallway, dinners, etc—the access and candor were outstanding.

Topics: Cloud Computing Storage IT Infrastructure cloud Private Cloud Infrastructure Networking Dell Compute Security and Privacy Security Converged Infrastructure Compellent DAAC Public Cloud Service

Emulex announces Virtual Network Exceleration technology at Microsoft Tech-Ed in New Orleans

This week attendees of Microsoft Tech Ed are getting their share of great food, music, and entertainment walking the streets of New Orleans. However, they are also there to learn about new and interesting technology from Microsoft and its partners. With all the interest in software defined networking, there will no doubt be plenty of discussion and announcements about SDN this week and Microsoft’s NVGRE solution. One of the interesting announcements came from Emulex as it threw its hat into the SDN ring.

It announced its forthcoming Emulex Virtual Network Exceleration (VNeX) virtual network offload technology. Thus bringing intelligent I/O systems into the SDN discussion, and more specifically the network overlay/network virtualization part of the SDN discussion. The concept is pretty straightforward: leverage the network controller to offload NVGRE header encapsulation process in order to accelerate the performance of Windows Server 2012 Hyper-V Network Virtualization. This would essentially remove the burden of that process from the server CPU, freeing it up to host more VMs. Taking a page out of the iSCSI offloading history books, the network controller, which now packs some impressive processing power itself, can maximize server CPU utilization and drive higher levels of performance in a network overlay/network virtualization environment. Ultimately, by deploying the network encapsulation process on the network controller, organizations could drive greater VM density on the server—which would then result in fewer physical hosts and reduced CAPEX and OPEX.

Topics: IT Infrastructure Networking software-defined networking

Video Blog: Data-defined Infrastructure

In a recent blog post, I talked about my software-defined-as-usual-were-focused-on-the-wrong-thing-first/index.html" target="_blank">misgivings about the marketing hype around "software-defined everything." Check out this video blog entry to see why we need to think about data-defined infrastructure, a model in which IT designs everything from the data outwards, in order to make sure that we store, protect, and deliver it in a way that supports the business to make money or save money.

Topics: Storage IT Infrastructure Networking Compute software-defined data