3 Highlights with Microsoft Windows Server 2012 R2

With any server operating system upgrade, IT is always looking for the hooks that help motivate the upgrade process and deliver additional value. Sometimes it is as simple as better performance, a single feature that has been a long time coming, or something that simply snaps into an IT policy and waits out any bumps from the early adopters. By now IT shops should have solid exposure to Windows Server 2012, blipped through SP1, and are now ready to focus on R2. As IT pros research and learn about Windows Server 2012 R2 deployment opportunities, they should be aware of these three potential impacts:

Topics: Cloud Computing Storage IT Infrastructure Private Cloud Infrastructure Networking Compute

A Softer View of Cloud Platforms

In this post-hardware world, the software view of cloud platforms continues to evolve rapidly. In fact, I think we need to think about the platforms themselves a little differently. For the past few years, we’ve kind of thought of cloud as either public or private. I’d like to think we’ve evolved our thinking along with the capabilities of the platform companies to include a more hybrid perspective and we have to include the end-user side of things by including endpoint software as well. I’d argue for including endpoint software supported both by what the cloud platform vendors are doing/investing in as well as the fact that one of the cloud tenets is ‘broad network access’ (from NIST). My definition of broad network access is access from any device, anywhere, to any cloud service. I created following table for a forthcoming publication on cloud platforms that shows how I think of what the vendors are doing in this space – which continues to change rapidly. For example, Amazon is now shipping a Kindle based on Android and VMware just bought DeskTone to add VMware’s ability to provide desktop-as-a-service.

Topics: Cloud Computing Azure Microsoft VMware Amazon google Citrix openstack AWS

Enterprise Security Professionals Offer Their Suggestions for U.S. Governement Cybersecurity Programs

According to ESG research, 66% of enterprise security professionals believe that the U.S. federal government should be doing significantly more or somewhat more to help the private sector cope with the current cybersecurity situation and threat landscape.

Topics: Information and Risk Management Security and Privacy

Dell VRTX Wraps in Additional Features

Earlier this year, Dell introduced its PowerEdge VRTX into the market with a goal of simplifying IT infrastructure for midmarket customers and ROBOs (remote office branch office). Further details and insights are located in this blog and ESG brief:

Topics: Cloud Computing IT Infrastructure nutanix

Security Professionals Want More Government Cybersecurity Action

Now that the federal government is working again, I was wondering: What ever happened to cybersecurity legislation? As far as I can tell the Cybersecurity Act of 2013 (S.1353) and CISPA are dead-in-the-water right now. Why? Edward Snowden and NSA programs put the kybosh on public trust (especially International trust) and Congress has other things it would rather fight about.

Topics: Information and Risk Management Security and Privacy

Trend Micro’s Push for Enterprise Security

When you think of the leading enterprise security vendors, which companies come to mind? Perhaps it’s the network security crowd like Check Point, Cisco, and Juniper. Maybe it’s the big system vendors like HP and IBM, or it could be traditional security firms like McAfee and Symantec. These are the usual suspects here in North America, but it may be high time to include a company that already has this profile in Asia – Trend Micro.

I say this because I attended the Trend Micro analyst event last week and came away quite impressed. I believe Trend Micro is well positioned for the ongoing enterprise security transition as large organizations replace disconnected point tools with an integrated enterprise security architecture. Trend Micro can capitalize on this evolution because it offers:

  • Integrated solutions. Yes, Trend Micro still sells discrete products but it can also play an integrated solutions card to trump lethargic competitors and one-trick-pony startups. For example, Trend’s Deep Discovery advanced malware detection ties into its web and email gateways, endpoint security software, and central management console. Rather than simply detect malware, this gives Trend the ability to address the threat lifecycle as it can detect, analyze, adapt, and respond to malware. Trend is also intent on combining product features into simple product bundles to ease security deployment and operations.
  • End-to-end coverage. IT is changing quickly with the adoption of cloud, mobile, and virtual technologies. Trend Micro is addressing these changes in a number of ways. For example, its Deep Security suite can support physical servers, VMs, and cloud-based workloads. To facilitate this, Trend is working closely with VMware and Amazon and plans to engage others. Trend also supports endpoints whether legacy PCs, Macintosh, or mobile devices.
  • Ubiquitous cloud support. Trend was one of the first vendors to support on-premises products with its “Smart Protection Network” cloud. Now, Trend is applying its deep cloud intelligence and infrastructure in multiple areas such as advanced threats, mobile security, and intelligence sharing. Trend also has a healthy mix of MSSP offerings and plans to expand this portfolio moving forward.
  • Technical feet-on-the-street. Several customers crowed about the help they received from their Trend Technical Account Manager (TAM). Of course, they pay for this help but security professionals claim that their TAMs really pay for themselves by providing threat intelligence and helping them maximize protection. This is especially valuable given the current security skills shortage.
  • A burgeoning channel presence. Trend trotted out an array of partners including Arrow, CSC, Dell, and SAP. Trend hopes that the combination of specialization (i.e., CSC in the Federal space, SAP, etc.), scale, skills, and reach will carry it into more deals with more trusted partners.
Topics: Cloud Computing Information and Risk Management Security and Privacy

Software Defined - Defined

Spectra “Deep Storage”: Disk "Pales" in Comparison to Tape Buckets?! - includes video

At its recent announcement event Spectra laid out a bold and compelling move to make tape a more attractive place for organizations to store less-active-but-still-important data for the long term. While it can still be a contentious issue at times (not surprisingly, for some vendors don’t have tape in their portfolio!) the fact is that tape remains the least expensive digital storage media in terms of cost/TB and TCO. However, despite many advances in tape reliability, handling and ease of use over recent years, the tape industry has struggled mightily to shake the image in certain user-quarters of being something you’d want to avoid if you can, and something not well suited to the contemporary IT era.

As the following video shows, that could well all be about to change as a result of Spectra’s DS3 and BlackPearl announcements:

Topics: Cloud Computing Storage End-User Computing IT Infrastructure Data Protection Information and Risk Management Mark Peters Jason Buffington Content Management Search Tape Storage Archiving

Is this an Oxymoron? Managed Private Cloud

Private cloud, public cloud, hybrid cloud, the hardly mentioned community cloud, and now managed private cloud. How many cloud variants do we need? I have to say I was skeptical at first – why would an enterprise want a managed cloud on-premises? Then I heard the pitch from a company called Metacloud, was still skeptical, but then I realized I’d actually seen a few more companies doing this – some on-premises, others off-premises.

Let’s face it: Transforming a virtualized data center (assuming you get that far) to a private cloud with on-demand/self-service provisioning, and service catalog, all automated and orchestrated, is hard to do and can be very expensive.

Topics: Cloud Computing public cloud private cloud Mirantis

Software Defined = Everything Is A Server (Bye Bye Storage, Bye Bye Networking...)

You were supposed to sing that title to the Everly Brothers, by the way.

The Keys to Big Data Security Analytics Solutions: Algorithms, Visualization, Context, and Automation (AVCA)

ESG research indicates that 44% of organizations believe that their current level of security data collection and analysis could be classified as “big data,” while another 44% believe that their security data collection and analysis will be classified as “big data” within the next two years (note: In this case, big data security analytics is defined as, “security data sets that grow so large that they become awkward to work with using on-hand security analytics tools”).

So enterprises will likely move to some type of big data security analytics product or solution over the next few years. That said, many CISOs I speak with remain confused about this burgeoning category and need help cutting through the hype.

Topics: IBM Check Point Palo Alto Networks Cisco Hadoop Information and Risk Management HP McAfee Security and Privacy Security big data security analytics SIEM Narus LogRhythm 21CT RSA Security SilverTail LexisNexis Solera Networks Lancope click security Hexis Cyber Solutions Splunk

McAfee Advanced Threat Detection: A Sign of Things to Come

With the glitz and glamour of Las Vegas as a backdrop, McAfee rolled out its Advanced Threat Defense (ADT) strategy last week.

Topics: Palo Alto Networks Information and Risk Management FireEye Security and Privacy Solera Networks Bit9

Empirix becomes part of Thoma Bravo family

This morning the private equity firm Thoma Bravo announced it had signed a definitive agreement to acquire industry leading network management firm Empirix.

Topics: IT Infrastructure Networking network management

Network Forensics: A Burgeoning Big Data Security Analytics Category

According to ESG research, 49% of enterprise organizations suffered a successful malware attack over the past two years (note: “successful” implies that the malware compromised an IT asset and caused some type of impact such as a system re-imaging, data theft, downtime, etc.). Of these firms, 20% suffered 10 or more successful malware attacks.

Obviously, malware is circumventing existing security controls and not triggering any alarms on traditional SIEM tools. So what can organizations do to improve their malware detection and response capabilities? Many are turning to network forensic tools. Wikipedia defines network forensics as follows:

Topics: Networking Information and Risk Management Security and Privacy NetWitness

It Takes a Village: The Splunk User Conference 2013

When IBM distributed its operating system in the 1950s, it actually sent the source code to its customer base. Many IT shops then actually modified the operating system with their own customized code.

Topics: IBM Apple Information and Risk Management Security and Privacy Security big data security analytics SIEM security intelligence log management F5 Security Management Splunk

Interop 2013 - NYC Edition

Thankfully, with the Acela working again, I was able to spend the day at the Javits center with the newest member of ESG networking team, Will Reich, speaking with IT decision-makers and practitioners, attending presentations, and visiting with vendors (and see demos) at the Interop Show. While not the same size and scope as the spring show, the trip to NYC is far easier than Vegas and there were a good number of attendees for the show.

Topics: Huawei Cloudsigma

Playing the Match Game, with Cloud Services

As more cloud service providers come online, the choices seem to just get harder and harder to make. This one has one technology stack, that one has doesn’t share what technology they are using, this one has white glove support, that one tells you to fend for yourself, this one has a different SLA for each service. And the list goes on. How does an IT department or a procurement department make the right decision when it comes to selecting a CSP?

Several companies have come up with a way to solve part of the problem by providing a service catalog with a broker interface that a company can use to select which cloud service to use for which workloads. While this helps a lot when the person selecting and provisioning them knows what to choose, this doesn’t really help the person who doesn’t know what makes one match their requirements. Finding out the capabilities of different providers can be hard to do – it may be spread all over their website and service catalog/portal, it may be in whitepapers, it may take a sales call. And imaging what all this is like for the procurement person?

Topics: Cloud Computing cloud service provider Public Cloud Service

Oracle Open World – A Sea of Red [White and Blue] - includes video

Whether you wanted to or not, it was impossible to avoid the America’s Cup racing at OOW ’13. The races themselves were broadcast (live when possible) at the event, there was merchandise available, there were comparisons and metaphors aplenty, and there was Larry Ellison beaming from my hotel TV as I got up each morning. The expected sea of Oracle red was punctuated by the fervor of red, white, and blue….

So, let me just get this out of my system. As everyone knows by now, Mr Ellison delegated his prime Wednesday keynote to Mr Kurian, and that means that the final score from San Francisco, as best as my semantically-twisted mind could tell, was:

Topics: Storage IT Infrastructure Oracle Open World Oracle