A Solid State of Affairs for Cloud

During my journey this year to the various vendor-fests I had the opportunity to meet a whole bunch of ‘wicked smart’ and passionate people. As a guy who was part of five startups (of which three were successful), I like to walk around the vendor floor and see what companies are doing new and interesting things. These are usually smaller booths with the top execs at them giving the person who stops by a chance to see if the company has the passion at the top as well as an ability to see how well they know the technology and the market.

During my most recent trip to DellWorld I got to do just that – spend a little time walking around and meeting some new companies. One of which is a company called SolidFire and frankly the name didn’t strike me (sorry guys) but the two people I got to chat with really did just that – passion and knowledge plus a great understanding of the market.

Topics: Cloud Computing Private Cloud Infrastructure SolidFire openstack Rackspace Cloudsigma Mirantis Red Hat Public Cloud Service

Microsoft and the Software Defined Cloud

Last week Microsoft made a slew of important announcements. The important thing to remember here is that while all the others are rabble rousing about cloud and ‘software-defined-something’ – Microsoft continues to build out a very well rationalized approach to converting its massive installed base from virtualization to cloud, just like it has done helping its customers go from physical to virtual. The truth is Microsoft has the software-defined data center already – they’ve been running it at scale for a decade and now they have packaged it up for everyone else with their Cloud OS.

Cloud OS is Windows Server 2012 R2, Hyper-V, Systems Center, and Windows Azure Pack. These are the core parts needed to build out an IaaS with Microsoft Windows Azure – on premises. Add to this Microsoft’s long heritage with .NET as a natural PaaS on top of the IaaS layer. Multi-tenancy, check--chargeback, check--single pane of glass managementm check--fidelity between private and public Azure, check.

Topics: Cloud Computing Microsoft Private Cloud Infrastructure Dell Windows Server Hyper-V CSP Public Cloud Service

Enterprise Organizations Identify Incident Detection Weaknesses

In the past, many large organizations spent about 70% of their security budgets on prevention and the remaining 30% on incident detection and response. Prevention is still important but given the insidious threat landscape, enterprises must assume that they will be breached. This means that they need the right processes, skills, and security analytics to detect and respond to security incidents effectively, efficiently, and in a timely manner.

Topics: IBM Cisco Information and Risk Management Security and Privacy Security Booz Allen Hamilton ForeScout Guidance Software Leidos Blue Coat Fidelis LexisNexis Bit9 CSC Anti-malware

Gigamon Expands Traffic Visibility Intelligence

Gigamon announced the next round of enhancements to its Visibility Fabric solution. The added features will help service providers and large enterprises deliver granular filtering and forwarding of relevant data across very large and rapidly growing network environments. This should ultimately result in more targeted information to feed management and analytics engines, which in turn will accelerate the ability of service providers and enterprises to create new services and make important business decisions.

Topics: IT Infrastructure Networking Data Analytics Gigamon

CloudWorld … I mean ... DellWorld

Last week was Dell’s annual user conference in Austin and while the weather was a bit cooler than I expected there – things are definitely heating up for Dell.

Cloud Partner Program – Dell announced expansions of its partner program, which now includes Microsoft Windows Azure, and CenturyLink, Google, and Accenture. They already had Peer1, Joyent, ScaleMatrix, and Zerolag. Here’s why I think these relationships are important:

  • Windows Azure – What better way to be part of a native hybrid cloud offering? Windows Server on-premises built on Dell systems (think Azure Cloud-in-a-Box) connected to Windows Azure public cloud and using Cloud Manager (formerly Enstratius) to manage it all. Cool beans if you ask me.
  • CenturyLink – Savvis and Tier 3 are now all folded into CentruryLinks' cloud offering with CenturyLink bringing the pipes, Savvis the data centers, and Tier 3 the cloud services. This today includes VMware and OpenStack service and my gut tells me Windows Azure is not too far away. Again, this provides a good set of opportunities for Dell including cloud-in-a-Box on-prem to connect a hybrid solution with CenturyLink based on VMware, OpenStack, or Azure.
  • Google – This is a win for Google and for Dell. For Google, it creates the momentum they need from the enterprise to be connected and hybridized with Google’s public IaaS and PaaS offerings. Google brings Android as well so there are many architectures and components that can be put to use. For Dell, it allows them to again create opportunities with their customers to help them enjoy the benefits of a hybrid cloud using Google for public and cloud-of-your-choosing-in-a-Box on-premises. All managed by Dell Cloud Manager.
  • Accenture – Big Enterprise? Dell Customer? Does your CIO have an ItaaS or Cloud Strategy – then let Accenture and Dell help you design, implement, build, and even manage your cloud for you. If you’ve been sitting on the fence worried about security, governance, and usage models – this is a great way to go.
Topics: Cloud Computing Azure Microsoft cloud Private Cloud Infrastructure Dell Amazon google Accenture Savvis Red Hat Tier 3 CenturyLink Public Cloud Service

Will Cisco enjoy the fruits of its ACI launch in 2014?

2013 has certainly been an interesting year for the SDN market. It was chock full of announcements from vendors outlining their SDN vision and roadmap. Probably the biggest and most anticipated announcement came from the current network market leader, Cisco.

Topics: Nuage NetSocket BigSwitch Vello PLUMgrid

Addressing advanced malware in 2014

In the cybersecurity annals of the future, 2013 may be remembered as the year of advanced malware. Yes, I know that malware is nothing new and the term “advanced” is more hype than reality as a lot of attacks have involved little more than social engineering and off-the-shelf exploits. That said, I think it’s safe to say that this is the year that the world really woke up to malware dangers (advanced or not) and is finally willing to address this risk.

So how will enterprise organizations (i.e., more than 1,000 employees) change their security strategies over the next year to mitigate the risks associated with advanced malware threats? According to ESG research:

  • 51% of enterprise organizations say they will add a new layer of endpoint software to protect against zero day and other types of advanced malware. Good opportunity for Kaspersky, McAfee, Sophos, Symantec, and Trend Micro to talk to customers about innovation and new products but the old guard has to move quickly to prevent an incursion by new players like Bit9, Bromium, Invincea, and Malwarebytes. The network crowd (i.e., Cisco, Check Point, FireEye, Fortinet, and Palo Alto Networks, etc.) may also throw a curveball at endpoint security vendors as well. For example, Cisco (Sourcefire) is already selling an endpoint/network anti-malware solution with a combination of FireAMP and FirePOWER.
  • 49% of enterprise organizations say they will collect and analyze more security data, thus my prediction for an active year in the big data security analytics market – good news for LogRhythm and Splunk. Still, there is a lot of work to be done on the supply and demand side for this to really come to fruition.
  • 44% of enterprise organizations say they will automate more security operations tasks. Good idea since current manual security processes and informal relationship between security and IT operations is killing the effectiveness and pace of security remediation. Again, this won’t be easy as there is a cultural barrier to overcome but proactive organizations are already moving in this direction. If you are interested in this area, I suggest you have a look at Hexis Cyber Solutions’ product Hawkeye G. Forward thinking remediation stuff here.
  • 41% of enterprise organizations say they will design and build a more integrated information security architecture. In other words, they will start replacing tactical point tools with an architecture composed of central command-and-control along with distributed security enforcement. Good idea, CISOs should create a 3-5 year plan for this transition. A number of vendors including HP, IBM, McAfee, RSA Security, and Trend Micro are designing products in this direction with the enterprise in mind.
Topics: IBM Check Point Palo Alto Networks Fortinet Cisco IT Infrastructure Information and Risk Management Sourcefire FireEye HP McAfee Security and Privacy Security endpoint security Kaspersky LogRhythm trend micro bromium Symantec Invincea antivirus RSA Security Sophos Bit9 Anti-malware Hexis Splunk

A Distribution of Assets: Cloudera in the Big Data Era

Let’s start with this week’s puzzler:

What can store everything, but has no mass of its own?

Topics: Analytics Big Data Data Management & Analytics Hadoop Enterprise Software Cloudera

Strong opportunities and some challenges for big data security analytics in 2014

My friends on Wall Street and Sand Hill Road will likely place a number of bets on big data security analytics in 2014. Good strategy as this market category should get loads of hype and visibility while vendor sales managers build a very healthy sales pipelines by March.

Topics: IBM Hadoop Information and Risk Management HP McAfee Security and Privacy Security big data security analytics SIEM Raytheon Narus 21CT Leidos Booz Allen RSA Cassandra netSkope click security Anti-malware Hexis

Microsoft Cloud OS Network Strengthens Weak Link

Topics: Cloud Computing Microsoft IT Infrastructure Private Cloud Infrastructure Networking Windows Server Public Cloud Service

It Could Be a Very Happy New Year for FireEye

Ah, December. Time to reflect on the past year and look ahead to 2014. In retrospect, 2013 was a banner year for the security industry as the world finally woke up to the very real perils of cybersecurity. Of all the many events of this year, however, FireEye’s IPO may have trumped them all. As I write this blog on December 11, 2013, FireEye’s market cap is just north of $4.5 billion. Wow!

Yup, Wall Street loves a hot market and a timely IPO – check and check for FireEye. Okay but when the New Year’s Eve champagne turns into the New Year’s Day hangover, what’s in store for FireEye in 2014?

Topics: Palo Alto Networks Fortinet Cisco Information and Risk Management Sourcefire FireEye Security and Privacy LogRhythm trend micro Blue Coat Firewall Anti-malware APT Hexis

Counter Service or Drive-Thru Storage?

OK, well the title might be something of an exaggeration today, but I think we can all see the writing on the wall in terms of changes to the way that storage ‘gets done.' This is not an immediate change, for sure, but the green shoots of the change are evident even now in many of the start-up vendors and all the inference (if not yet all the direct talk) of software-defined storage/networking/insert-your-favorite-IT-resource-here.

Topics: Storage IT Infrastructure

Real-Time Big Data Security Analytics for Incident Detection

I’ve spent the last year or so doing research on the burgeoning field of big data security analytics. Based upon the time I’ve spent on this topic, I’m convinced that CISOs are looking for immediate help with incident detection, so they will likely focus on real-time big data analytics investments in 2014.

What do I mean by real-time big data security analytics? Think stream processing of data packets, network flows, and metadata looking for anomalous/suspicious network activities that provides strong indication of a security incident in progress. A multitude of vendors including ISC8, 21CT, Click Security, Hexis Cyber Solutions, IBM, Lancope, LogRhythm, Netskope, RSA Security, SAIC, and Solera Networks (and others) play in this space.

Topics: IBM Information and Risk Management Security and Privacy Security big data security analytics SIEM LogRhythm incident detection 21CT ISC8 CISO NetFlow Lancope netSkope click security Hexis Cyber Solutions

Another Cool Vegas Attraction

This past April, I travelled to Sin City (for the first time in my life) to attend the Microsoft Management Summit (MMS). Being my first trip to Vegas I wasn’t quite sure what to expect and of course I was not let down by the pure extravagance of everything. People, food, entertainment, gambling…I swear this place was designed by a group of people with the worst forms of ADHD. The fortunate (or unfortunate, depending on how you look at it) part was that I was there for a tech conference, so my experience was a little less overwhelming.

For those who attended MMS, I’m sure you’re familiar with arguably the coolest part of the event, the hands-on and instructor-led labs. You can sit down and test out a number of Microsoft management technologies in your very own virtualized environment at your own pace. The best part? Who cares if you break something, because you can just start over! The setup this year had 650 different lab stations and let me tell you, the seats were rarely empty. People were getting kicked out late at night because the event team needed to get some sleep. Each lab consisted of numerous VMs with specific amounts of memory, processing power, storage, and network resources. For example, even the fairly simple Service Delivery and Automation Lab used four VMs, 15GB of RAM, 15 virtual processors, 280GB of storage, and two virtual networks.

Topics: Cloud Computing Microsoft IT Infrastructure Private Cloud Infrastructure HP Virtualization Microsoft Management Summit private cloud

Analytic Power to the People: Alpine Data Labs & MarkLogic

Last week was the standing room only Data Science Summit, brought to you by Venture Beat, and the message was clear: Big Data is here in force and the elite of the IT world are all over the opportunity. The tech is maturing, the applications are endless, and the results are staggering. The VCs smell money, the entrepreneurs see bragging rights, and it’s the revenge of the nerds. If you can legitimately lay claim to the title “Data Scientist,” this is your time to shine, everyone needs your mad skillz, yo. You can find the answer, then find the question. You can make your employer a fortune in new customer revenues. You can find them a fortune in operational efficiency savings. You can save them a fortune in eliminated risk of bad guesswork.

The problem is this: our saviors are not legion. Few people have the perfect blend of business savvy, IT wizardry, and analytical expertise. So what’s an organization to do? Three strategies are prominently emerging:

  • Bid BIG: find the newly minted data masters and give them whatever they ask. Hire the best and brightest academic minds, and then hope they are half as good as promised.
  • Buy BIG: select a team of experts from a management consultancy, systems integrator, or service provider. Sign the line with a team of hired guns and do everything you can to learn the dark arts before they ask for contract renewal.
  • Go BIG: let your fingers do the walking and pick the product that does the talking for you. As big data becomes mandatory, a few companies are twigging on the fact that there’s got to be a better way. Enter MarkLogic and Alpine Data Labs.
Topics: Analytics Big Data Data Management & Analytics Enterprise Software data science

New Math: Virtualization plus DPaaS = BC/DR!

Maybe that is overly-simplified, but not by much. Virtualization makes servers (and their associated storage) portable, while Data Protection Services provide alternate locations and expertise that many organizations of all sizes have been desperate for.

Topics: Data Protection Information and Risk Management Jason Buffington business continuity disaster recovery BCDR

Holiday Shopping? Android, Apple, or Microsoft

Have you ever noticed how we are all considered IT experts come the holiday time? Brothers, mothers, grandfathers, aunts, cousins and close friends all turn to us for their latest technology purchasing decision. Since I am a bit of a gadget guy, I enjoy these conversations. It’s fun to step through what they think they want and what they actually need. Here are a few of my observations:

  • Apps matter. If you currently rely heavily on an application or a set of applications from a specific app store and an app of equal or better functionality is not available on a competing app store, the decision is pretty simple. Stick with your current platform of choice. Upgrade if you feel you need a new form factor (viewing size) or the latest high resolution experience. This scenario is most often observed with current Apple users.
  • Form factor: I’m personally a new fan of the phablet. Here is why. If you want one device that can handle 90% of your computing activity the phablet works very well. The viewing size is usable for many tasks that include web browsing, a richer experience with apps due to the larger viewing size, and I have found that you can be productive on the device as opposed to smaller form factors I have owned. Ignore your friends when they ask “how does that fit in your pocket” and “that thing is the size of your head." I carry it around just fine and with a headset (I use a wired one) I rarely if ever hold it to my head and when I do it works fine. Dare I go as far to say that the iPad Mini would be a fantastic device if you could make phone calls with it.
  • Work and play. It’s really work and personal unless you are a big gamer. The ideal device enables you to use it as a work and personal device. This boils down to a device that has a keyboard so you can input at a reasonable rate and touch so you can interact with apps and the workspace very efficiently. I have used many devices in the work/ personal environment and right now you will be hard pressed not to look at some of the new Microsoft devices. Whether it is the Surface or touch-enabled Windows 8.1 devices from Microsoft partners, the work/personal experience is tough to match. You basically get a productive work experience with Windows apps and enjoy the tablet touch experience. With that said, apps for Windows are getting better, but still need some attention

I’m real impressed with the number of devices that are sub $400. So if you find yourself advising friends and family, start by looking at the Windows Surface, Apple iPad Mini, and the Kindle Fire HDX. These devices are all VERY capable. Side Note: Have fun decoding all the commercials on TV with your take on them and explain what really matters. My prediction is:

  1. If the user is already an Apple consumer and heavy user of apps, then the Apple products are pretty sticky. Be prepared to still pay a price premium, it's not the perfect match between work and play, but it comes with great support from the genius bar at the Apple retail stores.
  2. If the user isn’t an Apple fanboy and Microsoft productivity apps are not important, then the Kindle devices can be a great match. Do your homework here first and double check that the functionality matches requirements and be ready to enjoy the gateway into Amazon.
  3. If the user is a Microsoft Windows user and wants a touch-enabled experience, the new Windows 8.1 devices are an ideal match. Windows 8.1 touch does involve a little bit of seat time to get used to the gestures and the apps in the app store still need work, but the devices deliver a solid work/ personal experience.

Have fun! Every situation can have its uniqueness, but some basic questions about apps, form factor, and how they plan to use the device will quickly boil choices down. And don’t forget about the phablet. Go visit the retail stores and try out devices like the Nokia 1520 and Galaxy S4. Now I need someone to convince me why I need one of these ridiculous cellphone watches.

Topics: Apple Microsoft End-User Computing Endpoint & Application Virtualization mobile Amazon android endpoint devices

Forbes Article Talks About Actifio and EMC - A Point of Clarification and How To Make A Few Billion Dollars

First, I can't believe that after changing the name of ESG from Enterprise Storage Group to Enterprise Strategy Group almost 13 years ago, I still got called the former in this Forbes Article.

Topics: Storage EMC IT Infrastructure Actifio

Ignoring Microsoft is Risky

For all the years I have been in IT, it’s been easy to poke at Microsoft. Whether it has been blue screen of death, countless hours rebooting, or performance slumps on the desktop. Over time, it’s been fun to join in on the fodder, no matter your level of knowledge of skillset. We also all like the underdog, and with Microsoft as such an active player in technology, it’s more entertaining to cheer on the alternative players in the IT market. This is all good fun and one of the many aspects that makes the technology industry so much fun to participate in.

But, have you been watching Microsoft lately? Did you know that amongst its CEO transition that the stock closed at a 13 year high yesterday: Microsoft Closes At $38.94, Its Highest Point In 13.38 Years. Are you aware of the strides they have made with Windows Server 2012 such as the ones we blogged on with 3-highlights-with-microsoft-windows-server-2012-r2/index.html" target="_blank">3 Highlights with Microsoft Windows Server 2012 R2. How about that Surface? Man did it get killed in reviews back at the beginning of the year and you would be hard pressed to find any positive take on the device, but now you can: Surface Brings Together the Best Microsoft Has to Offer, Company Exec Says and New York Times: Microsoft Produces a Winner in Tablets.

Topics: Cloud Computing IT Infrastructure Private Cloud Infrastructure Public Cloud Service

Security Professionals Report Weaknesses in Malware Prevention Processes

As the old adage states, “security is a process, not a product.” True, but understated. In reality, enterprise security is a plethora of processes requiring constant management and oversight. Your organizations can be fabulously adept in 99% of all security processes but weaknesses in the remaining 1% can still result in massive vulnerabilities.

In a recent research survey, ESG asked enterprise security professionals (i.e., more than 1,000 employees) to pinpoint security process weaknesses as they relate to malware prevention. Here are the top five weaknesses identified:

  • 29% of security professionals identified a weakness with providing cybersecurity training to non-IT employees. This comes up often but this assumes that cybersecurity training for non-IT employees is somehow effective. Do we really think we can make Mary in accounting a CISSP? I’m being a wise guy here but I hope you get my point. In this era of sophisticated malware and social engineering, we really need some new research to understand the effectiveness of cybersecurity training, and the degree at which it becomes worthless (and expensive) overkill.
  • 22% of security professionals identified a weakness with providing cybersecurity for IT staff. Okay, this seems like a problem to me. I suggest that CISOs and CIOs fight for budget dollars and formal programs here.
  • 19% of security professionals identified a weakness with patching systems in a timely manner. This too should be addressed. Is there a problem in the workflow between security and IT operations? Is there tight management of the trouble ticketing system? Are there SLAs in place?
  • 19% of security professionals identified a weakness with writing custom IDS/IPS rules based upon threat and vulnerability intelligence. This may be okay if IDS/IPS vendors and open source communities take care of this but it is still worth looking at. Progressive organizations with strong CISO leadership use IDS/IPS on a proactive basis as a layer of defense for risk management. Given this, it may be worthwhile to invest in this area.
  • 17% of security professionals identified a weakness with deploying IT assets in hardened configurations. This is also a red flag to me as it a fundamental best practice. Are there security templates in place? Is someone circumventing standard processes? Are there formal reviews for configuration and change management? These kind of deployment problems also hint at rogue (i.e., unknown) assets on the network. Look for these as well.
Topics: Information and Risk Management Security and Privacy

vBlog: Every Data Protection Architecture should be "Hybrid"

Maybe not “every” – but certainly more than “most” – data protection architecture should be “hybrid,” meaning that it should include disk-, cloud-, and yes tape-based recovery components. Why? Because each has a legitimate set of use-case scenarios and attributes that lend each medium type to different data protection goals.

I previously blogged that every the-spectrum-of-data-protection/index.html" target="_blank">Data Protection Spectrum (strategy) should include a full range of colors (Backup, Snapshots, Archive, Replication, etc.), because each individual “color” has different and complementary recovery/retention characteristics.

Topics: Data Protection Information and Risk Management Jason Buffington Hybrid Backups

Edward Snowden Beyond Data Security

Nearly every day, some security vendor reaches out to me describing how its products and services could have prevented the Edward Snowden public-disclosure of NSA surveillance programs. These vendors talk about strong authentication, privileged account auditing, sensitive data controls, etc.

Topics: Information and Risk Management Security and Privacy

The Big "Big Data" Data Event

Black Friday has come and gone, and undoubtably generated many metric tons of data on consumer shopping behavior for eager marketeers to analyze. Here at ESG, we have our own special event in store for you. The first annual Big "Big Data" Data Event is kicking off and we'd like your input. We plan to survey several hundred technology and business decision makers on their data strategies, spending priorities, expected outcomes, and real world results.

Topics: Analytics Big Data Data Management & Analytics Enterprise Software business intelligence