The Mike Brown Era – and the Associated Pressure – Begins at Symantec

Last Thursday, Symantec announced that interim CEO, Mike Brown, has assumed this role on a permanent basis. Wall Street wasn't exactly dancing a jig when it heard the news; the stock was down from after-hours trading on Thursday through the close of the market on Friday. In fact, of the 28 analyst recommendations currently tracked on Yahoo Finance, 20 are issuing a “hold” recommendation and only 3 classify Symantec as a “strong buy.”

Wall Street’s lukewarm reaction to Mike Brown represents what he and the company face moving forward. The market at large (i.e., investors, IT managers, potential employees, etc.) was expecting new blood when Symantec terminated Steve Bennett and promised an “extensive search” for new a new leader and apparently interviewed 100 candidates with 33 seriously vetted for the top job. When Brown was handed the job last week, market cynics quickly concluded that the company couldn’t attract a visible software leader or an inept board wasted time and money before realizing that Brown was the right person for the job. Right or wrong, Symantec faces these and lots of other negative perceptions.

Topics: Storage Data Management & Analytics Information and Risk Management Security and Privacy

More Alarming Data on the Cybersecurity Skills Shortage

ESG recently published a new research report on network security titled Network Security Trends in the Era of Cloud and Mobile Computing. Within this project, ESG asked 397 security professionals working at enterprise organizations (i.e., more than 1,000 employees) to rate their security teams in a number of network security areas. Once again the data points to a pretty substantial skills gap:

Topics: Network Security Cybersecurity Information and Risk Management Security and Privacy cybersecurity skills shortage

HP's New Free-defined Software-defined Storage

While the title of HP's press release today may have just a smidgeon of hyperbole ("HP Makes Software-defined Storage Available to the World"), what it covers is indeed significant. Before I comment, the gist is this: Purchasers of Intel Xeon E5 v3 processor-based servers can now get a no-cost 1TB HP StoreVirtual Virtual Storage Appliance (VSA) license. That VSA is not an appliance per se, but it is software that applies common storage functionality using the storage that is typically provided as a part of any server purchase. It is well proven, as it is in essence the management system that attracted HP to buy LeftHand.

Topics: Storage Lenovo

Cisco, FireEye Announcements: A Microcosm of the Enterprise Cybersecurity Market

Just as the leaves started to turn here in New England, I headed out to the Silicon Valley last week to present at an IT event. While I was in California, there were two announcements that illustrate the state of the cybersecurity industry.

Topics: Information and Risk Management Security and Privacy

Larry Ellison's Softwar: The War to End All Wars?

Larry Ellison is the last of the accomplished first generation founder/CEOs to step down. Larry and Oracle’s impact in IT has been remarkable and will persist for years to come. Although IBM was responsible for developing the relationship architecture that made relational databases tick (Codd and Date), Larry and Oracle emerged as the most successful vendor of RDBMS products. IBM, Informix, Sybase, and Oracle competed intensely during the 1990s and marketing messages sometimes got personal. Whether or not nature or nurture was the driving force behind Larry is hard to say but the result was that Oracle established market leadership thorough a combination of continuous product innovation and faster cycle times. The impact was that Oracle rose to become the largest RDBMS vendor in the world.

Oracle continues to drive high levels of innovation into its database which has allowed the company to remain differentiated as the relational market matured while simultaneously justifying a price premium for their product. While Oracle has become a company that customers love to hate, data management is so mission critical to every organization that data management products have an incredible stickiness. This combined with the fact that it’s hard to get sacked by recommending Oracle has helped Oracle gain an amazing amount of account control. As Oracle’s database business began throwing off an increasing amount of cash, this has helped Oracle expand into a variety of related markets through internal development and acquisition. However, this expansion has not been easy. Oracle’s efforts to build an application server largely failed resulting in the acquisition of BEA and their market leading product. While this is a story that would be played out repeatedly regarding technology, Oracle marketing must be given significant credit for focusing attention on the positives. Larry’s obsession with being #1 and making sure there was appropriate market awareness around these facts and claims is legendary. But it’s hard to argue with the results.

Topics: Application Development & Deployment Enterprise Software database Oracle rdbms

Permabit SANblox: Fitting More Bricks in Storage Buildings

Permabit just made a move that has the potential to be very interesting. It has taken its Alberio deduplication and compression abilities and packaged them into an appliance so as to be able to - essentially - retrofit data reduction capabilities to installed FC SANs. Of course data reduction is nothing new per se; various efforts have been made by the “mainstream” vendors for their “mainline” products over the last few years but without a huge success….although maybe because such efforts have not been wholeheartedly embraced at the sales tip of the spear, given that they almost certainly lead to lower capacity sales. However, as the saying goes, the times they are a’changing: Data reduction is cool, embraced and promoted by the newer vendors, and – with the cat thus firmly out of the bag – there is an undercurrent of pressure for it to be more widely available. There are few if any realistic reasons to not use it….well, except, ahem, for the fact that it ain’t available on most of the common products in use (and indeed still being sold) today.

Thus the new SANblox move by Permabit is intriguing - not to mention potentially lucrative - for a number of reasons:

  • Dedupe has for the most part been, until now, a key ingredient in the special sauce by which the all-flash vendors (especially) get to say that they can get their product cost down to a level similar to spinning drives; if existing FC SANs can now easily, and at low risk, add that same function then the price delta could be expanded again.
  • There’s a likely performance boost as much as the $$ motivation. And, also, of course the function will still work as and when users upgrade to other newer devices from their favorite vendors that have (oh yeah….) the Permabit software included.
  • Permabit is a proven piece of software- also it has made installation really easy while also providing HA via synchronous writes to ensure data safety. Its own testing shows data reductions typically run in the 4-6X range.....in other words, for many workloads you might only need 15-25% of the storage space you thought you needed. That’s no small improvement when you look at the cost of storage systems!
  • It has the ability to be a "pull" technology....as users get to know it can be done they might well exert pressure on their vendors to support it. Key products from major vendors such as EMC, NetApp, Dell, and Hitachi have already been qualified…..one cannot imagine that such traditional vendors are all 100% thrilled at the prospect of such pixie dust being sprinkled on their systems, but –equally – their pragmatism and desire for account retention could conceivably actually drive them to desire to sell less capacity!!
  • Why would vendors do that? Well....
    • they need more efficiency tools to stem and manage general storage growth; indeed getting more back-end efficiency might not translate to less revenue as users are likely to continue to spend the same budgets but be able to do more for those budgets. As always, there’s plenty of actual and nascent capacity growth to go around.
    • it's a bit like things such as vVols from VMware. As a “traditional” vendor you might not like it but you have to be seen to be a part of the contemporary world.
    • increasingly vendors are making - and going to make – more of their money from software and so squeezing more capacity out of the back end HDDs isn't as painful for them as it once might have been.
Topics: Storage IT Infrastructure deduplication compression

Why Doesn't IT Back Up BYOD?!

ESG recently started offering TechTruths... single nuggets of data and the analyst perspectives of why they matter. Check out all of them via the link above, but here is my favorite so far on BYOD data protection:

Topics: Backup Data Protection JBuff Information and Risk Management endpoint BYOD

Microsoft ruling hurts all US cloud providers

A few months ago, the US government did a completely insane, and massively far reaching thing - it forced Microsoft to hand over e-mails and personal information of customers of US companies on a server that is in IRELAND.

Topics: Cloud Computing Microsoft Amazon google cloud service providers US government Public Cloud Service

Hadoop Clusters Made Easy at Alice's Restaurant

A lot of people talk about "democratizing big data" and providing more analytics-based insights to more of the business. This has obvious value, and being data-driven in decision making is a fundamental principle of most initiatives. There are differing approaches to this, however. Some believe the best way to achieve democratization is through pretty dashboards and pictures, and, as Arlo Guthrie once said, they had "twenty seven 8"x10" color glossy photographs with circles and arrows and a paragraph on the back of each one, explaining what each one was, to be used as evidence against us." While I love a persuasive data visualization as much as the next guy, well, this only solves part of the problem.

Topics: Analytics Big Data Data Management & Analytics Hadoop Enterprise Software bluedata

Dot Hill - A Video Look Behind the Engineering Scenes

Storage isn't all about the IOPS and TBs. It has to work, be usable, and indeed get to its place of use along the same roads (with the same potholes and construction) as anything else.

Topics: Storage IT Infrastructure Mark Peters Dot Hill

HDS bought Sepaton ... now what?

Have you ever known two people that seemed to tell the same stories and have the same ideas, but just weren’t that into each other? And then one day, BAM, they are besties.

Sepaton was (and is) a deduplication appliance vendor that has always marketed to “the largest of enterprises.” From Sepaton’s perspective, the deduplication market might be segmented into three categories:

  • Small deduplication vendors and software-based deduplication … for midsized companies.
  • Full product-line deduplication vendors, offering a variety of in-line deduplication, single-controller scale-up (but not always with scale-out) appliances from companies that typically produce a wide variety of other IT appliances and solution components … for midsized to large organizations.
  • Sepaton, offering enterprise deduplication efficiency and performance to truly enterprise-scale organizations, particularly when those organizations have outgrown the commodity approach to dedupe.
Topics: Storage IT Infrastructure Data Protection JBuff Information and Risk Management HDS Sepaton deduplication

Big Data ≠ Competitive Advantage

Most companies undertaking new big data initiatives are doing so with specific business goals in mind. The belief is that a better understanding of their operations, their customers, their research and development will all lead to smarter, timelier decisions, and this will then translate into better results. Done right, this is all true enough, and certainly a worthy pursuit. (Some common mistakes are outlined in my the-discouragement-of-data/index.html" target="_blank">previous blog post about the discouragement of data.)

Topics: Analytics Big Data Data Management & Analytics Enterprise Software

Backing up SaaS : an interview with Spanning

One of the more frequent topics that I get asked about is “How do you back up production workloads, after they go to the cloud?”

A few months ago, how-do-you-back-up-big-data-or-saas-who-will-be-the-next-veeam/index.html">I blogged on that – essentially saying that history is repeating itself (again). As new platforms usurp the old way of doing things (NetWare to Windows to VMware to SaaS), it is not typically the existing data protection behemoths that are first to protect the new platform. Instead, it is often smaller, privately-held innovators who are willing to do the extra work and “protect the un-protectable.” And in most cases, those early innovators ended up leading the next generation while the APIs eventually made standardized backups possible by anyone.

  • ARCserve didn’t back up midrange systems, but led NetWare’s backup market
  • Backup Exec and CommVault weren’t overly known for backing up NetWare, but dominated the early years of protecting Windows NT, later Windows Server
  • Veeam didn’t back up anything before VMware, but it is the defacto VM-specific solution to beat today

HP Acquires Eucalyptus

HP announced on September 11, 2014 that they had entered into an agreement to acquire Eucalyptus. Eucalyptus is a vendor of private IaaS services. Eucalyptus is a startup with fewer than 100 employees and around $55 million in venture funding. Eucalyptus doesn’t have an application development and deployment (AD&D) play but could certainly provide the foundation for a private PaaS. HP, despite their unusual acquisition of Mercury Interactive back in 2006, is otherwise not in the AD&D business. However, Eucalyptus does put HP a partnership or acquisition away from PaaS, so let’s look at the potential motivation of the deal.

The Eucalyptus acquisition is about helping HP customers gain better leverage from their investments. Eucalyptus is a way to show material value to HP’s installed back of server, storage, and networking customers and show that HP can be forward-looking. This is also a low risk acquisition for HP for two reasons. First the acquisition didn’t cost HP that much (less than $100 million, it is rumored) and second, the Eucalyptus technology will help build out HP’s Helion brand, which will enhance its private IaaS appeal.

Topics: Cloud Computing Private Cloud Infrastructure HP Application Development & Deployment Enterprise Software SaaS IaaS PaaS Public Cloud Service

Enterprise Annexation of Endpoint Security

When it comes to strong cybersecurity, endpoints and servers have often been second-class citizens when compared to the network. I described this situation in a March 2013 network-security-trumps-server-security-in-the-enterprise/index.html" target="_blank">blog. According to ESG research, 58% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) said that network security processes, skills, and technical controls were “much more thorough” or “somewhat more thorough” than server security processes, skills, and technical controls.

Why the discrepancy? Network security includes mature technologies like firewalls, IDS/IPS, and web application firewalls (WAFs). Furthermore, network security often involves a lot of network design and engineering for segmentation, access control, and traffic management. Alternatively, endpoint and server security is typically based on nothing more than AV software and its associated signature downloads and occasional scans.

Topics: Cybersecurity Networking Information and Risk Management Security and Privacy malware endpoint security

IBM Covers the Board for Big Data Solutions

IBM STG (the hardware group) will tell you infrastructure matters for big data solutions. This is correct. The capabilities of servers and storage, networks, and clouds will all definitely have a significant impact on a number of characteristics of an analytics environment, including but not limited to performance, scalability, reliability, and cost.

Topics: IBM Analytics Big Data Data Management & Analytics Enterprise Software

Riverbed Announces the End to Excuses in Trying D2D2C

For several months, I’ve been talking about the inevitability of D2D2C (meaning that data goes from primary/production storage to secondary protection storage and then to a tertiary cloud). In fact, I blogged a few months ago that it seems hard to imagine organizations of any size meeting their recovery SLAs with a straight-to-cloud solution. Instead, the intermediary backup server or appliance provides a fast and flexible local restore capability, while the cloud provides longer-term retention.

But even D2D2C has several permutations, including:

  • Backup-as-a-service intermediary caching devices before the BaaS service itself.
  • Traditional backup servers/appliances writing to a cloud tertiary storage tier.
  • Traditional backup servers/appliances replicating to a cloud-hosted copy of the backup engine.
  • Traditional backup storage/dedupe platforms replicating to a cloud-hosed appliance.
Topics: Storage Data Protection JBuff Networking Information and Risk Management Riverbed Amazon Jason Buffington

Book Report: Cyberstorm by Matthew Mather

In spite of the volume and sophistication of recent cyber-attacks, there are still plenty of folks who scoff at the notion of “cyberwar.” It is not unusual for military types to assume the role of doubting Thomas by dismissing cyber-attacks as “weapons of mass disruption.” They go on sarcastic quips saying that a brief blackout or ATM network outage doesn’t really qualify as a national security event.

Having spent the last dozen years of my life in the cybersecurity domain, I vehemently disagree with this minimalist notion but it is truly difficult to describe what might happen. Former National Coordinator for Security, Infrastructure Protection, and Counter-terrorism for the United States, Richard Clarke does a good job of painting a picture of a cyber-attack on critical infrastructure in his 2010 book Cyberwar, but his account is only a few pages long. Daniel Suarez tells a gripping story in Daemon and Freedom, but this is more of a science fiction thriller than a more likely view of reality.

Topics: Information and Risk Management Security and Privacy

ESG Recap of VMworld 2014

The ESG analyst team headed into a VMworld 2014 with a list of vmworld-2014-top-questions-esg-analysts-hope-to-have-answered/index.html" target="_blank">questions and was met with the high energy of the event the moment we all deplaned at SFO. Each of the individual analysts' key takeaways are included below, following these general observations:

Topics: Cloud Computing Storage EVO IT Infrastructure Data Protection VMware Private Cloud Infrastructure Information and Risk Management channel partners VMworld Public Cloud Service

Note to Executives, Legislators, and Consumers: Time For a Serious Dialogue About Cybersecurity

Like everyone else in the cybersecurity domain, I’ve been pretty busy the past week or so. First there was the UPS store breach, which was small change compared to the nefarious cybersecurity situation at JP Morgan Chase. The condition became a bit more whimsical when photos of naked celebrities floated around the web but quickly became serious again with the breach at Home Depot, which may trump the Target breach when all is said and done.

Here is a terse synopsis of what’s going on: We’ve gotten really good at rapidly developing and implementing new applications on new technologies. We can even do so at scale (with the exception of healthcare.gov, but that’s another story). Yup, we want immediate gratification from our technology toys but we really don’t have the right people, skills, processes, or oversight to actually protect them.

Topics: Cybersecurity Information and Risk Management Security and Privacy risk management

The Data Scientist in the Room

This summer I spent a lot of time interviewing the self-proclaimed big data leaders at a wide range of midmarket and enterprise companies. These are the people charged with defining their organizations' big data strategies and new initiatives. First, let me say these are not dummies. No one gets put in the driver's seat for these projects without knowing a lot about technology and business both.

Topics: Analytics Big Data Data Management & Analytics Enterprise Software

VMworld 2014 - ESG's Event Video Insights

VMworld was, as ever, massive - and remains one of the foundational IT events of the season. As is our wont, the attending ESG analyst team videoed its key, immediate insights live at the event. In the video blog that follows, I am joined by my colleagues Jason Buffington, Mark Bowker, Kevin Rhone and Scott Sinclair. In just six minutes you can get a broad yet succinct summary of some key takeaways from - and thoughts about - this year's event. VMW '14 was notable for the tone of the keynotes as much as the technology news, and for posing questions as much as providing answers...making it an intriguing installment of this ongoing series. Enjoy the video....

Topics: Cloud Computing Storage IT Infrastructure Data Protection VMware Private Cloud Infrastructure Information and Risk Management Enterprise Software Compute VMworld ESG on Location

VMware EVO and Its Market Impact

In a recent ESG Research Brief, Integrated Computing Platform Trends, 33% of the respondents indicated that are already using an ICP and there are no signs of lifting the foot off the accelerator pedal.

Topics: Cloud Computing EVO VMware Private Cloud Infrastructure integrated computing platforms ICP VMworld

It's Performance @ Scale, Not Performance + Scale

Want to know what's trite in big data marketing today? Pitches that focus on speed for speed's sake, thinking if only they can get enough zeroes in the headline the customer is sure to buy. Second most common cliche to the "go fast" guys are the ones who rave about their scalability, as if size is all that counts. Both attributes matter, but both are kind of missing the point if taken alone. Customers' decision criteria for big data solutions includes these capabilities, but almost always as a combined function, not independent axes for evaluation.

Topics: Analytics Big Data Data Management & Analytics Enterprise Software

vBlog on Data Protection Economics -- Why IT Continues to Invest in Better Backups

Organizations of all sizes continue to seek better ways to protect their data. It's not just because their existing backup solutions are broken (some are broken, some are antiquated/cumbersome, and others just aren’t scaling as their production systems evolve) – but that’s not all of them. In many cases, folks are just trying to improve what they are doing, often based on economics, not technical features. People are spending money on Improving Data Backups, as seen in ESG’s IT Spending Intentions for 2014, where backup is the #3 planned priority overall and the #1 priority for midsized organizations in 2014. Actually, “backup” has been the number one priority for midsized organizations for the past three years running. Why is that?

Here’s a video to discuss some of the perhaps less-obvious reasons that IT organizations continue to invest in better data protection solutions (spoiler alert: It isn’t typically for “features”) – and what IT vendors and IT decision makers should be thinking about.

Topics: Data Protection JBuff Information and Risk Management

Network Security Challenges in the Enterprise

ESG recently published a new research report titled, Network Security Trends in the Era of Cloud and Mobile Computing. In this project, ESG surveyed 397 IT security professionals working at enterprise organizations (i.e., more than 1,000 employees) and asked a multitude of questions about their current and future network security policies, practices, and technologies.

Topics: Network Security Networking Information and Risk Management Security and Privacy Enterprise

Event Marketing Doesn't Get Enough Credit

With 25 years of attending tradeshows and launch events, I can attest that the Marketing/Events team does not get enough credit.

Topics: EMC Data Protection VMware Information and Risk Management Veeam Acronis Zerto VMworld