ESG Blogs

At VMworld 2011, VMware announced that they had achieved a milestone - 1 million IOPS on a single vSphere 5 host with multiple VMs. To do that they used a traditional, spinning disk storage array with eight engines and 980 15K RPM Fibre Channel disks.

Yesterday began as a melancholy day - the official end of my boating season. Due to a busy fall schedule, I was giving up and bringing the boat to the yard to be dealt with for the winter and readied for spring. (That's nice boating talk for "prepare to spend a crap load of money.") I'm always bummed out when it's time to end the season.

The Lost and Found of Big Data Innovation

Over the past few weeks, I’ve spoken to a number of security vendors including Bit9, Bromium, CounterTack, Invincea, Malwarebytes, and Sourcefire. Each of these firms is offering some type of new security technology for detecting/blocking advanced malware that circumvents traditional defenses like firewalls, IDS/IPS, and antivirus software.

To their credit, all of these vendors are pitching their products as an added layer of defense rather than a replacement for traditional antivirus software. A wise decision since many enterprises view antivirus software as a proverbial “check-box” and antivirus is often a specific regulatory compliance requirement. The vendors I spoke with understand this and are saying the right things. Something like, “AV is an important signature-based technology for known threats. Our product provides additional protection against APTs and other types of sophisticated, targeted malware attacks.”

Remote offices/users have always been a pain in the rump for IT. Even when IT could legislate/mandate what devices, network, VPN, access control, security, etc. were to be used by the remote user, it was still a pain. Something goes wrong out in the Podunk plant, and some poor office manager has to deal with an IT guy a billion miles away over the phone trying to troubleshoot the issue while 187 people are now totally unproductive.

In a recent research survey, ESG asked security professionals working at enterprise organizations (i.e., more than 1,000) how their organizations would change their security management strategy in the next 24 months. Here are the results:

FlashSoft for VMware from SanDisk is a software module designed to accelerate application performance for VMware guest machines at the physical server level. FlashSoft increases the performance of I/O operations by creating a software-based read cache using virtualized solid-state storage (SSS) capacity. We recently completed an ESG Lab validation of FlashSoft for VMware and found it to be an extremely easy to implement solution. Leveraging our VMware clustered test environment we non-disruptively installed the FlashSoft module into the ESX kernel in less than a minute and were able to start using 180GB of PCIe based LSI WarpDrive SSD capacity installed on each of the clustered ESX hosts. We tested application performance, VM density scale, and ease of use. We observed a 4x improvement in transactions per minute, a 3.5x improvement in batch request processing for an OLTP application workload, and 3x gain in VM density scale over the same configuration with HDD-only devices.

E-discovery in general is not a major focus of ILTA, given how much of it law firms outsource to service providers - and increasingly how much corporate clients outsource to service providers directly or perform themselves, in-house.

We’ll review some overall trends and announcements from ILTA 2012 in the ilta-2012-e-discovery-trends/index.html">next few posts. Check our earlier ilta-2012-pre-game-e-discovery-year-in-review/index.html" target="_blank">pre-game for some more recent events and announcements in the space.

Overview

Enterprises are increasing their spending on professional and managed security services. According to ESG Research, 58% of security professionals say that their organization’s use of managed and/or professional services for information security has “increased substantially” or “increased somewhat” over the past two years.

Just what types of services are they consuming? The list is long and diverse, but according to ESG Research, the top five categories are as follows:

• 33%: Security architecture and infrastructure design (i.e. professional/consulting services)
• 30%: Threat intelligence services
• 30%: Network monitoring services
• 30%: Security /risk management /regulatory compliance assessment
• 29%: Web threat management

The IT industry is littered with acronyms and buzz words that change at such a rapid pace that few can actually keep up with what they truly mean. Just as one settles in to our conversations, another one pops up to keep us on our toes. IT professionals can be bombarded by these terms, leaving them with a great buzz-word bingo fodder, but not with any meaningful value.

Bird-dogging Big Data Innovation in Beantown

“R” Your Eyes Open to Open Source Visualization?

The question was raised the other day: Has anyone seen much in the way of open source visualization tools? The answer is yes; they are out there if you look hard enough, but only one has appeared that has impacted the market to the extent that we have seen other segments impacted by open source, such as database, operating systems, virtualization, and browsers. Here’s a quick snapshot of open-source visualization:

• Where is the open source foundation support? Most of the world’s leading open source project foundations have not addressed visualization much, if at all. Apache facilitates over 100 top-level projects, but none of them clearly focus on visualization. By comparison, Apache facilitates many database projects, like Accumulo, Cassandra, CouchDB, Derby, and Hbase. While Hive offers analysis and ad-hoc query support, closely associated with Hadoop, it barely qualifies as a visualization tool. For visualization, you will find only one organization doing the equivalent to The Linux Foundation, or the KVM project, or Mozilla — see the final bullet.
• Inexpensive and loyal commercial offerings. If you are truly strapped for cash, with a few add-ins for Excel you can power-up its visualization capabilities. But if you want to take the next step up, there are fresh market visionaries, associated with but not limited to Hadoop, such as Datameer and Tableau that offer inexpensive personal editions, and enable you to grow into workgroup and enterprise licenses. Just as Datameer and Tableau include more than just visualization, other emerging analytics platforms that may not break your bank, such as Karmasphere and Pentaho include strong visualization capabilities, and JasperSoft offers an open-source community edition of its BI/analytics tool with some visualization features. BI/analytics was born well before Hadoop was born, and thus there are plenty of longstanding analytics tools that offer rich statistics plus visualization, and possess strong loyalty, such as IBM Cognos, IBM SPSS, SAS, and SAP BusinessObjects. While deep-market penetration has never stood in the way of open source, the combination of modernized offerings from long-standing analytics suppliers plus the inexpensive choices from new commercial entrees have squeezed some of the demand out of open source visualization, but not entirely.
• R You Good Enough? Another compelling early stage analytics/visualization provider, Revolution Analytics, takes full advantage of the world’s most popular open source statistical environment: The R-Project, more often referred to simply as “R,” is officially part of the Free Software Foundation GNU. Revolution Analytics noticed that a large number of data analysts (two million claimed) use or have used R at some point. So Revolution Analytics beefs up the UI, framework, and services around R, aiming to be to R what Red Hat is to Linux. Plenty of university courses teach and/or require the use of R. R even has its own annual conference, running back to 2004, with a fair amount of commercial support. The final exclamation point illustrating R’s impact comes from Oracle, who along with Cloudera’s Hadoop Distribution and Cloudera Manager, packages Oracle R in its Big Data Appliance.

After two full weeks of constant political speechifying, you would think that both Democrats and Republicans would have clearly articulated their positions on each and every issue at hand. Nope. Both parties are guilty of being long on rhetoric and short on details in numerous areas.

As much as I like virtualization, and systems management, and private cloud … most folks know that I am a backup guy, first and foremost. So, you should definitely look to some of the ESG peers for the other parts of the story, including a video-blog-whats-new-in-virtualization-at-vmworld/index.html" target="_blank" title="Mark Bowker's observations on VMworld 2012 - from ESG's Virtualization Expert">nice video from ESG’s Mr. Virtualization, Mark Bowker. In the meantime, here are my takeaways:

I was very lucky in that I spent a good month on the beach forgetting everything I’ve ever known about IT. I was not so lucky in that my brain can’t stop observing and questioning human behavior, in IT or anywhere else. I can spot someone from NJ in seconds now. I can tell a driver is from Connecticut within one stupid maneuver.

Useful? Not really. But interesting nonethe less, at least to me.

According to ESG Research, 55% of enterprise organizations (i.e., those with more than 1,000 employees) plan to hire additional information security professionals in 2012 but they are extremely hard to find. In fact, 83% of enterprises claim that it is “extremely difficult” or “somewhat difficult” to recruit and/or hire security professionals in the current market.

When you can’t hire full-time employees in an area as critical as information security, you may be forced to seek out help from professional and managed security service providers as an option. This common situation is driving growth in security services over the past two years. In fact, 58% of security professionals say that their organization’s use of managed and/or professional services for information security has “increased substantially” or “increased somewhat” over the past 2 years.