3 Highlights with Microsoft Windows Server 2012 R2

With any server operating system upgrade, IT is always looking for the hooks that help motivate the upgrade process and deliver additional value. Sometimes it is as simple as better performance, a single feature that has been a long time coming, or something that simply snaps into an IT policy and waits out any bumps from the early adopters. By now IT shops should have solid exposure to Windows Server 2012, blipped through SP1, and are now ready to focus on R2. As IT pros research and learn about Windows Server 2012 R2 deployment opportunities, they should be aware of these three potential impacts:

Topics: Storage IT Infrastructure Networking Cloud Services & Orchestration

A Softer View of Cloud Platforms

In this post-hardware world, the software view of cloud platforms continues to evolve rapidly. In fact, I think we need to think about the platforms themselves a little differently. For the past few years, we’ve kind of thought of cloud as either public or private. I’d like to think we’ve evolved our thinking along with the capabilities of the platform companies to include a more hybrid perspective and we have to include the end-user side of things by including endpoint software as well. I’d argue for including endpoint software supported both by what the cloud platform vendors are doing/investing in as well as the fact that one of the cloud tenets is ‘broad network access’ (from NIST). My definition of broad network access is access from any device, anywhere, to any cloud service. I created following table for a forthcoming publication on cloud platforms that shows how I think of what the vendors are doing in this space – which continues to change rapidly. For example, Amazon is now shipping a Kindle based on Android and VMware just bought DeskTone to add VMware’s ability to provide desktop-as-a-service.

Topics: Networking Cloud Services & Orchestration

Enterprise Security Professionals Offer Their Suggestions for U.S. Governement Cybersecurity Programs

According to ESG research, 66% of enterprise security professionals believe that the U.S. federal government should be doing significantly more or somewhat more to help the private sector cope with the current cybersecurity situation and threat landscape.

Topics: Cybersecurity

Dell VRTX Wraps in Additional Features

Earlier this year, Dell introduced its PowerEdge VRTX into the market with a goal of simplifying IT infrastructure for midmarket customers and ROBOs (remote office branch office). Further details and insights are located in this blog and ESG brief:

Topics: IT Infrastructure Cloud Services & Orchestration

Security Professionals Want More Government Cybersecurity Action

Now that the federal government is working again, I was wondering: What ever happened to cybersecurity legislation? As far as I can tell the Cybersecurity Act of 2013 (S.1353) and CISPA are dead-in-the-water right now. Why? Edward Snowden and NSA programs put the kybosh on public trust (especially International trust) and Congress has other things it would rather fight about.

Topics: Cybersecurity

Trend Micro’s Push for Enterprise Security

When you think of the leading enterprise security vendors, which companies come to mind? Perhaps it’s the network security crowd like Check Point, Cisco, and Juniper. Maybe it’s the big system vendors like HP and IBM, or it could be traditional security firms like McAfee and Symantec. These are the usual suspects here in North America, but it may be high time to include a company that already has this profile in Asia – Trend Micro.

I say this because I attended the Trend Micro analyst event last week and came away quite impressed. I believe Trend Micro is well positioned for the ongoing enterprise security transition as large organizations replace disconnected point tools with an integrated enterprise security architecture. Trend Micro can capitalize on this evolution because it offers:

  • Integrated solutions. Yes, Trend Micro still sells discrete products but it can also play an integrated solutions card to trump lethargic competitors and one-trick-pony startups. For example, Trend’s Deep Discovery advanced malware detection ties into its web and email gateways, endpoint security software, and central management console. Rather than simply detect malware, this gives Trend the ability to address the threat lifecycle as it can detect, analyze, adapt, and respond to malware. Trend is also intent on combining product features into simple product bundles to ease security deployment and operations.
  • End-to-end coverage. IT is changing quickly with the adoption of cloud, mobile, and virtual technologies. Trend Micro is addressing these changes in a number of ways. For example, its Deep Security suite can support physical servers, VMs, and cloud-based workloads. To facilitate this, Trend is working closely with VMware and Amazon and plans to engage others. Trend also supports endpoints whether legacy PCs, Macintosh, or mobile devices.
  • Ubiquitous cloud support. Trend was one of the first vendors to support on-premises products with its “Smart Protection Network” cloud. Now, Trend is applying its deep cloud intelligence and infrastructure in multiple areas such as advanced threats, mobile security, and intelligence sharing. Trend also has a healthy mix of MSSP offerings and plans to expand this portfolio moving forward.
  • Technical feet-on-the-street. Several customers crowed about the help they received from their Trend Technical Account Manager (TAM). Of course, they pay for this help but security professionals claim that their TAMs really pay for themselves by providing threat intelligence and helping them maximize protection. This is especially valuable given the current security skills shortage.
  • A burgeoning channel presence. Trend trotted out an array of partners including Arrow, CSC, Dell, and SAP. Trend hopes that the combination of specialization (i.e., CSC in the Federal space, SAP, etc.), scale, skills, and reach will carry it into more deals with more trusted partners.
Topics: Cybersecurity Cloud Services & Orchestration

Software Defined - Defined

Is this an Oxymoron? Managed Private Cloud

Private cloud, public cloud, hybrid cloud, the hardly mentioned community cloud, and now managed private cloud. How many cloud variants do we need? I have to say I was skeptical at first – why would an enterprise want a managed cloud on-premises? Then I heard the pitch from a company called Metacloud, was still skeptical, but then I realized I’d actually seen a few more companies doing this – some on-premises, others off-premises.

Let’s face it: Transforming a virtualized data center (assuming you get that far) to a private cloud with on-demand/self-service provisioning, and service catalog, all automated and orchestrated, is hard to do and can be very expensive.

Topics: Cloud Services & Orchestration

Software Defined = Everything Is A Server (Bye Bye Storage, Bye Bye Networking...)

You were supposed to sing that title to the Everly Brothers, by the way.

The Keys to Big Data Security Analytics Solutions: Algorithms, Visualization, Context, and Automation (AVCA)

ESG research indicates that 44% of organizations believe that their current level of security data collection and analysis could be classified as “big data,” while another 44% believe that their security data collection and analysis will be classified as “big data” within the next two years (note: In this case, big data security analytics is defined as, “security data sets that grow so large that they become awkward to work with using on-hand security analytics tools”).

So enterprises will likely move to some type of big data security analytics product or solution over the next few years. That said, many CISOs I speak with remain confused about this burgeoning category and need help cutting through the hype.

Topics: Cybersecurity Data Platforms, Analytics, & AI

McAfee Advanced Threat Detection: A Sign of Things to Come

With the glitz and glamour of Las Vegas as a backdrop, McAfee rolled out its Advanced Threat Defense (ADT) strategy last week.

Topics: Cybersecurity

Empirix becomes part of Thoma Bravo family

This morning the private equity firm Thoma Bravo announced it had signed a definitive agreement to acquire industry leading network management firm Empirix.

Topics: IT Infrastructure Networking

Network Forensics: A Burgeoning Big Data Security Analytics Category

According to ESG research, 49% of enterprise organizations suffered a successful malware attack over the past two years (note: “successful” implies that the malware compromised an IT asset and caused some type of impact such as a system re-imaging, data theft, downtime, etc.). Of these firms, 20% suffered 10 or more successful malware attacks.

Obviously, malware is circumventing existing security controls and not triggering any alarms on traditional SIEM tools. So what can organizations do to improve their malware detection and response capabilities? Many are turning to network forensic tools. Wikipedia defines network forensics as follows:

Topics: Cybersecurity Networking

It Takes a Village: The Splunk User Conference 2013

When IBM distributed its operating system in the 1950s, it actually sent the source code to its customer base. Many IT shops then actually modified the operating system with their own customized code.

Topics: Cybersecurity

Interop 2013 - NYC Edition

Thankfully, with the Acela working again, I was able to spend the day at the Javits center with the newest member of ESG networking team, Will Reich, speaking with IT decision-makers and practitioners, attending presentations, and visiting with vendors (and see demos) at the Interop Show. While not the same size and scope as the spring show, the trip to NYC is far easier than Vegas and there were a good number of attendees for the show.

Playing the Match Game, with Cloud Services

As more cloud service providers come online, the choices seem to just get harder and harder to make. This one has one technology stack, that one has doesn’t share what technology they are using, this one has white glove support, that one tells you to fend for yourself, this one has a different SLA for each service. And the list goes on. How does an IT department or a procurement department make the right decision when it comes to selecting a CSP?

Several companies have come up with a way to solve part of the problem by providing a service catalog with a broker interface that a company can use to select which cloud service to use for which workloads. While this helps a lot when the person selecting and provisioning them knows what to choose, this doesn’t really help the person who doesn’t know what makes one match their requirements. Finding out the capabilities of different providers can be hard to do – it may be spread all over their website and service catalog/portal, it may be in whitepapers, it may take a sales call. And imaging what all this is like for the procurement person?

Topics: Cloud Services & Orchestration