ESG Blogs

In addition to my recent recap blog on the Open Networking Summit 2015, I recorded a brief video with my thoughts on the event. In the video, I describe some of the unexpected patterns I saw, such as the importance of services in the SD-WAN session I chaired or of network automation in the data center SDN session.  

Software-defined Storage (SDS) is an inescapable term right now...and looks to become an inescapable reality soon. That is, of course, if you buy into it as being something that's brand new and not already all around us. I just posted what I hope is a fun, insightful, and intentionally somewhat provocative ESG Video Capsule on just this contention. Please take a look—as with all our Video Capsules, it's under 140 seconds:

Aesop, an ancient Greek storyteller, is credited with coining the expression, “slow but steady wins the race”.  That ancient wisdom rings hollow in the present-day digital age, where the need for speed is essential to business survival. 

Given the booming state of the cybersecurity market, industry rhetoric is at an all-time high. One of the more nonsensical infosec banalities goes something like this: Cybersecurity has always been anchored by incident prevention technologies like AV software, firewalls, and IDS/IPS systems, but sophisticated cyber-adversaries have become extremely adept at circumventing status quo security controls. Therefore, organizations should give up on prevention and focus all their attention on incident detection and response.

Now I certainly get the logic of this platitude. Yes, the bad guys do know how to get around our defenses and organizations should in fact improve their detection and response capabilities. But abandon or minimize incident prevention? Poppycock! 

Jon Oltsik and I have written an ESG brief on the Group-based policy, a open source project within OpenStack and OpenDaylight project that enables high level abstractions for controlling networks, although it can be generalized for compute, security, and storage. The brief is available to ESG subscription clients only, but I have summarized a few points below.

To fully understand the state of cybersecurity at enterprise organizations, it’s worthwhile to review a bit of history. In the early days of Internet connectivity, information security was viewed as a necessary evil, so enterprise security budgets tended to be pretty stingy. CEOs didn’t want good security, they wanted “good enough” security, so they were only willing to provide minimal funding. 

Last week 4,000 fine people gathered in San Jose for the Hadoop Summit. Hosted by Hortonworks, but largely non-denominational, the event showcased the broader ecosystem of Hadoop, big data, and analytics. Despite the wide variety of approaches, the attendees were clearly focused on finding the value and learning practical techniques to be successful. Less hype, more tech.

Watch the short recap video for highlights and then read on below for a roundup of selected announcements.

For years, endpoint security was defined by antivirus software and a few leading vendors like Kaspersky Lab, McAfee (Intel Security), Sophos, Symantec, and Trend Micro. This perception has changed over the past few years. CISOs are now demanding endpoint profiling, advanced threat detection, and forensic capabilities, opening the door for other vendors like Bit9/Carbon Black, Cisco, Confer, FireEye, ForeScout, Great Bay Software, Guidance Software, Invincea, Palo Alto, RSA, SentinelOne, Tanium, etc.

As my wife and I depart for an out-of-town wedding and leave our two college-bound teenagers alone at home with a set of shared responsibility instructions, we do so feeling both excited about our trip and apprehensive about the ambiguity of who will do what at home. Trust is earned, after all, and needs to be verified. Such is also the case for enterprises moving application workloads to the cloud. These teen – if not toddler – phases of cloud security can be awkward, but with real benefits, and ultimately survivable with a few cautionary tips.

I’ve been meaning to write this blog since returning from San Francisco in April and I’ve finally gotten around to it. With the dangerous threat landscape and seemingly endless string of data breaches, there was quite a bit of industry bashing at this year’s RSA conference. Discussions featured numerous sound bites accusing the cybersecurity industry of "being stuck in the dark ages," and claiming that the industry "has failed its customers." Pretty strong stuff.

After attending Cisco Live last week, I thought of the various product announcements made, and one of the key items is the expansion of their SDN approach.

Many people consider "Hadoop" and "big data" to be synonyms, and certainly there is significant overlap between them. Yet in my mind, Hadoop is an ecosytem of data management tools, and big data is an approach to understanding complex situations. So the one can be used for the other, but surely isn't the only way to go.

In anticipation of CiscoLive in San Diego, I posted a blog last week describing my thoughts on Cisco’s cybersecurity portfolio. After attending the event this week, I’m ready to further elaborate on these opinions by grading Cisco Cybersecurity in a number of areas:

I attended Nutanix’s first end-user conference and it was good to hear directly from its spokespeople as opposed to the market hype we all get exposed to. Nutanix’s goal is to take complex infrastructure and make it simple. In fact, they went as far as to say they want to make infrastructure invisible.

My colleague Mark Peters and I attended HP Discover 2015 last week to get an updated view of the storage and data protection innovations being announced at the event. What was heartening for me was that one of HP’s core four pillars was “Protect” where the new Hewlett Packard Enterprise company talks about its converged approach to information security and data protection (backup), which includes backup and archival software, as well as the HP StoreOnce deduplication storage solutions.

In recent ESG research on data protection personas, methods, and channels, ESG looked at ‘who’ is affecting data protection, including IT operations, DBAs, vAdmins, file/storage admins, non-technical stakeholders, and channel partners.

While data protection has historically been very channel-driven, or at least channel-accelerated, recent data shows that there are disconnects between how IT decision makers use channel partners and how vendors hope that channel partners are being used (e.g., pre-sales advocates of their products/services). 

Author Joseph Campbell once stated, "The virtues of the past are the vices of today”.

IT server, storage, and network administrators who still cling to the old ways of managing infrastructure in discrete silos would do well to heed Campbell’s warning. 

HP just held the US version of its biannual Discover user conference. And it was the last one as the HP we know - by the time the show arrives in London in December there should officially be two new companies: Hewlett Packard Enterprise and HP, Inc. (the latter – conveniently – being the one with the actual ink!). In the “main tent” sessions there was much focus on, and myriad mentions of, the separation, but the users I spoke with remained skeptical; not so much of what value it might bring to the uber HP, but of what direct impact and value it might have on them. As weak and obvious a statement as it is, only time will tell.

In recent years, many were thinking that Teradata was losing its edge in the greater analytics marketplace. Long a favorite for large enterprise customers seeking to do world-class data warehouses, the company realized the market was rapidly shifting around it. Two major trends seem to have the biggest impact here: big data and cloud. While Teradata's core install base isn't at significant risk of going away, they may be looking at complementary alternatives. For the company to remain a dominant player, some new approaches would be required. The recent Teradata third party influencers event in Del Mar, California, showcased just how far their efforts at transformation have progressed.

30 years ago, Back to the Future changed the history of the world as we know it, at least for impressionable movie buffs. This year, the Dell Annual Analyst Conference (DAAC) showed what could be coming next, no DeLorean required. Dell is obviously a big company with many different lines of business to consider, but I'd like to focus here on one breakout session in particular, entitled "Helping Customers Cut through the Big Data Hype to Make Better, Faster Decisions." Snappy, eh?

Open Networking Summit is coming up soon. The topics covered are broad, ranging from software-defined networking (SDN) in enterprises to service provider adoption of SDN/NFV. We’ve seen strong representation from academia in its early dates and telco requirements have also been covered in recent years. This time, there is a new spotlight on enterprise use of SDN. The keynote panel of SDN in Enterprises has speakers from Credit Suisse, Deutsche Bank, NSA, and Samsung SDS (a services group).

Let’s see what else at the conference will focus on the enterprise topic.

I've written an ESG brief on the Importance of Software in Networking. It's available to ESG subscription clients only, but I have summarized a few points below.

A few short years ago, Cisco was deep in the cybersecurity doldrums. In spite of years of market leadership with products like Cisco PIX firewalls, IronPort (e-mail security), and IDS/IPS blades on Catalyst switches, the company seemed to have squandered its enviable market position. Alas, Cisco had swung and missed on security management (MARS) and endpoint (Okena) and had fallen behind companies like Fortinet, Juniper, and Palo Alto in its own network security backyard.

Unlike many new economy players of the late 1990s, notable dotcom brands of today have staying power, not only due to more viable SaaS business models, but also due to their effective use of an increasingly mature set of cloud computing services. The likes of Uber, Airbnb, Dropbox, Netflix, and others have fundamentally changed how we get ourselves, and files, for that matter, from point A to point B and how we view content when we get there. These market leaders have disrupted established markets by not only recognizing that we, the consumer, want to do pretty much everything on our smartphones (including requesting a ride) but also, more importantly, by leveraging the agility of the cloud for continuous innovation and, thus, competitive advantage. It’s the speed of DevOps and the old guard better look out, unless the disrupters themselves get disrupted.

Everyone’s got challenges deploying IT technology. On top of that, IT organizations often don’t have a good idea on where they want to go, and where they are today. Professional services organizations can come to the rescue with a slew of offerings to help them out. But they are challenged in marketing and describing what they are capable of doing.

Do you have a certain word or phrase that every time you hear it is the equivalent of nails on a chalkboard? Sometimes publications, such as TIME magazine, will actually publish a list of banished words or phrases that the nation is simply sick of hearing. In case you were interested, recent lists have included over-publicized terms such as selfie, YOLO (you only live once), and literally (when you really mean figuratively). For me the term that—figuratively—brings tears to my eyes whenever I hear it is “outside the box.”

The original premise for that phrase was so promising: take a seemingly intractable problem and look at it from a different perspective or from a different point of view to find a creative solution. Through over use, however, the idea of outside the box thinking became both trivialized and a bit insulting. Have a problem? Try thinking outside the box. Didn’t work? Oh well, good luck then. It takes a considerable amount of work and effort to find and create unique perspectives and look at problems in new ways. The source of my frustration is that the overuse of the phrase trivialized the hard work that it takes to truly find new perspectives. So what does this have to do with enterprise storage?

At Dell’s Annual Analyst Convention (DAAC) last week, Michael Dell and his top lieutenants echoed various memes that were evocative of a startup culture:

I will be visiting Cisco Live in sunny and dry San Diego next week. Cisco has recently announced that Chuck Robbins will succeed John Chambers as CEO along with some additional changes in the executive ranks. I wonder what else will be in store...

Hopefully you have been enjoying our series of blogs and videos over the last few weeks that serve as summaries of the key highlights from our Next Generation Storage Architectures research project and report (the full report is available on our website).

The final video installment here covers the landscape of storage purchasing approaches and preferences rather than a technology per se. Without stealing all the thunder of the video or report, suffice to say that the outlook remains most positive for the large brands and established players, as long as they continue to adapt and innovate (whether organically or via acquisition). Newer vendors can still gain traction as long as their value proposition is precise, differentiated and valuable. From the IT user perspective the biggest news is a decline in turf warfare between departments - which has to be good for all, and which will help control budgets and blood pressures!

I participated in the Cyber Exchange Forum earlier today, an event sponsored by the Advanced Cyber Security Center (ACSC). The featured speaker was Sean Kanuck, National Intelligence Officer for Cyber Issues, Office of the Director of National Intelligence. In this role, Sean directs the production of national intelligence estimates (for cyber-threats), leads the intelligence community (IC) in cyber analysis, and writes personal assessments about strategic developments in cyberspace.