24.11.2010 by Martin Kuppinger
These days I talked with one vendor about his news around capacity management. Capacity management is used as a term to describe products which are used for optimizing workloads in data centers and to make the best use of the resources within these data centers. Honestly, I didn’t do a deep dive into that specific area before, and maybe I’m a green on advanced IT topics – but when vendors are promising capacity management, I’d expect that to be somewhat active. However, I’ve learned that it’s about reporting and analytics – even in association with terms like dynamic, continuous, proactive or whatever. I’ve checked several other offerings in the meantime and it appears to be common understanding amongst these vendors, that management ends with some nice reports in the space of capacity management.
I would have used the terms capacity reporting or capacity analytics instead, but I know that vendor marketing tends to “beautify” their stories a little.
So what are my expectations on capacity management? The issue is obvious – it is complex to manage the workloads in the increasingly virtualized and complex data centers. And it is becoming even more complex when we have different “clouds”, private and public, where we might put these workloads. Thus we need to support that we can optimize this – a dynamic or continuous capacity management is key. However, I’d at least expect to have a little more than just the information that there is something to be optimized. To achieve a fully automated management for sure will be a long journey, requiring a strong and valid policy model to ensure that nothing goes wrong. It will also require a tight integration with Business Service Management to ensure that the specifics of business processes like high workloads at the end of the month/year are met. It will even require that financial aspects (costs of internal and external cloud resources) and governance aspects (which data and workloads is allowed to be placed where due to governance/compliance/security constraints?) are met. In the meantime, automatically created “jobs” for the virtualization, server, and application management tools to easily make the proposed changes reality would be a first step.
I’m looking forward to see when capacity management becomes reality. There is definitely a value in today’s solutions. But the value could me significantly bigger than it is.
23.11.2010 by Martin Kuppinger
I’m following Novell for more than 20 years right now. And for roughly the same period of time there have been rumours of other companies acquiring Novell. But it never happened. Not really, at least. You could argue that the acquisition of Cambridge Technology Partners was sort of a takeover of Novell by Cambridge, with Jack Messman becoming CEO and so on. But at the end, Novell was at its own again. But yesterday the news spread that Attachmate is buying Novell – finally they are sold. Attachmate will keep Novell as separate business unit and maintain the brands of Novell and Suse. With other words: There won’t be that many changes from a customer perspective at first glance.
When looking at Attachmate and NetIQ, it becomes obvious that Attachmate at that point of time is keeping the acquisitions somewhat separate. There is still a NetIQ website and the NetIQ brand is still maintained. Behind the scenes, there is integration – but not when facing to the customer. It is most likely that the same strategy will be followed with Novell.
However, the questions are whether, when, and how Attachmate will start to build on the potential of tighter integration between their different “divisions”, e.g. the classical Attachmate, NetIQ, and Novell. There is a significant potential for integration – look at the broad support for different environments, from the mainframe to NetWare, Linux, and Windows. Look at the expanded capabilities for managing networks, delivered by NetIQ and Novell. And think about what the outcome for “intelligent workload management”, e.g. the optimization and management of workloads in virtualized/cloud environments could be if all the strengths of Attachmate, NetIQ, and Novell are put together. Thus, there is some interesting potential for the future.
The question I have fully answered is: What does this mean for existing Novell customers and what should they do? The answer at that point of time is simple: Stay calm and proceed as planned. There is no reason to go away from Novell – in contrast: Novell is now part of a significantly larger organization and it finally has been acquired, thus the rumours around acquisitions are past. And the opportunities out of this acquisition for existing Novell customers are significantly greater than the risks – especially if Attachmate starts to leverage the potential synergies between the different companies within that conglomerate.
17.11.2010 by Martin Kuppinger
This week, I had a very interesting discussion with Werner Thalmeier, CTO of M86 Security, about the protection of systems and information. He used the analogy of the “secure pipe” to explain the approach they are following – today, our drinking water is clean, we can use it directly out of the pipe. In former days, it wasn’t. It had to be cooked, filtered, and so on. The approach of M86 Security is basically the same – keep the pipe clean so that you don’t have to care about what comes out.
We ended up in a discussion of new challenges in that area, especially the “apps” for the so called smart phones (I still think that this is the wrong term – they might be smart, but they aren’t made that much for doing phone calls. But that’s another story.). These apps are harder to secure given that there isn’t a browser anymore where HTML code could be analyzed and so on. That leads to the question: What is the pipe and where to filter? The obvious answer is: The only place to secure that type of IT (e.g. the technology) to protect the information (it’s about Information Security and the I in IT, Technology Security is just a means to achieve that goal) are the providers.
That’s where Telcos come into play. They are the ones which are connecting the app providers and the devices. ISPs (which are frequently Telcos as well) have to be added, for apps running on WLAN connected devices or classical notebooks and desktop PCs today or in the future. These are the ones who have control about pipes.
What would that mean in practice? Telcos will have to offer this as an value add service to their corporate customers. Corporate customers will have to look at the legal details and to prepare policies for the usage of corporate devices and corporate information, if not done yet. Telcos will then have to implement the technology to filter, best done in a way which allows the corporate customers to flexibly apply their internal policies and to integrate this with existing security tools. For Telcos, that could be one (of many) value add business. For corporate customers, it is about using Telcos as a MSSP (Managed Security Service Provider). Obviously, we have to rethink security in a perimeter-less world – and Telcos can play a vital role in the future information security business.
11.11.2010 by Martin Kuppinger
These days, the Deutsche Post started its eBrief service. And the so called De-Mail is as well on its way. The common idea: Trustworthy, legally signed eMail. So far, so good. But we all know that its not the first approach for secure eMail. Some people are even using it actively, and some even beyond the reach of their corporate eMail systems. But when I look at my inbox, well below 1% of the incoming mails are signed and exactly 0% are encrypted.
Why should that change with new services which are expensive (to send the eBrief costs money like a real letter), have a complex registration procedure (you have to show up in person and with your ID card or – lucky one – your eID), and are difficult to use. The biggest problem: Yet another mailbox. I don’t want to have another mailbox. I don’t want to use websites to authenticate before I can access like I have experienced with other approaches. I just want to be able to use secure eMail (if I need it) with my existing mail accounts, my existing Microsoft Outlook (and NO new mail account I have to add to my outlook). Seamless. Without having to think much about. Without registration. And in a way that every recipient understands. The best way still is S/MIME, even while only few people really understand what happens there, at least besides the IT security people. But an eBrief? De-Mail? Why should I? Add another level of complexity to my communication? No way.
Besides this: De-Mail would also enable the state to communicate with me. They have a way to reliably send mail to me – do I really want them to have this option? Hey, I couldn’t ignore that any more. That’s far easier with the classical letters sent by snail mail.
Honestly, my reception of these initiatives is that someone tries to reinvent the wheel – one with five edges, not a round one.
I personally will further use my fax when it’s about really reliable communication.