February 9th, 2010
AmberPoint finally gets acquired as Oracle fills in more remaining stack holes
This guest post comes courtesy of Tony Baer’s OnStrategies blog. Tony is a senior analyst at Ovum.
By Tony Baer
Thanks go out to Oracle on Feb. 8 for finally putting us out of our suspense. AmberPoint was one of a dwindling group of still-standing software independents delivering run-time governance of the for SOA environments.
It’s a smart move for Oracle as it patches some gaps in its Enterprise Manager offering, not only 
in SOA runtime governance, but also with business transaction management – and potentially – better visibility to non-Oracle systems. Of course, that visibility will in part depend on the kindness of strangers as AmberPoint partners like Microsoft and Software AG might not be feeling the same degree of love going forward.
We’re surprised that AmberPoint was able to stay independent for as long as it had, because the task that it performs is simply one piece of managing the run-time. When you manage whether services are connecting, delivering the right service levels to the right consumers, ultimately you are looking at a larger problem because services do not exist on their own desert island.
Neither should runtime SOA governance. As we’ve stated again and again, it makes little sense to isolate run-time governance from IT Service Management. The good news is that with the Oracle acquisition, there are potential opportunities, not only for converging runtime SOA governance with application management, but as Oracle digests the Sun acquisition, providing full visibility down to infrastructure level.
Transaction monitoring and optimization will become the next battleground of application performance management. . .
But let’s not get ahead of ourselves here as the emergence of a unified, Oracle on Sun turnkey stack won’t happen overnight. And the challenge of delivering an integrated solution will be as much cultural as technical, as the jurisdictional boundary between software development and IT operations blurs. But we digress.
Nonetheless, over the past couple years, AmberPoint itself has begun reaching out from its island of SOA runtime, as it extended its visibility to business transaction management. AmberPoint is hardly alone here as we’ve seen a number of upstarts like AppDynamics or Bluestripe (typically formed by veterans of Wiley and HP/Mercury), burrowing down into the space of instrumenting transactions from hop to hop. Transaction monitoring and optimization will become the next battleground of application performance management, and it is one that IBM, BMC, CA, HP, and Compuware are hardly likely to passively watch from the sidelines. [Disclosure: CA, HP and Compuware are sponsors of BriefingsDirect podcasts.]
Last one standing
As for whether run-time SOA governance demands a Switzerland-style independent vendor approach, that leaves it up to the last one standing, SOA Software, to fight the good fight. Until now, AmberPoint and SOA Software have competed for the affections of Microsoft; AmberPoint has offered an Express web services monitoring product that is a free plug-in for Visual Studio (a version is also available for Java); SOA Software offers extensive .NET versions of its service policy, portfolio, repository, and service manager offerings.
Nonetheless, although AmberPoint isn’t saying anything outright about the WebLogic (now Oracle’s formerly BEA’s) share of its 300-customer installed base, that platform was first among equals when it came to R&D investment and presence. BEA previously OEM’ed the AmberPoint management platform, an arrangement that Oracle ironically discontinued; well in this case, the story ends happily ever after. As for SOA Software, we would be surprised if this deal didn’t push it into closer embrace with Microsoft.
Postscript: Thanks to Ann Thomas Manes for updating me on AmberPoint’s alliances. They are/were with SAP, TIBCO Software, and HP, in addition to Microsoft. Their Software AG relationship has faded in recent years. [Disclosure: TIBCO is a sponsor of BriefingsDirect podcasts.]
Of course all this M&A rearranges the dance floor in interesting ways. Oracle currently OEMs HP’s Systinet as its SOA registry, an arrangement that might get awkward now that Oracle’s getting into the hardware business. That will place into question virtually all of AmberPoint’s relationships.
This guest post comes courtesy of Tony Baer’s OnStrategies blog. Tony is a senior analyst at Ovum.
February 8th, 2010
Converged infrastructure approach paves way for improved data center productivity, private clouds
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Learn more. Sponsor: Hewlett-Packard.
For more information on virtualization and how it provides a foundation for Private Cloud, plan to attend the HP Cloud Virtual Conference taking place in March. To register for this event, go to:
Asia, Pacific, Japan - March 2
Europe Middle East and Africa - March 3
Americas - March 4
Improved data center productivity now appears to be a natural progression from converged infrastructure. Many enterprise data centers have embraced a shared service management model to some degree, and now converged infrastructure applies the shared service model more broadly to leverage modular system design and open standards, as well as to advance proven architectural frameworks.
The result is a realignment of traditional technology silos into adaptive pools that can be shared by any application, as well as optimized and managed as ongoing services. Under this model, resources are dynamically provisioned efficiently and automatically, gaining more business results productivity. This also helps rebalance IT spending away from a majority of spend on operations and more toward investments, innovations, and business improvements.
This latest BriefingsDirect discussion explores the benefits of a converged infrastructure approach, and now how to better understand attaining a transformed data center environment. We’ll see how converged infrastructure provides a stepping stone to private cloud initiatives. But, as with any convergence, there are a lot of moving parts, including people, skills, processes, services, outsourcing options, and partner ecosystems.
We’re here with two executives from Hewlett-Packard (HP) to delve deeply into converged infrastructure and to learn more about how to get started and deal with some of the complexity, as well as to know what to expect as payoff. Please welcome Doug Oathout, Vice President, Converged Infrastructure at HP Storage, Servers, and Networking, and John Bennett, Worldwide Director, Data Center Transformation Solutions at HP. The discussion is moderated by Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Bennett: I often think of many CIOs as being at the heart of a vise, where, on one side, they have the
business pressures. … They need to support growth. They need to do a faster job of creating acquisitions. They need to spend more on business projects and innovation. They need to exploit technology for business advantage. They need to reduce costs.
On the other side of the vise are the constraints that they have in the environment that get in the way of them successfully addressing the business needs — legacy infrastructure and applications and antiquated methods of managing the infrastructure that make it difficult to be responsive to change, or people with the skills that won’t serve modern technology’s needs or environments.
Data-center transformation (DCT) helps enterprises implement a data center and infrastructure strategy that’s aligned to their goals and objectives. The key here is that it’s customer-driven, and it has to be built around the plans and directions of the targeted organization. This is clearly not a one-size-fits-all type of environment.
For many organizations, those strategies for infrastructure can include traditional shared infrastructure solutions or servers using virtualization and automation with shared storage environments. Increasingly, we’ve seen a natural evolution into a tighter integration of the capabilities and assets of the data center in the fabric infrastructure.
HP’s Converged Infrastructure represents a pretty significant step forward in terms of benefits and capabilities for customers looking at having infrastructure strategy aligned to their future needs. The neat thing is that converged infrastructure can be the foundation for private cloud architectures.
Oathout: About two-thirds, if not 70 percent, of the IT operations budget is spent on maint
aining IT and the IT workload within the data center.
When you have a recession, like we just experienced, what happens is that 30 percent spent on innovation or new workload placement gets cut immediately to help manage the budget within an organization. Therefore, in the last 18 months, very little innovation and few new projects were taken on by IT to support new business growth.
Now we have customers who are starting to spend again and who are starting to see the light at the end of the tunnel. They want their IT environment to be more flexible in the future. So, they’re looking at their server and storage upgrades, and how they can implement converged infrastructure, so that the new infrastructure is more flexible and can adapt more to the requirements of the business.
As you’re going through your technology refresh now, coming out of the recession, you can start implementing better and faster IT equipment. You can also use better and more efficient processes — virtualization, automation, and management. When you put those pools of resources in place, you put them in a virtual environment so they can be shared among applications or can be transferred among applications when needed.
You are in the process now of creating pools of resources, versus dedicated silo resources, like you had prior to the recession, which couldn’t be reused for some of the application, and therefore you couldn’t support business growth.
The opportunity now is to break down those silos, give our customers the ability to share resources in the same footprint they have today, and actually become more efficient, so that when business changes or business needs change, they can adapt to the requirements of the business.
In a converged infrastructure environment, you really don’t want to care about the infrastructure you are putting it on. What you want to care about is that it’s resilient, it’s optimized, and it’s modular, so it can grow and shrink with the application’s demand.
Servers and storage lead the way
Let me give you an example. A server consolidation using virtualization and new server equipment will generally double or triple your capacity within your data center for the same footprint, just by getting the utilization of the servers up, better performance within the servers, and better capabilities within virtual environments. You can basically double or even triple the size of your capacity within your data center.
As you’re going through your technology refresh now, coming out of the recession, you can start implementing better and faster IT equipment.
The same thing holds true for storage. Storage disk drives become twice as dense over a two- or three-year period. The performance of the drives gets better. So, for the same footprint in your data center you can actually fit twice as much storage.
… What you really have is a process change that’s required between the IT application managers, the test and development people, and a team that actually runs the infrastructure. They need to talk more about standardization. They need to talk about how their IT comes together.
That’s where the Data Center Transformation Workshop that John Bennett’s team does helps. It gives you an architecture for future deployments, so that you have a converged infrastructure. You have pools of resources to put new applications down or revamp older applications onto a newer architecture, so it becomes more flexible.
You have to break down that silo or break down that fence between application deployments and what line of businesses are telling the application deployers and the people who run the infrastructure. Customers really do see that as a deployment barrier, but they’re working through it, because there are significant benefits on the other side, just due to the fact that you increase agility, lower cost, and you have more money and more people to go do the innovation to support the workloads of future businesses.
Bennett: Good organizations are always rethinking IT. What are the organization’s strategy, goals, and objectives? What is it going to take to realize those objectives? What capabilities do we need from IT in order to make those real? And then, how do we make them happen?
This is where the partnership between the technology team and the business team comes into play. The technology team will have more insights into how it can be exploited, and the key thing for the business is to make sure they specify their needs and not specify the answer.
… There’s economic return to the organization from being able to roll out a new business service more quickly. There’s an economic return to the business from being able to provision more resources when they are needed based on demand, so that demand doesn’t disappear. There’s a competitive business benefit, which is financial in nature, in being able to respond to competitive threats more quickly.
And a lot of the benefits of this are in the nature of direct cost savings — the consolidation, modernization, and virtualization that Doug spoke to — the savings from energy related projects and investments with Data Center Smart Grid, for example. All are easily quantifiable.
For more information on HP’s Virtual Services, please go to: www.hp.com/go/virtualization and www.hp.com/go/services
Oathout: A cloud-computing environment is really an application-rich environment that allows you to bring more users on quickly and expand your capabilities and shrink your capabilities as you need them.Converged infrastructure can be for public cloud, private cloud, or for a web workload or an high-performance computing (HPC) workload or an SAP workload. It doesn’t really matter. A converged infrastructure is the optimal deployment of IT to support any kind of application, because it’s modular in nature.
It has the flexibility to have more storage, more memory, less CPUs or more CPUs, less storage, or less memory, but it’s all modular, so you can put the pieces together as you need them. So, it is a base support for either a cloud environment or a traditional IT environment. It really doesn’t matter. It’s designed to support both.
A private cloud is the IT department saying, “I’m now going to create a service catalog for my lines of business to develop upfront.” You’re getting software as a service (SaaS) now sitting on top of either a converged infrastructure or legacy infrastructure. A converged infrastructure is a lot easy to put SaaS on. But, you make that service catalog available to line of businesses, so they can turn on applications as they need them, very quickly.
Optimizing over time
Then, you can put more users on an enterprise resource planning (ERP) application, an online application, or a Web 2.0 application. IT is there as a support service now, setting that up, taking it down, and optimizing it over time, depending on the business needs.
So, private cloud is kind of that SaaS that sits on either a converged infrastructure or a legacy infrastructure or uniquely designed infrastructures that you get from some of the public cloud providers. Converged infrastructure is the optimal way to develop and deploy that in a standard data-center environment, and it’s in support of a private cloud.
When you start bringing a storage and server and networking platforms together through a flexible fabric, the economies of scale of a shared resources and open systems is going to drive down the cost of acquiring IT. Then, with the software and the services capabilities that companies bring to market, they’re going to bring the efficiencies along with them.
So, it is inevitable, starting with the simplest of workloads, moving to some of the hardest of workloads, that you are going to have a converged infrastructure. You are going to have application as a service, whether it’s internal or external from a cloud provider, just because the economies of scale are there, and the ability to deploy the stuff is so simple once you get it set up that the efficiencies are also there besides the economies of purchase.
For example, a customer, the Dallas Cowboys, built a new football stadium in the Dallas area. It’s a $1.4 billion investment. In the bottom of the thing is their data center. They run 30 different businesses out of the data center in the Dallas Cowboys stadium.
They have built it on a virtual environment. They have BladeSystems. They have the FlexFabric built into the environment. They went from over 500 servers down to 16 blades, with virtual machines running on them for the point of sale environment within the stadium. It drove a smaller footprint, but also the dynamics in the server and storage environment, so they can bring on new applications for the 30 businesses very quickly.
They changed their infrastructure to support their environment. … They bring applications online and very reactive to the lines of businesses they are supporting. That’s what a converged infrastructure really delivers, besides the lower economic cost that John and I have talked about. It’s that efficiency to bring new opportunities to the lines of businesses, accelerate business growth, or increase customer satisfaction.
There are two ways to get started. They can contact one of HP’s business partners. Our business partners are enabled to do our Converged Infrastructure Maturity Model. Or, you can come to HP.com/go/ci, and it will take you to the landing page for a converged infrastructure.
For more information on virtualization and how it provides a foundation for Private Cloud, plan to attend the HP Cloud Virtual Conference taking place in March. To register for this event, go to:
Asia, Pacific, Japan - March 2
Europe Middle East and Africa - March 3
Americas - March 4
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Learn more. Sponsor: Hewlett-Packard.
February 8th, 2010
BriefingsDirect analyst panelists peer into crystal balls for latest IT growth and impact trends
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Charter Sponsor: Active Endpoints.
The next BriefingsDirect Analyst Insights Edition, Volume 49, hones in on the predictions for IT industry growth and impact, now that the recession appears to have bottomed out. We’re going to ask our distinguished panel of analysts and experts for their top five predictions for IT growth through 2010 and beyond.
This periodic discussion and dissection of IT infrastructure related news and events with a panel of industry analysts and guests, comes to you with the help of our charter sponsor Active Endpoints, maker of the ActiveVOS business process management system.
To help us gaze into the IT trends crystal ball we are joined by our panel: Jim Kobielus, senior analyst at Forrester Research; Joe McKendrick, independent analyst and prolific blogger; Tony Baer, senior analyst at Ovum; Brad Shimmin, principal analyst at Current Analysis; Dave Linthicum, CEO of Blue Mountain Labs; Dave Lounsbury, vice-president of collaboration services at The Open Group; Jason Bloomberg, managing partner at ZapThink, and JP Morgenthal, independent analyst and IT consultant. The discussion is moderator Dana Gardner, principal analyst at Interarbor Solutions. [Disclosure: The Open Group is a sponsor of BriefingsDirect podcasts.]
Here are some excerpts:
Shimmin: Mine are geared toward collaboration and conferencing. The first and most obvious
is that clouds are going to become less cloudy. Vendors, particularly those in the collaboration space, are going to start to deliver solutions that are actually a blend of both cloud and on-premise.
We’ve seen Cisco take this approach already with front-ending some web conferencing to off-load bandwidth requirements at the edge and to speed internal communications. IBM, at least technically, is poised do the same with Foundations, their appliances line, and LotusLive their cloud-based solution.
With vendors like these that are going to be pulling hybrid, premise/cloud, and appliance/service offerings, it’s going to really let companies, particularly those in the small and medium business (SMB) space, work around IT constraints without sacrificing the control and ownership of key processes and data, which in my mind is the key, and has been one of the limiting factors of cloud this year.
Number two: I have “software licensing looks like you.” As with the housing market, it’s really a buyer’s market right now for software. It’s being reflected in how vendors are approaching selling their software. Customers have the power to demand software pricing that better reflects their needs, whether it’s servers or users.
I think the weapons will be user facing enterprise apps that work in concert with line-of-business solutions on the back-end.
So, taking cues from both the cloud and the open-source licensing vendors out there, we will see some traditional software manufacturers really set up a “pick your poison” buffet. You can have purchase options that are like monthly or yearly subscriptions or flat perpetual licenses that are based on per seat, per server, per CPU, per request, per processor, or per value unit, with a shout out at IBM there — or any of the above.
You put those together in a way that is most beneficial to you as a customer to meet your use case. We saw last year with web conferencing software that you could pick between unlimited usage with a few seats or unlimited seats with limited usage. You can tailor what you pay to what you need.
Third for me is the mobile OS wars are going to heat up. I’m all done with the desktop. I’m really thinking that it’s all about the Google Chrome/Android. I know there’s a little bit of contention there, but Google Chrome/Android, Symbian, RIM, Apple iPhone, Windows Mobile, all those devices will be the new battle ground for enterprise users.
I think the weapons will be user facing enterprise apps that work in concert with line-of-business solutions on the back-end. We’ll see the emergence of native applications, particularly within the collaboration space, that are capable of fully maximizing the underlying hardware of these devices, and that’s really key. Capabilities like geo-positioning, simultaneous web invoice and, eventually, video are really going to take off across all these platforms this year.
Win or lose
But, the true battle for this isn’t going to be in these cool nifty apps. It’s really going to be in how these vendors can hopefully turn these devices into desktops, in terms of provisioning, security, visibility, governance, etc. That, to me, is going to be where they’re going to either win or lose this year.
Four is “The Grand Unification Theory” — the grand unification of collaboration. That’s going to start this year. We’re no longer going to talk about video conferencing, web conferencing, telepresence, and general collaboration software solutions as separate concerns. You’re still going to have PBXs, video codecs, monitors, cameras, desk phones, and all that stuff being sold as point solutions to fill specific requirements, like desktop voice or room-based video conferencing and the like.
Special offer: Download a free, supported 30-day trial of Active Endpoint’s ActiveVOS at www.activevos.com/insight.But, these solutions are really not going to operate in complete ignorance of one another as they have in the past. Vendors with capabilities or partnerships spanning these areas, in particular — I’m pointing out Cisco and Microsoft here — can bring and will be bringing facets of these together technically to enable users to really participate in collaboration efforts, using their available equipment.
And last but not least … Google Wave is really going to kick in in 2010. I may be stating the obvious, or I maybe stating something that’s going to be completely wrong, but I really feel that this is going to be the year that traditional enterprise collaboration players jump head long into this Google Wave pool in an effort to really cash in on what’s already a super-strong mind share within the consumer ranks.
Even though they have a limited access to the beta right now, there are over a million users of it, that are chunking away at this writing code and using Wave.
Of course, Google hosted rendition will excel in supporting consumer tasks like collaborative apps and role playing games. That’s going to be big.
Linthicum: My top five are going to be, number one, cloud computing goes mainstream.
That’s a top prediction, I’m just seeing the inflection point on that.
I know I’m going out on the edge on this one. Go to indeed.com and do a search on the cloud-computing jobs postings. As I posted on my InfoWorld blog few weeks ago, it’s going up at an angle that I have never seen at any time in the history of IT. The amount of growth around cloud computing is just amazing. Of course, it’s different aspects of cloud computing, not just architecture with people who are cloud computing developers and things like that.
The Global 2000 and the government, the Global 1, really haven’t yet accepted cloud computing, even though it’s been politically correct for some time to do so. The reason is the lack of control, security concerns, and privacy issues, and, of course, all the times the cloud providers went down. The Google outages and the loss of stuff with T-Mobile, hasn’t really helped, but ultimately people are gearing up, hiring up, and training up for cloud computing.
We are going to see a huge inflection point in cloud computing. This can be more mainstream in Global 2000 than it has been in the past. It’s largely been the domain of SMBs, pilot projects, things like that. It’s going to be a huge deal in 2010 and people are going to move into cloud computing in some way, shape, or form, if they are in an organization.
People are pushing back on that now. They’ve had it. They really don’t want all of their information out there on the Internet …
The next is privacy becomes important. Facebook late last year pulled a little trick, where they changed the privacy settings, and you had to go back and reset your privacy settings. So, in essence, if you weren’t diligent about looking at the privacy settings within your Facebook account and your friends list, your information was out on the Internet and people could see it.
The reason is that they’re trying to monetize people who are using Facebook. They’re trying to get at the information and put the information out there so it’s searchable by the search engines. They get the ad revenue and all the things that are associated with having a big mega social media site.
People are going to move away from these social media sites that post their private information, and the social media sites are going to react to that. They’re going to change their policies by the end of 2010, and there’s going to be a big uproar at first.
Cloud crashes
Next, the cloud crashes make major new stories. We’ve got two things occurring right now. We’ve got a massive move into the cloud. That was my first prediction. We have the cloud providers trying to scale up, and perhaps they’ve never scaled up to the levels that they are going to be expected to scale to in 2010. That’s ripe for disaster.
A lot of these cloud providers are going to over extend and over sell, and they’re going to crash. Performance is going to go down — very analogous to AOL’s outage issues, when the Internet first took off.
We’re going to see people moving to the cloud, and cloud providers not able to provide them with the service levels that they need. We’re going to get a lot of stories in the press about cloud providers going away for hours at a time, data getting lost, all these sorts of things. It’s just a matter of growth in a particular space. They’re growing very quickly, they are not putting as much R&D into what these cloud systems should do, and ultimately that’s going to result in some disasters.
Next, Microsoft becomes cloud relevant. Microsoft, up to now, has been the punch line of all cloud computing. It had the Azure platform out there. They’ve had a lot of web applications and things like that. They really have a bigger impact in the cloud than most people think, even though when we think of cloud, we think of Amazon, Google, and larger players out there.Suddenly, you’re going to see Microsoft with a larger share of the cloud, and they’re going to be relevant very quickly.
With Azure coming into its own in the first quarter of next year in the rise of their office automation applications for the cloud, you are going to see a massive amount of people moving to the Microsoft platform for development, deployment, infrastructure, and the office automation application. The Global 2000 that are already Microsoft players and the government that has a big investment in Microsoft are going to move in that direction.
Suddenly, you’re going to see Microsoft with a larger share of the cloud, and they’re going to be relevant very quickly. In the small- and medium-sized business, it’s still going to be the domain of Google, and state and local governments are still be going to be the domain of Google, but Microsoft is going to end up ruling the roost by the end of 2010.
Finally, the technology feeding frenzy, which is occurring right now. People see the market recovering. There is money being put back into the business. That was on the sidelines for a while. People are going to use that money to buy companies. I think there is going to be a big feeding frenzy in the service-oriented architecture (SOA) world, in the business intelligence (BI) world, and definitely in the cloud-computing world.
Lots of these little companies that you may not have heard about, which may have some initial venture funding, are suddenly going to disappear. Google has been taking these guys out left and right. You just don’t hear about it. You could do a podcast just on the Google acquisitions that have occurred this week. That’s going to continue and accelerate in 2010 to a point where it’s almost going to be ridiculous.
Lounsbury: I’m going to jump on the cloud bandwagon initially. We’ve seen huge amounts of
interest across the board in cloud and, particularly, increasing discussions about how people make sense of cloud at the line-of-business level.
Another bold prediction here is that the cloud market is going to continue to grow, and we’ll see that inflection point that Dave Linthicum mentioned. But, I believe that we’re going to see the segmentation of that into two overarching markets, an infrastructure-as-a-service (IaaS) or platform-as-a-service market (PaaS) and software-as-a-service (SaaS) market. So that’s my number one prediction.
We’ll see the continued growth in the acceptance by SMBs of the IaaS and PaaS for the cost and speed reasons. But, the public IaaS and PaaS are going to start to become the gateway drug for medium- to large-size enterprises. You’re going to see them piloting in public or shared environments, but they are going to continue to move back toward that locus of controlling their own resources in order to manage risk and security, so that they can deliver their service levels that their customers expect.
My third prediction, again in cloud, is that SaaS will continue to gain mainstream acceptance at all levels in the enterprise, from small to large. What you’ll see there is a lot of work on interfaces and APIs and how people are going to mash up cloud services and bring them into their enterprise architectures.
February 6th, 2010
ISM3 brings greater standardization to security measurement across enterprise IT
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
Security may be the hottest topic in IT. But it’s also one of the least understood.
So BriefingDirect assembled a panel this week to examine the need for IT security to run more like a data-driven science, rather than a mysterious art form.
Rigorously applying data and metrics to security can dramatically improve IT results and reduce overall risk to the business. By employing and applying more metrics and standards to security, the protection of IT becomes better, and the known threats can become evaluated uniformly.
Standards like Information Security Management Maturity Model (ISM3) are helping to not only gain greater visibility, but also allowing IT leaders to scale security best practices repeatably and reliably.
With standards and greater reliance on data, security practitioners can understand better what they are up against, perhaps gaining close to real-time responses. They can know what’s working — or is not working — both inside and outside of their organization.
The security metrics panel and sponsored podcast discussion are coming to you from The Open Group’s Enterprise Architecture Practitioners Conference in Seattle on Feb. 2, 2010. The goal is to determine the strategic imperatives for security metrics, and to discuss how to use them to change the outcomes in terms of IT’s value to the business.
Our panel consists of a security executive from The Open Group, as well as two experts on security who are presenting at the consortium’s Security Practitioners Conference: Jim Hietala, Vice President for Security at The Open Group; Adam Shostack, co-author of The New School of Information Security, and Vicente Aceituno, director of the ISM3 Consortium. The discussion is moderated by Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Hietala: We think there’s a contribution to make from The Open Group, in terms of developing the ISM3 standard and getting it out there more widely. [Being a data-d
riven security organization means] using information to make decisions, as opposed to what vendors are pitching at you, or your gut reaction. It’s getting a little more scientific about gathering data on the kinds of attacks you’re seeing and the kinds of threats that you face, and using that data to inform the decisions around the right set of controls to put in place to effectively secure the organization.
A presentation we had today from an analyst firm talked about people being all over the map [on security practices]. I wouldn’t say there’s a lot of rigor and standardization around the kinds of data that’s being collected to inform decisions, but there is some of that work going on in very large organizations. There, you typically see a little more mature metrics program. In smaller organizations, not so much. It’s a little all over the map.
… The important outputs of a good metrics program can be that it gives you a different way to talk to your senior management about the progress that you’re making against the business objectives and security objectives.
That’s been an area of enormous disconnect. Security professionals have tended to talk about viruses, worms, relatively technical things, but haven’t been able to show a trend to senior management that justifies the kind of spending they have been doing and the kind of spending they need to do in the future. Business language around some of that is needed in this area.
Shostack: We have an opportunity to be a heck of a lot more effective than we have been. We can sa
y, “This control that we all thought was a really good idea — well, everyone is doing it, and it’s not having the impact that we would like.” So, we can reassess how we’re getting real, where we’re putting our dollars.
The big change we’ve seen is that people have started to talk about the problems that they are having, as a result of laws passed in California and elsewhere that require them to say, “We made a mistake with data that we hold about you,” and to tell their customers.
We’ve seen that a lot of the things we feared would happen haven’t come to pass. We used to say that your company would go out of business and your customers would all flee. It’s not happening that way. So, we’re getting an opportunity today to share data in a way that’s never been possible before.
Aceituno: The top priority should be to make sure that the things you measure are things that
are contributing positivity to the value that you’re bringing to business as a information security management (ISM) practitioner. That’s the focus. Are you measuring things that are actually bringing value or are you measuring things that are fancy or look good?
Because metrics are all about controlling what you do and being able to manage the outputs that you produce and that contribute value to the business … you can use metrics to manage internal factors.
I don’t think it brings a bigger return on investment (ROI) to collect metrics on external things that you can’t control. It’s like hearing the news. What can you do about it? You’re not the government or you’re not directly involved. It’s only the internal metrics that really make sense.
Basically, we link business goals, business objectives, and security objectives in a way that’s never been done before, because we are painfully detailed when we express the outcomes that you are supposed to get from your ISM system. That will make it far easier for practitioners to actually measure the things that matter.
Business value approach
Shostack: Vicente’s point about measuring the things you can control is critical. Oftentimes in security, we don’t like to admit that we’ve made mistakes and we conceal some of the issues that are happening. A metrics initiative gives you the opportunity to get out there and talk about what’s going on, not in a finger pointing way, which has happened so often in the past, but in an objective and numerically centered way. That gives us opportunity to improve.
Hietala: There’s some taxonomy work to be done. One of the real issues in security is that when I say “threat,” do other people have the same understanding? Risk management is rife with different terms that mean different things to different people. So getting a common taxonomy is something that makes sense.
The kinds of metrics we’re collecting can be all over the map, but generally they’re the things that
would guide the right kind of decision making within an IT security organization around the question, “Are we doing the right things?”
Today, Vicente used an example of looking at vulnerabilities that are found in web applications. A critical metric was how long those vulnerabilities are out there before they get fixed by different lines of business, by different parts of the business, looking at how the organization is responding to that. We’re trying to drive that metric toward the vulnerabilities being open for less time and getting fixed quicker.
Shostack: We’ve seen over the last few years that those security programs that succeed are the ones that talk to the business needs and talk to the executive suite in language that the executives understand.
We’ve seen over the last few years that those security programs that succeed are the ones that talk to the business needs and talk to the executive suite in language that the executives understand.
The real success here and the real step with ISM3 is that it gives people a prescriptive way to get started on building those metrics.
You can pick it up and look at it and say, “Okay, I’m going to measure these things. I’m going to trend on them.” And, I’m going to report on them.”
As we get toward a place, where more people are talking about those things, we’ll start to see an expectation that security is a little bit different. There is a risk environment that’s very outside of people’s control, but this gives people a way to get a handle on it.
Aceituno: The main task of the ISM3 Consortium so far was to manage the ISM3 standard. I’m very happy to say that The Open Group and ISM3 Consortium reached an agreement and, with this agreement, The Open Group will be managing ISM3 from here on in. We’ll be devoting our time to other things, like teaching and consulting services in Spain, which is our main market. I can’t think of anything better than for ISM3 to be managed from The Open Group.
Hietala: You have metrics and control approaches in various areas and you can pick a starting point. You can come at this top-down, if you’re trying to implement a big program. Or, you come at it bottoms-up and pick a niche, where you know you are not doing well and want to establish some rigor around what you are doing. You can do a smaller implementation and get some benefit out of it. It’s approachable either way.
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
February 4th, 2010
ArchiMate gives business leaders and IT architects a common language to describe how the enterprise works best
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
Our next podcast discussion looks at ArchiMate, a way of conceptualizing, modeling, and controlling enterprise architecture (EA) and business architecture.
ArchiMate provides ways to develop visualizations and control of IT architecture to more swiftly obtain business benefits. To learn more, we interview an expert on this, Dr. Harmen van den Berg, partner and co-founder at BiZZdesign.
This podcast was recorded Feb. 2 at The Open Group’s Enterprise Architecture Practitioners Conference in Seattle the week of Feb. 1, 2010. The discussion is moderated by Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Gardner: I really enjoyed your presentation on ArchiMate. How did the standard come about?
Dr. Harmen van den Berg: ArchiMate was developed in the Netherlands by a number of companies and research institutes. They developed it, because there was a lack of a language for describing EA. After it was completed, they offered it to The Open Group as a standard.
Gardner: What problems does it solve?
Van den Berg: The problem that it solves is that you need a language to express yourself, just like normal communication. If you want to talk about the enterprise and the important assets in the enterprise, the language supports that conversation.
Gardner: We are talking about more and more angles on this conversation, now that we talk about cloud computing and hybrid computing. It seems as if the complexity of EA and the ability to bring in the business side, provide them with a sense of trust in the IT department, and allow the IT department to better understand the requirements of the business, all need a new language. Do you think it can live up to that?
Van den Berg: Yes, because if you look at other language, like UML, which is for system
development and is a very detailed language, it only covers a very limited part of the complete enterprise. ArchiMate is focused on giving you a language for describing the complete enterprise, from all different angles, not on a detailed level, but on a more global level, which is understandable to the business as well.
Gardner: So more stakeholders can become involved with something like ArchiMate. I guess that’s an important benefit here.
Van den Berg: Yes, because the language is not focused only on IT, but on the business as well and on all kinds of stakeholders in your organization.
Gardner: How would someone get started, if they were interested in using ArchiMate to solve some of these problems? What is the typical way in which this becomes actually pragmatic and useful?
Van den Berg: The easiest way is just to start describing your enterprise in terms of ArchiMate. The language forces you to describe it on a certain global level, which gives you direct insight in the coherence within your enterprise.
Gardner: So, this allows you to get a meta-view of processes and assets that are fundamentally in IT, but have implication for and reverberate around the business.
Don’t have to start in IT
Van den Berg: You don’t have to start in IT. You can just start at the business side. What are
products? What are services? And, how are they supported by IT?” That’s a very useful way to start, not from the IT side, but from the business side.
Gardner: Are there certain benefits or capabilities in ArchiMate that would, in fact, allow it to do a good job at defining and capturing what goes on across an extended enterprise, perhaps hybrid sourcing or multiple sourcing of business processes and services?
Van den Berg: It’s often used, for example, when you have an outsourcing project to describe not only your internal affairs, but also your relation with other companies and other organizations.
Gardner: What are some next steps with ArchiMate within The Open Group as a standard? Tell us what it might be maturing into or what some of the future steps are.
Van den Berg: The future steps are to align it more with TOGAF, which is the process for EA, and also extending it to cover more elements that are useful to describe an EA.
It’s often used, for example, when you have an outsourcing project to describe not only your internal affairs, but also your relation with other companies and other organizations.
Gardner: And for those folks who would like to learn more about ArchiMate and how to get this very interesting view of their processes, business activities, and IT architecture variables where would you go?
Van den Berg: The best place to go is The Open Group website. There is a section on ArchiMate and it gives you all the information.
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
You may also be interested in:
February 4th, 2010
'Business architecture' helps business and IT leaders decide on and communicate changes at the new speed of business
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
What’s the difference between enterprise architecture (EA) and business architecture (BA)? We pose the question to Tim Westbrock, Managing Director of EAdirections, as part of a sponsored podcast discussion coming to you from The Open Group’s Enterprise Architecture Practitioners Conference in Seattle, the week of Feb. 1, 2010.
The discussion is moderated by me, Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Gardner: I really enjoyed your presentation today. Can you tell us a little bit about some of the high-level takeaways. Principally, how do you define BA?
Westbrock: Well, the premise of my discussion today is that, in order for EA to maintain and
continue to evolve, we have to go outside the domain of IT. Hence, the conversation about BA. To me, BA is an intrinsic component of EA, but what most people really perform in most organizations that I see is IT architecture.
A real business-owned enterprise business architecture and enterprise information architecture are really the differentiating factors for me. I’m not one of these guys that is straight about definitions. You’ve got to get a sense from the words that you use.
To me enterprise business architecture is a set of artifacts and methods that helps business leaders make decisions about direction and communicate the changes that are required in order to achieve that vision.
Gardner: How do we get here? What’s been the progression? And, why has there been such a gulf between what the IT people eat, sleep, and drink, and what the business people expect?
Westbrock: There are a lot of factors in that. Back in the late ’80s and early ’90s, we got really good at providing solutions really quickly in isolated spots. What happened in most organizations is that you had really good isolated solutions all over the place. Integrated? No. Was there a need to integrate? Eventually. And, that’s when we began really piling up the complexity.
We went from an environment, where we had one main vendor or two main vendors, to every specific solution having multiple vendors contributing to the software and the hardware environment.
That complexity is something that the business doesn’t really understand, and we haven’t done a real good job of getting the business to understand the implications of that complexity. But, it’s not something they should really be worried about. It’s our excuse sometimes that it’s too complex to change quickly.
Focus on capabilities
We really need to focus the conversation on capabilities. Part of my presentation talked about
deriving capabilities as the next layer of abstraction down from business strategy, business outcomes, and business objectives. It’s a more finite discussion of the real changes that have to happen in an organization, to the channel, to the marketing approach, to the skill mix, and to the compensation. They’re real things that have to change for an organization to achieve its strategies.
In IT architecture, we talk about the changes in the systems. What are the changes in the data? What are the changes in the infrastructure? Those are capabilities that need to change as well. But, we don’t need to talk about the details of that. We need to understand the capabilities that the business requires. So, we talk to folks a lot about understanding capabilities and deriving them from business direction.
Gardner: It seems to me that, over the past 20 or 30 years, the pace of IT technological change was very rapid — business change, not so much. But now, it seems as if the technology change is not quite as fast, but the business change is. Is that a fair characterization?
Westbrock: It’s unbelievably fast now. It amazes me when I come across an organization now that’s surviving and they can’t get a new product out the door in less than a year — 18 months, 24 months. How in a world are they responding to what their customers are looking for, if it takes that long to get system changes products out the door?
BA is a means by which we can engage as IT professionals with the business leadership, the business decision-makers who are really deciding how the business is going to change.
We’re looking at organizations trying monthly, every six weeks, every two months, quarterly to get significant product system changes out the door in production. You’ve got to be able to respond that quickly.
Gardner: So, in the past, the IT people had to really adapt and change to the technology that was so rapidly shifting around them, but now the IT people need to think about the rapidly shifting business environment around them.
Westbrock: “Think about,” yes, but not “figure out.” That’s the whole point. BA is a means by which we can engage as IT professionals with the business leadership, the business decision-makers who are really deciding how the business is going to change.
Some of that change is a natural response to government regulations, competitive pressures, political pressures, and demographics, but some of it is strategic, conscious decisions, and there are implications and dependencies that come along with that.
Sometimes, the businesses are aware of them and sometimes they’re not. Sometimes, we understand as IT professionals — some not all — about those dependencies and those implications. By having that meaningful dialogue on an ongoing basis, not just as a result of the big implementation, we can start to shorten that time to market.
Gardner: So, the folks who are practitioners of BA, rather than more narrowly EA, have to fill this role of Rosetta Stone in the organization. They have to translate cultural frames of mind and ideas about the priorities between that IT side and the business side.
Understanding your audience
Westbrock: This isn’t a technical skill, but understanding your audience is a big part of doing this. We like to joke about executives being ADD and not really being into the details, but you know what, some are. We’ve got to figure out the right way to communicate with this set of leadership that’s really steering the course for our enterprise.
That’s why there’s no, “This is the artifact to create.” There’s no, “This is the type of information that they require.” There is no, “This is the specific set of requirements to discuss.”
That’s why we like to start broad. Can you build the picture of the enterprise on one page and have conversations maybe that zero in on a particular part of that? Then, you go down to other levels of detail. But, you don’t know that until you start having the conversation.
Gardner: Okay, as we close out, you mentioned something called “strategic capability changes.” Explain that for us?
. . . There’s a missing linkage between that vision, that strategy, that direction, and the actual activities that are going on in an organization.
Westbrock: To me, so many organizations have great vision and strategy. It comes from their leadership. They understand it. They think about it. But, there’s a missing linkage between that vision, that strategy, that direction, and the actual activities that are going on in an organization. Decisions are being made about who to hire, the kinds of projects we decide to invest in, and where we’re going to build our next manufacturing facility. All those are real decisions and real activities that are going on on a daily basis.
This jump from high-level strategy down to tactical daily decision-making and activities is too broad of a gap. So, we talk about strategic capability changes as being the vehicle that folks can use to have that conversation and to bring that discussion down to another level.
When we talk about strategic capability changes, it’s the answer to the question, “What capabilities do we need to change about our enterprise in order to achieve our strategy?” But, that’s a little bit too high level still. So, we help people carve out the specific questions that you would ask about business capability changes, about information capability changes, system, and technology.
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
You may also be interested in:
February 4th, 2010
The Open Group SOA Work Group making strides to deepen link between TOGAF and SOA
This guest post comes courtesy of Mats Gejnevall, a global enterprise architect from Capgemini.
By Mats Gejnevall
As an attendee at this week’s Open Group Seattle Conference 2010, I met with an international
group of enterprise architecture (EA) thought-leaders including Dave Hornford, the new chair of The Open Group Architecture Forum, Tony Carrato from IBM, Steve Bennett from Oracle and Chris Greenslade from CLARS to enhance the TOGAF practical guide to do service oriented architectures.
In case you’re wondering, the practical guide is a best-practice tool for EA practitioners to speed-up and unify the way the industry creates service oriented architectures (SOA). One item we hope to make clear to the industry is that service orientation is not only about producing some web-services and hoping that will improve the agility and cost structures of the organization.
The evolution to service orientation should be a carefully orchestrated process that includes everything from assessing an enterprise’s ability to change, to identifying the areas that really need service orientation properties, to creating the strategic, segment and capability architectures for those areas and finally, to defining the transition roadmap to implement the SOA strategy.
Our discussions focused on creating a guide that is easy-to-understand and use, but that would also serve as a complete description of how the different phases of TOGAF should be adapted by an enterprise. The result is a user-friendly path through the TOGAF framework with continuous references to the TOGAF content meta-model.
One important issue to always keep in mind is that EA is not about doing low-level IT design . . .
Our work validates the claim that TOGAF is valid for all types of architecture styles, while also proving that there are many “ifs” and “buts” during an organization’s adoption path.
One important issue to always keep in mind is that enterprise architecture (EA) is not about doing low-level IT design, but about creating structures in your organization that fulfill your long-term business goals and ambitions. The low-level design activities will be performed during the actual implementation of the project.
Additionally, we discussed the practical guide’s relationship with other Open Group SOA projects (such as SOA Governance and SOA Reference Architecture) in great detail to ensure that the input from the meta-model objects to these projects were properly included and identified.
The resulting practical guide is due the first part of this year. More information on The Open Group SOA Work Group can be found here: http://www.opengroup.org/projects/soa
This guest post comes courtesy of Mats Gejnevall, a global enterprise architect from Capgemini.
February 4th, 2010
New definition of enterprise architecture emphasizes 'fit for purpose' across IT undertakings
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
This live event podcast discussion comes to you from The Open Group’s Enterprise Architecture Practitioners Conference in Seattle, the week of Feb. 1, 2010.
We examine the definition of enterprise architecture (EA), the role of the architect and how that might be shifting with an expert from the Open Group, Len Fehskens, Vice President of Skills and Capabilities. The interview is moderated by Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Gardner: I was really intrigued by your presentation, talking, with a great deal of
forethought obviously, about the whole notion of EA, the role of the architect, this notion of “fit for purpose.” We want to have the fit-for-purpose discussion about EA. What are the essential characteristics of this new definition?
Fehskens: You’ll remember that one of the things I hoped to do with this definition was understand the architecture of architecture, and that the definition would basically be the architecture of architecture. The meme, so to speak, for this definition is the idea that architecture is about three things: mission, solution, and environment. Both the mission and the solution exist in the environment, and the purpose of the architecture is to specify essentials that address fitness for purpose.
There are basically five words or phrases; mission, solution, environment, fitness for purpose, and essentials. Those capture all the ideas behind the definition of architecture.
Gardner: The whole notion of EA has been in works for 30 years, as you pointed out. What is it about right now in the maturity of IT and the importance of IT in modern business that makes this concept of enterprise architect so important?
Fehskens: A lot of practicing enterprise architects have realized that they can’t do enterpri
se IT architecture in isolation anymore. The constant mantra is “business-IT alignment.” In order to achieve business-IT alignment, architects need some way of understanding what the business is really about. So, coming from an architectural perspective, it becomes natural to think of specifying the business in architectural terms.
We need to talk to business people to understand what the business architecture is, but the business people don’t want to talk tech-speak.
Enterprise architects are now talking more frequently about the idea of “business architecture.” The question becomes, “What do we really mean by business architecture?” We keep saying that it’s the stakeholders who really define what’s going on. We need to talk to business people to understand what the business architecture is, but the business people don’t want to talk tech-speak.
We need to be able to talk to them in their language, but addressing an architectural end. What I tried to do was come up with a definition of architecture and EA that wasn’t in tech-speak. That would allow business people to relate to concepts that make sense in their domain. At the same time, it would provide the kind of information that architects are looking for in understanding what the architecture of the business is, so that they can develop an EA that supports the needs of the business.
Gardner: So, in addition to defining EA properly for this time and place, and with the hindsight of the legacy, development, and history of IT and now business, what is the special sauce for a person to be able to fill that role? It’s not just about the definition, but it’s also about the pragmatic analog world, day-in and day-out skills and capabilities.
Borrowed skills
Fehskens: That’s a really good question. I’ve had this conversation with a lot of architects, andwe all pretty much agree that maybe 90 percent of what an architect does involves skills that are borrowed from other disciplines — program management, project management, governance, risk management, all the technology stuff, social skills, consulting skills, presentation skills, communication skills, and all of that stuff.
But, even if you’ve assembled all of those skills in a single individual, there is still something that an architect has to be able to do to take advantage of those capabilities and actually do architecture and deliver on the needs of their clients or their stakeholders.
I don’t think we really understand yet exactly what that thing is. We’ve been okay so far, because people who entered the discipline have been largely self-selecting. I got into it because I wanted to solve problems bigger than I could solve myself by writing all code. I was interested in having a larger impact then I could just writing a single program or doing something that was something that I could do all by myself.
That way, we filter out people who try to become architects. Then, there’s a second filter that applies: if you don’t do it well, people don’t let you do it. We’re now at the point where people are saying, “That model for finding, selecting, and growing architects isn’t going to work anymore, and we need to be more proactive in producing and grooming architects.” So, what is it that distinguishes the people who have that skill from the people who don’t?
An architect also has to be almost Sherlock Holmes-like in his ability to infer from all kinds of subtle signals about what really matters.
If you go back to the definition of architecture that I articulated in this talk, one of the things that becomes clear is that an architect not only has to have good design skills. An architect also has to be almost Sherlock Holmes-like in his ability to infer from all kinds of subtle signals about what really matters, what’s really important to the stakeholders, and how to balance all of these different things in a way that ends up focusing on an answer to this very squishily, ill-defined statement of the problem.
This person, this individual, needs to have that sense of the big picture — all of the moving parts — but also needs to be able to drill in both at the technical detail and the human detail.
In fact, this notion of fitness for purpose comes back in. As I said before, an architect has to be able to figure out what matters, not only in the development of an architectural solution to a problem, but in the process of discerning that architecture. There’s an old saw about a sculptor. Somebody asked him, “How did you design this beautiful sculpture,” and he says, “I didn’t. I just released it from the stone.”
What a good architect does is very similar to that. The answer is in there. All you have to is find it. In some respects, it’s not so much a creative discipline, as much as it’s an exploratory or searching kind of discipline. You have to know where to look. You have to know which questions to ask and how to interpret the answers to them.
Rarely done
Gardner: One of the things that came out early in your presentation was this notion that architecture is talked about and focused on, but very rarely actually done. If it’s the case in the real world that there is less architecture being done than we would think is necessary, why do it at all?
Fehskens: There’s a lot of stuff being done that is called architecture. A lot of that work, even if it’s not purely architecture in the sense that I’ve defined architecture, is still a good enough approximation so that people are getting their problems solved.
What we’re looking for now, as we aspire to professionalize the discipline, is to get to the point where we can do that more efficiently, more effectively, get there faster, and not waste time on stuff that doesn’t really matter.
I’m reminded of the place medicine was 100 or 150 years ago. I hate to give leeches a bad name, because we’ve actually discovered that they’re really useful in some medical situations. But, there was trepanning, where they cut holes in a person’s skull to release vapors, and things like that. A lot of what we are doing in architecture is similar.
What we want to do is get better at that, so that we pick the right things to do in the right situations, and the odds of them actually working are much higher than better than chance.
We do stuff because it’s the state of the art and other people have tried it. Sometimes, it works and sometimes, it doesn’t. What we want to do is get better at that, so that we pick the right things to do in the right situations, and the odds of them actually working are much higher than better than chance.
Gardner: Okay, a last question. Is there anything about this economic environment and the interest in cloud computing and various sourcing options and alternatives that make the architecture role all the more important?
Fehskens: I hate to give you the typical architect signature which is, “Yes, but.” Yes, but I don’t think that’s a causal a relationship. It’s sort of a coincidence. In many respects, architecture is the last frontier. It’s the thing that’s ultimately going to determine whether or not an organization will survive in an extremely dynamic environment. New technologies like cloud are just the latest example of that environment changing radically.
It isn’t so much that cloud computing makes good EA necessary, as much as cloud computing is just the latest example of changes in the external environment that require organizations to have enterprise architects to make sure that the organization is always fit for purpose in an extremely dynamically changing environment.
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: The Open Group.
You may also be interested in:
February 4th, 2010
Real-time web data services in action at German stock exchange
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download the transcript. Learn more. Sponsor: Kapow Technologies.
Welcome to a special BriefingsDirect dual webinar and podcast presentation, Real-Time Web Data Services in Action at Deutsche Börse.
As the culmination of a four-part series on web data services (WDS), we’re here to examine a fascinating use-case for data services with Deutsche Börse Group in Frankfurt, Germany. An innovative information service recently created there highlights how real-time content and data assembled from various online sources scattered across the Web provides a valuable analysis service.
The offering supports energy traders seeking to track global fluctuations and micro trends in oil and other related markets. But, the need for real-time and precise data affects more than energy traders and financial professionals. More than ever, all sorts of businesses need to know what’s going on in and what’s being said about their respective markets, products, and services.
In this series with Kapow Technologies, we’ve examined the need for WDS and ways that WDS and related tools can be used broadly to solve these problems. Now, we are going to learn the full story of how Deutsche Börse took web data resources, and not only efficiently assembled knowledge from automated robots, cleansing tools, and analytics management, but from these capabilities they also created high value and focused WDS offerings onto itself.
Thanks for joining us, as we take an in-depth look at how the market for WDS has shaped up and then hear directly from the leader of the Deutsche Börse project, as well as from a key supplier that supported them in accomplishing their web services goal.
- Part 1 of 4: Web data services extend business intelligence depth and breadth across social, mobile, web domains
- Part 2 of 4: Web data services provide ease of data access and distribution from variety of sources, destinations
- Part 3 of 4: Web data services — Here’s why text-based content access and management plays a crucial role in real-time BI
So, to learn more about WDS as a business, please welcome our guests, Mario Schultz, director of Energy Facts at Deutsche Börse Group, and Stefan Andreasen, CTO at Kapow Technologies. The discussion is moderated by Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Gardner: It’s interesting to me that we’ve moved beyond a level of static information to
dynamic information and yet we still haven’t taken full advantage of everything that’s being developed and created across the Web.
But today’s market turbulence demands that we do that. We have to move into an era where we can take quality data and provide agility into how we can consume and distribute it. We’re dealing with more diverse data sources. That means we need to have completeness and we need to be comprehensive, in order to accomplish the business information challenges each business faces.
The need now is for flexible, agile, and mixed sourcing of services and data together.
The need now is for flexible, agile, and mixed sourcing of services and data together. The content is often portable. That means it’s ubiquitous across mobile devices and social networks in such a way that real-time analytics becomes extremely important.
The use of data as a business is now coming to the fore. We’re beginning to see value, not from just the assimilation of data for use internally, but as more and more businesses are starting to take advantage of the data that they create and have access to. They share that with their partners, create ecosystems of value, and then even perhaps sell outright the information, as well as insights and analysis from that information.
Schultz: Deutsche Börse is the German stock exchange in Frankfurt, Germany, and we offer all kinds o
f products and services around on-exchange trading and the adjacent processes. For several years now, I’ve been responsible for developing new products and services around information for on-exchange or off-exchange trading. This is why we’ve invented and developed the Energy Facts service.
We developed new products and services where we could transform our know-how and this real-time connection, aggregation, and dissemination of data to other business lines. This is why we looked into the energy trading sector, mainly focused on the power trading here in Europe.
I began by working on the exchange of information that we have in our own systems. We were proceeding with our ideas of enhancing our services and designing new products and services. We were then looking into the Web and trying to get more information from the data that we gather from websites — or somewhere else on the global Web — and to integrate this with our own company’s internal information.
Everything we do focuses on the real-time aspect. Our use of web data services is always focusing on the real-time aspects of this.
At Deutsche Börse, we have something that’s called Xetra, our electronic trading system for cash products. We have Eurex, our derivative business line, which is worldwide, well-known, where you can trade other derivatives on that platform.
We have a main system called CEF. It is our backbone IT solution for delivering data in real-time with milliseconds optimization. The data is mainly coming from our internal IT systems, like Xetra and Eurex, and we deliver this data to the outside world.
Register to view a video version of this presentation with slides and demonstration of the application.In addition, we calculate all the relevant indices, like the DAX, the flagship index for the German markets with 30 instruments, and more than 2,000 — or nearly 3,000 — indices that are distributed over the well-known data vendors, for example, Bloomberg or Reuters. They are our main distribution networks, where we are delivering all our information.
Germany is currently the most important market for energy and power trading in the middle of Europe.
By talking to well-known players in the market, we quickly recognized that we could build up a very powerful and fundamental data models. You have to collect all the relevant information to get an overview and to get an estimate about the price, in this case, where power could develop and in which direction it could develop.
Traders are looking into the fundamental factors that affect the price of the energy or the power that you trade, whether it’s oil or whatever. That’s how we started with power trading. You have the wind and other weather factors. You have temperature. You have the availability of power plants. So, you try to categorize and summarize these sectors. It’s called the supply and the demand side regarding this energy trading.
Fundamental data models
The main issue and main task in the beginning was to collect the relevant data. Quite quickly, we were able to set up a big list of all relevant data sets or sources, especially for Germany and some adjacent countries. We came up with something around 70, 80, or even 100 different sources on the Web to grab information from. So, the main issue was how to collect and grab all this data in a manageable way into one data base. That was the first step.
In the second step, Kapow came into this play. We recognized that it’s really important to have a one-stop shopping inbound channel that collects all the information from these sources, so that you don’t have to have have several IT systems, or your own program, JavaScript, or whatever to get the information.
I wanted to have a responsible product manager for this project or for this new product. From the beginning, I had to have a good technology in place that would be able to handle all these kind of sources from the Web.
February 3rd, 2010
CERN’s evolution toward cloud computing could portend next revolution in extreme IT productivity
Listen to the podcast. Find it on iTunes/iPod and Podcast.com. Read a full transcript or download a copy. Sponsor: Platform Computing.
What are the likely directions for cloud computing? Based on the exploration of expected cloud benefits at a cutting edge global IT organization, the future looks extremely productive.
In this podcast we focus on the thinking on how cloud computing — both the private and public varieties — might be used at CERN, the European Organization for Nuclear Research in Geneva.
CERN has long been an influential bellwether on how extreme IT problems can be solved. Indeed, the World Wide Web owes a lot of its usefulness to early work done at CERN. Now the focus is on cloud computing. How real is it, and how might an organization like CERN approach cloud?
In many ways CERN is quite possibly the New York of cloud computing. If cloud can make it there, it can probably make it anywhere. That’s because CERN deals with fantastically large data sets, massive throughput requirements, a global workforce, finite budgets, and an emphasis on standards and openness.
So please join us, as we track the evolution of high-performance computing (HPC) from clusters to grid to cloud models through the eyes of CERN, and with analysis and perspective from IDC, as well as technical thought leadership from Platform Computing.
Join me in welcoming our panel today: Tony Cass, Group Leader for Fabric Infrastructure and Operations at CERN; Steve Conway, Vice President in the High Performance Computing Group at IDC, and Randy Clark, Chief Marketing Officer at Platform Computing. The discussion is moderated by BriefingsDirect’s Dana Gardner, principal analyst at Interarbor Solutions.
Here are some excerpts:
Conway: Private cloud computing is already here, and quite a few companies are exploring it.
We already have some early adopters. CERN is one of them. Public clouds are coming. We see a lot of activity there, but it’s a little bit further out on the horizon than private or enterprise cloud computing.
Just to give you an example, we at IDC just did a piece of research for one of the major oil and gas companies, and they’re actively looking at moving part of their workload out to cloud computing in the next 6-12 months. So, this is really coming up quickly.
CERN is clearly serious about it in their environment. As I said, we’re also starting to see activity pick up with cloud computing in the private sector with adoption starting somewhere between six months from now and, for some, more like 12-24 months out.
Clark: At Platform Computing we have formally interviewed over 200 customers out of our installed base of 2,000. A
significant portion — I wouldn’t put an exact number on that, but it’s higher than we initially anticipated — are looking at private-cloud computing and considering how they can leverage external resources such as Amazon, Rackspace and others. So, it’s easily one-third and possibly more [evaluating cloud].
Cass: At CERN we’re a laboratory that exists to enable, initially Europe’s and now the world’s, physicists to study fundamental questions. Where does mass come from? Why
don’t we see anti-matter in large quantities? What’s the missing mass in the universe? They’re really fundamental questions about where we are and what the universe is.
We do that by operating an accelerator, the Large Hadron Collider, which collides protons thousands of times a second. These collisions take place in certain areas around the accelerator, where huge detectors analyze the collisions and take something like a digital photograph of the collision to understand what’s happening. These detectors generate huge amounts of data, which have to be stored and processed at CERN and the collaborating institutes around the world.
We have something like 100,000 processors around the world, 50 petabytes of disk, and over 60 petabytes of tape. The tape is in just a small number of the centers, not all of the hundred centers that we have. We call it “computing at the terra-scale,” that’s terra with two R’s. We’ve developed a worldwide computing grid to coordinate all the resources that we have with the jobs of the many physicists that are working on these detectors.
If you look at the past, in the 1990’s, we had people collaborating, but there was no central management. Everybody was based at different institutes and people had to submit the workloads, the analysis, or the Monte Carlo simulations of the experiments they needed.
We realized in 2000-2001 that this wasn’t going to work and also that the scale of resources that we needed was so vast that it couldn’t all be installed at CERN. It had to be shared between CERN, a small number of very reliable centers we call the Tier One centers and then 100 or so Tier Two centers at the universities. We were developing this thinking around the same time as the grid model was becoming popular. So, this is what we’ve done.
Grid sets stage for seeking greater efficiencies
[Our grid] pushes the envelope in terms of the scale to make sure that it works for the users. We connect the sites. We run tens of thousands of jobs a day across this and gradually we’ve run through a number of exercises to distribute the data at gigabytes a second and tens of thousands of jobs a day.
We’ve progressively deployed grid technology, not developed it. We’ve looked at things that are going on elsewhere and made them work in our environment.
The grid solves the problem in which we have data distributed around the world
and it will send jobs to the data. But, there are two issues around that. One is that if the grid sends my job to site A, it does so because it thinks that a batch slot will become available at site A first. But, maybe a grid slot becomes available at site B and my job is site A. Somebody else who comes along later actually gets to run their job first.
Today, the experiment team submits a skeleton job to all of the sites in order to detect which site becomes available first. Then, they pull down my job to this site. You have lots of schedulers involved in this — in the experiment, the grid, and the site — and we’re looking at simplifying that.
We’re now looking at virtualizing the batch workers and dynamically reconfiguring them to meet the changing workload. This is essentially what Amazon does with EC2. When they don’t need the resources, they reconfigure them and sell the cycles to other people. This is how we want to work in virtualization and cloud with the grid, which knows where the data is.
… We’re definitely concentrating for the moment on how we exploit effective resources here. The wider benefits we’ll have to discuss with our community.
Conway: CERN’s scientists have earned multiple Nobel prizes over the years for their work in particle physics. CERN is where Tim Berners-Lee and his colleagues invented the World Wide Web in the 1980s.
More generally, CERN is a recognized world leader in technology innovation. What’s been driving this, as Tony said, are the massive volumes of data that CERN generates along with the need to make the data available to scientists, not only across Europe, but across the world.
For example, CERN has two major particle detectors. They’re called CMS and ATLAS. ATLAS alone generates a petabyte of data per second, when it’s running. Not all that data needs to be distributed, but it gives you an idea of the scale or the challenge that CERN is working with.
In the case of CERN’s and Platform’s collaboration, the idea is not just to distribute the data but also the applications and the capability to run the scientific problem.
Showing a clear path to cloud
CERN is definitely a leader there, and cloud computing is really confined today to early adopters like CERN. Right now, cloud computing services constitute about $16 billion as a market.
Dana Gardner is principal analyst of Interarbor Solutions. For disclosures on Dana's industry affiliations, click here or to view his full profile click here.
Subscribe to BriefingsDirect via Email alerts or RSS.
Link to BriefingsDirect podcast. Subscribe to the podcast Feed. Subscribe with iTunes.
SponsoredWhite Papers, Webcasts, and Downloads
- Total Economic Impact of SQL Server 2008 Upgrade Microsoft Forrester Consulting examines the total economic impact and potential ... Download Now
- Unified Communications and Your Business: What You Need to Know Qwest Communications Get an overview of the potential benefits of Unified Communications (UC), including key considerations for mapping out your UC strategy. Download Now
- Driving business agility through SOA connectivity and integration IBM Corp. This paper describes some of the business and IT issues that enterprises ... Download Now
Essential Topics 
- Top-ranked Novell support for Red Hat at 50% less
- Get top-ranked Novell support for Red Hat when you switch
- Move to SUSE Linux Enterprise. Get 3 years of Red Hat support
- More interoperability, plus 3 years. Red Hat support, only from Novell
- Red Hat support, patches, updates with the interoperability of Novell
- Unrivaled Red Hat support now available from Novell
Recent Entries
- AmberPoint finally gets acquired as Oracle fills in more remaining stack holes
- Converged infrastructure approach paves way for improved data center productivity, private clouds
- BriefingsDirect analyst panelists peer into crystal balls for latest IT growth and impact trends
- ISM3 brings greater standardization to security measurement across enterprise IT
- ArchiMate gives business leaders and IT architects a common language to describe how the enterprise works best
Blogs From Our Sponsors
Most Popular Posts
- Apple and Oracle on way to do what IBM and Microsoft could not: Dominate entire markets
- Oracle's Sun Java strategy: Business as usual
- Security skills provide top draw across still challenging U.S. IT jobs landscape
- Time to give server virtualization's twin, storage virtualization, a top place at IT efficiency table
- BriefingsDirect analysts discuss ramifications of Google-China dust-up over corporate cyber attacks
- Security, simplicity and control ease make desktop virtualization ready for enterprise uptake
Top Rated
- Time to give server virtualization's twin, storage virtualization, a top place at IT efficiency table+4 votes
- Is Google the best candidate to create a good, customer-focused cloud banking service portfolio?+4 votes
- Apple and Oracle on way to do what IBM and Microsoft could not: Dominate entire markets+4 votes
- Security skills provide top draw across still challenging U.S. IT jobs landscape+3 votes
- The march of Progress Software: Savvion provides latest entry in BPM consolidation parade+2 votes
- Oracle's Sun Java strategy: Business as usual+2 votes
- ISM3 brings greater standardization to security measurement across enterprise IT+2 votes
- CERN’s evolution toward cloud computing could portend next revolution in extreme IT productivity+2 votes
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
Archives
Favorite Links
Favorite Links
- BriefingsDirect Podcasts
- BriefingsDirect Transcripts
- Chet Kapoor’s Edge of the Cloud
- Complex Event Processing
- Dana Gardner’s del.icio.us Tags
- Dana Gardner’s Tweets
- Dana’s FriendFeed
- Dave Linthicum’s Real World SOA Blog
- Designing the cloud
- Dion Hinchcliffe
- Download BriefingsDirect Podcast Transcripts
- James Kobielus Blog
- Joe McKendrick
- Making Sense of SOA
- Mary Jo Foley’s All About Microsoft Blog
- Sam Whitmore
- Sandy Kemsley
- Secure Observations
- Seeking Alpha Software
- Todd Biske Blog–Outside the Box
- Tony Baer’s OnStrategies Perspectives
- VOSibilities
ZDNet Blogs
- A Developer's View
- All About Microsoft
- The Apple Core
- Between the Lines
- BriefingsDirect
- Collaboration 2.0
- Dev Connection
- Digital Cameras & Camcorders
- Ed Bott's Microsoft Report
- Emerging Tech
- Enterprise Web 2.0
- Forrester Research
- Googling Google
- GreenTech Pastures
- Hardware 2.0
- Home Theater
- iGeneration
- Irregular Enterprise
- IT Project Failures
- Laptops & Desktops
- Lawgarithms
- Linux and Open Source
- Managing L'unix
- The Mobile Gadgeteer
- On Sustainability
- The Semantic Web
- Service Oriented
- Smartphones and Cell Phones
- Social Business
- Social CRM: The Conversation
- Software & Services Safari
- Software as Services
- Storage Bits
- Team Think
- Tech Broiler
- Technology and the Global Supply Chain
- Tom Foremski: IMHO
- The ToyBox
- Virtually Speaking
- The Web Life
- ZDNet Education
- ZDNet Government
- ZDNet Healthcare
- Zero Day
White Papers, Webcasts, and Downloads
- Connecting to Better Customer Service Qwest Communications Build a robust voice and data network infrastructure, and transform customer information and feedback into actionable results. Download Now
- Recession Proofing Your Organization with Electronic Forms IBM Corp. The current economy is forcing organizations of all sizes to look more ... Download Now
- Webinar: Best Practices for Windows 7 Application Compatibility Flexera Software Are your business-critical applications compatible with Windows? 7? Join ... Download Now
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
