It is only a time of change if you make it one.
In the years I’ve known Jonathan Feldman, he’s repeatedly come up with ideas that are profound in the “Huh. That’s obvious now, wonder why I didn’t think of it in those terms” sense of really profound. His most recent blog fits into that category, a blog where he urges IT managers not only to try out up-and-coming vendors and technology, but to try them out against the will of their staff, and in mission critical situations. The blog, for your reference, can be found at InformationWeek. All that he says is obvious, after the fact. And he’s right, there is change coming, and we just do not have any way of knowing how much or how fast that change will occur. Cloud is a thing, but is it a thing that will take over datacenters in a year? Ten? Ever? Anyone who claims to have an answer for that is ignoring the size and variety of the IT industry. There are as many different IT shops as their are businesses, and while some things – like email – are a no-brainer to help the business today, when they came about, most businesses weren’t interested. Only by proving worth over time did they become the backbone of business that they are today. And that’s how some – but not all – of the current technology buzzwords will grow to be game-changers too. Even in the midst of a recession (yes, I know, it’s supposedly over, but the real-dollar impacts are still with us across most of the globe), companies like F5 are growing (note: I am not at all privy to F5 forward-looking data, so that statement is based upon the past few quarters and in no way predicts any kind of future), and new high-tech companies pop out of stealth mode at what seems to me to be an astounding rate. All indicative of healthy growth in technology, but many traditionally strong companies are struggling to meet the guidance they provided, let alone the numbers expected of them by analysts. That means they’re selling less, or having to charge less for what they are selling. Which proves Jonathan’s point, in a very direct manner. Certainly some of the big names that have struggled in the recent past will recover, some will change directions and reinvent themselves, and some will wane while other vendors grow up to take their place. That is the nature of business, but as an IT customer, these cycles matter. Jonathan’s advice is extremely sound in an age of flux, not only to get experience with new vendors and technologies, but to keep your staff from growing stale. Once you have a complex system like PeopleSoft or one of the facets of Tivoli in place, you are not exactly out beating the bushes to find more work, staff tends to grow increasingly specialized in that particular product. This is good for the short term, but might be bad for both the business and the employee in the longer term. After all, no business relationship lasts forever – or very few do anyway. Keeping an eye on what else is available helps you understand the state of the market vis-a-vis your chosen vendor’s offering and helps your staff stay fresh with more than just your chosen vendor’s offerings. Does it take time and money? Yes, and there is an argument to save both in the current environment, I get that, and Jonathan, heading up a city IT department, no doubt does also. But in the long run, knowing the capabilities of products that you have in-house for a small project, or products that you don’t have in-house but compete with your primary vendor could save you a ton of money and time also. In fact, if knowing the capabilities of products that compete with your largest vendor’s offerings is part of the culture, it is almost guaranteed to save you time and money in the long run. And for most enterprises, single-vendor is not an option, for pricing and competition reasons most IT shops keep two vendors for mission-critical apps, even if one is definitely the primary and the other is to force the primary to sweeten deals. That means though that you have the second vendor in-house already, and don’t need to spend money, only time to make sure you know all of the ins-and-outs of the products. And after years of knowing and working with him, I’ll suggest up-front that you just follow Jonathan’s writings. He’s got the eye of a CIO, the budget of a municipality, and the mind of Einstein. All wrapped up with an affable communications style. While I reserve the right to do more such in the future, Jonathan is the only person in the Tech Press I have outright plugged for, because he’s that good. And of course, while you’re expanding your vendor knowledge, call your F5 sales rep, find out what’s new with ARX, LTM, WOM, WAM, APM, ASM, GTM, etc etc etc… You might be surprised. Finally, even if you don’t ever benefit as an organization directly from this knowledge, good IT staffers draw conclusions and ideas from the things around them… Meaning new knowledge about alternate toolsets and products may well spur ideas for alternate implementation techniques with your core vendors’ products. While the impact of that statement is very difficult to quantify, if you’ve been in an IT shop with a bunch of bright people, you know it is truth, you’ll get benefits you aren’t even aware of. Related Blogs: Recession Proofing Your Application Infrastructure Here Comes Payback Time. Prepare for Storage Shortages. Security is not a luxury item Medium is the New Large in Enterprise Cloud Storage Gateways. Short term win, but long term…? Is Vendor Lock-In Really a Bad Thing? Useful Cloud Advice, Part Two. Applications CREATING A ROBUST PERFORMANCE TESTING METHODOLOGYNational Politics and Web 2.0 Usage in the Enterprise
No matter what country you live in, if it is in any way democratic, you have seen the political trend wherein nearly everyone knows the correct solution to a given problem, but hidden agendas, partisanship, and general demagoguery get in the way of implementing that solution. In most industrialized countries, the most obvious and timely instance of this is any discussion of cutting government spending. Everyone knows that it is inevitable, the government cannot spend more than it makes forever, any more than a business or a household can, but partisanship and turf-protection always make these things move very slowly, and rarely cut as deeply as they need to if the final goal is to be reached. At the time of this writing, it seems as if the EU has an up-and-coming sense of austerity, we’ll see how well they can hold up to the sea of public outcry and negativism that always seems to surround fiscal responsibility. There is a similar phenomenon with the enterprises and the Internet, only since it is not confined to the halls of politics, it is much more sweeping and no less rancorous. Somewhere along the line, the “sense of entitlement” that you read about a lot in western countries these days became endemic online. You see it in the cavalier, even Robin-hood mentality people display toward online piracy, and the pervasive penetration of Web 2.0 use in the enterprise. According to a recent InformationWeek article discussing a poll done of IT professionals in several countries, Web 2.0 use and security are a gaping productivity and security hole in the enterprise. Ignore, for the remainder of this post that the article lacks focus and the announcement of a new product at the end makes it feel like paid content, and let’s talk about the survey and its implications. My first reaction to the poll information that says usage of web 2.0 applications was opening the enterprise up to security vulnerabilities was “well yes, we all know that”. But then I pondered that thought. Do we? Yes, yes we do. Even those that are completely unknowledgeable about IT have enough computer experience these days to know that surfing is very dangerous to your system’s health, let alone IM, etc. So then my second question was the obvious “then how did we let it get to this point? Shouldn’t we have tightly controlled access to this type of application – particularly since if you don’t have a content control (data leak protection) mechanism, it is simplicity itself to leak sensitive data via IM?” And my second reaction was likely yours also. I am not at all certain that we can or should put that genie back into the bottle. Of course there are risks to using Web 2.0 applications, but there are benefits too. Many of us here at F5, including a couple of our VPs use Twitter, Facebook, and blog about work-relative things on a regular basis. The organization finds value in these activities, and hopefully you do too. Of course you could write or automatically enforce policies that would allow only members of a given security group to access Web 2.0 sites, but there are so many of them that you would have to do it by content scanning, or put people on the job full time. And employees can be a huge plus to your hiring efforts if they are out there en-masse… Many F5ers have tweeted or updated Facebook about the great work environment, open positions, etc. (The article gets confused after a while and discusses both social media and internal web 2.0 applications – two different problems. Web Application Firewalls and access control products like our ASM and APM can help with the internal app security problem, and a feature of ASM called DataGuard can help keep private information within your walls, but other than this little note, we’ll stick to social media usage in this blog) And there’s the problem with national politics too – I have admitted the best solution would be to block Web 2.0 applications on the way in/out of your building, then promptly said “but wait!” except that I’m not saying “but wait!” for votes or a special interest, I’m saying it for the good of the organization. Heck, last time I checked I wasn’t up for a promotion, let alone a public office, so I’m unlikely to be “in someone’s pocket”. So it falls upon us in IT to figure out how to ensure that our users are secure while they’re telling their grandma about their horrid case of leprosy from the comfort of their cubicle. The article says that one of IT’s concerns about these applications was implications for productivity. I contend that this is not an IT problem. Seriously. There have always been performance issues in the enterprise, and HR has a whole collection of tools in their pocket to deal with them. Surfing websites is no different than hanging on your phone or taking a two hour lunch: If you’re not getting your job done, people notice. So let that bit slide, someone has it well in hand, and you have enough to worry about. Every enterprise I know of uses anti-virus tools, so that bit is covered as well as we can, though zero day will continue to haunt our dreams. Content scrubbers are a good idea for protecting the organization against large chunks of data going out… Though last time I looked into them they required a lot of work to set up, if that’s how your enterprise wants you to spend your time, it is certainly a risk avoidance exercise that might well pay off. When I was looking at these products for NWC, a vendor told me of a case where one guy in sales had stolen all of an enterprise’s customer and prospect databases – 25 rows at a time and emailing them through webmail to a home account before he left for a competitor. He was only caught after he’d given his two week notice, and then because the organization was trying out the product I was being briefed on. So they are worth the money, but they do take work to get going, like I mentioned above. Note though that I have never tried ASM’s DataGuard feature, it might be simple. Just too many products for each of us to play with all the features… And it’s been a few years since I installed any DLP product, no doubt they’re all easier to configure these days. You could install software or hardware that limits your users – most of us have been confronted with the big hand or similar applications blocking us from access to a given site – though users tend to seek ways around such devices, and they certainly fire animosity toward IT in much the same way that cutting someone’s benefits fires ire against politicians. And as I said above, to quote my Mother: just because you can, doesn’t mean you should. This is a problem that is going to continue to bedevil us for the foreseeable future. If you’re not going to block access to the Internet (and that would not be likely to fly in most non-national security roles), then you’re going to have to worry about what bed-bugs your users are bringing into the enterprise with their surfing and what they’re sending out. In these days of Internet espionage, it feels as if the need for a solution is more urgent, but there is no silver bullet at this time, just layers of protection. So it would seem that we’ll do anything but what we all know is right. Guess we’re not that different than politicians after all. Related Articles and Blogs IT Admins Say Web 2.0 Undermines Enterprise Security Information Management: Challenges In Federal Agencies’ Use of Web 2.0 Technologies Web 2.0 Security Means Fighting Malicious Third-Party Content BT’s Web 2.0 Security Strategy
Call Me Crazy but Application-Awareness Should Be About the Application
I recently read a strategic article about how networks were getting smarter. The deck of this article claimed, “The app-aware network is advancing. Here’s how to plan for a network that’s much more than a dumb channel for data.” So far, so good. I agree with this wholeheartedly and sat back, expecting to read something astoundingly brilliant regarding application awareness. I was, to say the least, not just disappointed but really disappointed by the time I finished the article. See, I expected at some point that applications would enter the picture. But they didn’t. Oh, there was a paragraph on application monitoring and its importance to app-aware networks, but it was almost as an offhanded commentary that was out of place in a discussion described as being about the “network.” There was, however, a discussion on 10gb networking, and then some other discussion on CPU and RAM and memory (essentially server or container concerns, not the application) and finally some words on the importance of automation and orchestration. Applications and application-aware networking were largely absent from the discussion. That makes baby Lori angry. Application-aware networking is about being able to understand an application’s data and its behavior. It’s about recognizing that some data is acceptable for an application and some data is not – at the parameter level. It’s about knowing the application well enough to make adjustments to the way in which the network handles requests and responses dynamically to ensure performance and security of that application. It’s about making the network work with and for, well, the application.
