We’re working on some product videos and had a chance to try out the green screen lately, and we wanted to give you a little preview of our corporate communications. Click play below. The audio’s a little weak, so you may want to wear headphones.

Harwell Thrasher, author of “Boiling the IT Frog: How to make your business information technology wildly successful without having to learn anything technical,” has a blog post out talking about how, during the current economic situation, which has gone beyond “depression” and towards “the pit of despair,” companies are making dangerous cuts to IT staff.

He compares it to an ice hockey tactic called “pulling the goalie,” in which a team is down by a goal in an important game, and they will swap out the goalie for a sixth offensive player in a desperate effort to score.  Doing so is within the rules but leaves the goal undefended.  For example, an IT department that cancels offsite backup recovery solutions, stopped updating virus prevention software, and laid off the only guy in the company who really understands how to maintain and support custom systems all lead to the possibility of a grave disaster that threatens to seriously harm the company.

But the metaphor is flawed.  Pulling the goalie in hockey may reduce defenses but it gives hockey teams a better shot of playing on the offense.  A lot of IT cuts seem to be not pulling the goalie – most companies at least know to keep their anti-virus software up to date – but they might not take network performance as seriously as they once did, and make reductions in IT without realizing that it can be a false savings.

That is, it is difficult – but not impossible – to determine the costs of letting a particular application, like, say PeopleSoft, experience a “brownout” – still technically “up,” but performing poorly.  Losing money in lost productivity or sales or customer satisfaction.  At that point, it’s a simple equation: did the money saved from the IT cost cover the productivity, lost revenue, or irritated customer? If the answer is “no,” then it’s clearly a case of false economy.

This is especially important considering that companies are starting to reconsider the “do more with less” mentality and are now thinking about “doing less with less.”  And indeed, this can be a viable tactic – if you can save money by going for three nines of uptime instead of five nines of uptime, it can be worth it if you only need three nines of uptime. 

Network performance requirements can be cut in the same way, sort of.  I mean, while it actually hurts me, emotionally, to suggest this, “the best” network performance isn’t always the most cost effective network performance.  So, for example, if you can save money by allowing some periods of congestion on the WAN, so long as that congestion never gets over an acceptable amount, then it might work.

The problem is finding out what’s “acceptable.”  This means baselining performance and understanding what kind of performance your business applications need.  It’s for this reason that cuts in IT should not include the network engineers that make those determinations, nor the (self-interest alert!) network monitoring solutions they depend on.  IT without the former is “pulling the goalie,” while IT without the latter is putting the goalie out there without a stick, protective gear, or skates. 

For a couple of years now, lobbyists for large copyright-holding businesses, most notably the music industry, have lobbied in multiple countries and jurisdictions for what they call the “three strikes” rule. Under the “three strikes” rule, if you are accused of infringing someone’s copyrights online three times, the ISP will be mandated to cut you off from the Internet. If you only have one ISP to choose from, you are effectively prohibited from accessing the Internet.

Note that it only takes three accusations. That is, not only is there a presumption of “guilty until proven innocent,” but the accused have no opportunity to prove themselves innocent. There are a number of ways that this can be abused, of course, beginning with silencing political dissent, silencing parody, silencing critics of companies, corporations, or cults, and just plain old meanspiritedness. What better way to get back at someone than to ban him from the Internet?

The U.K.’s Lord Mandelson, Privy Council, announced that the U.K.’s Labour party policy would be to implement this three strikes-rule as soon as Summer 2011. Because of the nature of the U.K.’s parliamentary system, where the executive is drawn from the legislature and there is very little party dissention compared to the U.S., it is likely to pass.

It may just be me, but I don’t think this is a good idea.

Already, companies, politicians, and organizations make accusations that are more or less baseless to get videos taken down from YouTube. It’s not much of a stretch to imagine that they might decide it might be easier to ban critics from the Internet altogether. Both sides of the same-sex marriage debate, for example, were hit by this – the anti-gay marriage Stand for Marriage Maine had a takedown issued by NPR, for example. A separate anti-gay marriage group called “The National Organization for Marriage,” that tried to silence pro-gay marriage critics who posted audition videos for their anti-gay marriage ad, which undermined their position. You also had Ralph Lauren trying to censor criticism that their models were extremely Photoshopped, a parody of diamond ads getting a takedown from DeBeers, and the Warner Music Group not only putting out claims against YouTube videos that not only featured their recorded music, but people singing acapella renditions (including that famed video of the music of John Williams sung a capella,) and teenagers singing “Winter Wonderland.” For this reason, various Internet civil liberties groups, such as the EFF, come out against such legislation.

What’s interesting is that law enforcement agencies, such as MI-5 and the Metropolitan (London) Police’s e-crime unit, have also come out against this legislation. The reason is because since file-sharing accusations would have such harsh penalties, people would take action to make sure that they are never accused of file-sharing. That would mean that encrypting Internet information would not only become a more popular behavior, it may even become a default behavior. That increased encryption will increase the costs and workload for law enforcement agencies with legitimate reason to snoop on communications. Right now, encryption is mostly done by two groups. The first group is those of us in the computer fields who know enough about computer communication to be paranoid.

The second group are those who actually have something to hide, like say, violent criminals (as opposed to copyright infringers) or child pornographers (as opposed to legal but socially embarrassing “adult entertainment”). By increasing the penalties to include Internet disconnection, suddenly the general file-sharing public, the non-violent criminals start encrypting traffic as well.

Right now, encrypting your data makes you stick out like a sore thumb to law enforcement agencies, who can then get a warrant to decrypt that data if they think you’re about to pull something really naughty. But an increase in demand for encryption will result in simple ways to enable it. (Already, encrypted traffic is built into several BitTorrent clients.) With everyone using encryption, encrypted communication no longer sticks out. Then you have to start decrypting everybody’s data to find the “bad guys.” Law enforcement with regards to the Internet is sufficiently Orwellian as it is. When even MI5 balks, you know it’s bad.

But beyond that, it holds bad news for enterprise network engineers as well. If you know how to encrypt Internet traffic from your home computer, you also know how to encrypt Internet traffic from your work computer – and many will. Some may even think that they’re doing the company a favor by doing so – after all, encrypting the traffic protects it from corporate sabotage. Encryption of IP addresses, source/destination ports and payload information renders traditional traffic shaping and QoS policy less effective for dealing with network congestion.

Whatever your views on copyright infringement, this is a solution that creates more problems – and bigger problems – than it is supposed to solve. The only people who win, in this scenario, are those businesses who would benefit from sabotaged network performance.

As Halloween approaches, I’ve got a bit of a horror story to keep you up at night. 

There’s an interesting quote that’s somewhat appropriate now.  Well – song lyrics anyway.  “Did you feel you were tricked / by the future you picked?” Which, I’m told, are part of a Peter Gabriel tune for a Pixar movie, but which I only came across when reading speculative fiction about quantum AI computers running 419 scams.

The thing about the future is that by the time it gets here, it’s already the present. Wait, I’m sounding like Criswell there… what I mean to say is that only a couple years ago, the big story in technology was how IT departments were becoming centralized due to advances in virtualization technology that cut down on hardware requirements and power consumption.  Now the next level is cloud computing; an idea, fundamentally, that you can centralize data centers even further by centralizing them with the data centers for other companies via a third-party provider. 

Taken to an extreme, it’s easy to think of a day when even these cloud computing centers become even further consolidated – perhaps one on each inhabited continent.  “A world market for maybe five computers” indeed…

Except, it’s not quite that easy.  The transition from in-house architecture to cloud computing resources is just about as difficult as the transition from real servers to consolidated virtual ones, and the big problem is ensuring network performance – that data gets where it needs to go quickly.  

Much as the server consolidation/virtualization problem was helped with better virtualization technologies and advances in WAN optimization, the current rush in IT tool development is in the cloud computing area (not that we still don’t have a-ways to go with virtualization and consolidation).  And some of these cloud-computing tools are starting to appear – for example, self-managing environments…

One of the newest approaches is the concept of the "dynamic infrastructure." Rather than a simple collection of humming boxes or cards designed to push data this way or that, the dynamic infrastructure brings together virtual networking, automation and resource management with tools like application management, security and policy management to create a self-managing environment that can react to changes in workloads and other needs with minimal human interference.

Lori MacVittie, technical marketing management for application services at F5 Networks is one of the prime movers of the concept, which she says will be the inevitable result of the transition to the cloud. 

"When the entire data center is founded on a dynamic infrastructure, the infrastructure can react itself to changing network and application conditions and needs," she says. "When the entire ecosystem is sharing status and information about performance, every component can adjust itself dynamically to what’s needed now to improve performance or maintain availability. And it happens automatically, based on the specific needs of the business and IT."

Virtualization has underscored the need for performance management; back when everything was run on actual servers, you could almost always fix a problem by finding out where the bottleneck lied and increasing the amount of stuff.  Not always, but almost always.  But with virtualization, you’re essentially managing an interconnected ecosystem of stuff and… well, stuff that’s not stuff.  “Unstuff,” to borrow a bit of NewSpeak. 

And this management is so complex that it has increased the demand for network engineers, yes, but it’s also increased the demand for software to come along and replace the more tedious tasks of network engineers, automating the processes where possible.

But what if there is no upper limit?  What if self-managed cloud computing software is exactly that – with computers calculating exactly what needs to be done to preserve performance and then automatically fix it? 

And that network monitoring software…. WAS ME THE WHOLE TIME!!!!!

AAAAAAAAAHHHHH!!!! 

by Ben Erwin

NetFlow or NetFlow-esque technology (Jflow, Cflowd, NetStream, IPFIX, etc.) has been around the network management world for quite some time.  Thousands of IT shops worldwide leverage its capabilities to analyze traffic flowing across the network. 

Recently, some vendors have recently made somewhat misleading statements about NetFlow’s capabilities.  There are very good reasons why NetFlow is a de facto standard (and through IPFIX, soon to be an IETF standard).  Here are some quick reminders on why NetFlow is still the king:

• 100% visibility across all network links.   A common misconception about NetFlow is that it samples traffic.  Netflow exports every transaction it sees, and provides a full picture of what traffic is flowing across the network.  Now, it is true that sFlow samples traffic for flow export, but NetFlow exports every transaction it sees.


• Enabling at network aggregation points.   Instead of enabling NetFlow on every router, most NetFlow aficionados are able to enable NetFlow only on those aggregation routers that see the majority of network traffic.  This way, network managers can visualize their network traffic while not having to go overboard with router configuration. 


• Granularity versus TCO.  It’s true that NetFlow does not provide Application Layer (Layer 7) information.  But even so, remains the best bang for the buck for network visibility – yes, you could deploy probes all over the network to gain Layer 7 visibility – but there’s a significant opportunity cost in time and manpower for deployment, configuration, and ongoing monitoring, and the total cost of ownership for a probe solution for Layer 7 visibility simply isn’t worth it.  Many IT shops have dumped probes altogether and gone with NetFlow despite this limitation. 


• Free (if you use Cisco).  NetFlow is free on all Cisco routers.  All you have to do is enable it.  This makes it a very cost-effective solution compared to alternatives. 

These are all reasons why NetFlow will continue to be top dog for network visibility.  And while there are improvements to be made, certainly (there is no such thing as a “perfect” machine,) right now some of the best solutions for network visibility take advantage of the capabilities that NetFlow provides. 

In this video (part two of two), Jim Metzler looks back at some prediction he made at the beginning of the year, and how they're shaping up to reality in this retrospective interview with Jordan Weiss.

In April 2007, I was freelancing for HardOCP.com, writing an article called “30 days of Windows Vista.” And at the end, I concluded that “this product is unfit for any user.”

On the other hand, I’ve been using the beta of Windows 7 on my personal laptop, desktop, and media PC without problem for months now, and I’m very happy with the stability and performance of the operating system. The reviews are positive, and in the U.K., where there was a substantial price cut, pre-orders for Windows 7 have out-sold pre-orders for “Harry Potter and the Deathly Hallows.”

The more I think about it, I wonder if Microsoft doesn’t suffer from some sort of “Star Trek” curse, with every other operating system release decent, and the rest, doomed to mediocrity, with 95, 2000, XP, and 7 as “Wrath of Khan,” “The Voyage Home,” “The Undiscovered Country,” and “First Contact,” respectively. Okay, maybe 98 doesn’t deserve to be lumped in with ME and Vista, but neither does “Search for Spock” deserve to be lumped in with “The Final Frontier” and “Generations.”

But I digress.

Unlike Windows Vista, Windows 7, I believe, will be adopted more readily in office and enterprise environments, for the simple reason that there’s compelling reasons to upgrade. Which means that businesses that skipped out on Windows Vista and Windows Server 2008 may want to revisit some of the networking considerations that were brought up when Vista came out, like Compound TCP/IP, and 802.1x security features.

More importantly, the one thing that I think makes Windows 7 different from Windows Vista’s launch is that Windows 7 was launched by taking user concerns to heart – that is, they listened to the end-user when they developed the operating system, including optimizing Windows 7 for slower hardware on portable computers, and getting rid of the worst annoyances of the UAC “Cancel or Allow” dialog. And it just reminds you that if you want to do a good job for your customers, you have to listen to what they have to say and focus on what problems they need to fix most, and what features they would most like.

In this video (part one of two), Jim Metzler looks back at some prediction he made at the beginning of the year, and how they're shaping up to reality in this retrospective interview with Jordan Weiss.

By Patrick Ancipink

Gartner has made it official: 2009 was the “worst year ever” for IT. I’m here at the Gartner Symposium in Orlando and about 15 minutes into the opening “parade of analysts” keynote yesterday, I was really hoping the Disney location would lighten the mood a tad but the Halloween nightmare continued for a while.

The only wealth evident was the amount of statistics that point to IT hurting for another few years—Gartner predicts it will take until 2012 for broad IT spending levels to equal 2008. As a result, infrastructure upgrades are being delayed (think servers, PCs, printers) to create another source of risk. And don’t forget that “trust” in the business is at an all-time low.

Some much needed genuine humor—in contrast to the creepy, awkward laughter of Windows 7 launch party propaganda—came in the form of VP and Gartner Fellow, Andy Kyte. While his message was serious— “You all have a bloated application portfolio”—his analogy was priceless. IT and the business prefer to be in the mode of making babies (new apps) but are not into responsible parenting. That’s why there are so many orphaned applications that were only funded to be birthed, but not cared for and raised to maturity. Mr. Kyte’s direction to this audience of “the world’s most important gathering of CIOs and senior IT executives:

“Make every application a wanted application.”

The morning keynote wrapped up with less doom and some good points of the inevitability of social media (start harnessing it and spend less time trying to kill it). All-in-all, the morning was a solid reminder of the reality of the IT marketplace in general.

Drilling into IT operations management topics today provided some points about what CIOs are doing and should do to get through the gloom. Starting with CIO priorities based on survey data, 2009 looks like this:

1. Linking business and IT strategies and plans
   
2. Reducing the cost of IT
   
3. Delivering projects that enable business growth
   
4. Improving IT governance
   
5. Implementing IT process improvements
   
6. Improving the quality of IS services

The 4^th, 5^th and 6^th priorities are very related to the 2^nd, so it becomes clear to see why the IT operations management segment, which includes network and applications performance management, are among the healthiest sectors in IT.  One way to think about it is that the cost savings need to be tempered with some sanity (automation and process) so application and service delivery are not overly compromised. With more dependence on the network and IT in general, the cost of downtime and poor application performance continues to rise.

None of that is surprising, but what I found interesting is the variability when you look at the changes in priorities over the years. For example, just last year reducing cost was all the way down at #10 on the list. Looking at 2012 predictions, the cost issue dives back down to #6 with the underpinning priorities (governance, process and quality) at the bottom of the list. In 2012, “leading enterprise change initiatives” rockets up the chart from #13 today to #3.

So the take away is that CIOs think they can hold the rudder steady for a few years, institute some much needed process maturity, and then be in position to contribute more back to the business.