Integrated Data Storage Blogs

I've been getting push back on the idea that cloud computing has challenges becoming reality.  A lot of people seem to think it's already accomplished.  Private clouds, Amazon, Google, backup in the cloud, it's all happening. 

A thing hit me the other day while I was talking with someone about why Google Apps isn't a bigger hit in the Enterprise space (another topic for another day).  It occurs to me that one of the major reasons we aren't seeing more adoption (in addition to my other theories) is that there aren't many players.  Why aren't there many players?  The same reason a lot of 'good ideas' don't see the light of day: people haven't figured out how to really make money at it yet.

If you want to build these highly robust, highly available, highly flexible infrastructures that people can count on to run parts of their revenue-generating infrastructure (which if you want Enterprise customers you need to have), you don't go down to Best Buy and by some 1TB hard drives and some white box PCs.  You buy Enterprise infrastructure components.  That's not cheap (have you seen VMware license costs?).  This isn't a charity endeavor.  It's got to be profitable. 

Sure, you could try the Google approach with how they've built out their commodity-based infrastructure, but how many people does it then take to manage it?  People are obviously more expensive than technology, and at the scales this is supposed to work at, you need the technology or you need the people.  Either way your profit margins are slim.

This might be the biggest barrier yet.  What do you think?

CIO = Chief Information Officer

If I ask this question to most of the CIOs I know, assuming they answered me honestly, they would have to answer 'no.' The key to answering the question honestly is figuring out how well and how much you really know about the information sitting on the infrastructure in and out of your datacenter. How often do you go to the CEO, CFO, VP of Sales, Chief Marketing Officer, etc., and tell them you've uncovered something in your data that shows how if a process were changed, you could squeeze a little more profit out of every transaction, or if you stopped carrying this line of product you could spend more on another and increase revenues dramatically?

I don't think there are too many CIOs in the top 1,000 companies in the U.S. that could honestly say they've ever done it. Why? Because most CIOs are not chief INFORMATION officers. They would be more accurately titled Chief INFRASTRUCTURE Officers. Don't misunderstand, keeping the IT infrastructure operational is a critical function. But we're kidding ourselves if we think CIOs are doing what the title implies. To me, this is a great disservice to the businesses we work for. That's not to say it is the fault of the CIOs. With few exceptions all the CIOs I've ever met work as hard or harder than any other executive, have the best interests of their company at heart, and have no interest in spending company money on frivolous technology for technology's sake projects. But they aren't heading up the initiatives that mine through the critical business data and seek out revenue opportunities. They are shepherds of the infrastructure which is dramatically different than being a shepherd of the information.

Think of it this way. When you think of a Chief Financial Officer, what do you think of? You think of the ultimate financial decision maker, who has a grasp on the entire financial picture of his or her organization. While they may not know all the details of every minute financial transaction (although I've met some who do), they can tell you without hesitation what the financial health of the organization is and where they stand on any given day. They shepherd the money they are entrusted to oversee. That's their job, as the job title implies. They are the chief officer of all things financial.

Contrast that to the majority of CIOs you've ever worked with. Can they tell you what is contained in the databases of the most critical applications they provide infrastructure for? Do they have an information warehouse they can pull business intelligence information from, providing critical decision making analysis back to the other business heads in real or near real time? Have they established the 'truth' about the customer base across all sources of customer related information? Have they ever been able to recommend changes in business process based upon what they see in the information they so fastidiously watch over and provide infrastructure to process and store? Unfortunately, the answer to these questions would be 'no' for most CIOs.

In all fairness, most organizations don't understand this, and so they don't require their CIO to be a CIO. All they really think about is "my email isn't working", or "ERP is down all the time", etc. Very few organizations understand the fact that their most valuable asset isn't their products, their people, their real estate, etc., but it is the information they have about their customers. In a global economy, if you mess up my customer record—and by mess up I mean lose my account history, somehow change my shipping address, fail to secure my credit card information, whatever—you can count on me moving to your competitor. Cost of movement for me is very low, even with arbitrary termination fees like the wireless industry imposes. I can move my accounts around multiple times until I find a provider that takes the best care of me, regardless of the product or service I require.

If you understand how to use the information you have about me, you can more effectively satisfy me as a customer, but more importantly, you can find new ways to generate revenue off of me. I'm not talking about those phone calls you get from your credit card company where they hard sell you into buying some service you don't really need or want and then you spend six months trying to get them to cancel the fees. I'm talking about the ability to truly upsell me on newer products and services based on trends you see in my purchasing patterns. I'm talking about communicating with me directly that I've done X in the past, and I might suggest doing Y in the future as it will save me more money.

Go look at the concept behind Sam's Club and their eValues. I don't know who came up with the idea inside of the Wal-Mart company, and it could maybe be structured a little better, but that's the concept. They have this massive amount of information about what I've bought from them over the last 10 or so years, but they don't use it in a way that is effective to me as a customer, that ties me to them. If IT came up with the idea, that's the kind of thing I'm talking about. If they didn't, that's just not being a good steward of the information.

I'm going to try and explore this more with more of our customers. I'd like to explore it with any of you readers. Leave me a comment with your thoughts.

Not DLP...Data Risk Management - Part 2

In the preceding post, I proposed a slightly more descriptive, yet much less exciting, alternative name for the technology we’ve become accustomed to calling Data Loss Prevention or DLP. My recommendation, Data Risk Management, likely left most readers scratching their heads, wondering how the collective energy spent in consideration of the idea could ever be justified. I mean, really—we technologists are all well aware of much easier, and considerably more satisfying, targets, like say “Web 2.0”!

In this post, I promise to cut to the chase after briefly summarizing my argument: the term “Data Loss Prevention” or “DLP” oversimplifies a technology that has the ability to dramatically alter the way we conceptualize and execute data protection strategies, particularly those designed to safeguard our most critical and sensitive information against loss driven by the mostly well-intentioned, but nevertheless misguided, hands of insiders (those trusted to not upload our corporate secrets to You Tube, Gmail or countless other public venues).

Data Risk Management doesn’t sound more exciting, but it certainly does imply the existence of a much greater level of complexity and, more importantly, of an underlying process on which a protection strategy might be rooted.

Tenets of Pre-Protection

Before we protect something, and I mean anything, whether a castle or an electronic health record, we’ve got to know where it exists within our universe. While this simple fact may seem both straightforward and obvious, how many readers are currently searching their minds for a contradictory example? Give up! For the purposes of this discussion, let’s agree that, in order to protect something you must know where it exists. Going forward, we’ll refer to the requirement as the First Tenet of Pre-Protection.

Also important to the manner in which we protect something, or more specifically, to the amount of effort we invest in the protection of the same unnamed asset, is its value. Whether the value is measured in dollars is of little consequence. Those familiar with the basics of Economics, and I’m talking about the first week of Economics 101 (guns and butter, anyone?), will quickly point out that, under the universal constraints of time/money/energy, our decisions are regularly influenced by Opportunity Costs. And thus, as the same applies to security and/or risk management, we regularly make decisions about how an asset is protected based on its value to us. More expensive/valuable assets should receive more protection; less expensive/valuable assets should receive less. Going forward, we’ll refer to this requirement as the Second Tenet of Pre-Protection.

Sure, there are other Tenets of Pre-Protection—and with hopes of establishing a comprehensive list, I’ll openly challenge the community (or at least the deep thinkers within our community) to cite them via the feedback mechanism. To get you started, might I suggest that another Tenet of Pre-Protection have something to do with an asset’s vulnerabilities?

For this thread, we’ll only concern ourselves with Tenet One and Tenet Two. As you read on, let me know if you agree that both are critical components of any Data Risk Management strategy. In the coming weeks, I’ll get into the specifics of how we can utilize DLP to satisfy both Tenet 1 and Tenet 2 in posts beginning with: Not DLP...Data Risk Management - Part 3.

OK, dedupuplication technology is cool. It makes disk a viable target for longer term retention. Dedupe, however, is not the panacea of backup. I have been getting a lot of questions about deduplication from my customers and it's a fun topic to discuss. Being a professional pessimist, it's my job to play Debbie Downer at the dedupe party, though, and say "hey now, let’s not lose sight of the fundamentals, people."

1. Reporting – It’s almost not worth doing a backup if you can’t prove it happened, or more importantly, why it didn’t. I appreciate we are not all waiting for the SEC to kick in the doors and look for our latest backup reports to determine if you are going to jail or not. Some products such as CommVault’s Simpana have a very nice native reporting tool with an option to do some very cool statistical trending that makes decisions around necessary throughput and media not so dependent on the crystal ball. Even if you are not looking for a complete solution overhaul or have already taken the Data Domain jump or just plain happy with BackupExec, there are some tools that are remarkably functional at increasingly competitive prices such as EMC’s Data Protection Advisor that cover all the mainstream backup tools.

CommVault’s Data Growth Report from the SRM expanded reporting tools.

2. Integration with the platforms that drive your business – While all the big hitters are touting integration with the soon-to-be ousted VCB, some products have really stood out such as Symantec’s NetBackup, which allows a single backup to provide both machine and single file restore (video here). Also there are a number of VMware specific solutions that have introduced a flavor of dedupe into their technologies as well. Veeam is a standout here that is probably worth taking a look at, providing replication and backup with dedupe in a single, very cost attractive product. This product also lends well to where I see next generation data protection going. See my rant "Why Back Up Your Business Data?"

3. Speed – Depending on how you implement your backups, deduped or not, you may still be racing the sun to get your servers backed up before your users show up to change all the files again. Avamar is a clear dedupe stand out here since the method they utilize to perform the dedupe usually results in ridiculously shorter backups (see Justin’s blog "Data Domain vs. EMC Avamar: Which deduplication technology is better?"). However, being able to add media servers with a single management interface to increase the sheer brute force of your solution with or without deduplication will keep you with the old stand bys like Symantec’s NetBackup and CommVault’s Simpana.

Other criteria off the top of my head include:
1. Do you have application agents for MY applications?
2. Can you restart your backup / restore jobs from where they left off?
3. What is your bare metal solution?
4. Can you protect desktops with the same interface as the datacenter?
5. Do you have integrated archiving / compliance search?
6. How difficult is it to protect / recover the backup solution itself with history?
7. Can you multiplex / multi-stream backups for improved reporting?
8. Can I write to disk and tape at the same time?
9. How granular is your security construct?
10. Do you support my hardware with tools such as NDMP?
11. How well does your solution work with my firewall?
12. If I backup to disk, how do I cut tapes / restore from tapes?
13. Does your solution have CDP as well as regular backups?
14. Do I have to configure every server or does your solution leverage policies?
15. Does your solution manage encryption / encryption keys?
16. Does your solution push updates or do I manually update all the clients?
17. How functional is your GUI / Command Line interface what can / can’t I do from each?

This list could go on for another hundred points depending on the specific needs of your business, but I think we are now at the point when we have a deduplication conversation that extends back to what our dedupe vendor is bringing to the table beyond a compression ratio.

As I recover from my post Thanksgiving food coma and we near the end of 2009 I am thinking where virtualization is going to be and what is next. I think back to September 2007 the biggest buzz at VMWorld was around Virtual Desktops. We had the explosion of Thin Client providers and connection brokers with ESX as the backend technology to run your desktops on. The concept was so exciting to me of the idea of bringing all of your desktop workloads into the datacenter, centralizing data, and eliminating the desktop refresh cycle was just awesome. I remember coming back from VMWorld and ordering and testing various Thin Clients from many manufacturers. My conclusion then was Virtual Desktops just wasn’t ready for prime time, the lack of true multi monitor support and the reliance on RDP provided a disappointing user experience.

Fast forward to today… I truly believe Virtual Desktops is here! I feel that in 2010 we are going to see large scale adoption of Virtual Desktops in the workstation space. The struggling economy and companies tightening budgets on infrastructure and staffing Virtual Desktops really makes sense. Let’s not kid ourselves the upfront cost to get VDI going is not cheap when you include servers, thin clients, and SAN infrastructure but if you start to think forward to the next desktop refresh or the companies upcoming Windows 7 upgrade where many of the PC’s under desks are going to be obsolete it really starts to make sense. What I am already seeing in the industry is customers buying Thin Clients from vendors like Wyse instead of your traditional PC and investing money in server hardware and storage and running VMware View knowing that in three years from now there will no longer be the need for a desktop refresh.

Why Virtual Desktops now you ask? Well I have been waiting on the release of VMware View 4 with all the hype around PCoiP and if it was going to live up to it. In all of my testing of in our Lab of PCoiP with a Wyse R90L and quad monitors has been great. Watching HD videos from You Tube is phenomenal using PCoiP display protocol as opposed to the RDP experience which is mediocre at best. Another previous drawback for me was the multi monitor experience with the inability to deliver more than one monitor without software assisted trickery using applications like SplitView which added to the cost and complexity of the deployment. PCoiP the and ability to deliver the optimal resolution and pivot orientation to each monitor independently is a huge advancement in supplying demands of today’s desktop users. As mentioned in my earlier post about Site Recovery Manager 4, VMware View 4 now also runs on the vSphere platform but you do need to be running the r released vSphere4 Update1. Below is a full list of new features in VMware View 4.

• VMware View with PCoiP – PCoiP provides an optimized desktop experience for the delivery of the entire desktop environment including applications, images, audio, and video content for a wide range of users on the LAN or across the WAN. PCoiP can compensate for an increase in latency or a reduction in bandwidth, to ensure that end users can remain productive regardless of network conditions.
• PCoiP includes VMware View Display with support for up to four monitors and the ability to deliver the optimal resolution and pivot orientation to each monitor independently.
• VMware vSphere Support – VMware vSphere 4 support enables improved virtual machine scalability, performance, and management, with continued support for VMware Infrastructure 3.x.
• Enhanced single sign-on – The Log in as current user feature is integrated with Active Directory and smart cards to help simplify the process of logging in to a VMware View desktop.
• Restricted entitlements – Administrators can control user access to virtual desktops based on the View Connection Server being used for authentication.
• Smart card policies – Administrators can set group policies to force desktop disconnection and require reconnection when users remove smart cards.
• Domain filtering – You can use vdmadmin.exe to control the accessibility of domains and traverse trust relationships more quickly.
• You can cleanly delete View desktops using scripts.
• You can log in to View desktops using user principal names (UPN).
• You can explicitly configure IP addresses to override those supplied by the View Agent when accessing a desktop.
• Mixed Active Directory and Kerberos authentication is supported.

In my early use of VMware View I have overall been impressed, I have had a few bumps in the road related to getting multiple monitors working. I am also a little disappointed that we did not see any integration into vCenter in this version of View to provide that single management pane of glass. I was also surprised to see that Windows 7 is experimental but I have also read that Q1 of 2010 it will be fully supported.

A true desktop experience—multiple monitors displaying rich media.

So why VMware View 4 and Thin Clients?

1. True Desktop experience

   • Multiple Monitors
   • Rich Media

2. Reduction in costs

   • Thin clients last 3x longer than desktops, Centralized Client OS Management
   • Thin client computers use only a fraction of amount of energy that is used by a desktop computer.
   • Reduction in desktop support costs – patching, upgrades, and troubleshooting

3. Ease of management

   • Rapid Client Deployment
   • Centralized Client OS Management
   • Centralized Data can easily be backed up
   • Desktop and Operating Systems refreshes are reduced and eliminated

4. Security and Compliance

   • Data Security – Data is in Datacenter
   • Secure Remote Access Web Portal
   • HIPAA and Sarbanes Oxley (SOX) Compliant

Is anyone else thinking this all sounds familiar? Virtualization is creating what I call the “computing circle of life.”  We are going back to the days of dumb terminals and hypervisor computing but this isn’t your father’s compute system as long as we don’t see the return of Token Ring I think everything is going to be alright.  Stay tuned in the upcoming weeks for us showing off VMware View 4 in our EMC VMware Center of Excellence.