EMC

Feb 27 2009   4:07AM GMT

AlterPoint: The End of An Era

Posted by: Ryan Shopp
SolarWinds, NCCM, BladeLogic, BMC, CA, IBM Tivoli, EMC, HP Software

Well AlterPoint has found a home.  The last of the early/original NCCM (Network Configuration & Change Management) vendors, focused on Enterprise, has been acquired.  Others have come along in the later days, but AlterPoint, Rendition and Voyence (formerly PowerUp Networks) are now all part of another organization.  Rendition is part of HP Software via the Opsware acquisition, Voyence is part of EMC, and Emprisa is part of BMC.  IBM & CA decided they had a close enough solution through their Micromuse & Aprisma acquisitions respectively.  An adventure for these companies that started back in 2001ish now sees all of them part of a more holistic solutions.

In the end for my favorite of the bunch, AlterPoint (yes, i’m biased), the end wasn’t what the team along the way had in mind.  It’s great to see a home for the software that can continue to take care of some of our great customers including household names like Citigroup, Microsoft, E-Trade, Yahoo, Hertz and many others.  The acquisition to me personally brought closure but also reminded me of the great team and journey that I personally had the experience to be part of.  I spent about 4 years at AlterPoint and worked with some really great people that were amazing at what they do.  A number of those strong players these days are over at another great company in Austin that many people reading this blog may know called Solarwinds.  Others found themselves helping other network and systems management companies in Austin and beyond.  It was a great ride (at times) and in retrospect I miss those days and those experiences and hope again some day to get to work with one or more of them.  Alright, enough of that sentimental, memories type stuff.

NCCM was a great play that in my retrospective perspective was like what Firefox has done versus Microsoft.  It provided a real challenge to an established vendor that had fallen asleep at the wheel.  What do I mean by this?  Cisco and it’s CiscoWorks product line, since they own pretty much all the networking hardware market, was the incumbant.  The software was really struggling to solve the problems of it’s customers and simply wasn’t a priority to them.  Along came the NCCM vendors and soon enough that all changed.  Cisco after a few years of seeing NCCM success and hearing it from their customers, really started putting significant efforts back into their software products that competed against the NCCM vendors…they even embraced one of them and did an OEM deal with Rendition after evaluating all of us.  They learned from that and in the end they are the ones who stand most victorious from my perspective.  I think either directly or indirectly or however you want to look at it they learned more about the value of management software and it’s affect on hardware and sales in general.  From that I’m sure we will see in the upcoming month some loosely associated results when the announce their “California” Blade Server and explain more about their relationship with BMC (a.k.a. BladeLogic, RealOps, Emprisa).  This is destined to help spark and shake up the Data Center Automation market and even more the Data Center itself.  This is going to be interesting!

So one last hats off to the NCCM vendors, a final salute to AlterPoint and to all those who put in their blood, sweat and tears helping build NCCM.

RS

some news coverage links around the AlterPoint acquisition:

NetworkWorld:  Versata Enterprises acquires AlterPoint

Austin Statesman:  AlterPoint acquired by Versata

Jun 2 2008   5:00AM GMT

Mapping HP Software to the Data Center Automation Blueprint - take 2

Posted by: Ryan Shopp
Symantec, EMC, DataCenter, CMDB, HP Software

I recently took a pass at mapping HP Software’s offerings to the Data Center Automation Blueprint after a call I had with a product executive from the Business Service Automation group (majority of the Opsware products went here). I also attempted to use the HP software website to piece together the Business Service Management side of things (where legacy OpenView and many Mercury products are). Recently, I had a chance to talk with a product executive from the Business Service Management side and learned while my mapping was close, it was slightly off. So now it’s time to take a pass at updating things.

The amazing thing I will say about the HP Software portfolio is it has pulled together a great set of formerly standalone vendors (e.g., Mercury, Opsware, Peregrine and legacy OpenView line) to offer comprehensive coverage for automating and managing your entire IT infrastructure. Their capabilities go well beyond the Data Center.

• Configuration & Change
  • for networks - Network Automation Software (formerly Opsware, formerly Rendition)
  • for servers, applications & databases - Server Automation Software (formerly Opsware)
  • for storage - Storage Essentials Software (formerly AppIQ)
• Performance & Availability
  • Products that are Availability (event) centric for the Data Center Infrastructure
    • for networks - HP Network Node Manager software - agent-less approach
    • for servers, applications & databases
      • HP Operations Manager software - agent-based approach
      • HP SiteScope software - agent-less
      • (NOTE:  agent-based requires a proprietary agent to be installed on a system, agent-less leverages either industry standard or de-facto standard protocols or embedded management agents)
    • for applications - HP TransactionVision software - agent-based performance and availability software for services/applications/databases
  • Products that are Performance & Capacity (periodic time-series collected data) centric for the Data Center Infrastructure
    • for networks - HP Performance Insight software - agent-less approach
    • for servers, applications & databases - HP Performance Manager software - agent-based approach
    • for applications - HP Real-User Monitor software - monitors applications/services/data traffic flows
    • for end-to-end services/applications/network/databases/etc - HP Problem Isolation software - uses advanced correlations and analytics in an attempt to identify the specific problem or condition.
• Resource Reconciliation
  • Universal CMDB software (formerly Mercury, formerly AppLogic)
• Process Orchestration
  • Operations Orchestration Software (formerly Opsware, formerly iConclude)

So that means for the other functional areas of the Data Center Automation Blueprint we have:

• Analytics
  • HP Dashboard software & HP Business Service Level Management - offers a unified user interface consolidating reports and statistics spanning multiple other product lines within Performance & Availability to IT Service Desks.
• Security & Prevention
  • HP WebInspect software - web application vulnerability scanning
    • **NOTE: In my eyes, this is more a security extension to the QA and Testing products from Mercury then part of a security & prevention software portfolio like that of Symantec, McAfee or EMC RSA.

So there we have it (i think). Now please correct me if I’m wrong.  As mentioned previously, s major hole is in the area of security & prevention.  Second, would you go to HP for your storage management needs over EMC or Symantec (Veritas) when they only seem to have a single storage management product.  I don’t see offerings focused exclusively on monitoring availability and performance, but I may have overlooked it.

Bottom line after all this.  HP is the one to chase from having a comprehensive Data Center Automation strategy.  The unique thing is this can be creatively coupled with various hardware and service offerings they have.  In addition, with the pending EDS acquisition…they ARE the gorilla leading Data Center Automation sector toward the vision of someday being a “lights out data center.”  We still have a long ways to go, but HP Software is well down that road compared to others.

Mar 17 2008   1:22PM GMT

BMC makes the big move, buys BladeLogic for $800M

Posted by: Ryan Shopp
BMC, EMC, CA, IBM Tivoli, HP Software, BladeLogic, RealOps

So BMC is the one, not IBM or EMC that decides to piece it all together.  Responding to HP acquiring Opsware (July ‘07); BMC, in less then a year, has acquired RealOps (July ‘07), Emprisa (Oct ‘07) and now BladeLogic pulling together the critical components for their DCA strategy that all tie in nicely with Remedy, Atrium etc.  Very impressive!  They have most the pieces, now it’s about execution on the vision/strategy.

So HP & BMC have acquired the major pieces, IBM has many of the pieces too, but some are showing their age versus the newer products that were acquired by their competitors.  CA has been the quietest of all players, so I would expect for them to make some moves to shore things up ASAP (but most likely at this point having to pay premiums based on previous CCM valuations).  Meanwhile, EMC has been methodically building themselves up in the hope to make a run at knocking off one of the big 4 in IT Infrastructure Management, but they still have some serious work based on the recent moves of some of the current big 4.

Data Center Automation is about to hit the major growth curve now that multiple big guys have strong portfolio’s in the game.  As predicted, 2008 is going to be hot for Data Center Automation!

Mar 11 2008   1:27PM GMT

EMC adds Service Desk to Data Center Management portfolio

Posted by: Ryan Shopp
Performance management, Symantec, BMC, EMC, NetIQ, HP Software, BladeLogic, NetQoS, Xangati, Packet Design, DCAB

EMC made a move yesterday that continued to show their intent and desire to compete against the Big 4 in IT Infrastructure Management (e.g., BMC, CA, HP, IBM).  All those other players have their own Service Desk offering, so it was time to join those ranks.

Infra Corporation, was acquired by EMC’s Resource Management Software Business Unit for undisclosed financial terms.

Combined with their previous acquisitions:

SMARTS - Availability & Performance Management - Q1 2005
nLayers -  IT  Resource Reconciliation (e.g., CMDB) - Q3 2006
Voyence - Configuration & Change Management (for Network Devices) - Q4 2007

This acquisition shows a slowly increasing pace of their acquisitions (within the software group).  With that being said, looking at their portfolio, I would be surprised if we don’t see another one or maybe even two (depending on the size) before the year is out.  Areas they could benefit from (aka we could see) would be Configuration & Change Management (for Systems/Applications) or a move to strengthen their Availability & Performance Management offering; specifically more application performance centric.

On the CCM front there are numerous virtual & physical system configuration vendors sprouting up these days, versus before the primary game in town was BladeLogic (or Opsware before HP acquired them).  Meanwhile, on the Performance Management front they have a variety of options that could include grabbing a smaller application performance appliance vendor (e.g., Mazu, Xangati, Packet Design)  or something bigger like maybe a NetQoS.  Or even bigger and more interesting (but convoluted) could be buying out NetIQ who continues to innovate within Attachemate (e.g., Aegis product) or the artist formerly known as Precise Software (and now again known by the same name after Symantec spun them back out).  Probably long shots but just thoughts to ponder as the EMC Resource Management Software portfolio could use portfolio expansion in either or both functional areas of the DCAB.

Bottom line from my outsiders perspective is EMC is one or two moves away from changing conversations from the big 4 to maybe the big 5.

Jan 18 2008   4:14PM GMT

Digging into the DCAB’s 6 functional areas: Resource Reconciliation

Posted by: Ryan Shopp
Symantec, BMC, EMC, DataCenter, ITIL, CMDB, IBM Tivoli, HP Software

 The second up and coming area goes by many names these days.  Some call it next-generation asset management, many others call it CMDB.

I’m calling it resource reconciliation as I would like to see it extend beyond a discovery engine, IT asset database, dependency mapping and the necessary graphical topology and reports.  I also believe that these tools not only should communicate directly with the infrastructure outlined in the Data Center Automation Blueprint (DCAB) - but also synchronize and provide reconciliation capabilities with the 5 other DCAB functions.

What I’m saying is I want to make sure that all my other functional products always are 100% accurate to what my IT infrastructure contains.  There is no reason my performance & capacity products don’t know about a specific IT resource.  Nor, do I want multiple discovery engines combing my infrastructure setting off false alarms in my security products or requiring me to open additional communication avenues making the infrastructure less secure.

Here are a list of the vendors I know of, this space saw some major consolidation during  2006.

BMC
CA (Cendura acquisition)
EMC (nLayers acquisition)
HP (Opsware acquisition)
IBM (Collation acquisition)
Symantec (Relicore acquisition)
Tideway

Another area I’m researching and pondering inclusion in this category are service catalogs (e.g. NewScale)  Any thoughts or opinions on how they compare to the players/products  above?

Jan 5 2008   7:40PM GMT

Digging into the DCAB 6 functional areas: Security and Protection

Posted by: Ryan Shopp
Symantec, EMC, Tripwire, Configuresoft, Ecora, ArcSight, NetForensics, DataCenter, IBM Tivoli, HP Software, LogLogic, Reconnex, Vericept, nCircle, Skybox Security

The massive number of security management vendors make simply covering this portion of the DCAB a very intimidating task. So many technology approaches and different data center technology focuses (e.g., networks vs. system vs. applications etc). I’ve attempted a first pass at sub-dividing this functional area. I know that do to it’s vastness, I’m going to miss tons of vendors I already know about and also stretch the categories a little in my attempt to limit the number of sub-divisions.

Proactive Identification (proactive searching for a potential exposure point that could become a situation) which includes:

• IP Scanning - query remotely that simply requires IP address to gather information and determine if their is a potential condition of concern. Vendors include: eEye, nCircle, Nessus, Qualys, McAfee, Rapid7
• Configuration/Settings Auditing - query remotely (using credentials) or having an agent on the system to take a more details look at the configuration files, etc. Vendors include: ConfigureSoft, Ecora, nCircle, Tripwire, Solidcore, Skybox Security
• Penetration Testing - remote query attempts to actually expose or harm a data center resource. Vendor include: Core Security, HP (former Spi Dynamics), IBM (former Watchfire), Imperva, Mu Security, BreakingPoint Systems

Reactive Identification (reactive, collecting of events or watching data flows to identify a condition or re-occuring trend)

• Security Event Consolidation (aka. SEM) - unified view of events from a variety of sources with the hope that you can quickly identify a problem and resolve it sooner after it occurred, or seeing something that tells you that problem may be about to happen. Vendors include: ArcSight, NetForensics, EMC/RSA
• Information Archival & Reporting (aka. SIM) - archiving and then the analysis and mining of all that event data to identify a re-occurring situation that could be resolved. This archive is also a great resource for reporting certain compliance situation to auditors. Vendors include: ArcSight, NetForensics, LogLogic
• Data Leakage - monitoring activities or traffic flows to identify if sensitive information is being . Vendors include: EMC/RSA (Tablus), Reconnex, Symantec (Vontu), Vericept

Alright, that will have to do for now. Identity & Access Management is a whole other area but this will have to do for now. Wow, I’m really starting to realize that this DCAB was biting off more then I could honestly chew Hopefully, it will prove helpful to someone out there. When I do start to make updates the best way to manage that may be moving this to a wiki.

Quick status check, I’ve now taken a first pass on 4 of the 6 functional areas (and most of them require/deserve a return visit sometime soon). Each functional area alone probably could/would be topic enough for an individual blogger (any volunteers). I’ve also had some great recent conversations with people on virtualization, process orchestration and resource reconciliation that i’m eager to talk about. So as I’ve stated before, comments are open for anyone and everyone to add thoughts and commentary. Which vendors did I miss, what capabilities/functions did I miss as we monitor the security in our data center.

Jan 2 2008   11:10PM GMT

Digging into the DCAB 6’s functional areas: Configuration and Change

Posted by: Ryan Shopp
BMC, EMC, Configuresoft, Ecora, DataCenter, CA, IBM Tivoli, HP Software, BladeLogic, Cassatt, Scalent, Solidcore, mValent

There seem to be two key components or approaches to this functional area. Some vendors are focused on auditing & monitoring the configuration/state of a device while others are focused on that and the provisioning/deployment of configuration/software to a device. Typically, the vendors going across data center technology categories are audit-centric.

Vendors doing both Deployment & Auditing (listed alphabetical)

• AlterPoint (for network devices)
• BladeLogic (for appilcations, servers)
• BMC (for applications, servers with Marimba acquisition and networks with Emprisa acquisition)
• CA (for systems)
• Cassatt (for systems, applications, networks
• Cisco (for network devices)
• ConfigureSoft (for applications, servers)
• Ecora (for servers, applications)
• EMC (for network with Voyence acquisition, for storage with ControlCenter)
• HP (former Opsware for applications, servers, networks, storage)
• IBM Tivoli (for applications, servers)
• mValent (for applications)
• Phurnace (for applications)
• Scalent Systems (for servers, applications)
• Symantec (for servers, applications with Jareva, Altiris and storage with CommandCenter)

Vendors focused on Auditing

• Solidcore (for servers, databases, networks)
• Tripwire (for servers, databases, networks)

Vendors that do both primarily for desktop’s which extends to provide some server configuration and change capabilities for the data center

• Avocent (from Landesk acquisition)
• Lumension (former Patchlink)
• Microsoft (former SMS product)

Just as with my previous post on Performance & Capacity I’m not done with this one. I started going through the laundry list of vendors in the “virtualization” space but simply ran out of my allocated time for today. So I’ll pick back up on it at a later time

Dec 28 2007   11:31PM GMT

Digging into each of these 6 functional areas: Performance and Capacity

Posted by: Ryan Shopp
Network monitoring, Performance management, Symantec, BMC, EMC, NetIQ, Alcatel-Lucent, NetScout, DataCenter, CA, OSS, Systems monitoring, InfoVista, IBM Tivoli, HP Software, Quest Software, Netuitive, Integrien, NetQoS, Compuware, Fluke Networks, Network Instruments, Opnet, Entuity, Brix Networks, Keynote, Gomez, Xangati, Apparent Networks, Packet Design, Groundwork, Hyperic, Nagios, OpenNMS, ZenOSS, Zabbix

First things first, we have many of the same vendors from the Availability & Notification functional area of this Data Center Automation Blueprint in this category. Which probably begs the question, do we combine Availability & Notification with Performance & Capacity? I know in the OSS (not Open Source Software but telco-oriented Operational  Support Systems) model they do this and call it “Service Assurance”, another name could be Service Level Management as they two monitoring-centric functions are about ensuring service levels are met…or simply I call it Availability & Performance? I’ll come back to this at the end after I type up the players in this Performance & Capacity area:

• BMC - Performance Manager & ProactiveNet Analytics
• CA - eHealth (former Concord)
• IBM - Netcool Proviso (former Quallaby that Micromuse acquired), Monitoring
• HP - Performance Manager, Performance Insight, Operations
• Quest Software - Foglight, PerformaSure
• Symantec - i3 (former Precise product line Veritas acquired)
• EMC - IP Performance Manager

But then, we have a slew of others that have been around for quite some time now…

• InfoVista - In January ‘07 Microsoft announced a $15M licensing deal of their product
• NetQoS -
• Netscout - nGenius & Network General (acquired in November ‘07)
• Compuware - Vantage
• Alcatel-Lucent - VitalSuite (former INS)
• Fluke Networks (they also OEM NetQoS’ products)
• Network Instruments (also have reseller relationship with NetQoS)
• NetIQ - AppManager
• Opnet
• Entuity
• Brix Networks
• Keynote
• Gomez

And some innovative up-and-comers in some unique technology/approaches…

Real-Time Behavior/Pattern Analysis through Dynamic Thresholding

• Netuitive
• Integrien

IP Traffic/Packet Flow Monitoring & Analysis

• Xangati
• Apparent Networks
• Packet Design

Open Source Software (OSS) vendors

• Groundwork
• Hyperic
• Nagios
• OpenNMS
• ZenOSS
• Zabbix

Whew..that was more work then I expected to pull together and I’m not done yet…  Please throw into the comment who I’ve missed (I know there has to be a few).

The major challenge here is organizing and breaking down this functional area.  There are so many approaches to obtain performance metrics from/for the data center.  Some of the techniques and perspectives include;

• passive vs. active
• agent vs. agent-less
• in-line appliance vs. out-of-band appliance (e.g., span a port)
• proprietary vs. leverage infrastructure mgmt. capabilities (e.g., Cisco Netflow)
• outside the data center looking in vs. inside the data center itself.
• Reactive troubleshooting vs. Proactive Predictive

I’m going to need to have a part two (and maybe more) for this functional category breaking down the pro’s and con’s of various approaches.  Which vendors do what, etc.  I also need to revisit that question from the top of do we combine this into a single “availability & performance” functional category???  For now, this first pass will have to do…

Dec 27 2007   6:04PM GMT

Great write-up on Security Managment activities this year

Posted by: Ryan Shopp
Security, Symantec, EMC, Securitychannel, IBM Tivoli, HP Software

I have Security as one of the 6 DCAB Functional Categories.  This article does a great job highlighting some key landscape changes in the overall Security Management market (some items are beyond what is covered by this blog).  As it relates to monitoring/managing the security of the data center this points out some key activities:

• Web Application Vulnerability Scanning - IBM acquiring Watchfire, HP acquiring SPI
• Data Leakage Monitoring - Symantec acquiring Vontu, EMC acquire Tablus and others.

As noted, these capabilities aren’t exclusive to the data center but have applicability.

Dec 24 2007   5:52PM GMT

So let’s start to dig into each of these 6 functional areas: Availability and Notification

Posted by: Ryan Shopp
BMC, EMC, NetIQ, DataCenter, CA, IBM Tivoli, HP Software, Quest Software

So it’s time to start refining the Data Center Automation Blueprint. One way I hope to do that is through these next 6 blog posts (one for each functional DCA category) that will:

1) create list of vendors I know about that have some capabilities for the data center in the specified functional area

2) during this first pass attempting I also hope to breakdown each function by some major capabilities.

*NOTE: Help me out if I miss some vendors, miss some products within vendor product lines etc. Again, the focus is for current/future complex data center so I won’t be including tools like Ipswitch What’s Up Gold or products that are on their way out (end-0f-life) by vendor (e.g., NetView).

Event consolidation & root cause analysis

• BMC - Performance Manager
• CA - Spectrum
• EMC - SMARTS
• HP - Network Node Manager, Operations Manager
• IBM - Netcool
• Microsoft - Systems Center Operations Manager
• NetIQ - AppManager
• Quest Software - Foglight

A new product segment that has materialized that for now I’m going to go place here is log management where you maintain historical event/message/alert logs and then have historical reporting and applying advanced indexing and searching technology to quickly find the “needle in the haystack” problems. It also has application beyond operational availability management of the data center within the security space for compliance management.

• LogLogic
• LogRhythm
• Splunk

Next up will be the current Data Center Automation Functional Area of Performance and Capacity.