IBM

VMworld 2009: Chris Wolf warns of software, server licensing perils

Chris Wolf, virtualization expert and Burton Group senior analyst, revealed lesser known facts about software licensing in a crowded session at VMworld. He described terms, conditions and fine-print details that should not be overlooked, especially when dealing with Microsoft licenses.

Wolf began by commending IBM in making great progress with their licensing contracts in the last year; but he was quick to add that substantially more work would be necessary.

Wolf cracked jokes while guiding his audience through a minefield of licensing gotchas. Here are some of the more interesting points from his popular VMworld session:

• License tracking by physical resources is complex.
• When dealing with Microsoft licensing, read the fine print. Many times you cannot transfer licenses from one server or machine to another tariff free. Fees will add up quickly.
• Watch out, many software licenses are bound to physical hardware.
• Licenses assigned cannot be be reassigned, there are exceptions.
• Microsoft is within its legal rights to charge for additional licenses and transfers, migrations, etc. If you run into problems remember that Microsoft is not a monopoly and that there are are other choices of equal functionality.

 more VMworld coverage.

New IBM Rational change management interfaces boost interoperability

“Software development teams work with a wide range of tools, and their biggest challenge is making all the tools work together in a way that’s effective for their software delivery process,” Scott Bosworth, Open Service Lifecycle Collaboration (OSDL) program manager, IBM Rational, told me yesterday.

Today, IBM addressed that problem, announcing new change management interfaces for three IBM Rational products available now: IBM Rational Team Concert, IBM Rational Quality Manager and IBM Rational ClearQuest. OSDL spec support for IBM Rational Change is due in September.

The new IBM Rational interfaces are the first released on OSLC change management specifications released this summer. A 20-member software industry group founded by IBM, OSLC wants to increase tool data interchange via widespread adoption of industry standards. A similar IBM initiative achieved standards adoption for Eclipse client IDE.

“The promise is that in any part of the life cycle in which you need to see a change management interface, you could now integrate with any system that supports OSLC,” Bosworth said.

Bosworth explained that the OSLC change management specification and new IBM interfaces target common problems quality assurance (QA) and testing teams face in the software development process.

QA analysts will be able to use their tools at every step of the development and application life cycle, he noted. Tools are often used only for specific roles in the life cycle, Bosworth said, and they typically have their own ways of storing data and presenting data. This change management specification was driven by the need for integration between quality management tools to be able to find, locate defects stored in a change management system.”

Software testers will be able to upgrade their tool choices as more and more tools provide the interface, the tools become more pluggable, Bosworth said. “They get more choice and easier-to -maintain integrations.”

These kinds of integrations would be applicable to any type of change management systems, according to Bosworth.

“People have existing change management systems for different reasons, like for a project that has some complexity like the technical purchase of a company. They need to have a common way of integrating change management systems with other tools.”

As an example of such integration, Bosworth mentioned recent work on IBM Rational Quality Manager.

“We set out last year to have Rational Quality Manager and Rational Team Concert integrated. We could have done that in a one-off fashion, which is traditionally how these things are done. Instead, we used the OSLC approach in which we defined common set of resource descriptions and described common services interface that would interact with any change management system in a consistent way.”

Over time, OSLC plans to move beyond change management area to requirements and quality management, software estimation, reporting, software configuration management and more domains, Bosworth said.

.

Tester’s view: IBM buys source code analysis company

In a press release yesterday, IBM announced it would be acquiring Ounce Labs Inc., whose software helps companies reduce the risks and costs associated with security and compliance concerns. IBM will integrate Ounce Labs products into its Rational software business.

For those who might not be familiar, the current lineup of Ounce products include:

• Ounce Core is their security source code analysis engine, used to assess code, enforce rules and policies, and it houses the Ounce security knowledgebase
• Ounce Security Analyst scans, triages and assigns results, and manages security policies allowing you to take action on priority vulnerabilities.
• Ounce Portfolio Manager delivers at-a-glance metrics and information to manage risk enterprise-wide.
• Ounce Automation Server augments Ounce Core by integrating and automating scanning, publishing, and reporting in build environments.
• Ounce Developer Plug-Ins helps pinpoint vulnerabilities and provides remediation advice for rapid fixes.

For those familiar with the latest offerings of IBM Rational, it comes as no surprise that the Ounce Labs products will be offered as part of the IBM Rational AppScan family of Web application security and compliance testing solutions. The current suite of IBM Rational tools (AppScan and Policy Tester) provide some of the basics around security vulnerability scanning, content scanning and compliance testing, but they aren’t as full featured as their competitors products.

When the current Quality Manager suite of tools from Rational came out a year (or so) ago, I was quite happy to see AppScan integrated more closely with the testing products. And over the last several years, Rational has done a better job of integrating their testing and development platforms — moving the tools to a common platform/IDE, etc. Hopefully the addition of the Ounce products will continue that trend of bringing team members together in a common toolset.

For more information on the acquisition, SearchSecurity.com has the full story.