Data Center Connect Newsletter

Ready Or Not, Tablets Are Coming

Cynthia Harvey , Processor.com — Tue, 01 Mar 2011 05:00:00 GMT

Minimize The IT Headaches Caused By The iPad & Other Tablets

Key Points

IT managers can reduce some iPad headaches by familiarizing themselves with the devices, quickly updating corporate mobility policies, finding a good security solution, and prioritizing platforms and apps that are most important for their business.
IT departments that lead the way instead of resisting the introduction of iPads generally enjoy greater success—and a better image within the company.

UNTIL RECENTLY, MOST EMPLOYEES got the hardware and software they used for work from work. However, today’s employees are beginning to demand the ability to use their own personal devices to do their jobs. This trend toward the “consumerization” of IT has been particularly pronounced in regards to Apple’s iPad tablet.

In a Sybase survey, the No. 1 reason people cited for wanting an iPad was for working on the go. C-level executives, in particular, have embraced tablet PCs, often demanding that their IT departments support them. However, just because executives and employees want to use the iPad for work doesn’t mean that the IT department shares their enthusiasm.

Supporting the iPad and other tablets brings a lot of headaches: IT has to redevelop applications so they can run on mobile platforms with touchscreens. They have to deal with security issues and set policies on how the devices can be used for work and who will pay for what. And they have to prepare for help desk calls and sometimes unrealistic employee expectations.

“On the other hand, they know they’re cool,” says Ted Schadler, vice president and principal analyst at Forrester Research. Most IT departments want to enable their employees to use the latest, greatest technology and experience the benefits tablets bring. Fortunately, experts say IT can experience those benefits while minimizing their headaches with a few simple steps.

Get Some Experience

Because they’re so new, many IT staffers and managers have never really used the iPad—or any other tablet PC—and aren’t aware of their advantages and limitations. “You have to at least get experience with the product,” Schadler says. “So get a bunch of them in. Get some experience in your security group, your device management group.”

Increased familiarity with tablets will help IT set policies, prepare their help desk staff, address security issues, and manage the devices.

Article by Cynthia Harvey for .

This Is Jeopardy

Kevin Heslin, Mission Critical — Tue, 01 Mar 2011 05:00:00 GMT

Watching a new age of computing in a familiar place

With the words, "This is Jeopardy", Dr. Jim Hendler (Constellation Professor, Tetherless World Research Constellation) kicked off last night's edition of Jeopardy, the long-running television game show.

Perhaps for the very first time, host Alex Trebek did not utter his signature words to kick off the program. Hendler held that honor, at least last night at Rensselaer Polytechnic Institute's (RPI) EMPAC facility where hundreds of Institute students, alumni, faculty, and friends gathered to watch a computer contest two skilled humans in a contest of knowledge, language, word play, and witticisms. It was a venue, in short, in which the humans rooted for the computer and "Geeks ruled." I'm looking forward to returning to my alma mater again tonight for the "Double Jeopardy" and "Final Jeopardy" portions of the contest.

As Trebek explained to last night's national television audience, the folks at IBM approached Jeopardy to gain the show's cooperation in a project that tests the limits of our ability to program computers. The result is a three-party Jeopardy broadcast in which Watson, a computer housed in an IBM facility in Yorktown Heights competes against former Jeopardy champions Ken Jenkins and Brad Rutter.

RPI alumni David Ferrucci (94), Chris Welty (95), and Adam Lally (98) all played key roles in developing Watson and overcoming the barriers that prevented earlier generations of computers from understanding that nuance of human language, making RPI an ideal host for a community screening of the event. Institute President Shirley Jackson led a panel discussion that examined these issues and talked about the development process. The panel included Welty, Hendler, and Jim Myers, director of the Computational Center for Nanotechnology Innovations. A panel at tonight's event will also include Lally. I'll be Tweeting live (#rpi), if you want to follow the proceedings. To learn more about Watson, visit the IBM website. Currently 56 percent of the voters (60,704) expect Watson to win, according to a poll that is open on the IBM website.

Judging from a short video, Watson appeared to be only about 10 fully loaded racks, which I found surprisingly small, given the amount of data, the limited processing times, and the complicated algorithms required to meet the challenge posed by Watson's human competitors. I'm sure Watson uses a lot of energy too. Trebek made note of the high heat and noise levels Watson generates, so IBM had to address the problems to keep Watson on line.

I am most impressed by the impact Watson had on my guests at RPI last night, two 16-year girls, my daughter Brigid and her friend Rebecca. Both enthusiastically listened to a panel discussion that they could not have understood well because of a lack of background. Not only did they want to return a second night, they recruited their friend Priscilla and Rebecca's younger brother Benjamin and mother to join them.

As both girls are starting to think about college, I happily drafted Watson into our conversations intended to broaden their horizons and raise their goals. The pure enthusiasm of the mostly undergraduate audience also helped, as did the free food and t-shirts.
Many in the audience were awed at Watson's success in the first round of Jeopardy. I'm more amazed at how a roomful of computers could spark young imaginations. Let's call it a Watson Moment, and we should learn how to take advantage of innovations like this.

Article by Kevin Heslin for .

Is "Outsourcing" a Bad Word in IT Anymore?

Jeffrey Clark, DATACENTER Journal — Tue, 01 Mar 2011 05:00:00 GMT

Is “Outsourcing” a Bad Word in IT Anymore?

For many people, the word outsourcing evokes images of corporate downsizing, pink slips, and mediocre customer service from foreigners with difficult-to-understand accents. But is outsourcing necessarily an economic evil? Is it only the tool of diabolical CEOs (and other executives) bent only on maximizing profits, or does it have a legitimate place in business?
The answers to these questions, needless to say, have a tremendous effect on one’s view of outsourcing in the context of IT. As companies continue to tighten their budgetary belts in the aftermath of the recent economic downturn and the current sluggish recovery (whose very existence is, at best, debatable), IT outsourcing may be losing some of its negative overtones. The cloud, for instance, is nothing more than IT outsourcing on a grand scale—and it’s on an upward swing.

What’s So Bad About Outsourcing?

An honest and fruitful discussion of any topic requires an understanding of what certain critical terms mean. In this case, what is meant by outsourcing? Outsourcing may mean different things to different people (or organizations), but in its broadest for, outsourcing is delegation of some task or set of tasks to another person or organization. In these terms, it certainly doesn’t seem so bad.

Almost everybody outsources certain tasks. Do you hire an accountant or other individual or company to file your taxes? Then you’re guilty of outsourcing. Do you hire someone to mow your grass? Fix your car? Babysit your children? You’re guilty. But few people see these activities as evil; sometimes—whether for the sake of safety, convenience, or money—hiring someone else to do certain jobs is the best option. Most people, for instance, would do better having the brakes on their cars repaired or replaced by a professional instead of by themselves. Similarly, the time some people would otherwise spend filing taxes is not worth the relatively modest fee for having a professional tax preparer do the work. We all outsource regularly, and no one complains.

Now, consider outsourcing in the context of business. At this level, something changes relative to the level of the individual, and that something has garnered a negative reputation for outsourcing. But is there any difference when a business decides to hire someone else to do work that would otherwise be too expensive, too time consuming, or too difficult to do in house? Why should a business started for the purpose of manufacturing widgets spend its precious time on tasks like filing taxes, cleaning uniforms, and repairing computers?

For some reason, some people have the (often implicit) idea that for any task necessary to running a business, that business should have a full-time employee. Of course, this system is patently impossible for small businesses, many of which cannot afford additional employees or “jacks of all trades.” In the context of large businesses, however, failure to use employees is a violation of truth, justice, and the American way—especially if that business instead uses foreign workers or organizations to do certain work.

This leads to a differentiation that must be made to clarify the issue of outsourcing: not all outsourcing involves foreign workers. (Use of foreign help is often called “offshoring” to differentiate it from domestic outsourcing.) Furthermore, not all outsourcing involves laying off existing employees: some companies may have never hired an IT staff in the first place, and yet they still rely on other organizations to meet their IT needs. And finally, despite jingoistic sentiments that paint offshoring as a slap in the face of America, offshoring is not necessarily wrongheaded.

So, outsourcing is not inherently evil. Like so many business (or personal) strategies, it is a tool that can be used properly or improperly. For historical reasons, outsourcing may have gained its bad reputation owing to association with layoffs of existing employees, reliance on foreign labor, and other circumstances that have gained it political and public disfavor. But what about outsourcing in the realm of IT, specifically?

What Is IT Outsourcing?

Outsourcing of IT is pretty much just what it sounds like: hiring another organization to provide the company with IT resources, thereby eliminating the need to maintain infrastructure and IT personnel in house. That’s simple enough; what’s more complicated, though, is the variety of ways and extents to which IT outsourcing is used. Some companies might outsource a portion of their IT infrastructure or services—they might rely on Gmail, for example, instead of an in-house email system. Others might outsource essentially all of their IT resources to the cloud, essentially just maintaining an Internet connection for workstation access to those resources.

Although some stigma remains regarding IT outsourcing (especially to foreign organizations), that stigma has relented, in part because of a change of terminology. That stigma, following the lines of the discussion above, has revolved around a “loss of American jobs,” company disloyalty to its employees, and similar broad (and sometimes inaccurate) sentiments. So, what happens when the name of a useful or profitable policy gets a bad reputation? Change its name.

In the case of IT, outsourcing has been re-termed the “cloud” and re-presented along with its high-tech trappings. According to CIO.com (“Cloud Computing is Just Outsourcing, Says Forum”), for instance, principal research analyst Adrian Davis of the Information Security Forum stated that the “cloud is just outsourcing. You can rely on knowledge of how you do outsourcing to an extent,” as long as you pay attention to the peculiarities of cloud computing as one particular type of outsourcing. Indeed, the cloud is just another form of outsourcing, as we have defined it: a company hires another company to do certain tasks, rather than doing those tasks in house. From this perspective, the cloud is really nothing new, although it may involve some slightly novel twists on an old theme.

IT outsourcing may involve relatively minor tasks such as web development and hosting, or it may involve more complicated tasks like application development, infrastructure hosting (such as colocation), or technical support. Thus, IT outsourcing can involve hiring outside organizations for small items all the way up to handling a company’s entire IT system.

Who Is Outsourcing?

Whether a company outsources its IT or keeps it in house is usually the product of a variety of factors—although some companies make wiser choices than others. Outsourcing is not limited to large or small companies; some small companies may benefit from in-house IT despite the startup and ongoing operational costs, and some large companies may benefit from outsourcing, allowing them to focus on their core businesses rather than on IT infrastructure. But certain industries face challenges that make outsourcing more or less beneficial. For instance, the financial sector faces regulatory hurdles that make reliance on cloud computing difficult, if not impossible. The health care industry must meet regulatory requirements regarding security and confidentiality of patient records, but it is also seeking to expand availability of those records to allow easier and faster access by authorized health professionals.

But the biggest draw may well be (perceived) savings—usually measured in terms of cost (dollars), but also in terms of time (which often translates to dollars). Imagine your car just broke down. You have two options: fix it yourself, or hire a mechanic to fix it. Taking the car to a mechanic (the outsourcing option) and fixing the car yourself (the in-house option) will likely involve the same (or similar) cost for parts. The difference in cost is the labor of the mechanic. So, fixing it yourself is cheaper, right? Not if your time has any monetary value. In the context of business, an employee who must do a job outside his or her expertise faces a learning curve as well as a lack of experience. And every hour spent on this other task is time not spent on that employee’s area of expertise—meaning lost value. Thus, outsourcing is not necessarily more expensive than the do-it-yourself (in-house) option; in fact, it can potentially be less expensive. Furthermore, hiring a dedicated in-house IT staff may also be more expensive than simply letting another company (who can amortize costs over multiple clients) do the work.

In many ways, then, the question of who is outsourcing cannot be restricted to a specific industry, company size, or company budget. Each company has its own set of goals and restrictions (whether budgetary, regulatory, or practical) that will largely determine whether outsourcing is a viable option.

IT Outsourcing and the Economy

One of the main features of the recent economic downturn is the high unemployment rate—including among IT professionals. This economic reality doesn’t necessarily improve outsourcing’s reputation, but it isn’t necessarily its enemy, either. For instance, a company that outsources (specifically, offshores) IT jobs is likely to receive flak for not hiring American workers, many of whom are having difficulty finding work. But many companies are also facing tight budgets, and taking a cheaper IT route may be the only option in some cases.

Despite the recent economic woes, however, IT outsourcing has not increased greatly. According to CIO.com (“Goodbye Outsourcing, Hello Insourcing: A Trend Rises”), for the past year, “most outsourcing analysts agree that the level of IT services deals sealed has held relatively steady, year-over-year. The total value of outsourcing contracts signed in 2010 was $62.4 billion, according to outsourcing consultancy TPI, a figure that’s pretty consistent with their last five years of total contract value data.” In other words, throughout the recession, IT outsourcing has remained largely flat, at least according to this metric.

Computerworld (“As Cloud Grows, IT Hiring Flatlines”) notes that “Corporate IT departments are increasing their spending on hardware and cloud services, but not on new hiring in this weak economy.” The article also cites Computer Economics VP of Research John Longwell as indicating that “the number of organizations that are turning to software-as-a-service (SaaS) is rising rapidly. About 36% of the firms they surveyed have SaaS in place, which is up from 24% in 2009. Longwell said that the use of SaaS is a form of outsourcing and enables companies to reduce some of their capital and staff support.”

But what about the savings associated with IT outsourcing? They may not be quite what one would expect. CIO.com (“The Hidden Costs of Offshore Outsourcing”) notes that the savings associated with outsourcing (particularly, offshoring) may well be much less than the typical salary of a foreign IT professional might indicate: “it takes years of effort and a huge up-front investment,” and “for many companies, it simply may not be worth it.” Some industry observers and IT professionals make similar arguments regarding outsourcing to the cloud: it may sound good in theory, but the costs compared with more-traditional approaches to IT simply are simply too high. Some of this problem, again, may result from an apples-to-oranges comparison. Not every business, nor every industry, has the potential to save money by outsourcing. In some cases, in-house IT may provide a much cheaper alternative—it all depends on the needs of the company.

Thus, if IT outsourcing doesn’t necessarily deliver tremendous savings across the board for all industries and companies, one would naturally expect not to see a broad-based increase in outsourcing in a weak economy. Some companies, or even industries, may see some variation as they “test the waters” of outsourcing, perhaps going too far and then pulling back.

Conclusions

Outsourcing may have had a very bad name at one time, having been associated with the notion of robber baron companies interested only in profits and not in their workers’ livelihoods, but these sentiments are no longer firmly entrenched in the minds of many. In the IT industry, outsourcing has partly increased its appeal through better packaging and improved marketing: by calling it “the cloud” or “software as a service” (and similar x-as-a-service terms), outsourcing drops some of the baggage that burdens it (especially in other industries). To be sure, however, IT outsourcing is not limited to cloud services, although these may be the current public face of IT outsourcing.

But the human factor cannot be entirely dismissed. The IT industry is still suffering from a high unemployment rate among IT professionals, and outsourcing by companies (and, in particular, offshoring) does little to boost outsourcing’s image in light of these employment conditions. Nevertheless, the unemployment problem in IT (which, according to Computerworld, has a greater rate than in other professions) may be due in part to a glut of IT professionals and not solely a down economy.

The word outsourcing is probably not so much a bad word in IT as it is an uncertain one. IT outsourcing to the cloud seems to be growing, but not everyone agrees that the cloud provides a better value than more-traditional approaches to IT. Furthermore, some companies simply cannot use the cloud, owing to regulatory or other considerations. In an event, it is highly unlikely that the cloud will ever become the entirety of IT: a large portion of users and companies will no doubt want to retain control over their IT resources. The future of IT is likely a mix of cloud, traditional IT, and hybrid approaches.

IT outsourcing as a general trend seems to be a mixed bag, with some amount of retreat but some increased investment (particularly in the cloud). The economic value of IT outsourcing is not entirely clear—whether it pays off to outsource instead of using in-house IT depends on many factors that are peculiar to the different industries and to individual companies within those industries. Thus, even in light of the current weak economy, IT outsourcing is unlikely to spike, even if the hoped-for recovery continues to languish. Thus, for IT, outsourcing may not be a bad word or a good word—just another legitimate option for running a company.

Article by Jeffrey Clark for .

IT and Productivity

Lauren Cox, Technology Review — Tue, 01 Mar 2011 05:00:00 GMT

Information technology can continue to boost productivity, as long as businesses use it to innovate.

If companies learn to make strategic decisions based on rigorous data-driven experimentation and analytics, not only will they see larger profits but they could drive the next great boom in productivity—which is in turn key to national wealth and standard of living, says Erik Brynjolfsson, a professor at MIT's Sloan School of Management and director of the MIT Center for Digital Business.

It's not simple to tease out the relationship between IT investment and labor productivity, or economic output per hour of labor worked (see "U.S. Labor Productivity Growth"). Between 1973 and 1995, productivity grew by only 1.4 percent annually. But it jumped much more from 1996 to 2003, and economists recognized that IT investment had taken time to pay off.

Article by Lauren Cox for .

Social Networking's Balancing Act

Julie Knudson, Processor.com — Tue, 01 Mar 2011 05:00:00 GMT

Appreciate The Value While Avoiding The Pitfalls

Key Points

Remember that social networking applications come with storage demands, especially in the face of compliance requirements.
Consider network resource needs when evaluating potential social networking applications.
Select platforms that meet each business unit’s functional requirements as well as IT’s infrastructure needs.

SOCIAL MEDIA HAS BECOME a legitimate business tool. It’s used by companies of every size and in almost every industry to engage customers, collaborate with partners, and distribute new information. But some data centers continue to have difficulties managing the concerns presented by these new communication pathways.

“A lot of the issues that folks are grappling with have to do with information security, leak prevention, [and] understanding why people are using these tools and what they’re using them for,” says Eric Young, senior director of field services at FaceTime Communications (www .facetime.com). He notes that IT groups should remember social networking is just another way for a company to meet its goals, and managing it isn’t really all that different from other communication platforms already in use. “Organizations need to get their hands around it to be able to provide the same types of controls they have around any type of business-sanctioned tool.”

Plan For Storage & Scalability

The amount of data generated by social networking platforms is deceptively large. “What’s going on today is that there are a lot more packets of data being passed around,” says Wendy Steinle, director of product marketing for Novell Vibe at Novell (www.novell.com). “Think about these short messages that people are sharing. There’s this enormous volume but the size of each is a lot smaller.”

Steve Chan, vice president of business development at ZL Technologies (www .zlti.com), agrees that storage is often a concern. “It’s little tidbits here and there, but they start to chain together and to some degree the volume is a big issue,” he says, adding that organizations can proactively address storage issues by carefully evaluating the scalability of potential systems. “When you get to a large volume, to capture and maintain that data and be able to search it quickly . . . becomes very difficult, and that’s the challenge that a lot of vendors are actually having to face these days.”

Consider Your Bandwidth

Bandwidth requirements are often overlooked during the planning and implementation phase, only to cause problems later. “The other issue from an infrastructure perspective is that you really have to look at the pipes that are supporting your whole network,” Steinle says. “And while a lot of IT organizations are perhaps getting more of their services through the cloud, other transformations have to occur in the data center to support the flow of information that’s now happening online. You may end up having fewer servers in your data center, but you better have stronger pipes to connect to the flow between your users and the cloud.”

Resource-hungry applications are another issue. “Generally what folks do is limit the bandwidth-intensive components of these applications,” Young says. “They’ll say it’s OK to use Facebook but we’re going to disallow videos, which are big bandwidth hogs.”

Enterprises may choose to ramp up existing resources to support the increased traffic, clamp down on applications that utilize a lot of bandwidth, or some combination of the two.

Article by Julie Knudson for .

Boost Your Enterprise Security

Christian Perry, Processor.com — Tue, 01 Mar 2011 05:00:00 GMT

TODAY’S ENTERPRISE SECURITY landscape is littered with sophisticated threats that are designed to quickly and effectively leech information and other assets. Boosting enterprise security often requires a multipronged approach that covers security from several angles, so consider the following tips that can thwart malicious types from infiltrating your organization’s perimeters.

Improve Your Processes

You can populate your data center with the latest and greatest security tools, but if solid surrounding processes aren’t in place, those tools will not meet expectations. Alison Andrews, CEO of Vigilant (www.thevigilant.com), recommends focusing on process improvements to immediately reduce overall risks and their associated costs.

“Create a map of key risk areas and a prioritized list of assets, which, if compromised, would have the greatest impact on your business, and put a process in place for keeping this up-to-date,” Andrews says. “Changes in the IT environment, introduction of new applications or business processes, and the evolution of security threats will all impact how you define key risks.”

She also advises that enterprises define action plans and roles so that when incidents do occur, appropriate resources can be mobilized to analyze and address each problem based on its criticality. Finally, after the dust settles following an incident, a post-mortem improvement process should be implemented to identify areas where logging filters, correlation rules, other device configurations, or the processes themselves can be tuned, she says.

Create A Position

Although it can be tough to initially justify creating a new security position in tight economic times, doing so might save your enterprise from massive security breaches in the future. Brian Beal, information security officer at Sensiba San Filippo, recommends hiring and empowering a dedicated security person, such as a CISO (chief information security officer), to create or improve a security management program for the organization.

“Having a network security engineer is great, but who’s responsible for making sure the entire enterprise, in addition to the network, is being secured?” Beal asks. “Many companies try to put the responsibility of security on the operation manager’s plate, but does that person have any security-specific training or background? Or do they even have the extra time it would take to develop a comprehensive security management program? The answer to both questions is typically ‘no.’”

Article by Christian Perry for .

Virtualization in the financial sector

Martin, BladeWatch — Tue, 01 Mar 2011 05:00:00 GMT

I got an email from Victor asking me if I had heard about virtualization being used in the mortgage industry, if it had been adopted by firms in order to deliver services or as a way of providing the IT infrastructure.

I emailed Victor back after a few days having spoken to a few colleagues and analysts, see my reply:

Hi Victor,
Virtualization is being used in a range of different business sectors from education to manufacturing and financial services, as to what elements of the infrastructure have been virtualized, and on what technologies I am unable to provide you with specifics.

In regards to it’s suitability for the mortgage industry, I suspect that would be a discussion for the individual business units or organizations to have, off the top of my head:

The benefits could be:

Consolidation of resources – doing more with less
More dynamic infrastructure – being able to allocate capacity on demand where it is needed
You can argue that it’s more energy efficient in terms of achieving more with less, say 4 servers instead of 16

Considerations:

Legilslative issues, there may be instances where for whatever reason my businesses or departments cannot run on the same physical platforms, the ‘Chinese Wall’ scenario though this is mainly an issue where we are white labelling (re-selling services under a different name or organization).
There might be some legacy platforms and applications which for operating system, cost or complexity might be best left to run on physical hardware when we do a cost benefit analysis.
Financial organizations are using virtualization, whether it’s in client facing production platforms or back office/development ones, is going to be a matter of internal IT and business policy combined with any operational issues involved. For example if you’re deploying ATMs it might be easier to deploy an ATM rather than a virtual ATM solution as we have ATM deployment processes, trained engineers etc.

Apologies for not going into specifics, I have spoken with colleagues in the business and IT space that work in retail banks and the financial sectors, they all use virtualization in different ways and for different reasons, some have adopted it fully, some have experimented the concept, others have rolled it back, again it depends on where you are in the IT space, business agility, business transformation, or lowest cost irrespective of platform to deliver the required services.

Article by Martin for .

Storage In The New Year

Christian Perry, Processor.com — Wed, 19 Jan 2011 05:00:00 GMT

Virtualization & The Cloud Will Continue To Reshape The Storage Landscape

Key Points

Experts anticipate a rise in storage virtualization as data centers focus increasingly on TCO, rather than capital expenses.
The coming year will breathe new life into information lifecycle management as companies look to reduce their budgets through changes to storage and archiving.
Cloud storage will continue its rise in popularity, as will hybrid clouds and private clouds that help enterprises to ease their transition to the cloud as a whole.

Thanks to innovations in virtualization and the cloud, the IT storage landscape has morphed wildly over the past few years. Organizations now have the power and flexibility to store data to suit not only their budgets and equipment, but also the mobility of their employees and customers. These technologies and others made great headway over the past year and should continue to transform technology in 2011, according to experts.

“The virtualization of more and more business applications and the rapid adoption of cloud technology means that storage strategies must shift from simply providing storage technology to managing storage and infrastructure as a service,” says Edward Newman, global service line lead for cloud and virtual data center infrastructure at EMC Consulting. “This will require a huge shift in storage operations for many organizations as they move their focus from simply managing storage technology to aligning with business and application stakeholders to manage the demand and capacity of their data and application services.”

Virtual Value

More than ever, organizations are turning to virtualization to do more with less "less equipment, less investment, less floor space. This concept has increasingly floated to the storage realm due to its ability to improve utilization and provide seamless data migration. Chris Marsh, IT market and partner development manager for Spectra Logic (www.spectralogic.com), predicts that storage virtualization and its tie-in with archival technologies will have a big impact in 2011.

“Data centers are facing requirements to reduce their budgets significantly, and the emphasis is on TCO, or annual cost, not on the capital expense side, because of the economy,” Marsh says. “Initiatives like active archiving and extending storage across multiple media types and onto tape is the most significant way to impact a company’s year-over-year cost per gigabyte of storage. Companies simply can’t get the rubber-stamp approval that they could a few years ago to purchase more and more performance disk.”

ILM To The Rescue

The amount of data stored at the average enterprise was already massive before 2010, but the rise of mobile applications and social networking has piled enterprise data even higher as more employees are working and communicating from remote locations. Still, data remains data, and most information eventually becomes obsolete, in turn placing the onus on data center managers to effectively manage the flow of information onto and off of storage systems.

Marsh predicts a rise in the use of information lifecycle management in 2011 as companies must increasingly address their approaches to storage and archiving "rather than just the products they’re using" to reduce their total cost. As data centers grow exponentially, the cost of stor-ing data is going to go directly under the budgetary microscope.

Into The Cloud

External cloud storage should continue its ascent in 2011, but internal "or private" clouds are slated to make a particularly big impact in the coming year as organizations become more familiar with the technologies and strategies around their deployment. Because businesses rarely trust their entire storage infrastructures to external cloud models, hybrid clouds that use both hosted services and on-premises archives should enjoy increased popularity in 2011.

Newman notes that many organizations are preparing for the move to the cloud by designing storage for enterprise private clouds. “The benefits to this approach include access to data from anywhere using ubiquitous Web-based tools such as REST [representational state transfer], automatic remote synchronization of updates to multiple geographic locations, automatic worldwide tiering, and compliance policy enforcement,” he says.

CDMI, or the Cloud Data Management Interface, also will have a big impact in 2011, says Rob Peglar, vice president of technology for Xiotech (www.xiotech.com), as it outlines a complete methodology for managing cloud storage via RESTful protocols and will help prevent vendor lock-in for cloud storage users.

Preparing For Change

Tomorrow’s storage technologies and strategies generally have agility and ease of use in mind, but managers can nonetheless start working now to prep their environments. According to New-man, this means preparing to go small and get dense. “If your data center is not already stuffed full of 2TB drives and straining your power and cooling capabilities today, it soon will be,” he says. “The major strategy emerging to deal with this challenge is to move toward small-form-factor drives with higher and higher densities but smaller power footprints.”

He also recommends that data center and IT managers adopt a more integrated view of their IT infrastructures to prepare for delivering IT as a service and infrastructure as a service. For example, integrated infrastructure offerings such as Vblocks could make sense for some environments. In general, he advises focusing on service levels, service catalogs, and service portfolios across the IT infrastructure to make it easier for business and application owners to understand, consume, and pay for services provided by IT.

“Data centers are also becoming more efficient in their use of power, cooling, and other ‘inputs,’ and storage strategies which leverage this trend will prevail,” Peglar says. “The overall business strategy of reducing operational expense is still very much in play in 2011, and efficient storage will win the day.”

Article by Christian Perry for .

Are Data Center Containers Sizing Up for an Explosion?

Jeffrey Clark, DATACENTER Journal — Wed, 19 Jan 2011 05:00:00 GMT

The two most common alternatives for companies looking to build a new data center or expand existing IT infrastructure are traditional brick-and-mortar construction (or retrofitting) and outsourcing, whether via colocation, the cloud, or some other similar approach. But an increasingly popular approach to IT facilities involves so-called data center containers. These words tend to bring to mind a rather industrial-looking box about the size of a tractor trailer. Data center containers might also go by the names data center in a box or containerized data center. But these names are generally not what manufacturers use: instead, many vendors are focusing more on their products’ ability to scale quickly and relatively inexpensively (at least in terms of capital expenditures) and to do so in an incremental manner that can serve customers planning both small and large facilities. Thus, many manufacturers refer to these products as modular data centers.

Regardless of their name, data center containers are broadening in both their form and the types of customers that they serve—a trend that may signal a growing market beyond the relatively small niche that data center containers initially served. And owing to a slow economy that is showing few signs of a speedy recovery, few companies are willing to make the kind of investment required to build a traditional brick-and-mortar data center. Cloud computing offers a potential means of outsourcing that is gaining wider acceptance in the market, but it necessarily requires relinquishing control of IT resources to another organization—a sacrifice that some companies may be unwilling to make, and one that other companies may be unable to make, owing to regulatory or other concerns. For companies that are stuck between these two options and that are unable or unwilling, for whatever reason, to go the route of colocation, data center containers may be an option.

What a “Data Center Container” Brings to Mind

Data center containers—as they are generally envisioned—involve 20-foot or 40-foot ISO-standard shipping containers. Bill Mannel, Vice President of Product Marketing for SGI, notes that “ISO-based shipping containers are currently a relatively narrow niche filled (typically) with military, homeland security, and local disaster-preparedness customers,” as well as “a few Internet properties that needed to expand rapidly” but didn’t have the time to build a traditional data center. In particular, containerized data centers are almost ideal for military applications, owing to their self-contained nature and mobility—two vital characteristics of IT equipment for situations where a base of operations must be able to move quickly and (potentially) over long distances.

Along with the mobility and self-contained nature of these products, however, comes some disadvantages. Not the least of these downsides is the less-than-tidy appearance that can result when a company plants a couple large containers in its parking lot. To be sure, a company’s customers might not end up parking next to these containers, but the issue of aesthetics is not unimportant: image, while not necessarily everything, is critical. But storing a data center container inside a larger structure, while possible (and some companies—especially large companies—do just this), may for some companies defeat some of the purpose of going the containerized route in the first place. Furthermore, containers stored outdoors must be able to handle inclement weather sufficiently well to protect sensitive IT equipment—a water leak right above a server rack, for instance, can quickly spell disaster.

Thus, the data center container market, at least in so far as it abides by the characteristics described above, has all the appearances of a niche. The potential advantages of data center containers (i.e., modular data centers), however, are leading vendors to innovate and to market their products beyond niche segments, such as the military.

Containers Versus Modular Data Centers

As mentioned previously, many vendors tend to focus more on the concept of a modular data center rather than a data center container. Although these two concepts are similar, they are not necessarily the same. Steve Sams, Vice President of Global Site and Facilities Services for IBM Global Technology Services, notes that with the increasing interest in data center containers has led to “some confusion…with the name modular data center, which is actually a broader market.” Modularity need not be limited to containers—especially the ISO-size containers that may come to mind when the subject is broached. Thus, the container market and the modular data center market are not interchangeable, but containers are to some extent the current face of data center modularity. As such, although distinctions between these two markets do exist and should be called out in some situations, the two markets will be considered to have a sufficient overlap that, for the purposes of this article, they are essentially the same.

(Modular) Data Center Containers: Who Are the Customers?

A company, when determining the best option for its IT strategy, must weigh a number of considerations carefully. For instance, in the case of cloud computing, the company must determine if the low capital cost, excellent scalability, and pay-as-you-go pricing sufficiently outweigh the loss of control of physical resources, involvement of a third party in data storage and resource provision, and security concerns of this form of outsourcing. Needless to say, the same weighing of advantages and disadvantages must be done for modular approaches as well. And just as the apparent advantages of cloud computing have led to predictions (and, to some extent, fulfillment) that it will become a major market for IT, the advantages of the container-based approach may be positioning that market for extensive growth as well.

Sams notes four major intended uses that draw customers to data center containers such as IBM’s Portable Modular Data Center: “remote locations such as mining operations where the ability to construct a facility is limited; portability such as military clients where the facility is resident in a location for a period of time and likely to move; temporary locations where a client has run out of capacity and needs something to tide [it] over a period of time, usually until an existing site is upgraded or a new one is completed; and unpredictable growth such as a new collocation facility.”

Furthermore, vendors of modular data centers are not limiting their focus to isolated industries. Wade Vinson, POD (Performance Optimized Data Center) architect for HP, identifies a broad marketing target for that company: anybody looking to expand or to retrofit existing data centers. No longer are data center containers (or modular data centers) limited to isolated markets such as high-performance computing and situations where rapid scalability is needed.

Mannel also recognizes a broadening of the container market, especially with SGI’s offering of modularity using much smaller increments: “our new ICE Cube Air [offers] a smaller start-up size (enough to put four racks under cover),” allowing customers to “expand in modest increments over time.” Such an approach puts modular solutions within reach for smaller organizations that may be “deploying racks in office space, retrofitting storage closets, [wanting] to ‘just fit in two more racks,’” and so on, and it “represents a significant broadening of the market versus the fewer customers using an ISO-sized shipping container.”

With the broadening of the market for these products, the stage is set for a potential growth spurt in container usage. Furthermore, because the market is not limited to military and other applications that could quickly become saturated with products from a few large vendors, potential customers may well see a wider variety of options. And greater choice may yield greater confidence in this option.

(Modular) Data Center Containers: What’s in It for Customers?

Data center containers aren’t limited to just a small niche or two. So what benefits might lead an average company perusing its IT options to choose containers (i.e., a modular approach)?

First, containers offer a fast path to an operational data center. This approach may not be as quick as calling a cloud service provider, which can get a company up and running with IT services in short order, but for companies that cannot or will not outsource for whatever reason, a container-based approach doesn’t require construction of a complete brick-and-mortar facility. In some cases, however, the modular approach may be the fastest option. According to Mannel, “Data center containers can be deployed in hours to days versus the traditional months to years to get a new brick-and-mortar facility approved and constructed, or an existing facility retrofitted and brought up to needed capability.”

Second, containers offer scalability and the ability to start small with low initial capital costs. Cloud computing may have an edge in this regard, in that a cloud-based solution can be deployed with little or no capital costs, but for companies that cannot or will not outsource, containers have a clear edge over a traditional facility. As long as a company is not planning to store the containers inside, building space no longer restrains growth in IT resources. A company that needs more resources can simply add on using another container, rather than potentially having to construct an entirely new facility or retrofit an older one to make room for more equipment.

This ability to quickly and easily scale capabilities along with the company’s immediate requirements takes a tremendous strain off planning and budgetary concerns. No longer does the IT department have to fight company management for funds to construct a facility that will meet that company’s IT needs into the foreseeable future; all the IT department needs to do is get enough to meet the company’s current needs. “We need this now” is must more easily justified than “we’ll need this five years from now,” especially in light of slow economic conditions.

This advantage is particularly beneficial for small companies, which may not have at their disposal the amounts of capital that larger companies have. Thus, Sams states that IBM containers have been used “by smaller companies, since they can create a new data center quickly” that meets “their exact needs and [provides] the flexibility to expand the data center easily as their business grows and their needs change.”

In addition, containers need not be the entirety of the solution. Vinson notes that the modular approach allows customers to add to existing infrastructure, not just rely exclusively on containers. Thus, for instance, a company with an existing data center that simply cannot meet demand could be quickly supplemented using some number of containers, thereby obviating the need to perform an extensive retrofit of the facility or, worse (in terms of capital cost), construction of a new facility.

Third, companies can purchase custom containers and any additional services from vendors to provide a complete data center solution. This approach, in some ways, makes for a simpler process of creating a new data center.

Fourth, data center containers offer power advantages that may beat some traditional facilities. HP’s POD, for instance, can have a PUE (Power Usage Effectiveness) of as low as 1.25. The self-contained nature of such products can permit more efficient cooling compared with the traditional approach, and this efficiency translates into lower energy bills. Thus, in certain situations, a containerized data center may well offer significant savings in both capital and operational expenses.

Finally, there’s all the other advantages that brought containerized data centers onto the scene in the first place. For instance, a data center container can be moved from location to location (at least much more easily than a brick-and-mortar building). Many potential customers, especially as the market broadens, may be uninterested in mobility, however. But some companies—even smaller ones—may need data center capabilities in a temporary location; in such cases, containers can be an ideal solution. The modularity of a container also allows companies to supplement even outsourced IT solutions: for instance, a company that wants to use a hybrid cloud approach could use a container as a relatively inexpensive way to add local IT resources to supplement public cloud resources.

So What’s Stopping Containers?

Just about every choice in life involves tradeoffs, and a company’s choice of a data center solution is no different. Given all the advantages, what is keeping containers from becoming the IT solution of choice? Partly, containers are fairly new. A novel approach to a problem may well be hampered by its novelty; this novelty, however, will eventually wear off, potentially opening the minds of many potential customers. To be sure, as the market grows, more companies will consider containers to be a viable solution (if for no other reason than that other companies are doing it, too).

As mentioned previously, aesthetics may work against containers, but even if they are kept outside a company building, the presence of containers need not be an eyesore if their owners, for instance, do a little landscaping or add a privacy fence. But it may always be difficult to beat the clean look of a single, well-architected building. In tough economic times, however, image may become less of a concern than capability: a data center with a less refined look is certainly better than no data center at all.

Containers that are stored outside must also be able to weather the elements. Inside storage is certainly a possibility, and some companies use this approach. But for others, this defeats the purpose of a container. Therefore, companies must be sure to select a container that is hardy enough to withstand outside conditions. Some people might still, however, worry about possible water leaks, for instance.

A lack of industry standardization may also be putting a damper on the growth of the market. Efforts are underway to resolve this situation, however, and increased standardization may simply follow as the market leaves its initial stages and begins to mature. In addition, increased standardization may also lead to lower prices and more options for customers.

Conclusions

Containerized data centers are beginning to leave behind the niche image, and their numerous advantages and flexibility give them tremendous potential. The question is simply whether the market will expand significantly and on what time scale. Certainly, all the factors are present for a (at least relatively) fast explosion of usage of these products, but markets are always unpredictable.

There is little doubt that data center containers are serving more than just the original niche customers, but how quickly customers in other areas will adopt this approach is unclear. With regard to density, for instance, Sams states that “although high density is a good match for container technology, the majority of customers are at relatively low average density today and shifting very slowly.”

Overall for data center containers, “the future is very bright,” according to Mannel. Certainly, this market has potential. Whether the market will take off in the near future, gain momentum more slowly, or simply stagnate for whatever reason, only time will tell. Nevertheless, containers will continue to serve their niche markets, and, no doubt, some companies beyond those niches.

Article by Jeffrey Clark for .

How To Avoid Undermining Your Cloud Initiatives: Intelligent Application Mobility

Duncan Johnston-Watt, DATACENTER Journal — Wed, 19 Jan 2011 05:00:00 GMT

Traditional approaches to scaling and distributing transactional applications need careful implementation and are not amenable to frequent reconfiguration. Consequently, these methods are only suitable for situations in which you are master of all you survey—and you are prepared to over-provision resources to reduce the need for reconfiguration. As such, these methods are major stumbling blocks to taking full advantage of the elasticity and cost benefits of cloud computing, whether you choose to work in private, public, or hybrid clouds. To remove these roadblocks, companies need to embrace a new approach to scaling and distributing applications. In short, we need to get smart and exploit intelligent application mobility.

To realize the full benefits of cloud computing, application services must be built in a way that gives cloud providers the freedom to deploy them in the most efficient way while respecting any business constraints.

The principle of building systems for flexible deployment has been well understood for many years by web application developers, who use short-lived stateless event processing to great effect. The beauty of this approach is that it doesn’t matter which instance of a web server handles any given request. You can have as many instances of a web server as are needed to handle any given workload, with a load balancer dynamically spreading the workload across those instances. Your web server farm can be scaled out or scaled back very easily—a great example of “elasticity.” The flexibility and location transparency inherent in web applications makes them ideally suited to running in the cloud. The cloud provider can create as many or as few instances of an application service as are required to meet the demand at any given time, delivering the elasticity and pay-per-usage advantages of cloud computing.

The picture changes radically for the applications that enterprises typically use to run their businesses. These applications are stateful and transactional, typically with significant data contention that needs to be carefully managed. Consequently, there are many more constraints on processing and on how transactional applications are designed and scaled. Maintaining these constraints is rarely a problem when there are only a handful of occasional users. When you need to scale-out your application to handle increased volumes or to service users in multiple geographies, however, then the constraints required by transactional applications cause them to become increasingly rigid to achieve the required scale while maintaining transactional integrity.

A traditional means of scaling transactional applications is to statically partition resources and to route subsets of the workload to each partition. A typical configuration might involve dedicating the first server machine to requests relating to items in the range A–E, the second to F–J, the third to K–N, and so on, with a message broker sitting in front of this group of server machines to route requests to the correct machine. Not only is this partitioning static, but you have to ensure you allocate sufficient processing resources to each partition to handle its maximum workload. This “just in case” provisioning of resources is necessarily wasteful most of the time. It also means you have to constantly monitor actual usage to identify when the current partitioning scheme is becoming inadequate, at which point you must undertake a painful re-partitioning exercise. Hence, the static partitioning model is wasteful in operation and expensive to maintain. It is especially wasteful in cloud environments, as the approach’s rigidity prevents realization of the full elasticity and cost benefits of cloud computing.

An alternative means of scaling enterprise applications is often referred to as “instance-on-demand” or “replication everywhere.” Using this design pattern, there is no partitioning of applications or application services. Instead, additional instances of the entire application or the entire application service are created whenever you need to scale out. Conceptually, this approach re-creates the flexibility and location transparency of traditional web applications because any instance of an application service can handle any request, and you can scale-out by adding as many instances of the application service as needed. It is naïve in the extreme, however, as the constraints required by transactional applications invariably limit this approach’s effectiveness. For example, to ensure that all instances have a consistent up-to-date view of the world before processing any transaction, any change made by an application service needs to be simultaneously propagated to all other instances. Many products attempt to address this problem of distributed data contention, typically by introducing a caching tier, but this inevitably creates inefficiencies that limit scalability, which again limits the potential elasticity and cost benefits of cloud computing.

Removing these impediments requires a new approach to scaling and distributing transactional application services: one that revisits fundamental requirements based on first principles.

1.    Finer-Grained Scalability and Distribution

Decomposing an application into coarse-grained services so that services can be individually distributed across multiple machines is a well-established pattern for scaling a transactional application. Effectively, the service is the unit of scalability. The finer grained the decomposition, the greater the number of services and the greater the number of machines a transactional application can scale across before partitioning or replication is required.

The number of services into which an application can be decomposed is limited; therefore, the scalability achievable in this way is equally limited. Within each service, however, are a potentially unlimited number of segments. If a segment becomes the unit of scalability, then a service can itself scale out by distributing individual segments across multiple machines, thereby dramatically increasing scalability (typically by orders of magnitude).

For example, a stock trading application consists of a number of services, one of them being the “order book” service (where bids and asks for stocks are recorded). The order-book service contains any number of individual order books, one for each stock being traded. The order-book is an example of a segment. If a segment (rather than a service) is the unit of scalability, then the order-book service is dramatically more scalable—anywhere up to the point where a machine is allocated to each individual order book!

2.    Mobile Segments

The potential of much-finer-grained scalability can only be fully realized if segments are mobile; that is, they can be dynamically moved across multiple resources. Without mobility, the way you initially deploy the segments is the way they stay deployed, which effectively provides nothing more than an alternative (albeit enhanced) mechanism for statically partitioning a service.

The importance of mobility is well established, as evidenced by VMotion from VMware and Live Application Mobility from IBM. These forms of mobility, however, apply at the infrastructure level only (virtual machine or LPAR), whereas what’s needed now is mobility for very fine-grained segments of a service.

Segment mobility enables changing the configuration of segments dynamically. When a service needs to scale out, individual segments can be moved to one or more additional servers, including across data centers and regions, to increase the processing power and throughput available to the service as a whole.

3.    Mobility Must Not Interrupt or Degrade Service in Any Way

A limitation of conventional mobility technologies is that services are temporarily paused when they are moved, and moving entire virtual machines or LPARS can take quite some time to complete, even within the same data center.

One of the advantages of mobility at the segment level is that it offers the possibility of fine-grained resource optimization and very precise scalability. Individual segments can be redistributed dynamically between available resources to continually achieve the best resource allocation to the total workload.

Continual resource optimization is only feasible if frequent reconfiguration is possible, which requires the ability to move transactional segments with zero interruption or degradation to service, which in turn means you have to be able to move segments while they are still running and without pausing them.

4.    Near-Instantaneous Mobility

Another advantage of mobility at the segment level is that moving segments is orders of magnitude faster than moving entire virtual machines or LPARS. Moving even large numbers of segments typically takes just milliseconds. Hence, combining this with the ability to avoid any interruption or degradation to service yields the potential to be almost instantly responsive to changes in workload and to precisely match resource usage to rapidly fluctuating workloads.

This capability is critical for realizing the full elasticity and pay-per-use benefits of cloud computing.

5.    Full Mobility Across the Wide-Area Network

There are several scenarios where mobility over the wide-area network is tremendously valuable. For example,

-    The ability to dynamically move processing to the locations where the greatest demand is being generated
-    Relocating segments closer to a user to improve latency
-    “Follow-the-sun” processing
-    Using the most cost-effective computing resource, perhaps in data centers that are underutilized or clouds that are offering the best spot prices
-    Disaster recovery

Again, segment-level mobility makes it very fast to relocate some or all of your applications across geographies and clouds, and when this is coupled with zero interruption or degradation to service, then resource optimization and precise scalability of transactional applications becomes possible at the global level.

6.    Automatic Governance and Control

With the capabilities described above, we are looking at the potential to fully exploit the benefits of cloud computing via highly mobile application segments that can dynamically and continuously reconfigure themselves, including across geographies and clouds, in response to changing workloads, resource availability, user demand, performance criteria, and costs.

With so many factors in play, transforming the potential benefits into real benefits is only possible by fully automating the management of these capabilities. This requires the following:

-    Continuous, real-time monitoring of workloads, capacities, resource availability, user demand, locations, costs, and so on
-    matching these monitoring data against business policies in order to determine when, where and how to respond to changes in any of the above

Using a policy-based framework to automate the management of a dynamic application is not just essential for driving down the cost of management and driving up the elasticity benefits of cloud computing. It’s also essential for ensuring that good governance is enforced. For example, in many industries, regulations govern where data processing and storage must and must not take place—a policy framework that is geo-location aware can ensure compliance with such regulations even as data and processes dynamically move around a cloud.

Bringing It All Together: Intelligent Application Mobility

To liberate transactional applications from the constraints of traditional approaches to scaling and distribution, and thereby ensure they can take full advantage of the elasticity and cost benefits of cloud computing, a new approach is needed. This approach must be based on the high-speed mobility of fine-grained application service components, where their deployment is automatically managed in real time by user-defined policies to ensure continual optimization and compliance. Collectively, these capabilities are known as intelligent application mobility. Intelligent application mobility is essential if we’re to make the full benefits of cloud computing available to transactional applications.

Article by Duncan Johnston-Watt for .

2011 Security Trends

Elizabeth Millard, Processor.com — Wed, 19 Jan 2011 05:00:00 GMT

Securing Mobile Devices & Preventing Malware Are Paramount To Protecting The Enterprise

Key Points

Mobile devices will come to the forefront of security, as more people use them to manage business contacts and information.
The FISMA 2.0 regulations that pertain to how federal agencies manage security are likely to influence changes to the private sector.
Malware and viruses will continue to be big threats to SMEs, especially as malware breaks through virtualization technologies.

Security is always a fast-moving area for trends, and the coming year should be no exception. From mobile device lockdowns to social media concerns, 2011 is likely to be rife with security challenges and opportunities. Here’s a look at what SMEs might see.

Mobile Devices

Enterprises have dealt with mobile devices for a long time, but increasing operating system complexity and the pace of device change will boost security issues in this area in the year ahead, experts believe.

Research firm IDC predicts that by the end of the next year, mobile device shipments of new units will have increased by 55%, and research firm Gartner estimates that in the same timeframe, 1.2 billion people will be using phones with rich Web capabilities. “Increasingly, these are devices that sales and business use to keep all their contacts,” says Pierluigi Stella, CTO of managed security firm Network Box USA (www.networkboxusa.com). “They need to integrate with the desktop to transfer diary, address, and backup.”

The architecture of these systems is going to be critical in terms of security, he adds, because not all of the devices will have push technology that keeps the systems secure. This will be a concern going forward, he believes, despite the number of viruses for mobile devices being low right now.

The increasing presence of mobile devices introduces a new aspect of security for some companies, which leads some to believe that a new security protocol will be put in place to enhance protection, notes Anup Ghosh, chief scientist and founder of security firm Invincea (www.invincea.com). “This enhanced security protocol will assist in protecting data from being shared outside the company’s network, whether by accident or on purpose,” Ghosh says.

Malware, Viruses & Worms

Zero-day vulnerabilities will continue to be one of the biggest threats to SMEs as the majority of antivirus vendors take about five hours to provide solutions to new threats, according to Simon Heron, CTO of Network Box UK. He believes companies should investigate how to get protection faster.

“Increased scrutiny will be required as viruses become more subtle, hiding more effectively,” he says. “Scanning internal and external networks for installed malware will be more common [to help identify] malware that attempts to be unobtrusive.” An example of this, Heron says, is the Conficker worm, which sat quietly on infected systems but responded on TCP port 445, enabling companies to remove the threat before it became active.

In terms of malware, a large concern is that more malware will attempt to break through virtualization, says Fred Touchette, senior security analyst at AppRiver (www.appriver.com), an Exchange hosting provider that offers managed virus, spam, and email protection. “Many breeds of malware today can detect if they are running within virtual machines and make adjustments or shut down altogether in order to evade detection, but only a few proof-of-concept viruses have actually attempted to break free into the host machine,” he says. “I expect to see more of these in the near future.”

Touchette also expects more fallout from the Stuxnet worm, which was first discovered in July 2010. The worm targeted critical infrastructure and very specific targets, he notes, and it’s likely that there will be more attacks made in this fashion.

Standards & Regulations

The Federal Information Security Management Act, or FISMA, established standards for federal agencies for managing information security, notes Harry Sverdlove, CTO of security company Bit9 (www.bit9.com). The act largely involves periodic security audits and extensive paperwork related to compliance. The updated act, FISMA 2.0, takes a more modern approach, Sverdlove explains, focusing on continuous monitoring of security data.

“The idea that security should be a continuous collation and correlation of data across an organization makes sense,” he says. “FISMA 2.0 formalizes this idea and will be a driver for change in the public sector. These federal standards will influence security in other sectors, like health care and financial services, and ultimately, the broader private sector.”

Another area to watch will be standards promoted by the National Institute of Standards and Technology, he adds. Standards such as the Security Content Automation Protocol provide the framework for different products and technologies to share information. “Security is multifaceted with hundreds of specialized technologies,” Sverdlove says. “Being able to share data across these technologies in a standard format is a significant step toward achieving holistic and continuous monitoring.”

Article by Elizabeth Millard for .

Data Center Network Equipment Market Poised For 67% Growth In 2010

Mission Critical — Wed, 19 Jan 2011 05:00:00 GMT

Market research firm Infonetics Research (http://twitter.com/infonetics) released its third quarter of 2010 (3Q10) Data Center Network Equipment market share and forecast report.

ANALYST NOTE

“A new round of data center upgrades is underway, driven by virtualization, surging amounts of data, the growing need for storage, under-investment in 2009, and renewed life in the financial sector. Even with a relatively flat third quarter and an expected down fourth quarter, the market for data center network equipment is poised to grow 67 percent in 2010 over 2009 to hit a milestone $7.6 billion worldwide,” predicts Matthias Machowinski, directing analyst for enterprise networks and video at Infonetics Research.

DATA CENTER NETWORK EQUIPMENT MARKET HIGHLIGHTS

Worldwide revenue from data center network equipment, including data center Ethernet switches, application delivery controllers (ADCs), and WAN optimization appliances, grew 2 percent in 3Q10 over 2Q10 to $1.9 billion
Growth was led by activity in North America and EMEA
10G accounts for 14 percent of data center switch ports in 3Q10, much higher than in the total Ethernet switch market
Infonetics Research predicts 10G port penetration to reach about 50 percent by 2014, aided by rapidly falling prices
The ADC segment is getting a big boost from telecom carriers, a healthy-again financial sector, and the general trend of data center upgrades
F5 continued to build its lead in ADC revenue share in 3Q10, and Citrix revenue jumped 25 percent, surpassing Cisco for the first time
Riverbed’s WAN optimization appliance revenue surged 22 percent in 3Q10 and is now enjoying a double-digit lead over their nearest competitors

REPORT SYNOPSIS

Infonetics’ Data Center Network Equipment report is updated quarterly and provides worldwide and regional market size, market share, forecasts, and in-depth analysis for data center Ethernet switches (general purpose, purpose-built, and blade switches), application delivery controllers (ADCs), and WAN optimization appliances. Companies tracked include ADTRAN, Alcatel-Lucent, Arista, Avaya, Blade, Blue Coat, Brocade, Cisco, Citrix, Enterasys, Expand, Extreme, F5, Force10, H3C, HP, Huawei, Ipanema, Juniper, NETGEAR, Radware, Riverbed, Silver Peak, and others.

Presented by .

Where virtualization management is headed next

Beth Schultz, NeworkWorld — Wed, 19 Jan 2011 05:00:00 GMT

Execs from 3 early virtualization management players - Embotics, Hyper9 and VKernel - share their visions

If the deployment rate of server virtualization continues at 2010's pace, virtual systems administrators are certainly going to have their hands full this year, many IT industry executives believe. The reason is obvious: As the size and scope of the virtual environment grows, the more complex it becomes and the more difficult to manage and optimize.

This situation has made virtual stall a reality, says Bryan Semple, chief marketing officer at VKernel, an early virtualization management player.

In a recently completed Virtualization Management Index report, VKernel looked at virtual machine (VM)-to-host densities in more than 1,500 environments from 50 to 5,000 VMs. "What we saw surprised us: The larger the environment, the worse the density. Just the opposite should occur - the larger the environment, the greater the ability to balance loads, shift loads and maximize underlying resources," Semple says.

If the deployment rate of server virtualization continues at 2010's pace, virtual systems administrators are certainly going to have their hands full this year, many IT industry executives believe. The reason is obvious: As the size and scope of the virtual environment grows, the more complex it becomes and the more difficult to manage and optimize.

This situation has made virtual stall a reality, says Bryan Semple, chief marketing officer at VKernel, an early virtualization management player.

In a recently completed Virtualization Management Index report, VKernel looked at virtual machine (VM)-to-host densities in more than 1,500 environments from 50 to 5,000 VMs. "What we saw surprised us: The larger the environment, the worse the density. Just the opposite should occur - the larger the environment, the greater the ability to balance loads, shift loads and maximize underlying resources," Semple says.

He attributes the problem to the ineffective use of capacity management. "System administrators are dramatically over-allocating resources to ensure performance since there is such uncertainty to the actual resource requirements for an application. Mission-critical applications don't get deployed into uncertain environments. Especially when the ROI is limited due to the need to significantly over-allocate resources to remove the uncertainty."

Few enterprise server teams have invested in the management and automation tools that can help them reduce workloads and improve their abilities to manage the environment more efficiently, agrees Jay Litkey, CEO of Embotics, another early virtualization management company. "Consequently, they already are running flat out with no cycles to spare."

For that reason, Litkey says, enterprise IT will continue moving away from point tools to more all-encompassing virtualization management systems. "VM monitoring, information sharing, lifecycle management, capacity/performance management and self-service will become key components of any virtualization management system, and solutions that integrate and automate these disciplines within an enterprise architecture will be essential," he says.

What's more, he adds, "Management systems will become easier to deploy and use: Administrators simply don't have the time for the traditional complex implementation and high learning curves."

To Bob Quillin, chief marketing officer at Hyper9, another early virtualization management company, the months ahead will see "the emerging dominance of virtualization management over physical management - cracking the code on key issues such as virtual sprawl, dynamic capacity planning and management and automation for the private cloud."

On that latter point, he says, "In 2011, real-time analytics and intelligent decision support will be critical to automating the manual and complex resource allocations" enabled by self-service portals that allow users to grab virtual machines in private cloud environments while "virtualization management automation also will help IT teams gain better visibility and control into public cloud deployments - assessing the cost/benefit/risk of each." This includes the ability to move some VMs back into the data center while moving other VMs out, he adds.

Article by Beth Schultz for .

Hacked Laptop Causes Data Breach at Pentagon Federal Credit Union

Fahmida Y. Rashid, eWeek.com — Wed, 19 Jan 2011 05:00:00 GMT

Current and former members of the U.S. military were issued new bank account numbers and credit cards after attackers accessed a database containing bank account information at the Pentagon’s credit union.

An infected laptop was used to access the systems at the Pentagon’s credit union, exposing the financial records of the members of the United States military, according to a Kaspersky Lab report.

The Pentagon Federal Credit Union notified the New Hampshire Attorney General of the breach, and said names, addresses, social security numbers, bank and credit card information of its members were compromised, said Paul Roberts, editor of Kaspersky Lab’s ThreatPost.com site. New Hampshire law requires that all companies report all breaches that involve its residents. Massachusetts has a similar law.

At this point, the full extent of the breach is not known, but so far 514 New Hampshire residents have been affected. It’s hard to determine the magnitude, based on just one state. As Roberts pointed out, a data breach of the tour company Twin America affected around 300 New Hampshire residents but 100,000 people nationally.

The credit union discovered on Dec. 12 that someone had hacked a laptop on its network. Along with the personal information, the malware allowed attackers to see information relating to former members, joint account holders and beneficiaries. That vulnerability has been closed and steps have been taken to prevent a similar breach, according to Roberts.

"We have no indication that your information has been misused," Roderick Mitchell, PenFed’s executive vice president of operations, wrote in a letter mailed to customers. No PINs or passwords were accessed, Mitchell wrote. Even so, PenFed has already re-issued all credit and debit cards to members whose account information was affected.

The Identity Theft Resource Center reported that data breaches in general rose 33 percent in 2010 from the previous year. A separate report from the Department of Defense found that identity theft targeting government employees and classified networks may be on the rise because it was a “low cost high gain” method to obtain sensitive or classified technology and information. Targeted “phishing e-mail messages” were among the cyber-tools being used, the report said.

PenFed serves members in the Air Force, Army, Coast Guard, Department of Homeland Security, Department of Defense, and the Veterans of Foreign Wars. With about $15 billion in assets and nearly a million members, PenFed is not just for savings, as it offers mortgages and loans and issues its own credit cards.

This isn’t the first time PenFed has been targeted. The credit union posted an alert on its Website notifying users that a person who was calling members to say their mortgages were being sold and requesting personal information was fraudulently masquerading as a PenFed underwriter.

Article by Fahmida Y. Rashid for .

The value of offshoring when it's no longer cheap

Caron Carlson, FierceCIO — Wed, 19 Jan 2011 05:00:00 GMT

Rising labor costs in developing countries combined with increasing fuel prices and a weakening U.S. dollar are making the value of outsourcing offshore less obvious. It is not time to quit outsourcing altogether, argues Joe Manget, a senior partner and managing director of The Boston Consulting Group; it's just time to pursue it more strategically.

In a post at HarvardBusinessReview, Manget presents six tips for making the most of offshoring in an increasingly competitive marketplace. To begin, he suggests that you do not look at offshoring primarily as a means of saving money. As he puts it, "cost arbitrage isn't a strategy" because it doesn't give you a competitive advantage in the long run. Instead of looking primarily at cost, companies need to view offshoring as one component in a global strategy to reach a variety of objectives, such as flexibility, access to new markets, access to talent and resources.

Take advantage of local conditions and skills rather than simply trying to replicate the factories operating domestically, Manget recommends. For example, if wages are low, you can reduce the expenditure on equipment and automation by developing more labor-intensive processes.

In a similar fashion, you can localize products to meet the unique--sometimes simpler--needs of the local market. "Customers in low-cost countries often need lower prices or products with different features--like the clothes washer that also washes vegetables that a Chinese company developed," Manget writes. "Yet these developing economies are home to the 'next billion' consumers. To reach them, global companies must become local companies."

Also be sure to diversify your outsourced services, he advises. With all the risks of today's economy--including rising protectionism--it's important to keep a variety of suppliers on hand in different regions around the globe.

Article by Caron Carlson at .

2010: The Year In IT

Christian Perry, Processor.com — Tue, 04 Jan 2011 05:00:00 GMT

Mobility, Money & Moves Monopolize The Headlines In An Exciting Year

Even as clouds continue to hover over the country as the remnants of a bitter economy refuse to leave, 2010 left enterprise IT in surprisingly good shape, thanks in part to a strong push by the mobility segment to boost communication and computing flexibility in businesses of every size. But although 2010 will undoubtedly serve as a landmark for mobile evolution, rumblings spawned by the down economy continued to keep IT organizations on their toes to the very end of the calendar year.

Key Points

• The Apple iPad signaled the tablet computer’s arrival as not only an enterprise staple, but also as a sign that workers will increasingly demand anywhere, anytime access.

• Enterprise IT spending saw modest increases in 2010 but remained significantly lower than what analysts had predicted at the end of 2009.

• Facebook’s plans for a $450 million data center raised eyebrows among IT observers who see other companies shrinking their own data centers.

Mobility Makes Noise

Without question, the biggest newsmaker in 2010 came in the form of Apple’s iPad. Although other tablets were already on the market, it was the release of the high-profile iPad that broke down enterprise barriers with a consumer-friendly hammer, just as Apple’s iPhone had done in the past. Although Warren Arbogast, founder and president of Boulder Management Group (www.bouldermanagementgroup.com), doesn’t necessarily disagree with people who say the iPad isn’t a full-fledged computer, he does say that it helped to bring mobility into the everyday mindset.

“The iPad, born in 2010 and in the wake of smartphones, moved more and more people to having and wanting constant access to work and play materials anytime and anywhere—in high quality,” he says. “In three to five years, I think most people will do most of their daily tasks from a hybrid mobile device, and IT organizations will have to change and adapt a lot of established ways of doing things. In a few years, I think we’ll look back and see how significant 2010 was in the evolutionary process.”

Michael Parrish, managing director of IT consulting company Vivo, agrees, noting that Apple’s foray into tablet-style computing has “served notice to all other computer companies that the iPad has a legitimate place within the enterprise, especially with the mobile workforce.”

Many companies in 2010 appeared to have little trouble bringing mobile technologies into their folds, even if the devices came with a consumer-focused façade. Reddy Allen, CEO of TechnoDyne (www.technodyne.com), points to the proliferation of Android, bada, and other platforms as the spark that helped further mobilize enterprise applications. There was also strong growth in open developer platforms to create mobile applications for PayPal, NavTeq, and other companies, he says, adding that 2010 witnessed both Fortune 500 and small to midsized enterprises adopting mobile Web applications or developing native applications across different platforms.

On the smartphone front, Android became the fastest-selling mobile OS platform by December, surpassing both Apple and BlackBerry. This rise in mobility across multiple platforms has increased concerns around security, but developers and manufacturers met the call in 2010 with better controls for data privacy and security. “Security technology has improved in areas like smartphones, and handhelds—with the help of the cloud—have become much more powerful,” says Bo Parker, managing director with PricewaterhouseCoopers (www.pwc.com). “What that implies is an unprecedented amount of power in a single person’s hands and a critical need for security that goes beyond IT.”

Budgetary Blues

From an economic standpoint, the outlook heading into this year wasn’t much different than where IT organizations stood at the close of 2009. There were guarded hopes that the recession was nearing its end and that IT spending would begin to spike, but the wait for those events continued throughout this year and kept data centers and IT departments focused primarily on surviving and taking advantage of lower-cost technologies. Economy-related news reports in 2010 were decidedly more positive than in 2009, but the economy’s effect on IT remained relatively the same.

“Last year, when asked what I saw ahead for 2010, I talked about a year where consumption, our dependency on the cloud, and interest in energy efficiency would continue to grow—all against an extended difficult economic background,” Arbogast says. “Here we are, at the end of a year that was, for lots of people, all about survival. In the broad sense, we made it, and 2011 looks brighter. Though once again, I think people need to be prudent and cautious and have contingencies at the ready.”

Movers & Shakers

The past year in IT had some occurrences that were unique, if not outright perplexing. For example, Allen notes that corporate laws now “have no meaning whatsoever” after HP CEO Mark Hurd resigned amid controversy and then immediately signed on as co-CEO with Oracle—despite a two-year non-compete separation agreement that the executive signed with HP.

“Another unique event that comes to mind is the story of Facebook building their own data center in Oregon,” Parrish says. “This is interesting, as most companies are shrinking their data centers and moving more of their investment to vendors. This effort reinforces my belief that smart, responsible, business-aligned investment is the wave of the future for IT.”

Article by Christian Perry for .

Cloud Hypermarket on How Businesses Could Have Saved Millions in the Snow

Press Release, DATACENTER Journal — Tue, 04 Jan 2011 05:00:00 GMT

As the infographic shows, the UK economy has been losing up to 1.2 billion a day during the current bad weather as up to 1/5th of the workforce has been unable to get to work. Over half of all these workers have no access to their work systems or the ability to work from home using systems such as Microsoft BPOS or Microsoft Office 365. The price of provisioning such systems has been prohibitive in the past but with a Cloud IT System the provision would be automatically available and with added communication facilities such as Web Conferencing meaning employees can reschedule meetings online whilst trapped in their home.

It will be of no surprise to anyone to hear that the UK Economy has been hit hard by recent weather conditions. It is a trend that is developing during UK winters and the money that has been lost in the Economy is increasing. This is likely to be due to the increase in precipitation as reported over the past years by the Met Office and is projected to increase in the future.

So, it’s not the dropping temperature that is increasing the snow and ice problems but the increase in the amount of snow and ice we can expect when the conditions are right. Business owners and managers are aware this is a concern with over half of them stating lack of access to the workplace as a serious concern for their business - 73% of companies suffered staff shortages in November this year.

HHowever, less than half have plans in place to keep their company up and running if they are hit by bad weather. With around 11% of businesses having to close at some point this year due to lack of access to the workplace, something needs to be done. Small business owners in particular need to make sure they are set up to deal with such weather conditions so they don’t join the estimated 2-3000 small businesses who have been pushed over the edge by the current climate.

The most annoying factor in all of this is that it need not cost a company any more money in order to protect themselves against being ‘snowed in’. A Cloud IT suite such as BPOS, ZOHO or Google Apps Premier would mean workers could access the exact same systems from home as they would at work.

Having company email Exchange in the cloud will allow businesses to up and downscale on demand as well as not having to call someone out to fix their server. To different extents they also have the ability to provision web meetings, conferences and presentations and the person they are ‘meeting’ will not need to have the same systems in place.

The mobile work force is on the increase worldwide and staff would have greater flexibility plus the opportunity to access information, and thus deal with issues, on demand. Regardless of the weather, if an employee doesn’t have access to the office system when they are travelling (or stuck) on a train for instance, then they are not as efficient a worker as they could be.br />
With an in house system, if power or the internet is lost from an office due to snow, wind, ice or flooding, then any link to your company email is gone. With a Cloud system this is not the case. The physical location of a company's office is not important, with 24hr cloud facilities there will always be someone taking care of the system.

Perhaps the biggest bonus here though is the positive affect the Cloud can have on Global warming. By sharing computing power, rather than over provisioning, we all help reduce CO2 emissions and thus are helping the plight that has lead to such increased snow and rainfall.

Article for .

Data Center Network Equipment Market Poised For 67% Growth In 2010

Mission Critical — Tue, 04 Jan 2011 05:00:00 GMT

Market research firm Infonetics Research (http://twitter.com/infonetics) released its third quarter of 2010 (3Q10) Data Center Network Equipment market share and forecast report.

Worldwide revenue from data center network equipment, including data center Ethernet switches, application delivery controllers (ADCs), and WAN optimization appliances, grew 2 percent in 3Q10 over 2Q10 to $1.9 billion
Growth was led by activity in North America and EMEA
10G accounts for 14 percent of data center switch ports in 3Q10, much higher than in the total Ethernet switch market
Infonetics Research predicts 10G port penetration to reach about 50 percent by 2014, aided by rapidly falling prices
The ADC segment is getting a big boost from telecom carriers, a healthy-again financial sector, and the general trend of data center upgrades
F5 continued to build its lead in ADC revenue share in 3Q10, and Citrix revenue jumped 25 percent, surpassing Cisco for the first time
Riverbed’s WAN optimization appliance revenue surged 22 percent in 3Q10 and is now enjoying a double-digit lead over their nearest competitors

REPORT SYNOPSIS

Infonetics’ Data Center Network Equipment report is updated quarterly and provides worldwide and regional market size, market share, forecasts, and in-depth analysis for data center Ethernet switches (general purpose, purpose-built, and blade switches), application delivery controllers (ADCs), and WAN optimization appliances. Companies tracked include ADTRAN, Alcatel-Lucent, Arista, Avaya, Blade, Blue Coat, Brocade, Cisco, Citrix, Enterasys, Expand, Extreme, F5, Force10, H3C, HP, Huawei, Ipanema, Juniper, NETGEAR, Radware, Riverbed, Silver Peak, and others.

Presented by .

A Way to Make the Smart Grid Smarter

Kevin Bullis, Technology Review — Tue, 04 Jan 2011 05:00:00 GMT

New solid-state power-management devices will charge cars fast and make the power grid more flexible and efficient.

New semiconductor-based devices for managing power on the grid could make the "smart grid" even smarter. They would allow electric vehicles to be charged fast and let utilities incorporate large amounts of solar and wind power without blackouts or power surges. These devices are being developed by a number of groups, including those that recently received funding from the new Advanced Research Projects Agency for Energy (ARPA-E) and the National Science Foundation.

As utilities start to roll out the smart grid, they are focused on gathering information, such as up-to-the-minute measurements of electricity use from smart meters installed at homes and businesses. But as the smart grid progresses, they'll be adding devices, such as smart solid-state transformers, that will strengthen their control over how power flows through their lines, says Alex Huang, director of a National Research Foundation research center that's developing such devices. "If smart meters are the brains of the smart grid," he says, "devices such as solid-state transformers are the muscle." These devices could help change the grid from a system in which power flows just one way—from the power station to consumers—to one in which homeowners and businesses commonly produce power as well.

Today's transformers are single-function devices. They change the voltage of electricity from one level to another, such as stepping it down from the high voltages at which power is distributed to the 120- and 240-volt levels used in homes. The new solid-state transformers are much more flexible. They use transistors and diodes and other semiconductor-based devices that, unlike the transistors used in computer chips, are engineered to handle high power levels and very fast switching. In response to signals from a utility or a home, they can change the voltage and other characteristics of the power they produce. They can put out either AC or DC power, or take in AC and DC power from wind turbines and solar panels and change the frequency and voltage to what's needed for the grid. They have processors and communications hardware built in, allowing them to communicate with utility operators, other smart transformers, and consumers.

The devices are so flexible that researchers are still working out how to make the best use of them. There are several possibilities. Today, charging an electric vehicle at home takes many hours, even if it's plugged into a special charger with 220/240-volt circuits rather than more common 110/120-volt outlets. Direct-current chargers can cut the time for charging a 24-kilowatt-hour pack like the one in the new Nissan Leaf from eight hours to just 30 minutes, but they're inefficient, wasting about 10 to 12 percent of the power that comes in to them. The new transformers could replace these special chargers, and they're more efficient, wasting only about 4 percent of the power, says Arindam Maitra, a senior project manager at the Electric Power Research Institute, which is developing smart transformers.

What's more, because the transformers have communications and processing capability, if several neighbors plug in their cars to charge at the same time, the transformers can prevent circuits from being overloaded by slowing or postponing charging based on consumer preferences and price signals from the utility. The same devices can also be used to send DC power from solar panels to the grid, eliminating the need for some equipment currently used to convert the power from solar panels and leveling out fluctuations in their voltage that could otherwise cause the panels to trip off and stop producing electricity.

Article by Kevin Bullis for .

Data privacy high on next year's policy agenda

Caron Carlson, FierceCIO — Tue, 04 Jan 2011 05:00:00 GMT

Much has been made of the many uncertainties facing businesses and their IT executives in the year ahead, but one area in which there is sure to be movement is data privacy policy. Leaked, stolen and lost data is costing companies their reputations and money, and it is costing consumers their Fourth Amendment rights. The status quo is acceptable to no one aside from some online advertisers.

The Obama Administration last week issued a report (.pdf) calling for a new Privacy Policy Office within the Department of Commerce, which would be dedicated to strengthening privacy policies and coordinating with other countries. The report, authored by the Internet Policy Task Force at the Commerce Department, sets forth 10 areas of recommended policy changes for businesses, lawmakers and regulators to consider.

The task force recommends expanding the Fair Information Practice Principles to establish a baseline commercial data privacy framework. It leaves open the question of whether this should be done through new legislation, new regulations or voluntary adherence to codes. While some stakeholders are calling for greater government enforcement, others want more industry self-regulation. The latter undoubtedly appeals to many businesses in the short run, but in the long run it only means that regulators will revisit the matter with more fodder for the pro-enforcement contingent.

One area of policy in which there seems to be growing consensus is the need for a national security breach notification law. The vast majority of states have put such laws on their books, and the task force recommends a national law that would "track the effective protections" in the state laws. A national law could include incentives for businesses to deploy strict security protocols, the task force suggested.

The group also recommends that the Administration take a new look at the Electronic Communications Privacy Act in light of burgeoning technologies such as cloud computing and geolocation services. The report notes that the ECPA was passed in an environment of mainframe computing, and its provisions does not necessarily address today's broad use of remote computing resources. The group is asking for any case studies that illustrate the concerns people have about data privacy in the context of cloud computing.

When the new Congress convenes in January, data privacy is expected to be near the top of the agenda, so companies should prepare for the changes ahead. Deploying effective data security measures is costly, but so is the loss of an individual's privacy or a company's reputation. To me, it looks like a matter of paying now or paying more later.

Article by Caron Carlson at .