The CTO of Sourcefire and inventor of Snort talks about the power of open-source deployment, taking the company public and why Wall Street analysts are a scary lot.

Listen Now | Read the Interview

The Group President of the Altiris' Business Unit of Symantec talks about the promises--and perils--of being acquired.

Listen Now | Read the Interview

The stakes were high and the action hot last night at the Mandalay Bay Convention Center in Las Vegas -- the 2007 Best of Interop Award Winners were announced

This year the Judges had to carefully review nearly 200 entries to our seven technology categories, including: Application Networks & Performance, Data Center & Storage, Infrastructure, Management, Network Software & Services, Security, VoIP & Collaboration and Wireless & Mobility.

From those submissions, the judges chose three finalists for each category (View our list of Finalists).

Finally, it all came to a head last night as the winners were announced. And here they are.

Listen to Jon W. Dudas Undersecretary of Commerce for Intellectual Property and director of the U.S. Patent and Trademark Office explain why more rejections are a sign of success.

Read the Article

Cisco Systems tapped into two robust markets—anti-spam and messaging compliance—with today's $830 million acquisition of IronPort.

I got a press release today with the following headline: "Genesys Named in Leaders Quadrant of Leading Analyst Firm's Report."

The double use of "leader" immediately jumped out at me. The headline implies that being named a leader by a leader transforms that appellation into something even more powerful.

But what? A mega-leader? A leader of leaders? A double plus good leader?

Energy costs to power and cool the data center are a top concern for IT these days, but what about all those laptops and desktops in your organization? Does their power consumption matter?

BT bought Managed Security Services Provider (MSSP) Counterpane this week for "tens of millions of dollars," according to Chuck Pol, president of BT Americas.

Major vendors are partnering with start-ups in the emerging Information Leak Prevention (ILP) market to spice up their products and tap into compliance dollars.

Is the new Cisco NAC/Microsoft NAP Interoperability Architecture partnership a harbinger of things to come? Is this the situation that NAC vendors have feared (or welcomed, depending on your point of view)? It certainly is an ambitious partnership and if successful, will change the shape of the NAC market and, more importantly, your deployment options.

IBM today announced it will acquire security vendor ISS for approximately $1.3 billion. ISS made its name selling intrusion detection and prevention products, but Big Blue snapped up the company for its managed security services portfolio.

Vyatta officially launched its open source routing platform this week. The routing software, called Open Flexible Router (OFR), is available for a free download.

In this first podcast in a series on the emerging enterprise, Andrew Conry-Murray talks with Chuck Hudson, IT director for a pharmaceutical distribution company, about how his IT group works hand in hand with executives to provide competitive advantage and grow the business. Chuck and Andrew also discuss how to develop trust between IT and the business side and keep lines of communication open. Chuck also shares how his IT group stays on top of new technological developments, such as RFID, to make operations more efficient.

Two interesting developments on the security front last week: Cisco is flirting with the database security business while Microsoft declared its love for SSL-based remote access.

So many vendors were shouting about Network Admission Control (NAC) at this year’s Interop that they nearly drowned out the ‘ding-ding’ of the slot machines. That means enterprises investigating NAC first have to tune out high levels of marketing B.S., vendor obfuscation and bandwagon-jumping before they hear of anything with actual business value.

To help save your eardrums, I’ll point you toward two interesting NAC architectures that emerged from the noise at Interop: peer-based enforcement and SSL VPNs on the LAN.

Memo to Bill Gates: I’m not sure that wining and dining an avowed Communist in a $100 million dollar high-tech mansion owned by the world’s richest man makes a strong case for the financial harm caused by software piracy.

It’s time to stop letting users have access to the Web at work. Companies that take this bold (though unpopular) step will reap substantial rewards. Here’s why.

Check Point Software put its proposed $225 million acquisition of IDS/IPS vendor Sourcefire on indefinite hold this Thursday due to political concerns.

The acquisition, announced in October 2005, came under the scrutiny of the Committee on Foreign Investment in the United States (CFIUS) in February 2006. CFIUS, headed by the Treasury Department, investigates the acquisition of U.S. companies and assets by foreign governments. Check Point, which is headquartered in Israel, needed a green light from CFIUS before the acquisition could proceed.

THE POLITICS
Michele Perry, a Sourcefire spokesperson, cited “the current climate for international acquisition” as a key reason for the withdrawal. That’s a reference to CFIUS’s controversial approval of the transfer of operations at several U.S. ports to a company based in the United Arab Emirates. Republicans and Democrats in Congress joined together to kill the deal.

According to an Associated Press story, the Sourcefire deal may have been discouraged in part to pre-empt charges of bias. Such charges would likely arise if the Bush administration approved an Israeli takeover of a U.S. company soon after bowing to Congressional pressure to freeze out the Arabs.

THE IGNORANCE
The FBI and Defense Department also disapproved of the acquisition. These agencies were spooked because they use Snort, an open source IDS created by Sourcefire founder Marty Roesch, to protect classified computers. They were concerned that a foreign government would acquire sensitive technology.

Apparently they don’t understand that ‘open source’ means anyone with an Internet connection can acquire this sensitive technology.

Whether you think the $612 million Blackberry settlement is a victory for intellectual property rights or legalized extortion, the invisible hand of capitalism applauds the patent racket.

Happy Friday!

Today we have ... nothing. Nada. Not a single thing.

If you really want to (or are having trouble sleeping) first read this Bill.

Basically it says that if you are annoyed by anything I write in this entry, you can certainly press federal charges. Oh wait, no you can't, because I'm LORI MACVITTIE. There you go, I've identified myself and therefore I am not breaking the law.

Today I attended Microsoft's TechVista 2006 symposium in Bangalore. This is the second annual conference; the first coincided with the opening of Microsoft's Indian research office last year. Microsoft Research India started the day by unveiling a prototype of a digital map of India, a project they are working on in conjunction with the Survey of India part of India's Department of Science and Technology. Think of the digital map as a combination of Google street maps overlaid with satellite imagery with a Wikipedia aspect that enables users to annotate specific elements of the map, by adding details about their favorite restaurant for example.

Sir Tony Hoare accepts a hearty round of applause Click to Enlarge

The traffic is still unbelievable but I realized today as I examined the sheet metal around me that it was all intact—no dents, dings not so much as a bumper out of place. There are rules, just not ones that I'm use to but they do appear to work. I have no idea what they are—perhaps the constant honking is really a form of Morse Code.

I'm in India this week tagging along with a group of IT professionals from CMP Media and United Business Media (UBM) as they investigate opportunities for outsourcing.

We've closed out Network Computing's annual reader survey for 2005, and we're poring over your responses in preparation for our annual survey cover story, which will appear in the Sept. 22 issue. If you want to see what our reader survey coverage will look like, take a look at last year's cover story.

One of the things that's striking about this year's survey is the heavy emphasis on integration as a key theme, not only as a back-room project in the data center, but as a central criterion for future product selection. During the halcyon days of the Internet boom, enterprises were always looking for technologies to change the way they do business. Now, apparently, they're looking for technologies that don't change the way they do business.

We're less than a week from closing out our annual Network Computing reader survey, and the responses have been fascinating so far. If you haven't answered our survey, you have until Aug. 10 to make your voice heard: just go to the survey page and cast your votes.

We've received input from a wide range of users: In fact, while 20 percent of the respondents come from companies with more than 10,000 employees, another 30 percent of the participants are from companies with fewer than 100 employees. A real cross-section of the industry.

When we talk about vendor leadership, we usually talk about the CEOs: Bill Gates, Larry Ellison, John Chambers. But if you've ever worked closely with a vendor, you know that the heavy lifting -- and often, the visionary thinking -- is often done by the less-familiar names on the top of the org chart. Cisco this week has done some rearranging at that level, and it's worth taking a look to see what it might mean for the router vendor.

Cisco has had three big retirements in the past week: senior vice presidents Prem Jain and Luca Cafiero, and chief development officer Mario Mazzola. (See details on the announcements here.)These three leaders had a profound effect on Cisco's success during more competitive days.

The Supreme Court ruled yesterday (June 27) that peer-to-peer networking sites can be held liable when their users swap music, movies and other protected works without the copyright holders' permission. The high court, in a unanimous decision, overturned a U.S. appeals court ruling that had shielded the P2P networks from copyright-infringement suits as long as the sites were also used for legitimate purposes. Justice David Souter wrote: "One who distributes a device with the object of promoting its use to infringe copyright ... is liable for the resulting acts of infringement by third parties."

Within an hour of the announcement, the Consumer Federation of America, Consumers Union and Free Press issued a release denouncing the ruling, arguing that it poses "a significant challenge for consumers, innovators and the economy" but never quite making the case for why the ruling is bad law. For instance, in trying to counter the entertainment industry's claims that P2P networks are copyright-infringement schemes, the consumer groups state that such networks are more popular and efficient than conventional media distribution outlets. OK, so they're popular and efficient. So are many other black markets, but that doesn't give them the right to traffic in stolen goods.

The groups also argue that the ruling reinforces the entertainment industry's "near monopolistic control over the prices consumers pay and the choices consumers make." Monopoly how? Myriad music labels and movie studios distribute through myriad brick-and-mortar and electronic outlets. If the industry is somehow fixing prices, let the Federal Trade Commission make that case. It's in the entertainment industry's best interests to seek out the cheapest, most efficient distribution outlets, but it's not going to stand by as its content is pirated and given away. There's no such thing as a free lunch, even on the Internet.

Man, it just doesn't pay to defraud investors anymore. In the first of three major sentencing decisions facing former high-tech executives gone bad, Adelphia Communications Corp. founder John Rigas and his son, CFO Timothy, this week received 15 and 20 years of hard time, respectively, from a U.S. District court. (See "Jail Terms for Two at Top of Adelphia")

The 15-year term is virtually a life sentence for John Rigas, who is 80 years old and in failing health. The younger Rigas is 48. Both men were convicted of stealing approximately $100 million from Adelphia's coffers, bankrupting the company in one of the largest frauds in corporate history.

How far has IBM strayed from its mainframe roots? Today (June 16) it bought a company in order to get the tools and expertise it needs to manage mainframe applications. (for more, read "IBM Acquiring Isogon To Bolster Mainframe Apps-Management Lineup"

IBM acquired Isogon Corp., a privately held company that makes mainframe and Unix software asset management tools, for an undisclosed sum. Isogon's software will be integrated into IBM's Tivoli line of enterprise management products, where IBM's old line of NetView mainframe applications management tools has largely been left to rust.

Over the years, Cisco has acquired a number of companies that promised better bandwidth management and route optimization, but its strategy in the campus still seems to be a brute-force approach: when you run low on bandwidth, you simply buy more.

Continue reading "Cisco-FineGround Won't Go Beyond the WAN"


Comment on this blog entry

Whether you're a manufacturer, developer or enterprise manager of information technology, you already see the writing on the wall: Tech pros in China, India, Taiwan, South Korea and other Asian countries aren't just partners, but also potential competitors. Adjusting to this truly global economy is priority No. 1 for tech-oriented enterprises of every stripe.

Cisco CEO John Chambers counts 15 companies as his main competitors, so which one does he worry about the most? Not Alcatel or Avaya or Extreme or Foundry or Juniper or Nortel or Siemens or any of his other Magic Quadrant neighbors, but some still-to-be hatched competitor out of Asia. For Chambers, the high-tech legions being groomed in the East are just too overwhelming to ignore.

"You have a billion people in India, a billion people in China," Chambers noted in a recent interview with Network Computing. "They're going to put their top 10 percent into the universities. Twenty-five percent of those will be in the computer sciences, math, etc., so it's purely a matter of numbers." Likewise, enterprise IT pros will compete for jobs not so much with their neighbors at home but with well-educated individuals abroad, many of whom will still get their degrees in the United States but will head home to rising industries and standards of living.

As I've argued before, forecasts of the "Asian century" are premature. Remember that Japan was to replace the United States two decades ago as the center of technological innovation and industry, yet it's been held back by its rigid commercial climate. Technical education and government investment don't always translate into commercial superiority. A culture and regulatory climate that encourage entrepreneurial initiative and risk-taking are critical.

And of course, it's in the interests of executives like John Chambers to worry aloud about Asia. They want to force U.S. policy-makers into investing in their next-generation workforces at home. Otherwise, they will increasingly move their operations, including high-end R&D, abroad—or so is the implication.

But it's beyond naïve to think that the Asian threat will melt away, that we can flip the calendar back to 1990 with work-visa, domestic-content and other restrictions. No, we can't match China's and India's numbers. But we can leverage our own strengths, while preparing our people and companies to compete on a global playing field.

So what's our problem? In a nutshell, it's the way we store our identities. As the report notes, most U.S. consumers -- online and otherwise -- are identified through credit cards and records stored via credit bureaus. Criminals have an incentive to collect our identity information, because it gives them access to our credit and bank accounts. This is not the case in Western Europe and Japan, where identity data is stored via a third-party entity -- and where identity theft is almost unknown, according to the Aite Group.

Continue reading "We're No. 1 -- In Identity Theft"


Comment on this blog entry

First, it's not news. Our sister publication, EE Times, wrote about this development in a story in February. (see http://www.digitaldivide.net/news/view.php? HeadlineID=229). Although there's still nothing on its Web site, Via has been talking about the Terra PC architecture for months.

Continue reading "Another Cheap PC?"


Comment on this blog entry

According to Standish Group's 2004 CHAOS report, only 29 percent of IT projects were completed on time and on budget last year. About 53 percent of projects were classified as "challenged" -- either late or over budget -- and 18 percent of projects failed completely (either terminated before completion or delivered and never used).

Currently, I'm working on a story for our June 9 Affordable IT section that discusses the budget aspect of this equation. In a nutshell, we've found that most IT projects are budgeted in the dark -- IT people often are uncertain as to how long their projects will take or how much they will cost. Part of the problem is that business unit managers are not always honest about the scope of the project, but there is a lot of guessing about the technical aspects as well.

Continue reading "Most IT Projects Finish Late, Overrun Budgets"


Comment on this blog entry

The new food pyramid site logged 160 million hits in its first three days, 20 percent of them from outside the country. The rush of traffic completely overloaded the site's servers, leaving users unable to access the new data until additional server could be added nearly 72 hours after the site's debut. (see http://www.washingtonpost.com/wp-dyn/content/article/ 2005/04/25/AR2005042501162.html)

The USDA's glitch is another in a long line of Web site failures that have occurred in the last decade due to poor capacity planning by site creators. The publication of Kenneth Starr's report on President Clinton's sexual activities with Monica Lewinsky brought two government sites to a standstill for several days. Major news sites were routinely brought down by major events in the early days of online news reporting. My favorite is Victoria's Secret, which advertised a streaming video lingerie show following the Super Bowl one year -- and site operators were surprised when the site failed due to a traffic overload.

The fact is that there is simply no excuse for such overloads in today's technology environment. Load balancing technology is as good as it has ever been. There are numerous Web hosting services that are only too happy to provide overload capacity for highly active sites. Performance management monitoring and trending tools provide solid predictions on future traffic loads. The USDA was simply too shortsighted -- or too cheap -- to take advantage of these technologies. And, sadly, it likely won't be the last enterprise to make that mistake.

Comment on this blog entry

The update was available only for about 90 minutes, affecting mostly users in Japan, and a repaired version has been made available. But it will take a long time for Trend Micro to recover from the embarrassment of issuing a faulty release, especially just two months after the company conceded that a flaw in its antivirus apps could be exploited to help spread an infection.

The moral of Trend Micro's story is simple: you've got to test, test, test. Whether you are a software vendor or an IT department distributing software to users, your business depends on getting it to work right the first time. If you don't have the test environment you need, you should look to software packaging and testing tool vendors, such as Altiris' Wise subsidiary, to help with staged trials of your applications. This sort of testing isn't a luxury -- it's a business necessity.

Comment on this blog entry

Deloitte & Touche this week e-mailed just about every editor on our staff touting a new study which concludes that IT and business process outsourcing are "falling from favor with the world's largest organizations." It's not exactly headline news - outsourcing wears a permanent "Kick Me" sign on its back - but the reasons for the continued negative sentiment are worth further analysis.

The Deloitte survey, of senior execs at mostly U.S. multinationals, found that 70 percent of respondents "had significant negative experiences" with outsourcing projects. Cost and complexity - ironically, the reasons most companies outsource in the first place - were cited as the biggest problems. One in four respondents said their companies have pulled functions back in-house after realizing they could do a better job or do the job at a lower cost, while 44 percent said they didn't realize any cost savings.

These survey results send me all the way back to September 1997, when I edited the following story lead while working for InformationWeek: "After years of big promises and even bigger deals, the IT outsourcing backlash has arrived. Many users say wholesale outsourcing hasn't lived up to its promise. Some are so frustrated that they're canceling long-term deals and going through the painful process of rebuilding their in-house IT operations." One CIO who had "insourced" observed at the time that almost every big deal more than two years old was being renegotiated or terminated.

So why do long-term outsourcing contracts continue to be shaky propositions? Here's one take: Say Home Depot were to negotiate a long-term deal with EDS. EDS throws bodies at it, but those bodies never increase because there's no financial incentive for the vendor. By the time that contract starts maturing, Home Depot's needs have grown tremendously, so Home Depot calls up EDS and says, "We need to talk"...and the renegotiations begin.

In a later missive, I'll go into other problems inherent with outsourcing, and also talk about its many benefits.

When it comes to broadband access, cable stacks up well against DSL or other options in every area except one: reliability. Cable service providers -- and their service desks -- are still operating in a TV mode, where the worst that can happen is that customers miss their favorite show. But today's broadband access is used for e-mail and other critical business applications that simply cannot tolerate such excessive downtime.

In the 1980s, the public switched telephone network underwent extensive testing to ensure the reliability of the dial tone across the U.S. at nearly 100 percent. The PSTN is virtually always available, and has been tested even in disaster scenarios. Cable, on the other hand, can't even survive a DNS error or a local cable cut.

If cable service providers want to be taken seriously as business service providers, they need to start getting serious about reliability and customer service. A joint effort by the cable companies to build a joint reliability council, much as telecommunications companies did in the 1980s, would be a good first step.

Comment on this blog entry

There was much optimism at the end of 2004, but if you're doing any job hunting, you probably haven't seen much movement this quarter. Most high-tech companies are holding still, and major mergers such as Oracle-PeopleSoft have cost thousands of jobs. And things aren't likely to get better -- SBC is promising to cut about 13,000 jobs if its merger with AT&T is approved, and Qwest has said it would have to cut as many as 15,000 people if it wins its effort to acquire MCI.

The bottom line? Be nice to your boss, and stop complaining. If you're in high-tech and you've got a job, you should count your blessings.

Comment on this blog entry

Finally, some numbers have been collected to show the costs associated with Sarbanes-Oxley compliance projects. But in the final analysis, the whole thing remains one big crapshoot.

Readers and other IT professionals have been telling us for months about the time and headaches they have incurred in trying to comply with Sarbanes-Oxley. The trick is that none of them seem to have a handle on exactly what they need to do, or how much it is going to cost them.

One smart researcher, A.R.C. Morgan, decided to comb public SEC filings to see if any company has filed data that would give us a clue as to the cost of the SoX compliance effort. What they found was all over the map -- everything from detailed numbers on partially-completed projects to statements of bewilderment as to the potential project costs. The good news: most other companies are just as clueless about SoX compliance requirements and costs as you are. The bad news: nobody really knows how much it's going to cost, or how long it's going to take.

Comment on this blog entry

So it looks like ex-WorldCom chief Bernie Ebbers adopted the Sgt. Schultz Defense in his testimony before a federal court last week:

"I know what I don't know. I don't, to this day, know technology. I don't know finance and accounting."

"I know nozzing!"

Ebbers—charged with helping to perpetrate the largest fraud in corporate history—claims he was unaware of any of the bogus accounting entries that inflated WorldCom's financials by more than $11 billion and eventually led to its filing for bankruptcy.

So this sexagenarian good ol' boy barely knows a bit stream from a fishing stream and a debit from a credit, yet he managed to mastermind dozens of acquisitions in building a small long-distance company into a telecom giant worth $180 billion at its peak?

Meantime, former WorldCom financial chief Scott Sullivan, who has pleaded guilty to fraud-related charges and agreed to cooperate with the government, testified for the prosecution this week that Ebbers was a hands-on manager with a command of accounting and financial details. Sullivan testified that Ebbers was fully aware of WorldCom's cooked books.

The prosecution made its closing arguments yesterday; the defense is due to close today. If convicted, Ebbers could spend the rest of his life in prison. WorldCom, now out of bankruptcy under the MCI name, has a deal to be acquired by Verizon but is still being pursued by Qwest.

Comment on this blog entry