Computer News Middle East by Computernews Middle East

STRATEGIC ICT PARTNER

WHERE TECHNOLOGY MEANS BUSINESS

WWW.COMPUTERNEWSME.COM ISSUE 233 | JUNE 2011

DRIVING INNOVATION Adopting virtualisation and the challenges that come with it

Slim Bouker, COO of QFIB

SETTING STANDARDS QFIB rides the cloud to new heights Mahmood Shaker, CIO at QFIB

PUBLICATION LICENSED BY IMPZ

INSIDE

DIGITAL HOTELIERS

NETWORK MANAGEMENT

EMC WORLD 2011

I’ll create opportunities, that’s my business plan

My BusinessPlan New mobile packages At Etisalat, we understand that every business has different needs. That’s why we have created My BusinessPlan – flexible packages that offer you great value, with local and international calls, data, SMS and exclusive offers on the latest smartphones.

Contents ISSUE 233 | JUNE 2011

12 14

Big data world At this year’s EMC World, the IT giant integrated its strengths in storage and cloud to present solutions that are aimed at helping enterprises handle the increasing volumes of unstructured big data.

Staking claim

At its annual Technology Day Summit, Brocade revealed solutions for virtualisation and cloud computing across enterprises and service providers. It is tying solutions together with an overall CloudPlex architecture, and what is on the roadmap looks promising for both company and client.

Collaboration for efficient IT

FVC and nCircle bring enterprise end-users together at a TechCafe session to discuss network security and compliance management.

From data to business agility

Data warehousing pioneer Teradata tells Dave Reeder that it will finally unlock the real value of company data and deliver a single view of the enterprise.

Round-up

We bring you a quick round-up of IT industry news.

FEATURE 28

Driving innovation

Setting standards Qatar First Investment Bank chooses the cloud to host its disaster recovery apps and data, and finds that it could not have chosen better.

With more organisations making the transition to virtual computing it is time to understand the basis for the successful implementation of these solutions. Pallavi Sharma writes about the challenges and benefits associated with the technology and its future in IT.

Storm that cometh

Virtualisation and cloud technologies are storming their way into enterprise infrastructure deployments. But, what happens to networks and their management, with the advent of these technologies?

Digital hoteliers

The Internet has changed the way the hospitality industry does business. CNME speaks with IT professionals in the industry to find out more about these changes, their latest investments and the way forward.

INSIGHT 50 On the watch While mobile and smartphone security is the hot topic of the moment among virtualisation gurus, plenty of other security topics demand IT’s attention right now.

INTERVIEW 46 Long path ahead In an interview, Brocade CEO Michael Klayko said Fibre Channel is here to stay but the company has no “religion” for it.

HOW TO 52 Clean cable clutter

Get started on your PC spring cleaning by tidying up the mess of cables spilling all over your desk

What we’re reading

We select the best international technology blogs and books.

EDITORIAL Publisher Dominic De Sousa

Turning over a new tweet

Sathya Mithra Ashok Senior Editor Talk to us: E-mail: sathya@cpidubai.com Twitter: @computernewsme Facebook: www.facebook.com/ computernewsme

COO Nadeem Hood

Welcome to the new CNME. The same quality, the same great coverage of technology and business trends from across the Middle East but with a brand new look and feel. We have re-designed to give you a cleaner, crisper reading experience and we are sure you will love it. And if the redesign wasn’t demanding enough, you have to listen to how the rest of our month was. We thought the events would never end. First, there were the international ones, starting with the Brocade Technology Day Summit, which took place in San Jose, California. This one was all about the previously storage-only-now-networking-firm and how it was was capitalising on growing trends with new launches. (You can read all about the Summit, beginning page 10). This was quickly followed by EMC World, which took place in Las Vegas. This IT giant’s annual gathering was all about bringing together its strength in cloud and storage technologies to address the growing concern of big data in global enterprises. (We bring you our coverage of the event, from page 6). On the home front, there was the FVC TechCafe series in Dubai. This time over nCircle was a part of it and end-users discussed at length on networking security and compliance, among others. That’s on page 12. There was also the lighter launches of Microsoft’s new Windows Phone OS, code named Mango, and the after-work launch party of the BlackBerry Playbook. Incidentally, the Playbook launch, we have been told, has been postponed to the 25th of June, due to “circumstances that were outside EMS control.” Later in the month we also attended the monthly Thought Incubator session conducted by TECOM, where they discussed the very interesting topic of online reputation management (ORM). There was HelpAG’s Security Spotlight, followed by the SAP User Group MENA conference, and Al Taqnyah’s e-notary conference, which brought our month to an end. You will be glad to know we have lived to tell the tale on all these events. Some of them you will see featured in our magazine, and you can read detailed stories about the others on our website. You will also be able to catch our live updates, on some (and some decidedly interesting photos) on our Twitter (www.twitter.com/computernewsme) and Facebook (www. facebook.com/computernewsme) pages. You will also see, apart from our cover story on the Qatar First Investment Bank, features on virtualisation, network management and the use of technology in the hospitality sector in the Middle East. As the world turns towards social media, so has CNME. We are now actively tweeting live updates from every event that we attend. So follow us to catch events as they happen. Do let us know what you think of the ‘new look, new feel’ CNME as well - via Twitter or plain old e-mail. Get writing then. We want to know what you think. Meanwhile, happy reading!

Commercial Director Richard Judd richard@cpidubai.com +971 4 4490126 Sales Director Raz Islam raz@cpidubai.com +971 4 440 9129 Editorial Dave Reeder dave@cpidubai.com +971 4 4409106 Senior Editor Sathya Mithra Ashok sathya@cpidubai.com +971 4 4409111 Sub-Editor Pallavi Sharma pallavi@cpidubai.com +971 4 4409103 Advertising Sales Manager Arun Shankar arun@cpidubai.com +971 4 4409142 Advertising Executive Robair Boctor robair@cpidubai.com +971 4 440 9130 CIO Programmes CIO Programmes and Events Lead Kavitha Rajasekhar kavitha@cpidubai.com +971 4 4409132 Circulation Database and Circulation Manager Rajeesh M rajeesh@cpidubai.com +971 4 4409147 Production and Design Production Manager James P Tharian james@cpidubai.com +971 4 4409146 Art Director Kamil Roxas kamil@cpidubai.com +971 4 4409112 Designer Analou Balbero analou@cpidubai.com +971 4 4409104 Photographer Cris Mejorada cris@cpidubai.com +971 4 4409108 DIGITAL SERVICES Digital Services Manager Tristan Troy P Maagma Web Developers Jerus King Bation Erik Briones Jefferson de Joya Louie Alma online@cpidubai.com +971 4 440 9100 Published by

1013 Centre Road, New Castle County, Wilmington, Delaware, USA Head Office PO Box 13700 Dubai, UAE

STRATEGIC ICT PARTNER

WHERE TECHNOLOGY MEANS BUSINESS PUBLICATION LICENSED BY IMPZ

WWW.COMPUTERNEWSME.COM ISSUE 233 | JUNE 2011

Tel: +971 4 440 9100 Fax: +971 4 447 2409 Printed by Printwell Printing Press LLC

DRIVING INNOVATION Adopting virtualisation and the challenges that come with it

Regional partner of

If you’d like to receive your own copy of CNME every month, log on and request a subscription: www.computernewsme.com

SLIM BOUKER, COO OF QFIB

SETTING STANDARDS QFIB rides the cloud to new heights MAHMOOD SHAKER, CIO AT QFIB

INSIDE

DIGITAL HOTELIERS

NETWORK MANAGEMENT

EMC WORLD 2011

© Copyright 2011 CPI All rights reserved While the publishers have made every effort to ensure the accuracy of all information in this magazine, they will not be held responsible for any errors therein.

Introducing Server room in a box

APC rackbased cooling draws in hot air from the rear, at its source, and then sends conditioned air out the front, ready to be used by adjoining racks.

APC integrated cooling future-proofs your IT room without breaking the bank Is your server room a barrier to adopting new technologies? Consolidation, virtualization, network convergence, blade servers — these new technologies improve efficiency, cut costs, and allow you to ‘do more with less.’ But they also bring high-density power, cooling, and management challenges that server rooms were never designed to handle. You’re relying on guesswork, depending on building air conditioning, or improvising remedies. So, how can you increase the level of reliability and control in your server room without spending a fortune? Introducing the APC by Schneider Electric™ total server room solution Now you can get power, cooling, monitoring, and management components that easily deploy together as a complete, integrated solution. Everything has been pre-engineered to work together and integrate seamlessly with your existing equipment. Just slide this proven, plug-and-play solution into most existing spaces — there’s no need for confusing cooling configurations or expensive mechanical re-engineering. The modular, 'pay as you grow' design lets you be 100% confident that your server room will keep pace with everchanging demands. Future-proof your server room easily, cost-effectively

If you have dedicated IT space . . . Get pre-validated, highdensity cooling as a single offering. APC InRow SC System combines an InRow SC precision cooling unit (up to 7kW capacity), NetShelter SX rack enclosure, and rack air containment system.

If you don’t . . . Introducing the NetShelter CX: portable server cabinets, with extreme noise reduction, designed for ofﬁce environments.

APC takes the hassle out of configuring server rooms. Self-contained InRow™ cooling units, high-density NetShelter™ enclosures, and the APC rack air containment system combine to create a proper IT ecosystem in almost any environment. Rack-level monitoring sensors, intelligent controls built into the cooling unit, and integrated management software provide complete remote control and unprecedented visibility into the entire system. Simply add power protection (such as undisputed best-in-class Smart-UPS™ or Symmetra™ units) and you have a total solution for today, tomorrow, and beyond.

These solutions integrate power, cooling, and management in a secure, quiet, cooled enclosure that’s indistinguishable from other office furniture.

Download the White Paper, ‘Cooling Strategies for IT Wiring Closets and Small Rooms’, and get a chance to WIN a Lenovo® all-in-one touch screen PC! Visit www.apc.com/promo Key Code 89344t Call +9714 7099690 (Arabic) / +9714 7099691 (English) • Fax +9714 7099650 ©2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, InRow, NetShelter, Smart-UPS, and Symmetra are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. All other trademarks are property of their respective owners. APC Middle East, PO Box – 53852, Dubai, United Arab Emirates • 998-2029_A4_GB

ANALYSIS month in view

Big data world At this year’s EMC World, the IT giant integrated its strengths in storage and the cloud to present solutions that are aimed at helping enterprises handle the increasing volumes of unstructured, big data.

f cloud was the buzz word of last year and early this year, then big data – or the challenge of managing huge volumes of unstructured data – is set to be the topic of discussion among most big IT giants through into 2012. At EMC World this year, the annual gathering that the IT giant invites its customers as well as press and analysts to, the firm spoke about the concerns of big data, and brought it into conjunction of the company’s cloud solutions. “There are three crucial challenges facing the IT teams in enterprises. One is a growing budget dilemma, where the majority of budgets are still being assigned to maintenance tasks. The second is the growing concern of data deluge. In 2010, the digital universe was 1.2 zettabytes; in a decade this will grow to 35 zettabytes. Around 90% of the digital universe is unstructured. To keep up with this, server volumes will grow 1000% in a decade. At the same time, worldwide IT staff strength will increase by less than 50%,” said Joe Tucci, chairman, president and CEO of EMC in his opening keynote on the first day of

the EMC World 2011 conference. “Security is the third big pain point of global enterprises. In 2010 alone, 80% of Fortune 500 firms had botnet activity in their domains and 60% of them had email addresses compromised by malware, according to research. In addition to

addressing these three pain points, we have to assure greater efficiency, control and choice, leading to greater agility. Enter the cloud – or the hybrid cloud,” said Tucci. Tucci went on to expand how the cloud is necessitating transformation and opportunity across three layers – the infrastructure layer,

terabytes to many petabytes of data in a single data set. Examples include web logs; RFID; sensor networks; social networks; social data, Internet text and documents; Internet search indexing; call detail records; astronomy, atmospheric science, genomics, biogeochemical,

biological, and other complex and/ or interdisciplinary scientific research; military surveillance; medical records; photography archives; video archives; and large scale ecommerce.)

Defining big data Big Data is a term applied to data sets whose size is beyond the ability of commonly used software tools to capture, manage, and process the data within a tolerable elapsed time. Big data sizes are a constantly moving target currently ranging from a few dozen

Computer News Middle East

JUNE 2011

www.computernewsme.com

Source: Wikipedia

where the hybrid cloud will bring together elements of public and private infrastructure, the applications layer, where new application platforms for this hybrid cloud will have to take shape and old ones will have to be virtualised, and finally on the end-user layer, where provisioning has to improve in order for apps to be accessible from any device, anywhere in the world. According to Tucci, as big data management and the cloud come together – he termed this as a major intersection — EMC has the portfolio necessary (between EMC, VMWare and RSA) to handle the changes across all three layers of transformation. “Our journey to the cloud and big data has been supported by big investment. Across the last eight years since 2003, we have spent over $10.5 billion in research and development (R&D) and another $14 billion on mergers and acquisitions related to technology. In 2011 we expect a revenue of $19.6 billion and we expect to spend more than $2 billion on R&D this year as well,” said Tucci. To many at EMC, the proof of the investment was evident in the number of products and solutions that were launched at the conference. There was the cloud tiering appliance, which will enable enterprises to link previously existing pools of VNX storage (EMC’s brand of unified storage) to clouds, whether private or hybrid. This can be done via the Atmos storage service, which the company announced a second version of during the conference as well. The company also announced the promised update to the VPlex solution range, the VPlex Geo. The VPlex range provides a reliable system for enterprises to virtualise storage across local, metro and global areas. The Geo update provides for storage across 2600 miles and enables data to be replicated asynchronously between data centres that are

Pat Gelsinger, EMC president and COO of information infrastructure products

solution. In addition, EMC announced the availability of the Hadoop-based EMC Greenplum HD Community Edition and EMC Greenplum HD Enterprise Edition software. There were also several other storage launches, including the addition to the Isilon NAS storage line – the Isilon 108NL – which can scale to more than 15 petabytes in a single file system and single volume. Most interestingly, EMC also announced flash storage for servers, which sparked questions about the company’s future focus and strategy going forward. For the short term, EMC said it is working on an aggressive strategy to accelerate the adoption and use of flash storage technology in infrastructure. Pat Gelsinger, EMC president and COO of information infrastructure products detailed

Our journey to the cloud and big data has been supported by big investment. Across the last eight years since 2003, we have spent over $10.5 billion in research and development (R&D) and another $14 billion on mergers and acquisitions related to technology. In 2011 we expect a revenue of $19.6 billion and we expect to spend more than $2 billion on R&D this year as well.” located thousands of miles from each other. The company also announced integration of its Greenplum acquisition, and painted it with the cloud brush, by announcing integration and support for the opensource Apache Hadoop, which is used for data-intensive distributed apps. The company introduced a high-performance, data co-processing Hadoop appliance — the GreenplumHD Data Computing Appliance. The appliance marries Hadoop with the EMC Greenplum Database, allowing the co-processing of both structured and unstructured data within a single, seamless www.computernewsme.com

a multi-faceted strategy that is designed to further drive adoption of this technology, lower costs for customers and dramatically speed storage and application performance. “EMC’s flash strategy is all about making the shared IT infrastructure more efficient and dynamic. Placing the information on the right media at the right time and placing the information closer to the processor at the right time provides the highest levels of performance and also the highest returns on investment because all of the resources are fully utilised. The key to this is EMC’s FAST software that adds a level of intelligence JUNE 2011

Computer News Middle East

ANALYSIS month in view

based on usage to automate the movement of the data through the I/O stack and, most importantly, ensures the integrity of that data,” he said. The strategy includes a new PCIe/flashbased server cache technology– code-named “Project Lightning” – due later this year that will move data closer to the processor to dramatically accelerate performance. Integrated flash in the server as cache and as storage in the array, combined with EMC FAST software, creates a single intelligent I/O path – from the application to the data store. The result is a networked infrastructure dynamically optimised for performance, cost and availability and significantly more

reliable than implementations relying on flash as direct-attached storage in the server. According to Gelsinger, Lightning will be available in the second half of 2011 and will go into beta sometime during the middle of the year. EMC later this year also plans to introduce a new all-flash configuration of its VNX unified storage system that will enable support of more virtual servers and more intense workloads. According to the company, it has sold and delivered several all-flash Symmetrix VMAX arrays to customers with extremely demanding I/O workloads already. Later this quarter, all-flash Symmetrix VMAX arrays will be offered as a standard configuration option.

With all these launches, EMC hopes to help enterprises address the growing challenge of big data, while giving them the advantages of the cloud. EMC World 2011 was abuzz with the solutions that had been launched and there is no doubt that on a long term strategy basis the firm seems to be heading in the right direction. However, its real test lies in how these strategies will be translated to on-ground field education and sales initiatives, especially in emerging regions like the Middle East. Will EMC be able to educate and align customers uniformly across the globe, or will it fail in this true test of transformation? The question that EMC should be asking itself.

For the service provider EMC also unveiled the Velocity Service Provider Partner Program at EMC World 2011. The program will enable partners to create, deploy, market, sell and deliver EMC-powered public and private cloud services. “Service providers play a vital role in fulfilling the promise of hybrid cloud computing, which is why EMC has committed resources across the company to help enable the success of our service provider partners and our partner program,” said Howard Elias, president and chief operating officer, EMC information infrastructure and cloud services. “Aligning EMC’s cloud computing architecture, expertise and go-to-market strategy with a strong stable of trusted service providers will give enterprises greater flexibility in their choice of cloud models for their applications without sacrificing control. That’s the essence of EMC’s cloud vision.” The Velocity Service Provider Partner program offers increasing sales, marketing, planning and education benefits to partners as they invest in EMC solutions with the singular goal of delivering compelling 08

Computer News Middle East

JUNE 2011

cloud services to the global IT market. Also available are business development and services, creation resources to enable partners to develop differentiated offerings built on EMC technology, marketing support including marketing development funds (MDF,) campaigns, field execution, and sales www.computernewsme.com

enablement tools. The Velocity Service Provider Partner Program is open to cloud service providers of all kinds, including telecom operators, cable operators, hosting service providers, outsourcers, ISVs and other enterprises.

ULTIMATE UC EXPERIENCE FROM THE ULTIMATE UC LEADER—POLYCOM. It’s the latest buzz. Polycom is the world leader in Unified Communications. That’s because only Polycom offers a total communications solution—one that will work for you today and grow with you as your business evolves. It’s because our products are best-in-class and backed by Polycom’s history as an industry innovator. Oh, and we’re the only provider of collaboration solutions built on open, standardsbased architecture. Increase your productivity even as you reduce your costs and lower your carbon footprint with Polycom. Transform your business. theartofconversation.com

ANALYSIS month in view

Staking claim At its annual Technology Day Summit, Brocade revealed solutions for virtualisation and cloud computing across enterprises and service providers. It is tying solutions together with an overall CloudPlex architecture, and what is on the roadmap looks promising for company and client.

rstwhile storage-only vendor and growing networking power Brocade reflected the sentiments of many end-users and the industry in general, and revealed part of its long-term ambition, when it gathered media and analysts at its annual Technology Day Summit to announce and discuss its latest launches for the areas of virtualisation and cloud computing. The Summit was held in the early days of May in the company’s new headquarters site at San Hose, California. “We are providing more proof points for our Brocade One strategy, which helps our customers reduce network complexity and support new and distributed applications. Technology Day allows us to demonstrate how our innovations provide new levels of uptime through an open, multivendor architecture that protects existing and new IT investments,” said John McHugh, chief marketing officer at Brocade, speaking on the first day of the summit. The first of these announcements included what the company claimed to be the world’s first fabric-based networking solution with 16Gbps fibre channel technology. These offerings were made of the Brocade DCX 8510 Backbone, the Brocade 6510 Switch, the Brocade 1860 Fabric Adapter and the Brocade Fabric OS 7.0 operating system. Also included were new administrative and scalability 10

Computer News Middle East

JUNE 2011

John McHugh, Chief Marketing Officer, Brocade

enhancements to Brocade Network Advisor, which unifies storage, data and wireless network management in a single platform. According to a recent report by Gartner, the global market for cloud services is expected to grow to nearly $150 billion by 2014. This enormous market opportunity is transforming how service providers will deliver information technology services to their customers. To tap into this growing market segment, Brocade also launched cloudoptimised solutions for the evolution of public cloud infrastructure. The company’s announcements for the service provider www.computernewsme.com

community included software advancements to the entire family of Brocade. Internet core, metro and edge routing products, including a clear migration path from today’s IPv4-based networks to IPv6, a new set of carrier-grade 10 Gigabit Ethernet (GbE) and 100 GbE blades for Brocade MLX Series routers to enable scalability for highly virtualised and cloud-based networks, enhanced IPv4/IPv6 and Multiprotocol Label Switching (MPLS) routing capabilities, and scalability for the Brocade NetIron CER 2000 Series compact routers to expand the service provider cloud in metro networks. The company also announced the Brocade 6910 Ethernet Access Switch, a compact solution that extends wire-speed Ethernet services to the network edge. “Today’s networks must be cloudoptimised at every critical point as they will define the application performance and the customer experience within the cloud. Service providers are able to leverage Brocade data centre networking leadership in high-performance Brocade Server Iron ADX application delivery switches, as well as market-leading storage fabric and innovative Ethernet fabric technologies to build out their cloud infrastructure,” said Ken Cheng, VP of service provider products at Brocade. According to Cheng, the Brocade Ethernet fabric technology enables a completely virtualised environment in which service providers can offer compute, storage and network resources to their customers ondemand. In addition, Brocade Ethernet fabrics simplify data centre network management and operations, improve network efficiency and utilisation and thus reduce total cost of ownership (TCO) dramatically. “For service providers, their network

Virtualisation has fundamentally changed the nature of applications by detaching them from their underlying IT infrastructure and introducing a high degree of application mobility across the entire enterprise. This is the concept of the virtual enterprise that we feel unleashes the true potential of cloud computing in all its forms – private, hybrid and public.”

Ken Cheng, VP of service provider products at Brocade

is the cloud. Service providers want to provide network services to their enterprise customers and, on top of that, they want to deliver application-level services from the data centre,” Cheng added. “Since Brocade has both data centre as well as service provider networking expertise, we are uniquely qualified as a strategic partner to help service providers build out their cloud infrastructures and deliver profitable cloudbased services.” To tie all of this together, and to outline the company’s vision and the technology investments it will make to help its customers evolve their data centres and IT resources as they migrate to being virtual enterprises, Brocade also announced a new technology architecture CloudPlex. Dave Stevens, CTO of Brocade described

the CloudPlex architecture as an open, extensible framework intended to enable customers to build the next generation of distributed and virtualised data centres in a simple, evolutionary way that preserves their ability to dictate all aspects of the migration. “Virtualisation has fundamentally changed the nature of applications by detaching them from their underlying IT infrastructure and introducing a high degree of application mobility across the entire enterprise,” said Stevens, addressing the gathering of press and analysts at the Technology Day Summit 2011. “This is the concept of the virtual enterprise that we feel unleashes the true potential of cloud computing in all its forms – private, hybrid and public.” According to the company, Brocade CloudPlex meets the goal of the Brocade

Dave Stevens, CTO of Brocade

www.computernewsme.com

One strategy, designed to help companies transition smoothly to a world where information and applications can reside anywhere by delivering solutions that enable unmatched simplicity, non-stop performance, application optimisation and greater investment protection. The Brocade Cloudplex architecture will define the stages and the components from Brocade and its partners that are required to get to the virtual enterprise. The stages comprise three main categories – fabrics, globalisation and open technologies – with some of these components being available today while others are in development or on the strategy roadmap of Brocade’s engineering priorities. The currently available components include networks comprised of Ethernet fabrics and Fibre Channel fabrics, multiprotocol fabric adapters for simplified server I/O consolidation and highperformance application delivery products. Components on the roadmap include integrated, tested and validated solution bundles of server, virtualisation, networking and storage resources called Brocade Virtual Compute Blocks, an advancement of Brocade Fabric ID technology called Cloud IDs that enable simple and secure isolation and mobility of VMs, and an open framework for management, provisioning and integration designed to promote multi-vendor and system-to-system interoperability, among many others. Setting out the spread at the two-day summit, Brocade left no doubt that the company is planning on aggressive growth, both in developed and emerging markets, as it uses its strengths as a relatively small firm to be nimble and react to changing demands among end-users the world over. With these new launches Brocade believes it has the boost it requires to talk the language of virtualisation and cloud computing enough to eat more of the pie that has so far been held by larger competitors. It is going to be an interesting twelve months ahead. JUNE 2011

Computer News Middle East

ANALYSIS month in view

Collaboration for efficient IT FVC and nCircle brought enterprise end-users together at a TechCafe session in Dubai to discuss network security and compliance management.

t a recent TechCafe, a series of interactive end-user sessions organised by FVC, enterprise customers of the nCircle IP 360 vulnerability assessment solution, discussed the benefits of investing in risk assessment and vulnerability management software, while highlighting and addressing the difficulties encountered when embarking on the project. According to nCircle, an international vendor of automated security and compliance auditing solutions, and value-added distributor FVC, the explosion in the number of security breaches and network hacks across the globe, combined with the increasing regulations surrounding compliance certifications, contributes to the need to deploy automated software that enables customised network scanning to detect and rectify holes in an organisation’s security. “The IP 360 solution enables end point intelligence and functionality with API tools that allow for better integration across networks, user groups and IT assets. The hardware solution is most effective when it seamlessly integrates with an organisation’s existing security infrastructure. The solution also comes with a regularly updated risk database, which means IT and security departments are no longer burdened with maintaining one,” said Ric Walford, director of field security engineering at nCircle during the 12

Computer News Middle East

JUNE 2011

Dharmendra Parmar, GM of marketing at FVC

TechCafe session. Walford took the users gathered at the event through a detailed presentation describing the elements and functionality of the IP360 solution - from defining the contents of an organisation’s network right down to the risk assessment and customisation tools. He also addressed how best organisations can manage their networks to minimise risk. Walford stressed on the need for IT and security teams to invest in accounting and tracking solutions based on network and asset criticality to the organisation. “To enable effective security measures it is imperative for those responsible to regularly scan their www.computernewsme.com

critical networks. This will not only help them prioritise network security based on the severity of the problem, but will also aid in establishing accountability,” he said. Attendees at the TechCafe event also discussed at length the need for automated compliance management tools that allow IT and security personnel more time to focus on their primary role of maintaining an organisation’s IT infrastructure. According to Walford, “In an environment where organisations are expected to meet compliance standards, set by both customers and regulatory authorities, the Configuration Compliance Management (CCM) tool provides them with an easy way to keep track of and comply with requirements. The tool comes with essential applications like the Policy Editor that boasts a database of over a 100 different prescriptive and regulatory policies. The app scans the organisation’s assets to highlight errors and gaps in compliance.” Dharmendra Parmar, GM of marketing at FVC, said “Through TechCafe our customers not only learn how new technologies are useful, but they can relate it directly to their organisation or industry, as the audience is usually industry focussed. Customers also get an opportunity to share best practices with peers in the industry. For FVC, this is an ideal opportunity to understand our customers’ challenges better and collaborate with them to develop solutions that can help organisations resolve these issues.” The TechCafe sessions are held on a weekly basis across FVC offices in the MENA region, usually in their Executive Briefing Centres. Within the UAE, FVC conducts these sessions once or twice every month.

Dear Delegates, Clever Data Center Management is acutely important for the roaring Success of your Business. Give your Business the dynamic brains to prosper endlessly.

Rely on HP Education to help you optimize your Data Center while accelerating growth and controlling risks. Our specialized Data Center courses give attendees the expert knowledge in authenticating offers provided by vendors for Precision, Effectiveness, and Efficiency.

UNDERSTAND: • How to assist, perform and monitor an IT risk assessment and analysis. • How to select and negotiate with vendors. • How to support in building the business continuity & availability plan. • Know�how of Cost Containment.

OBTAIN: • • • •

Comprehensive student material through state�of�art classroom Advice & Guidance from one of the industry’s leading experts Training from the experienced best�in�the�field HP Instructors CDCP, CDCS and CDCE ® Certifications

Join us in Dubai or Cairo. HP Education promises to hone your Data Center Management and Expertise to Perfection.

COURSE DATES: Dubai CDCP 5�6th June; CDCS 7�9th June; CDCE 12�16th June Egypt CDCP 3�4th July; CDCS 5�7th July; CDCE 24�28th July

Course

Original Price

CDCP

$1,400

CDCS CDCE

$2,100 $3,500

$4,500 only for all (3) three courses {36%* Special discount}

*Approximately **Package price not valid on individual courses

For more information, please visit: www.hp.com/me/education

Package Price** $900 $1,350 $2,250

ANALYSIS month in view

From data to business agility Business analytics is being trumpeted as this year’s disruptive technology by industry commentators. Data warehousing pioneer Teradata tells Dave Reeder that it will finally unlock the real value of company data and deliver a single view of the enterprise.

arely three years after its spin-off from NCR, Teradata is riding high, outperforming most of the IT industry even during the worst days of the global crisis. Formed three decades back with a vision of large data warehouses, it has since led the field. In terms of large global implementations, household names like eBay, Amazon and WalMart all use Teradata’s massively scaleable appliance-based data warehouses, with some implementations now in the multipetabyte range. “I believe there is no future for companies not engaged in data analytics,” claims Hermann Wimmer, EMEA President of Teradata. “Data analytics is no longer a byproduct but a core business driver.” The point is taken up enthusiastically by Dr Stephen Brobst, the company’s CTO. “Metadata - the context of data - is critical to get full value from data. Without it, data just isn’t information.” His theme is simple: capturing data is not enough. There has to be a system for managing the collection, storage,

analysis and dissemination - only this, he argues, will give you “a single source of truth” about data. Pointing out common mistakes in implementing enterprise information systems, he urges companies to be pragmatic to start getting business value. “If you think all your

data is perfect, you’re delusional,” he believes, suggesting that if you think that data capture was the name of the game then you’re just plain wrong. “Look,” he argues, “it’s just not a workable data warehouse until there’s a data model where you understand the relationships.”

Earlier this year, Teradata acquired Aprimo, a global leader in cloud-based integrated marketing software. It is now expected to drive the future of integrated marketing, enabling companies to optimise marketing performance with more detailed, comprehensive insights from a universe exploding with so-called big data.

Aprimo’s fully integrated suite is used by hundreds of customers, including 36 of the Fortune 100, notably Warner Bros and Nestle. Marketing has long been seen as the dark hole of data analysis, made even harder to manage by the explosive number of new data sources driven by consumers who are adopting new digital channels and information sources to connect, converse and shop. Integrating global social media insight and unstructured data with detailed information

collected from customer touch points can transform the enterprise data warehouse gold mine into an analytic diamond mine. Commentators are highlighting the combined capabilities of Teradata and Aprimo as a definitive sweet spot for business transformation. “Besides being a growth category – our last forecast estimated that this market is growing at roughly 17% – campaign management is mission critical,” claims Forrester Research’s Suresh Vittal.

Ka-ching acquisition

Computer News Middle East

JUNE 2011

Hermann Wimmer, EMEA President, Teradata

www.computernewsme.com

And understanding the relationships between your data means analysing your internal and external business relationships. “Don’t waste your time reinventing things,” he urges, pointing out that for, say, a bank, many of the data sets repeat across lines of business - customer name, address, etc. “Data marts are just islands of analytic application - that’s why they don’t work. You need to integrate, not federate, otherwise you’re condemned to redesigning the same framework over and over again. Be smart: leverage your effort by establishing the right Enterprise LDM (Logical Data Model) framework.” His view on wasted effort and misdirected internal analysis is robust. “Look, face it, you’re not ‘unique’. Every bank is ‘unique’, right? No, it’s not. There’s maybe 5% of your business that is different so why waste time and energy? Adopt industry frameworks. I mean, why redesign a data model for, say, a mortgage application?” Although many organisations have adopted data warehouses, Teradata believes that obtaining value from the data is still in its infancy. “Data integration breaks down line of business silos,” agrees Dr Judy Bayer, director of advanced analytics at Teradata EMEA. It’s business analytics that will provide business agility, she says. As an example, Wimmer points to eBay, one of its key reference accounts with a Teradata data warehouse amongst the largest in the world - multiple petabytes is the suspected but unconfirmed size. It has 5,000 data analysts working on that multi-petabyte data mountain, sifting and analysing over 1Tb of customer data every eight seconds! It’s an operation that large and complex that allows

eBay “to analyse customer behaviour and optimise its business constantly”, Wimmer adds. Typical prospective customers for the company - from the banking and telecom sectors, say - are looking for ways to increase customer retention and increase customer value, both obvious targets for business analystics, according to Bayer. “Advanced analystics are going mainstream,” she says, “precisely because it addresses issues like customer attrition, churn and the like.” Historically, analysis focused on past behaviour; now, advanced analystics allows predictive analysis, from simple examples like stock planning levels for a food store against future weather patterns (better weather equals more barbeques, for example), to more complex examples like advanced analysis of mass customer behaviour. In the future, for example, the old method of analysing customer behaviour via credit card usage

(where, when and what) will morph into analysing customer behaviour across new usage patterns like smartphones. “What we’re going to see” according to Wimmer, “is a massive shift from analysing historical data to predictive analysis in operational data warehousing environment. Look, we can do the historical stuff - we’ve led the data warehouse market for nearly three decades since we invented it. The challenge is dealing with new sorts of data. Three years ago, for example, we had no idea that social networking would explode and be so important for business. Unpredictability needs to be managed.” Brobst agrees that the really interesting future comes when unstructured data enters the picture. “We have all this data which is not being captured and analysed, from social networking which every company is now using. Dealing with this so-called ‘big data’ is critical, which is why we’re acquiring Aster.” The deal for the data warehousing and analtyics startup Aster Data Systems is expected to close in Q2. The acquisition will give Teradata the tools to analyse unstructured data, which involves complex interrelationships that do not lend themselves to analysis with traditional techniques. Oracle is already looking at such analysis with its Exadata initiative. With major regional customers like NBAD, Etisalat Misr and Batelco, Teradata is again expecting to outperform the general IT industry, with projected growth of between 12% and 14% this year, according to Wimmer. The simple reason? CXOs today aren’t challenged by their business data, instead, they want information that adds value.

Expected to be finalised in Q2, Teradata’s acquisition of Aster Data Systems will bring the data warehousing giant an early market advantage in handling the large amounts of unstructured (big) data that organisations are struggling to store and analyse at present. Big data is generally defined as being massive in volume with a mix of structured

and unstructured data involving complex interrelationships that do not lend themselves to analysis with today’s traditional techniques - sources typically include Web applications, sensor networks, social networks, genomics, video and photographs. For these reasons, capturing, storing, managing and analysing it is extremely difficult. Analyst group Gartner believes that “2011 will be the year when data warehousing reaches what could well be its most-significant

inflection point since its inception. The data warehouse ‘ideal’ is changing and will give way to a new kind of warehouse that addresses more extreme types of information assets.” Importantly, Gartner stresses that “organisations integrating high-value, diverse, new information types and sources into a coherent information management infrastructure will outperform their industry peers financially by more than 20%” over the next half decade.”

Ka-ching acquisition

Dr Stephen Brobst, CTO, Teradata

www.computernewsme.com

JUNE 2011

Computer News Middle East

ROUND-UP month in view

Saudi’s Al Jouf University chooses Cisco’s WebEx Al Jouf University in Saudi Arabia has deployed Cisco WebEx enterprise collaboration solutions for efficient and secure e-learning. Cisco WebEx will provide students, lecturers and staff members with an easy way to exchange ideas and information with anyone, anywhere. Cisco WebEx combines real-time collaboration with voice over IP technology, so everyone sees the same thing as they converse. Eid M Al-Mohammed, general director, IT Department, Al Jouf University said, “Our goal is to become one of the Kingdom’s leading universities, delivering world-class education. Cisco WebEx will keep us ahead of the game by enabling us to offer us a cost-effective e-learning solution that will allow our students and teaching professionals to meet online and enjoy the richest, most interactive online classroom experience wherever they are, as easily as if they were face-to-face.” The university will deploy a number of WebEx products, including Cisco WebEx

Meeting Centre, Cisco WebEx Event Centre, Cisco WebEx Training Centre and Cisco WebEx Support Centre. Cisco WebEx is software delivered as a service. The user conveniently subscribes to the service and can then use it from any computer with an Internet connection and even from most smartphones such as the iPhone or BlackBerry. Participants can be invited to attend a WebEx meeting via e-mail, IM or text and do not have to subscribe to WebEx. They simply click a link in the invitation to join on-line,

where they’ll get visual prompts to join the phone conference. Once a session is started the meeting organiser and participants can share documents, presentations and applications or even open a blank document and start creating together. The solution aids in making classes more engaging and enables delivering dynamic e-learning anywhere in the world. The solution enables teaching professionals to reach more people in less time as well as to save money by adopting a simple, powerful e-learning strategy. “With education being at the top of the national agenda of the Kingdom, this is a very strategic and important deployment for Cisco in Saudi Arabia. The University of Jouf now has access to a richer collaboration environment within WebEx, which will provide more of an ‘in-person’ type of experience, which can lead to greater productivity in virtual classroom sessions. Cisco WebEx takes advantage of real-time collaboration and the ability to monitor and measure class effectiveness, thereby slashing training costs and streamlining administrative processes,” said Mohammad Al Rehaili, WebEx channel manager, WebEx Technology Group, Cisco, Saudi Arabia.

CIOs ready to embrace cloud: IBM A new IBM study of more than 3,000 global CIOs shows that 60% of organisations are ready to embrace cloud computing over the next five years as a means of growing their businesses and achieving competitive advantage. The figure nearly doubles the number of CIOs who said they would utilise cloud in IBM’s 2009 CIO study, and is one of dozens of new insights and trends learned from CIOs worldwide in businesses of all sizes. As demand for ever-growing amounts of information continues to increase, companies are seeking simple and direct access to data and applications that cloud computing delivers in a cost-efficient, always-available manner. 18

Computer News Middle East

JUNE 2011

The use of cloud, which began in supporting deployments mainly inside companies, has now also grown common between organisations and their partners and customers. In IBM’s 2009 CIO study, only a third of CIOs said they planned to pursue cloud to gain a competitive advantage. This year’s study shows a dramatic increase in the focus on cloud, particularly in media and entertainment, which rose to 73%, automotive (70%) and telecommunications (69%). From a country standpoint, seven out of 10 CIOs in the US, Japan and South Korea, and 68% in China, now identify cloud as a top priority. This is dramatically up from 2009, when CIO interest in cloud hovered at about a third in each of these countries. www.computernewsme.com

The IBM study also found that more than four out of five CIOs (83%) see business intelligence and analytics as top priorities for their businesses as they seek ways to act upon the growing amounts of data that are now at their disposal. CIOs are also increasingly turning their attention to mobile computing to keep pace with the fast-changing marketplace. As the proliferation of mobile devices with enhanced functionality and mobile applications that support business productivity and new market opportunities continues to grow, mobile computing and mobility solutions are now seen by nearly three-quarters of CIOs (74%) as a gamechanger for their businesses — up from 68% in 2009.

Why is CommVault positioned as a leader in the 2011 “Magic Quadrant for Enterprise Disk-Based Backup /Recovery” Report?* The 13,500 customers worldwide who trust us to solve their data management challenges could answer this question for you 13,500 different ways. But if you don’t have time to poll them, get the full Gartner report and more at commvault.com/ITLeaders. Or, to set up a personal conversation about how we can help you, call our middle east office in Dubai at +971 4 3753491. Backup & Recovery > Archive > VM Protection > Deduplication > Snapshot Management > eDiscovery

1207 Al Thuraya Tower 2 PO Box 502224 Dubai UAE Headquarters: 2 Crescent Place Oceanport, NJ 07757 Regional Offices: Europe Middle East & Africa Asia-Pacific Latin America & Caribbean Canada India Oceania www.commvault.com n

©1999-2011 CommVault Systems, Inc. All rights reserved. CommVault, the “CV” logo, Solving Forward, and Simpana are trademarks or registered trademarks of CommVault Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice. * The Magic Quadrant is copyrighted 2011 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

ROUND-UP month in view

KSA is Arab world’s most competitive cellular market The Arab Advisors Group released the results of its Cellular Competition Intensity Index 2011 at the margin of the 8th annual Media and Telecoms Convergence Conference in Amman on June. The index ranks Saudi Arabia as the most competitive Arab cellular market. Jordan came in second, followed by Palestine. The report entitled “Competition Levels in Arab Cellular Markets” results for April 2011 revealed that Saudi Arabia tops the score –as the most competitive Arab market- with a 76.01% mark followed by Jordan at 75.37% and Palestine at 69.61%. The UAE’s competition index stands at 47.17%, followed by Syria, Libya and Lebanon. The Cellular Competition Intensity Index is relative in nature as it compares the state of every market relative to other markets. As such, even if a market’s absolute level of competition improved, its score in this relative index will

also depend on how other markets developed. The 2011 index results revealed that four countries ranked higher than their May 2010 index ranks, these are: Algeria, Bahrain, Saudi Arabia and Mauritania. Meanwhile, a total of three countries

ranked lower compared to May 2010 index, namely: Jordan, Sudan, and Yemen. The remaining twelve countries of Egypt, Iraq, Kuwait, Libya, Lebanon, Morocco, Oman, Palestine, Qatar, Syria, Tunisia and UAE maintained their May 2010 ranks. The Arab Advisors Group devised the Cellular Competition Intensity Index to rate and to examine the intensity level of competition in the Arab World’s cellular markets. The index takes into account the number of operators, packages, and services available in each of the 19 countries covered by the Arab Advisors Group. Each category was assigned a certain weight according to its importance as an indicator of competition. The Arab Advisors Group’s team of analysts in the region has already produced more than 2,500 reports on the Arab World’s communications, media and financial markets.

du launches mobile health network Emirates Integrated Telecommunications Company, du, launched a new programme “Your Health in Your Hands” to coincide with International Women Health Week. His Excellency Dr. Hanif Hassan Ali Al Qassim, UAE Minister of Health and Osman Sultan, CEO of du launched the programme at the company’s headquarters in the attendance of public figures and health officials. His Excellency Al Qassim said: “The Ministry welcomes such important ideas and initiatives that aim to enhance health and achieving awareness among the UAE nationals and residents and benefit from the latest technological applications. The UAE federal government encourages cooperation between societal public and private sectors”. du’s vision is to enhance the nation’s health programmes through mobile phones to maintain the success of the society and health of community members. “Smart Health” is a strategic initiative to connect different 20

Computer News Middle East

JUNE 2011

stakeholders of the healthcare ecosystem through innovative services, smart networks and technology. The vision, called mobile health or mHealth will connect patients and healthcare providers, to create an intensive health network that will lead to reduced hospital visits and increased home based services, eventually reducing the financial burden on the healthcare system. According to the company, the “Smart Health” project has been launched keeping in mind the larger than life costs and resource scarcity in healthcare and will leverage the telecom provider’s assets in communications and network technology to create a better national healthcare ecosystem. “As a telecom service provider we can leverage our network – the fastest network in the region, and our growing customer base of over 4.5 million, to act as an interface between our citizens who need timely information and www.computernewsme.com

proper access to healthcare and quality health care providers – thus literally adding life to life,” said Sultan. The project will encompass three programme pillars: health text or SMS based services encouraging a healthier lifestyle, health call – the strategic partnership between du and Mobile Doctors 24-7 International to launch a state of the art 24-7 physician call centre and finally health link- a programme pilot developed in collaboration with Ericsson Mobile Health offering chronic disease management technologies. For instance, with an additional Health Link subscription from du, a patient with hypertension could be provided with a blood pressure monitor that is wirelessly connected to his mobile phone and sends real-time updates to his doctor over the mobile network. Through the provision of these services, du aims to make the vision of a patient centric health network a reality.

ROUND-UP month in view

Cisco enters portable data centre market Cisco Systems has launched its first containerised data centre on Monday, coming late to the party but offering some unique management features that could help set it apart from other vendors. Containerised data centres typically are standard 20- or 40-foot shipping containers packed with servers, switches and other IT equipment. Pioneered by companies such as Verari Systems and Sun Microsystems, they’re used to quickly add extra capacity to an existing data centre or to bring capacity to a remote location, such as an oil exploration site or a battlefield. Cisco has opted for a 40-foot container that it says can be up and running in 90 to 120 days from when an order is placed. “Like other vendors in the market, Cisco expects customers to stock the containers primarily with its own products, but the racks inside can accommodate other vendors’ equipment as well,” said Keith Siracuse, a manager and

product marketing engineer at Cisco. Because they are small, self-contained environments, containerised data centres can be made highly energy-efficient. Cisco has gone a step further than other vendors by designing racks that each have their own enclosure, so the temperature for each can be set individually. This allows customers to operate individual racks at slightly warmer or cooler temperatures, depending on the equipment

inside and the workload, which helps squeeze out more energy savings. The container can house up to 16 racks, with a maximum power capacity of 25 kW per rack. The containers can either be parked side by side or stacked deeper to save more floor space. “You’re able to put a lot more equipment, and get much better power utilisation, versus the floor space in a traditional data centre,” Siracuse said. The container comes with a new management tool, Cisco Data Center Operations 360, which monitors the rack temperature and other variables in real time and generates historical reports for analysis. Customers can set the desired temperature range for each rack, and the software adjusts the fan speeds and water flow accordingly. Operations 360 also has tools for capacity planning and to design the layout inside the container.

Public cloud to surge: Forrester On the heels of the recent controversial Amazon EC2 cloud outage last week, research firm Forrester published a timely report on the growth potential of the major public cloud categories. These are: IaaS (Infrastructure-as-aService), PaaS (Platform-as-a-Service) and SaaS (Software-as-a-Service). Overall, Forrester’s report, “Sizing the Cloud”, predicts that the global market for cloud computing — including the public cloud, the private cloud and the virtual private cloud — will leap from $40.7 billion this year to more than $241 billion in 2020. Of the total $40.7 billion, $25.5 billion comes from the public cloud. Enterprise IT directors are wary of the public cloud because it allows little customisation and cloud resources are shared with thousands of other users, raising security concerns. But despite Amazon’s very public twoday outage, the future of the public cloud is 22

Computer News Middle East

JUNE 2011

bright, says Forrester. The highly scalable and pay-per-use public cloud model will grow to $159.3 billion of the total $241 billion cloud market in 2020, according to Forrester. Regardless of being the second largest public cloud category with a $2.9 billion market size, IaaS will taper off over the next decade as companies manage their IT infrastructure in virtual private clouds, predicts Forrester. “Our analysis shows that IaaS will reach a peak of $5.9 billion in global revenues in 2014 and will then enter a period of significant commoditisation, price deterioration and margin pressure,” write Forrester report authors Stefan Ried and Holger Kisker. “Between 2014 and 2020, as a result, the IaaS market will first stagnate and then decline, with total market revenues of $4.8 billion in 2020.” PaaS is the middleware of the cloud, a place where you can design, test and deploy www.computernewsme.com

applications over the Web and eliminate the manual effort and cost of buying the underlying hardware, software and network capacity. PaaS is the third largest cloud category with a market size of $820 million in 2011, and Forrester predicts steady growth as PaaS becomes a serious alternative for developing custom applications. Many ISVs have been using PaaS since 2010; usage in corporate application development will take off in 2011, while service providers will engage more users with PaaS from 2012 on, the Forrester report states. Total revenues for SaaS in 2011 will reach $21.2 billion, and due to strong demand from companies of all sizes Forrester predicts that SaaS revenues will reach $92.8 billion by 2016, accounting for 26% of the total packaged software market. After reaching a saturation point in 2016, SaaS growth will slow between 2016 and 2020, the Forrester report states.

Saudi System Integrator

alfanar IT E-Business

Enterprise Resource Planning

Unified Communications

P.O. Box 220436 Riyadh 11311 Tel: +966 920006111 Ext. 7105 Fax: +966 1 2933313 www.alfanarit.com

CASE STUDY Qatar First Investment Bank

SETTING STANDARDS Qatar First Investment Bank chooses the cloud to host its disaster recovery apps and data, and finds that it could not have chosen better. By Sathya Mithra Ashok | Photography Cris Mejorada

atar First Investment Bank (QFIB) is a young company. And like any other young company in the bustling, economically booming country of Qatar, its ambitions reach far and long. “We were formed in 2009. But the planning for our organisation started much before that. We have all the advantages that come with a new, young company, and we have set our sights on growth and achievement as our development path for the years to come,” says Slim Bouker, COO of QFIB. The team at QFIB realised even when they were setting up, that information technology would have to be a basic pillar that supports them not just in their immediate activities but in their future growth as well. “We started planning in 2008. We had the business plan in place and we knew strategically what we wanted to be in five years’ time. We built the IT base on that strategy to get us to where we wanted to be in five years,” says Mahmood Shaker, CIO at QFIB. “We wanted our infrastructure to be scalable – something that would stretch from three to ten years. We did not want to be repeatedly spending money on this and so we built our data centre with those requirements. We also chose technology solutions that would last us for five years. Keeping this in mind, we partnered with Microsoft for a range of solutions. We also chose Temenos as our core banking solution as we found it to have all the

Computer News Middle East

JUNE 2011

functionality that we needed. The beauty of this infrastructure is that we built all of this almost by ourselves,” says Shaker with pride. QFIB operates on a core infrastructure www.computernewsme.com

model that utilises active directory with Exchange and SQL for databases alongside Exchange with messaging. QFIB also hosts its core banking service and utilises system

management for server consolidation and virtualisation.

A working DR Being a young organisation looking to capitalise on any technology that can enable them to grow faster and become more efficient, the 10-member IT team found themselves getting increasingly interested in cloud technologies. “In 2008, when we started on our main production environment, cloud was not a very mature set of technologies. But in 2010, when we began to seriously consider having a disaster recovery (DR) site for our operations, we began to look at cloud technologies because by then they were more wellestablished,” says Shaker. QFIB then began to investigate the technology options within cloud, called in concept presentations from vendors and took their time in conducting the research that would need to precede such an important decision. “We attended different seminars and conferences related to cloud technologies to understand the concepts and what the best approach was for us. We spoke to many providers and we reviewed a few scenarios based on our needs without losing sight of the ROI. We also worked with some vendors for proof of concepts (POC) on the cloud. We finally selected Microsoft, EMC and Symantec technologies to implement our cloud infrastructure and the outcome has exceeded our expectations,” says Shaker. QFIB’s entire DR project stands out for not just its uniqueness, but its absolute boldness as well. For, unlike most other organisations that work with private cloud, QFIB moved mission critical apps to the cloud that hosts its DR. “We have put together some real high end servers from Dell. We did not have to move away from Microsoft for the cloud – we used HyperV straight out of the box. We use Microsoft to support us on the apps

front, and we have EMC to help us with storage in the cloud. We started with some pilot services with the cloud. This included the e-mail environment and as soon as we concluded that the DR environment was working fine, was well managed and remains secure, we decided to move other apps to the environment,” explains Shaker. According to him, these other apps included many mission critical apps used in the production environment.

without knowing the difference,” says Shaker. Stretching the cloud The DR cloud has worked so well for QFIB, that the organisation has currently stretched the cloud to cover parts of its production environment as well. “We have achieved three things with this project – we have got the cloud; we have freed nearly 8 servers in the production environment; and we have also had the

We wanted our infrastructure to be scalable – something that would stretch from three to ten years. We did not want to be repeatedly spending money on this and so we built our data centre with those requirements. We also chose technology solutions that that would last us for five years.”

“We have put all the main apps on the cloud. Imagine core banking in the cloud – ERP system which includes HR, billing, financial, assets, and procurement. We just finished the implementation of the SharePoint 2010 for Microsoft. We put that also on the cloud,” says Shaker. Though the organisation started off using an existing vendor’s replication services, it realised that it needed something with higher capabilities. Shaker then went looking for the right set of services, and even visited client sites for vendors across the region to ascertain the best solution for QFIB’s DR cloud. He finally decided on Symantec for the replication element in the cloud. The entire cloud is externally hosted at a service provider’s environment within Qatar, therefore separating it physically from the production environment. “We have got it working so smoothly for us now, and the cloud apps, and its replication works so well, that our users can move from the production to the DR environment www.computernewsme.com

opportunity to upgrade to the most recent OS on our infrastructure,” says Shaker. The firm took four months to plan and select the vendors and four more for the implementation to take place. But this immense success did not come easy – as Shaker explains. “We had to confront challenges along the way. First, we had to be really sure what kind of cloud we wanted – private or hybrid. I would suggest that all organisations considering the cloud should have this clarity in their minds before stepping into the area of cloud. The second major challenge we encounted was intergration. Every big vendor pitches their own formula for cloud, but at the end of the day, many of their solutions do not work with each other or are not compatible with another vendor’s cloud concept. Sometimes, even solutions within the same vendor do not work with each other well in a cloud environment. Integration among apps is a very real challenge in a cloud environment and end-users have to be aware JUNE 2011

Computer News Middle East

CASE STUDY Qatar First Investment Bank

The management is very supportive of IT efforts. We discuss IT needs and projects regularly. We have a dedicated budget and an IT steering committee that meet regularly. We employ a specialist to look after information security across the organisation in order to maintain certain operating standards.”

of this before investing in the same,” states Shaker. Lack of proper integration also threatened the security elements of the cloud solution at QFIB. Shaker and his team had to work long and hard to get the anti-virus and basic security elements of the cloud sorted out. “We had a lot of legacy apps and it took some time for us to get what we wanted from the cloud. To get what we wanted, we did quality assurance on every single aspect – we tested the output at every point and made sure that it was what we wanted. From the RFP, we did research on the technology, got feedback, checked references and the support available. In short, we did our homework and then started the project. That is the advice I would give other organisations in the region who are interested in cloud technologies to go about their project,” says Shaker. He states that now that the challenges have been overcome and they have moved to the cloud, every new project will also find space in it. Apart from the major cloud project, QFIB’s IT team also worked on several crucial projects in 2010 including a core banking upgrade to include corporate banking and Sukuk as well as implementation of standards such as COBIT, ITIL and ISO 27001 and get the

regularly. We have a dedicated budget and an IT steering committee that meet regularly. We employ a specialist to look after information security across the organisation in order to maintain certain operating standards,” says the firm’s COO, Bouker. Since IT is recognised as a business enabler at QFIB there is an IT strategy, IT steering committee and board approval process for budgets. Technology investments are based on business needs and organisational requirements. For 2012, the firm has already plans for its CRM (customer relationship management) and to go further with the cloud as a solution for the entire infrastructure. And for QFIB, that is far from being the end of the road.

ball rolling to achieve certification.

Team work QFIB’s success in its IT projects is a combination of the vision of its founders, the strategic team work applied to the vision and the rigour of trial and effort. It is also a factor of the enormous management support provided to the team. “The management is very supportive of IT efforts. We discuss IT needs and projects

A little about QFIB Qatar First Investment Bank (QFIB) is the first independent, Shari’ah compliant investment bank, licensed by the Qatar Financial Centre Authority. QFIB plays a leading role in the development of the investment banking industry in Qatar and the GCC, by providing world class, Shari’ah compliant financial solutions. The firm continuously strive to make a positive contribution to the region’s business

Computer News Middle East

JUNE 2011

community by capitalising on the extraordinary economic and financial opportunities made possible by the region’s wealth of natural resources. QFIB delivers a unique perspective to business, one that is local in character and global in capability. Its shareholder base comprises over a thousand individual and institutional shareholders made up of prominent individuals, financial institutions, banks, www.computernewsme.com

pension funds and other strategic investors from the Gulf region, and authorised capital of QAR 3.65 billion (US$ 1 billion) and a paid up capital of QAR 1.6 billion (US$ 430 million) provides it with substantial financial strength to support its ambitions. QFIB is managed by a select team of multinational investment bankers with extensive experience working in the GCC and global financial markets.

FEATURE Virtualisation

Driving Innovation With more organisations making the transition to virtual computing it is time to understand the basis for successful implementation of these solutions. Pallavi Sharma dives in to discover the challenges and benefits associated with this technology and its future in IT.

n an environment characterised by a large mobile workforce generating huge volumes of data across multiple channels of business, organisations are making massive investments in virtual computing and consolidation of their data centres to achieve operational efficiencies and reduce costs. Over the last year, the concept of virtualisation has gone from being an IT buzzword to an IT reality. Gartner predicts that 48% of all installed applications in an organisation will be on virtual machines by 2012. The analyst firm also predicts that other forms of virtualisation such as desktop virtualisation will take the IT world by storm. In fact, Gartner believes that within the next two years more than 40% of all desktops in larger enterprises will be virtualised. Chris Moore, GM for the MEA at Trend Micro says, “The Middle East is experiencing the next stage in virtualisation, with organisations investing in moving their mission critical applications onto a virtualised platform because they have witnessed the tangible benefits arising from virtualising their non-critical business applications” Given the notable benefits of investing in virtualisation, this transition seems natural for most organisations. “There is tremendous scope for virtualisation in the Middle East, as elsewhere, because of the potential benefits. 28

Computer News Middle East

JUNE 2011

The most significant benefit of virtualisation is enhanced business flexibility and agility. Namely the time it takes for a business to provision new services in response to market trends has been dramatically reduced from weeks to hours,” elaborates Lewis Honour, director of security at Intergence Systems. Deepak Narain, manager of systems engineers MENA at VMWare believes that www.computernewsme.com

virtualisation brings multiple benefits including reduced power consumption, increased collaboration and information sharing across business operations, better management and greater control due to the establishment of a centralised architecture and consolidation. “The ease of movement across data centres reduces the time to troubleshoot any problems or errors, while allowing rightsizing of the infrastructure and ensuring satisfactory end-to-end business serviced performance, this in turn accelerates VDI acceptance and ROI,” adds Narain. Agress Sven Denecken, VP of coinnovation at SAP, “Every single one of the organisations that have invested in virtualisation solutions have derived rapid ROI in addition to which they have benefitted from reduced computing and infrastructure costs while enabling IT departments in these organisations to focus on more intensive back end infrastructure requirements and IT strategies. Ultimately, virtualisation helps transform OPEX to CAPEX.”

Great divide Surprising as it may sound, many organisations in the Middle East remain apprehensive about investing in this technology. Moore feels that this is more due to user psychology and resistance to the steep learning curve associated with virtualisation than anything to do with the technology itself. He says, “Learning and moving to the next stage in virtualisation is witnessing a little resistance at this point. This may be because of what organisations have learnt along the way and what they still need to

Chris Moore, GM, MEA, Trend Micro

learn. In essence, the ongoing skills gap in the region and the lack of a clear blueprint makes the road to adopting these technologies slightly foggy” Tarek Abbas, systems engineering director, MENA at Juniper Networks, agrees. “General user resistance to virtualisation is associated with operator and general public attitudes, who are used to dealing with physical rather than virtual entities. Psychological barriers are much harder to deal with and can only be handled through effective communication and education of an organisation’s employees. As such user resistance has more to do with corporate culture than virtualisation technology,” he says. Organisations in the Middle East also often feel virtualisation technology offers

innumerable opportunities for security loopholes, since the nature of the virtual computing involves integrating the physical and virtual world and offers little room for monitoring data traffic across multiple channels. “Virtualisation results in a lack of visibility and control over traffic passing between virtual machines (VMs) on the same server. As a result, malicious traffic can propagate unchecked between VMs and potentially onto the physical data centre network. Similarly, by creating highly distributed communication patterns with multiple flows per transaction, distributed applications pose a variety of security risks as well as making it difficult to enforce access entitlements and data privacy,” explains Abbas. “Virtualisation creates a ‘high-density’ (lots of servers and storage in one place) and ‘dynamic’ environment (workloads can be moved around to take advantage of available IT resources). These characteristics create new challenges for managing security, backup, storage, and endpoint virtualization. Virtualisation also increases complexity because organisations must now manage both physical and virtual infrastructure,” points out Anthony Harrison, solution architect for Symantec. Moore accounts two more factors for being responsible for user inertia to adopting virtualisation. “Because effective virtualisation requires centralisation of networks and enables greater control over an organisation’s

networks, user resistance may be due to the fact the employees do not like the idea of being controlled. Add to this the fact, due to the economic decline organisations have had to deal with significant budget cuts and virtualisation requires massive investments in storage because once virtualisation becomes prevalent in a business the number of servers although virtualised in fact grows due to the ease at which new servers can be provisioned. This is another reason why organisations ponder on making investments in virtual computing.” Harrison agrees with the latter, “Organisations are concerned about overall cost of their virtualisation investments and one of the promises of server virtualisation is to drive down overall IT costs. Decision

Lewis Honour, Director Security, Intergence Systems

BY THE NUMBERS

36%

32%

43%

26%

60%

year-over-year increase was noted in virtualisation software for the fourth quarter of 2010 by IDC

increase in virtualisation licences was also noted by IDC in 2010

was the market share held by HP in virtualisation server shipments in the fourth quarter of 2010, placing them at the number one spot

was the market share held by Dell at second place, followed by IBM at 15%

of data centre space requirements will be minimised by 2018, according to Gartner

www.computernewsme.com

JUNE 2011

Computer News Middle East

FEATURE Virtualisation

makers are concerned that the money they save through server consolidation can be lost due to increased storage costs and OPEX management costs.”. Harrison adds, “In the rush to virtualisation, the ease of deployment has sometimes led people to ignore some or all of the other factors involved with managing and operating a server environment. In response to user demands for new systems to be provisioned, the maturity of virtual platforms has resulted in them being the default choice with the ability to deploy in hours or minutes instead of weeks or even months. However, this explosion of capability brings an equal management responsibility to the physical one; you still need to monitor, manage, secure, patch and maintain all of your systems whether physical or not.” Besides this, multiple end-users who participated in multiple CIO roundtables conducted by CNME have highlighted that they remain wary of virtualisation due to the lack of trained personnel who understand virtualised environment, and due to the lack of applications that can run effectively in these environments. In the roundtables, these end-users asked for vendors to increase training options for IT personnel (and make them more cost-effective) and also urged them to work on more applications that could run without performance drops in virtualised environments.

Anthony Harrison, Solution Architect for Symantec, EMEA

Computer News Middle East

JUNE 2011

Surging ahead The challenges that face virtualisation are many and abundant in the region. However, the benefits associated with virtualisation can yet be reaped if the right resources and infrastructure are put in place before

remedial action could include purchasing more network bandwidth or bigger servers, it would be more effective to wipe the slate clean and start from scratch. According to Moore, organisations need to put significant thought into what applications they want to place on a virtual platform, “We recommend that an organisation take the applications used by the largest population in the organisation, like email for instance and place them along tiers to enhance deployment and ultimately gain on quicker ROI . Of course, Trend Micro also ensures that their customers address and design an appropriate content security solution without which a virtualisation project will not complete.” The question also arises, does the infrastructure requirements for a successful virtualisation drive vary across industries? Honour believes that the infrastructure requirements can be split into three components when considering virtualisation - computing, storage and networking. “In all industries the computing requirement will

embarking on a virtualisation project. Honour explains, “Capacity planning is a major factor for project success. A significant majority of failed virtualisation projects can be attributed to insufficient capacity planning of computing, storage and networking resources prior to the commencement of any virtualisation exercise. Initially the symptoms of the lack of capacity planning will be negligible. However, as the virtual machines are migrated around the infrastructure or the virtual estate grows the symptoms will readily become more prevalent.” Honour is of the opinion that while

remain largely the same. However, the storage and WAN requirements will vary depending upon the industry in question. For example, in regulated industries or ones with a need for high availability of services, there will be dramatically higher bandwidth requirements as VM images and virtual storage file systems are shunted between data centres.” Harrison states, “It’s not the infrastructure so much as the applications that determine what is virtualised first. Companies with mission-critical, transactional applications tend to keep these on physical servers, and give attention to virtualising non-critical

Sven Denecken, VP, Co-Innovation at SAP

I think it is education and professional approach to planning a virtualisation project. Vendors can try and make all this available till they’re blue in the face but until organisations wanting to utilise these services can get the experts in their departments to learn and understand, the environment won’t change.”

www.computernewsme.com

I get the support I need Trend Micro Worry-Free Business Security is easy to install, easy to maintain. It just works, and that leaves the customer free to do what they do best.

Trend Micro Worry-Free Business Security Fast, Effective, Simple http://www.smeadvisor.com/ms/trendmicro/index.html

FEATURE Virtualisation

environments first.” Moore believes that only entrepreneurship can speed things up, “I think it is education and professional approach to planning a virtualisation project. Vendors can try and make all this available till they’re blue in the face but until organisations wanting to utilise these services can get the experts in their departments to learn and understand, the environment won’t change.” Harrison says, “Vendors need to provide software that supports heterogenous environments, particularly for SMEs who are excessively adopting these technologies but don’t have the staffing expertise of larger enterprises, Besides this, the regulatory bodies need to focus on fostering an environment that is pro virtualisation by placing certain industry

Virtualisation results in a lack of visibility and control over traffic passing between virtual machines (VMs) on the same server. As a result, malicious traffic can propagate unchecked between VMs and potentially onto the physical data centre network. Similarly, by creating highly distributed communication patterns with multiple flows per transaction, distributed applications pose a variety of security risks as well as making it difficult to enforce access entitlements and data privacy” specific regulations such as security and privacy laws. Virtualisation will be beneficial but only if it is understood that virtualisation will not happen in isolation and that it must seamlessly integrate into the existing infrastructure and organisation culture while

being managed by the right people. One thing is for certain, there is no stopping this technology from surging ahead. As virtualisation becomes inevitable, enterprise would be better off to learn and optimise the technology for their situations, or face the real threat of being left behind.

Catch 22 By adopting virtualisation, organisations place business-critical applications and sensitive data outside the corporate boundary. However, the available bandwidth needed to access these resources is undermined by the bandwidth consumed by the growing onslaught of Web 2.0, social media and streaming multimedia traffic—some legitimate, others non-productive and time wasting and latency-sensitive applications can suffer from degraded performance. Traditional solutions based on ports and protocols will not sufficiently address this problem. For instance, restricting Web access will then counter the benefits of deploying virtualised resources. Failure to deploy an application control infrastructure puts your critical virtualised applications at the same priority level of time-wasting games and frivolous applications. Virtualisation in the cloud also presents security issues, with more employees enjoying access to the Web, there is an increased 32

Computer News Middle East

JUNE 2011

likelihood of web borne attacks and intrusions. Again, traditional firewalls cannot solve the problem, leaving an organisation’s network vulnerable to prospective attacks. Another capability common to server virtualisation is live migration, a feature that allows dynamic re-location of workloads from one physical server to another. The challenge this presents is that conventional security devices are unable to properly protect associated workloads (at least not without operator intervention) due to their dependence on network-layer attributes for enforcing policies. Organisations cannot gain the full benefits of deploying virtual applications unless the applications are secure and have the bandwidth to function optimally. IT needs to focus on ensuring the viability of missioncritical applications and also restrict the flow of nonproductive and dangerous application traffic. Anthony Harrison, Solution Architect for Symantec, EMEA suggests, “Organisations should deploy deduplication closer to the information source to eliminate redundant www.computernewsme.com

data and reduce storage and network costs, data centre administrators on their part need to manage storage across heterogeneous server and storage environments in a way that enables them to stop buying storage.” He also says “DR testing is invaluable, but can significantly impact business. Enterprises should seek to improve the success of testing by evaluating and implementing testing methods which are non-disruptive. IT Teams should also deploy a single, unified platform for physical and virtual machine protection to simplify the process of information management.” Others suggest investing in next generation firewalls with application intelligence, control and visualisation, these turn the traditional firewall into a productivity optimization tool by enabling organisations to define mission critical applications. IT professionals do believe that as the road map to adoption of these technologies becomes clearer, end users will find it easier to deal with challenges. Vendors on their end can help customers by educating them about the pros and cons and TCO of virtualisation.

STRATEGIC ICT PARTNER

GOLD PARTNER

KNOWLEDGE PARTNER

MEDIA PLATFORMS

FEATURE Network management

Storm that cometh Virtualisation and cloud technologies are storming their way into enterprise infrastructure deployments. But, what happens to networks and their management, with the advent of these technologies? Sathya Mithra Ashok gets some answers.

etwork management is no longer what it used to be. The advent of increasing virtualisation and the spectre of cloud computing has to an extent changed what an organisation wants from a network, and how it can go about achieving its requirements. “According to Gartner, through 2013, at least 60% of enterprises will experience slow or inconsistent application performance due to improper network design. Regardless of the cloud model — private, public or hybrid — the simplicity, uptime and capabilities of the network will ultimately define application performance and the user experience in the cloud, and networks must be cloud-optimised at every critical point,” says Ali Ahmar, regional sales manager MENA at Brocade. “For cloud computing solutions to succeed, compatibility with existing networks is key. Without this, the technology is

Computer News Middle East

JUNE 2011

www.computernewsme.com

dead on arrival. But, if we peel the cloud computing onion just one layer, its obvious that networking will need to evolve to keep pace. In a cloud, new sources and destinations appear and disappear at a moment’s notice, various organisations share the same multitenant infrastructure. And that’s just the server estate. Today’s network has been optimised for a static, host-centric, presegmented network. Clouds are dynamic and multitenant. It’s a good bet that current network topologies will need to be rewired,” says Deepak Narain, manager, systems engineering MENA for VMWare. “The network needs to be designed and built to ensure flexibility, scalability and high availability. From a management perspective, it will ask for easy allocation of devices and bandwidth, proactive identification of faults and security threats, and managing performance to meet the response time of

applications,” says Manish Mishra, Middle East VP for HCL Technologies. “Cloud infrastructures inherently push users to create traffic over WAN, which creates two problems. First, both business critical (such as Salesforce.com) and productivitydraining (such as YouTube) traffic must contend for the same bandwidth. To solve this, IT organisations need a way to manage the allocation of bandwidth by application,” says Florian Malecki, EMEA senior product marketing manager at SonicWall.

Building the network With almost every enterprise in the Middle East seriously considering private or hybrid clouds in the near future, preparing networks for what is to come becomes of utmost importance. And that involves two different activities – one, building the network right and the second, managing the network right. “Every technology brings benefits coupled with challenges. Though cloud technology brings lot of benefits, organisations need to develop strategies on how to meet the challenges around deploying the right network environment. Enterprises should decide which applications should go on cloud based on business requirements and

For cloud computing solutions to succeed, compatibility with existing networks is key. Without this, the technology is dead on arrival. But, if we peel the cloud computing onion just one layer, its obvious that networking will need to evolve to keep pace.” security considerations, and pinpoint the specific network needs of these applications. They have to re-architect the existing network environment for seamless access of applications and ensure a multi-level security architecture for data privacy. They also have to monitor performance of applications from each location and how they are handled on the cloud, have real-time load assessment and traffic redirection based on the performance and availability of applications and deploy flexible resource options with a “pay-as-youuse” option over a certain minimum required bandwidth,” says HCL’s Mishra. Nicolai Solling, director of technology at HelpAG Middle East says, “One of the key technical factors in focusing on cloud computing is to understand the apps operating on your network making sure that cloud based services are getting the correct service level and priority in your network. www.computernewsme.com

Any services considered for the cloud should always be evaluated and verified if such inhibitors such as limited bandwidth, high latency or packet loss will make the solution unusable from a time perspective. For instance, if a company is considering moving data backup to the cloud, the backup aspects may be completely acceptable, but what will the implications be if large systems need to be recreated from the cloud? Potentially in order to recreate systems you may need to move multi-gigabits of traffic which can take too long compared to restoring from a local data source such as disc or a tape drive.” “To fully capitalise on the promise of the cloud, CIOs need to build integrated solutions – from the cloud lifecycle management, all the way down to the server, storage, LAN and WAN management tools. This will provide a single cloud management infrastructure that will offer both end-to-end first-alert visibility JUNE 2011

Computer News Middle East

FEATURE Network management

and end-to-end service provisioning,” adds Mashood Ahmed, regional managing director for Ciena in the Middle East.

Managing the network While the first part of winning the battle with a strong network for cloud technologies is choosing right and implementing it, the second (albeit harder part of the battle) is managing and monitoring the network in an efficient fashion. “Today’s networks are highly complex in terms of service richness and flexibility, which presents new challenges to the network management operator. However, the network devices now also offer much greater intelligence and agility – when harnessed with the correct tools they allow more control and efficient use of the network resources. Service planning and provisioning systems must provide ease of use and the flexibility to optimise bandwidth, which is critical to ensuring capacity can be deployed cost efficiently. These systems can further maximise operational savings by taking advantage of a software based multilayer mesh control plane to automatically compute service paths according to the operator’s required constraints. In addition to traditional network protection mechanisms, the agile, intelligent network allows for a blend of service restoration schemes to meet customer SLAs, while maximising the use of network infrastructure,” says Ciena’s Ahmed. “As the cloud evolves, network management will have to evolve to not only depict usage and utilisation, but also to be able to allocate and rescind network

Florian Malecki, EMEA senior product marketing manager at SonicWall

across different network components for a seamless application offering to the cloud user,” says HCL’s Mishra. Solling adds, “In general, any aspect of network management involves a greater understanding of the requirements based on the network equipment and the data flowing on it. Therefore, a decent understanding of the network and data requirements will allow managers and CIOs to make the correct decision for scaling the infrastructure. Quite often equipment is oversold or over-specified because there is little understanding of what kind of data the network equipment will have to carry.” Overselling of equipment is not the only challenge that network and IT managers have to deal with in the Middle East.

Every technology brings benefits coupled with challenges. Though cloud technology brings lot of benefits, organisations need to develop strategies on how to meet the challenges around deploying the right network environment. They have to re-architect the existing network environment for seamless access of applications and ensure a multi-level security architecture for data privacy.” resources. This function will evolve towards not only maintaining a status check on devices, but also monitoring the real time allocation of network resources vis-à-vis the business needs. Traditional administrative tools will not be discarded but will need to adapt to measuring and monitoring availability and usage to deliver consistency

“Managing bandwidth for cloud applications, and users bandwidth efficiency and management is paramount when consuming business applications from the cloud, particularly for those applications that are driven by massive databases served from multiple virtual environments. However, the on-premise bandwidth used to access

BY THE NUMBERS

Source: Analysys Mason

42%

21%

19%

is how much the network management systems (NMS) market grew by in 2010, according to Analysys Mason

is the year-on-year growth of the residential broadband market in 2010

is the year-on-year growth experienced by the business services market in 2010

is the market share held by Ericsson in the NMS market, putting it at top place

is the market share held by Alcatel-Lucent in the NMS market, placing it in the second place

Computer News Middle East

JUNE 2011

www.computernewsme.com

FEATURE Network management

the cloud is typically limited. Organisations need the capability to prioritise bandwidth allocation in addition to user access for more important business applications over less important ones,” states SonicWall’s Malecki. Mishra states, “In our experience, challenges for network management are universal, but the level varies by region. In the Middle East, we have seen that adopting and maintaining process, and acquiring and retaining skills both for legacy and modern technologies, are the prime challenges.” “The Middle East is a very diverse region, and so a number of factors do in fact apply here. Large geographies, for instance, and high incidence of submarine cable systems lead to frequent fibre outages. A network management organisation relies on the necessary network agility and flexible tools to rapidly restore service and troubleshoot network issues,” says Ahmed. Apart from the purely technical challenges, there are other issues that managers face on a regular basis in connection to the teams that work on the projects. As Solling points out, “Looking at management solutions there needs to be a flow of data from different devices in the network quite often managed by different departments. Sometimes it can be difficult to get full support for getting the data into the system. As an example, network management solutions may be managed by the network team but the server team may find it very irrelevant to do the needful to support the solution. Typically an explanation of why this is important addresses this and even the server team realises that a network management solution is a great tool for them too. Another challenge is that network management solutions are typically handled as a sub-component of a larger project, when in fact the importance of network management actually justifies this to be a separate project.” Moving on Challenges or not, the cloud is inevitable — whether private, hybrid or public — for most enterprises in the Middle East. And with that, 38

Computer News Middle East

JUNE 2011

Nicolai Solling, director of technology at HelpAG Middle East

cloud services. Rather than acquiring a 10GE connectivity service, cloud solutions will deliver 100TB of managed capacity offering resilient, location independent storage. The same would be the case, for instance, with compute capacity. In order to deal with these new high level services, management solutions must bind together all of the cooperating and dependent technologies into a single, cohesive, end to end cloud management solution,” states Ahmed. “As more cloud services get deployed, network management should shift from monitoring infrastructure to managing service availability and performance. Monitoring and management solutions of network devices, circuits and locations will need to relate traditional measures like device level thresholds to end-to-end application response time. For example, a

Managing bandwidth for cloud applications and users bandwidth efficiency and management is paramount when consuming business applications from the cloud, particularly for those applications that are driven by massive database applications served from multiple virtual environments.”

organisations will learn to overcome or solve the issues connected with networks and their management that they might be facing or are likely to face. This will most likely have to be done despite service providers’ restrictive abilities in the short term. A growing demand for better networks is likely to ensure better service provision from ISPs in the future. Network management solutions themselves are also most likely to evolve in the coming years to suit the changing requirements of enterprises. “All aspects of the cloud will be managed in an orchestrated and integrated fashion. Traditional technologies will be subsumed and abstracted into cloud services. In the network’s case, bandwidth services will be represented as higher level www.computernewsme.com

high CPU in a core switch at a data centre will need to alert the cloud administrator that a specific application could potentially be affected and also provide a solution like traffic re-direction at the click of a button in real-time. The tools that dynamically assign compute and storage resources to application requirements will have to encompass network resources as well, and these will need to be tied to the monitoring solutions for real-time updates,” adds Solling. Whether these evolutions meet changing requirements, and whether the service providers market changes enough to accommodate the dynamic needs of Midlde East enterprises, are matters that will be decided in time.

VERTICAL FOCUS Hospitality

Digital hoteliers The Internet has changed the way the hospitality industry does business. CNME speaks with IT professionals in the sector to find out more about these changes, their latest investments and the way forward.

Computer News Middle East

JUNE 2011

he hospitality industry is one of the main engines for growth in the global economy, driven by a strong international tourism sector and an increasingly robust business outlook. Within this global growth outlook, a focused online business strategy is beginning to be of relevance to the hospitality sector, especially so in the Middle East. Bertram Shajiev, IT Manager at Dusit Thani in Dubai says, “We believe that IT provides the right platform that the hospitality sector needs for optimum operations. Right from check-in to check-out, IT has enabled an automated tracking and billing system for the services the guest uses during his stay. If this was done manually it would take hours and customers don’t have that kind of time on hand to wait around.” The Middle East is one of the world’s most promising tourist destinations. At the Euromonitor International World Travel Market Vision Conference earlier this month, the company predicted that hotel sales across the Middle East and Africa will grow by more than 12% to surpass US$313 billion by 2012. According to many in the industry, this growth surge is partly attributable to the use of the Internet by travellers and travel sales staff. According to Euromonitor International Travel and Tourism Industry analyst Nadeja Popova, this trend is set to continue through the next 5 years. As more customers move online to book and plan their trips, the hospitality industry is capitalising on the convenience of the www.computernewsme.com

Internet, by offering customers more opportunities online. The phenomenal abilities provided by the Internet has enabled the industry to go beyond traditional obstacles and operational barriers and provided them enhanced access to a global market, and a much wider audience. Azhar Farook, IT manager at Mövenpick Hotel & Residence Hajar Tower — Makkah says, “ICT developments combine features of the remote, home and mobile office to give us instant access to business communications from any point in the world, and this works in any organisation’s favour.” “In 2010, we witnessed continuous increase in our room booking through the

STRATEGIC ICT PARTNER

internet from January to December - and we anticipate this trend to be the same for 2011,” says Fouad Melhem, GM of the Al Diar Siji hotel in Abu Dhabi. According to him, the hotel’s internet booking doubled year-on-year in 2010. “Internet booking is really a growing channel. Aside from this, we attribute the significant increase of our internet bookings to the fact that we have also increased our online marketing budget, and we plan to continue to maximise this channel to bring in more business to the hotel,” explains Melhem.

Investment synopsis Following this trend in the industry, IT teams at hotels are investing in increasingly sophisticated websites to keep customers updated on the latest deals and developments, as well as to provide these customers a clearer idea of the services the hotel has to offer. Consequently, internal IT teams have to work extra hard to ensure that the backends operate efficiently so as to ensure that online services are available at all times, and ultimately aid guest relations. Maintaining an efficient online

presence often involves merging back office applications with administration and accounting data, as well as front office customer relations, to ensure that customer enquiries and confirmations are passed onto the right people. It also involves ensuring that the reservation department is linked to a central system. This in turn means connecting internal systems to portals like the Global Distribution System (GDS) and Online Travel Agents (OTA), as well as other guest connect websites and call centre services. According to Farook, “This increased connectivity also enables proper record keeping of reservations, so that the front desk is prepared with key cards, room assignments, and meal plans in addition to which, guest relations are better prepared to provide customised services to suit the guest’s detailed requirements.” Record keeping in turn enables better guest profiling and maintenance of customer databases. This is especially helpful in the case of repeat customers, where hotels can serve customers specialised needs with the information residing in their own databases and records. Hotel staff can also structure www.computernewsme.com

frequent lodger programmes and discounts based on the profiles they have developed of their repeat customers. Realisation of the importance of customer profiling has led many a hospitality IT team to invest in the latest CRM tools to help them maintain these records. These tools enable automated profiling and storage of a guest’s previous experiences with the hotel, the services he/she most commonly used and what more they needed (derived from feedback forms) to ensure repeat visits and satisfied clients. Shafaat Rasool Hashmi, marketing manager at Range Hospitality says, “Our key investment has been in an interactive system for online enquires related to fractional ownership. We basically have an online setup where users can register their basic details and the screen displays all 12 months of the year. Once the user decides on the suitable period to travel he can choose the unit and month, with prices that vary according to peak periods as per the Islamic calendar. This is a convenient way to register an enquiry. The online setup is backed up by an SQL server and our database is updated regularly through automation. The set up also allows customers the ability to make amends to their enquiries.” Range Hospitality has also invested in a customised CMS system that provisions an automated link connecting the hotel’s social media platforms and website to the hotel’s database. “The system tracks comments on social networking sites as well as on our website and these comments are automatically updated in our online guest feedback portal enabling better quality assessment. The hotel has also incorporated a solution that enables automated FAQs. This solution enables faster response to customer enquiries regarding our fractional ownership programme and questions concerning general enquiries,” says Hashmi. While hotels work to make sure their interface with customers and the relevant backend is equipped to handle the changing needs of customers, they are also working to equip the workforce within hotels to be more proactive to guest demands. JUNE 2011

Computer News Middle East

STRATEGIC ICT PARTNER

VERTICAL FOCUS Hospitality

“Equipped with BlackBerries and laptops the sales force and other employees are updated on their organisation’s operations at all times. They can actively check databases, ensure room availability and ongoing room rates via these communication channels,” explains Sachith Saranga, IT specialist at the Holiday Inn Crowne Plaza. The mobility enjoyed by internal staff are often extended by the well established hotels to their guests as well. Many of them, like the UAE based Jumeirah Group and the Accor group of hotels, offer their guests access to mobile apps and browser based services that enhance the travellers experience. Mobility in the hospitality industry in the region is backed by investments in the networking arena, specifically in Wi-Fi technology and IP telephony. “The reason to invest in the latest technologies is twofold, to provide better service to our customers who require 24/7 connectivity at efficient speeds and aid internal management and communications. Customers want efficient Wi-Fi connections and IP telecom technology, while we need efficient solutions for the front desk as well as database management,” says Shajiev.

Made to order Increasing investment dollars in the hospitality sector of the region are being spent not just on Internet and backend solutions, but also the basic bricks-and-mortar solutions of IT, namely HRM, accounting, financials, building management and engineering, asset

tracking and maintenance, material control, restaurant POS systems, security, storage and backup, in addition to dedicated services for operational efficiencies. More often than not these take the shape of customised solutions that work to offer a competitive edge by adding unique services to the portfolio that is offered to customers. Says Farook, “The projects we have

for in-house guest requests. These requests are handled by a specialised department called Guest Service Centre, which coordinates with the service department and tracks the request till the task pertinent to the same is completed. “The guests need not interact with all departments (laundry, housekeeping, front office, maintenance and room service) due

invested in facilitate operational efficiency for each of our different departments. For instance, for guests who interact with our online portals for reservations either directly or through a third party site, we have developed a professional confirmation letter with imprinted marketing information called Sarinata mail. This has done away with the labour-intensive process of sending a manual letter or email, relieving our reservation folk to concentrate on other activities that will ensure a better experience for the guest when he is staying with us.” Movenpick Hotel & Residence Hajar Tower-Makkah has also customised a portal

to the establishment of this unified platform. We have also introduced iPads for Internet users and attractive large digital signage along with small information display screens. The restaurants are equipped with MICROS terminal, Wi-Fi ATM machines, IP phones and meal orders can be directly sent to kitchen printers,” he adds. Farook and his team are also working on introducing a unique system to control guest access to restaurants during peak seasons like the Holy month of Ramadan. “Having more than 3500 guests checked-in to the hotel and an additional 500 guests visiting the restaurants during meal times is

We believe that IT provides the right platform that the hospitality sector needs for optimum operations. Right from check-in to check-out, IT has enabled an automated tracking and billing system for the services the guest uses during his stay. If this was done manually it would take hours and customers don’t have that kind of time on hand to wait around.”

Fantastic iPhone iPhone users have free access to an application that enables them to reserve a room in 3000 hotels directly from their iPhones. Accor recently launched an innovative iPhone app with personalised features including a service that memorises current reservations and favourite 42

Computer News Middle East

JUNE 2011

hotels and synchronises these with the existing contacts, when booking via the iPhone users also benefit from secure payment processing and enjoy access to promotional offers. Developed with Haiku, a mobile solutions provider the easy to use application takes advantage of Apple’s intuitive browsing capability and offers www.computernewsme.com

additional services, including geolocation features that enable users for example, to search out hotels and calculate itineraries in real time. Accorhotels.com provides all iPhone users an opportunity to leverage offers in an array of hotels like Sofitel, Pullman, Novotel, Mercure, Ibis, Etap Hotel, HotelF1, Formule 1 Hotels around the world

PRESENTS

STARS OF BUSINESS

AWARDS & SUMMIT 2011

Do you have what it takes? 28th November 2011

Watch this space and log on to www.smeadvisor.com/awards2011 for updates

EXCLUSIVE TELECOM PARTNER

STRATEGIC PARTNER

KNOWLEDGE PARTNER

MEDIA PARTNER

TECHNOLOGY PARTNER

PUBLISHER

FOR SPONSORSHIP ENQUIRIES, PLEASE CONTACT: raz@cpidubai.com, richard@cpidubai.com FOR NOMINATION ENQUIRIES, PLEASE CONTACT: ketaki@cpidubai.com, mikeb@cpidubai.com

STRATEGIC ICT PARTNER

VERTICAL FOCUS Hospitality

a big challenge. Thus, we are working on an automated system to identify a guest and his meal entitlement using ‘keycards’ to update the PMS automatically. This will be a dual interface and three companies are working with us on the project,” explains Farook. According to him, the hotel is also considering introducing iPads to replace restaurant menu cards. These iPads will also be used to demonstrate hotel facilities at the time of check-in, highlight special services and also carry specific advertisement clips promoting the holy city of Karbala.

Room for more Although IT decision makers within the hospitality industry are generally satisfied with the solutions and software that vendors in the region provide, many believe that there is yet room for customisation. Saranga says, “I think vendors need to develop user friendly solutions, so as to reduce the uptime and improve efficiency when servicing customers, specifically for front desk operations and quicker check-in facilities.” Farook says, “The local vendors must work on a unique system of managing ‘hotel assets’ with hardware, software and bar coding systems. It should be a convenient, easy management system involving less data entry. This is a major lacking point in the market and certain items like Teledex bathroom phones, CCTV recording and telephone call recording for digital products needs added services and better products in the market.” Hashmi says, “There is no denying the skills gap in the region and this can only be dealt with through sufficient training. Vendors

There exists a lack of one stop shops in the Middle East, a vendor who can provide us a complete suite of products and solutions that may be integrated with all brands of hardware. This is largely missing in the market and this is something vendors need to focus on. We don’t want to deal with multiple service teams.” need to be able to provide experienced service staff to ensure efficient and rapid response to problems or errors when their customers deploy technology; this is part of what the customer expects when he signs a contract with a vendor.” He continues, “There exists a lack of one stop shops in the Middle East, a vendor who can provide us a complete suite of products and solutions that may be integrated with all brands of hardware. This is largely missing in the market and this is something Vendors need to focus on. We don’t want to deal with multiple service teams.” IT decision makers within the hospitality sector in the Middle East also feel that introducing more competition in the telecom sector would ensure provision of better telecom and Internet services at competitive costs. Traditionally, Internet and communication costs in the Middle East are far more expensive compared to other countries. Lowering these costs would be beneficial to the guests using these services as well as to the organisation that caters to these guests. PhoCus Wright Global Online Travel Overview’s second edition report predicts that travellers will book one third of the world’s

travel sales online by 2012. The survey, which polled over 600 corporate travel buyers, agents, hospitality and travel professionals across the globe reported that 71% of these professionals ranked Wi-Fi as the most important technology solution that should be included in standard hotel rooms. Additionally, 80% of those surveyed said that they would like to see mobile applications offering suggestions on restaurants and lounges around the hotel locations. Visualising promising growth in the hospitality sector and the increased use of online and mobile channels of communication by their customers indicates more investment in ICT from this sector. Travel Facilitator, an online resource for the hospitality sector, says that hotels who deploy new technologies to deliver smoother, memorable customer experiences will be winners in the emerging hospitality 3.0 landscape. This much is true, as the economy continues to recover from the recession the hospitality sector will continue to grow and this naturally means greater investments in ICT solutions and software to service hotel guests. We can say without any doubt that these burgeoning investments are just the tip of the ice berg.

BY THE NUMBERS

Source: Google Executives Stats

15%

67%

69%

12%

of all hotel reservations in 2010 were mobile bookings

of travellers across the world own smartphones with mobile internet and applications that facilitate related information like maps, eBookings etc.

margin increase in hotel reservations via mobile bookings in 2010

is the predicted growth rate for online hotel sales in Middle East and Africa

44 Computer News Middle East

JUNE 2011

www.computernewsme.com

Presents

AWARDS & CONFERENCE 2011

For more information please visit: www.resellerme.com/awards2011

Sunday, 12th June 2011 The Westin, Dubai, UAE For nomination enquiries please contact:

For sponsorship opportunities please contact: Richard Judd Tel: +971 55 772 1519 Email: richard@cpidubai.com

Rajashree R Kumar Tel: +971 50 173 9987 Email: raj@cpidubai.com

Arun Shankar Tel: +971 50 141 3662 Email: arun@cpidubai.com

Merle Carrasco Tel: +971 50 922 5866 Email: merle@cpidubai.com

Platinum Partner

Gold Partners

Silver Partners

Innovation

Perfection

Quality

Networking Partner Raffle Partner

Survey Partner

Q&A Ernesto Baca Michael Klayko

LONG PATH AHEAD In an interview, Brocade CEO Michael Klayko said Fibre Channel is here to stay but the company has no “religion” for it.

Computer News Middle East

JUNE 2011

www.computernewsme.com

rocade Communications remains a networking specialist in an industry where networks are becoming just part of a broader architecture for many vendors. A long time market leader in Fibre Channel SANs (storage area networks), Brocade acquired Ethernet switch maker Foundry Networks in 2008 and now offers to tie together all elements of a data centre or broader cloud infrastructure. CEO Michael Klayko has led Brocade since 2005. In this interview he talks about his company’s infrastructure and how it plans to keep up with bigger rivals in the market. Q: There’s a lot of confusion about cloud computing. What can you say to clarify what’s happening there? A: You get 15 to 20 different definitions, depending on who you talk to. I would say I have a private cloud in my data centre today. It’s highly virtualised, it basically abstracts the application away from the operating system, we’ve got a storage area network. From an asset utilisation standpoint, I have a cloud. It’s a business decision. Let me give an example: from a virtualisation standpoint, when we talk about my business-facing applications, most of them are VMware. From an engineering standpoint, all my engineers have used Xen. In the old architecture, we couldn’t mix these things together. With today’s architecture, we can. I’ll call it the cloud, because we have shared storage underneath it and we use the same server base. So we’ve built something that solves our business needs. And I think that’s the real issue here. Everybody today that I talk to is struggling with proper asset utilisation. So this big thing comes out called the cloud, and you don’t have to worry about it: It’s elastic, it allows you to put applications anywhere. It sounds great, and then the higher you go up in the C suite, executives all like to talk about it. They

Everybody knows how to build a private cloud now. All the tools are getting there, and it’s all hinged around virtualisation. Then there is the element of public clouds and the benefit of public clouds. The secret sauce that we’re trying to get to is, how you merge those two.”

ask, why do you have to buy all these assets? Why don’t you just buy a service level and get that from somebody else, and just utilise it like a utility? It sounds like utopia. We have 40 different applications that we buy from somebody else, and that run our company. We also have our own infrastructure. We look at it from a business standpoint: Can I get it from somebody else, utilise their infrastructure and utilise their offering faster, more economically and more efficiently than I can do it myself? To me, it’s math. I don’t get emotional about it, and my IT guys, now I’ve got them not getting emotional about it. And I think most businesses, when you really get to the core of it, are like that. Everybody knows how to build a private cloud now. All the tools are getting there, and it’s all hinged around virtualisation. Then there is the element of public clouds and the benefit of public clouds. The secret sauce that we’re trying to get to is, how you merge those two. If you’re a retailer, and four months of the year, your volume goes up, you have to buy your infrastructure for the peak volume. What if you only had to buy it for the average volume you’re in the rest of the year, and then just went outside during those four months? To me, that’s a hell of a business application. Today, you can’t really do that ... because nobody wants to allow you to have that infrastructure sharing out there until you have a long-term contract. It’s not truly elastic, because they want you to use it and then stay there. The technologies we announced, for example, this Cloud ID technology, will allow that elasticity. www.computernewsme.com

This is going to take a decade. Guys that I deal with in the largest data centres in the world, we’re talking about things that they’re implementing three years from now. That three-year architecture is going to last for another five, seven or 10 years.

Q: Brocade has voiced strong support for Fibre Channel while also talking about unified fabrics. Is it really possible to embrace both? A: There’s a lot of money invested in Fibre Channel. It works really well. All that customers want, really, is the ability to have flexibility going forward. I don’t care which protocol is underneath, if it’s Fibre Channel or (FCOE) Fibre Channel over Ethernet, or (iSCSI) Internet Small Computer System Interface, or (NAS) network-attached storage or Ethernet. It doesn’t matter. We have to build that technology that allows that customer the choice. What’s going to happen is, over any period of time, someone’s going to go through some type of change, they’re going to acquire somebody, they’re going to divest, they’re going to build a new data centre, and at that time they’re going to make a different architectural decision. We give them the tools to do it. Right now, when you look at virtualisation, and you need this shared storage environment underneath it, it’s mostly Fibre Channel. Virtualisation’s not going away. You’re going to need more shared storage, which means you’re still going to have the need for Fibre Channel no matter what. For us and our development teams, we JUNE 2011

Computer News Middle East

Q&A Michael Klayko

don’t have religion anymore. Today, when you look at the storage providers who build the subsystems, their highest-performing products are all block storage products. You look at some of the emerging guys who are growing fast, like NetApp and Hitachi, their highest-performing is NAS. Perfect. Let them grow. I’m that ultimate Rosetta Stone that sits in between them to make sure that it all seamlessly works. Storage is hard. The ability to move 500 VMs with 10TB of storage and keep it all locked together, is hard. And I think there are only going to be a couple of us able to do it. Everybody needs choice, and competition is good because it creates choice. I like our chances because, if you understand the storage side, you have a better chance of winning than if you understood just the server side. Q: As a CEO, what lessons do you take from what has been happening at Cisco? A: Focus. I’ve known John for a long time, and he’s a big company, he has to grow and so forth. For me, I have trouble keeping track of the product lines that I currently have, and all I am is a networking company. So I think anybody just needs to focus. If you look at any

Storage is hard. The ability to move 500 VMs with 10TB of storage and keep it all locked together, is hard. And I think there are only going to be a couple of us able to do it. Everybody needs choice, competition’s good. I like our chances. company that’s been successful, that’s what they’ve done. We haven’t varied our strategy. I get accused of being very boring and actually

not being able to make PowerPoints, because my strategy slides haven’t changed in well over six years.

Breaking the myth Last year, Gartner research showed that a converged data centre network requires more switches and ports, as opposed to the notion of fewer switches and ports, is more complex to manage and consumes more power and cooling than two well-designed separate networks. “The latest sets of developments Fibre Channel over Ethernet (FCoE), Data Center Ethernet (DCE), or more precisely, Data Center Bridging (DCB), hope to succeed where InfiniBand failed in its bid to unify computing, networking and storage networks.” said Joe Skorupa, research VP at Gartner said. “This is because as networks grow beyond the capacity of a single switch, ports must be dedicated to interconnecting switches. In large mesh networks, entire switches do nothing 48

Computer News Middle East

JUNE 2011

but connect switches to one another. As a result, a single converged network actually uses more ports than a separate local area network (LAN) and storage area network (SAN). Additionally, since more equipment is required, maintenance and support costs are unlikely to be reduced,” he said. Gartner also stated that there are significant design and management issues to be addressed. When two networks are overlaid on a single infrastructure, as traffic shares ports, line cards and inter-switch links, not only thus avoiding congestion (hot spots) become extremely difficult but debugging problems in the converged network add complexity, since interactions between the LAN and SAN traffic can make root cause analysis more difficult. The possibility of www.computernewsme.com

an outage to solve a problem also increases complexity and cost. “It’s clear that the barriers to a single network range from a dearth of available products and the price premium charged for those products to the requirement to “forklift upgrade” your entire network to long-standing organizational conflicts,” said Skorupa. “This doesn’t mean that enterprises should forgo the benefits of a unified network technology.” He said that there is clear benefit in standardising on a single technology for all data centre networking if that technology adequately supports the needs of applications. This will simplify acquisition, training and sparing. However, settling on a single technology does not require that the networks be combined.

INSIGHT Ernesto Baca Security

ON THE WATCH While mobile and smartphone security is the hot topic of the moment among virtualisation gurus, plenty of other security topics demand IT’s attention right now.

ecently, the interest in internet security has been running high - with good reason. Different IT departments are at different points on their virtualisation journies, of course, some are still thinking about security in the old physical world terms, many analysts believe. “There are still a lot of questions about how to approach security on virtualised servers,” says Phil Hochmuth, program manager for security products at IDC. By 2012 half of all the workloads run in corporate data centres will be on virtualised platforms -- whether virtual servers or cloud platforms; by 2015, 40% of the security software that controls internal corporate data centres will be fully virtualised, according to a November 2010 report from analyst firm Gartner. Basic security tools such as intrusion protection don’t work well with virtual machines because they’re harder to define by geography, IP or MAC address, and it’s hard for external software to see or filter communications between virtual machines on a single physical server, notes Neil MacDonald, VP and Gartner Fellow, who cowrote the report. With most tools, it’s hard for IT departments to even know how many of the virtual machines on a particular server have 50

Computer News Middle East

JUNE 2011

all their patches up to date, according to RDC’s Hochmuth. Here are some virtualisation security questions to consider when making plans for your environment: 1. Is a slow server a safe server? Just as in physical servers, adding security software adds to the workload, eats resources and lowers performance. Virtualised servers make more efficient use of their resources than physical servers, but that doesn’t mean it’s obvious where and how to apply security. “It sounds pretty basic, but there is a lot of disagreement about whether it’s better to have agents inside every virtual machine to secure them, or if that’s too much of a drain on resources and that having something that can watch a group of virtual machines is better,” Hochmuth says. Run an agent on each of the 30 VMs in a quad-processing server and you get overhead equal to running 30 copies of the security software -- because that’s what you’re doing. The other major alternative -- to run one piece of software that can observe all the VMs and their operating systems, on the physical www.computernewsme.com

server -- may be elegant but not as secure or as efficient. Hochmuth recommends “a really pragmatic proof of concept” comparing the impact on performance of several vendors’ products. Even if the test tells you nothing about how good the security is, “it will tell you which products bog down the particular workloads you’re running more than you find acceptable,” he says. 2. Should you even let the VMs talk to each other without encryption? “Virtualising servers means more than just being able to cram several operating systems into one box; it means creating a network inside that box across which the VMs have to communicate with each other, applications running on other servers, and the Internet,” according to Matt Sarrell, executive director of security test/analysis firm Sarrell Group. Much of the drive toward encryption in virtual environments comes from organisations that need to be able to demonstrate a good chain of custody for data under HIPAA or other privacy regulations, according to Sarrell. That same encryption can help lock the doors on malware that can infect a hypervisor or OS on which a VM runs in a data centre, however, keeping the rest of the VMs safe even if one is compromised. Encrypting data streaming to and from

Shared-server public clouds are like living in an apartment building, so your security may depend on how safely your neighbours are acting.”

VMs running in either a public or private cloud can also reinforce the doors between your VMs and the neighbours’ in public clouds, Hochmuth says. “Shared-server public clouds are like living in an apartment building, so your security may depend on how safely your neighbours are acting,” he says. “Encrypting your VMs and the data can make that situation a little more secure, but again, at a potential risk of a performance hit.”

3. Do you know who or what is asking for data? Security policies linked to MAC or IP addresses don’t work well when the entities in question are virtual, according to Gary Chen, research manager for IDC’s Enterprise Virtualisation Software group. When apps run on virtual machines the security has to take into account who wants access, what they want to access, when, where and from what device they want access, according to Gartner’s MacDonald. Only in that context can a security policy remain effective rather than firmly locking down a piece of sensitive data except if a new or untrained employee who has secure access at the office decides to download it across an unencrypted WiFi connection to an unsecured laptop. open a hole that negates the whole effort, according to a guide to virtualisation security issued recently by the US. National Institute of Standards and Technology (NIST). A summary of its guidelines: 1. Secure the hypervisor just as you would an operating system; if functions

NIST’s View of the Basics Just like physical servers, virtual servers have to be patched, configured and maintained according to organisational rules that define levels of security so sloppiness or inconsistency doesn’t

www.computernewsme.com

Virtual machines should be able to enforce the same level of security policy on one another, and on public or private clouds, applying the company’s security requirements according to the context in which data is being requested, not what MAC or IP address sent the request, Hochmuth says. 4. Are you scrutinising the in-between spaces? Running virtual servers also means running an additional operating system -- VMware’s vSphere, Citrix’ Xenserver or Microsoft’s Windows Server 2008 -- that can be attacked by hackers or malware designed to recognise and respond to VMs or hypervisors, Chen explains. “Malware can not only spread to virtual machines through their connections to the Internet, it can spread among them once it’s infected a VM inside the firewall, or inside a physical server -- especially if the VMs are set up for fail-over or disaster-recovery support that gives them special access to one another,” Chen says. “Encrypting data or identity-protection can rebuild walls between servers to keep data safe, even after virtualisation software has torn them down to let them share quarters, data or workloads,” Hochmuth says.

like an OS and it’s vulnerable like one. Holes in it make everything running on it vulnerable. 2. Establish consistent guidelines to configure security on virtual and physical machines, and a process to verify the guidelines are being followed. 3. Extend patch and vulnerability management processes to cover VMs as well as physical machines.

JUNE 2011

Computer News Middle East

HOW TO Ernestocabling Better Baca

Clean cable clutter Get started on your PC spring cleaning by tidying up the mess of cables spilling all over your desk.

Computer News Middle East

JUNE 2011

www.computernewsme.com

omehow, you can meticulously connect each cable from your PC to your various gadgets and peripherals, carefully ensuring that they don’t twist or overlap, and yet within minutes the back of your PC will look like a vinyl-coated mound of spaghetti. Even an average PC setup has enough cables to drive you crazy. You have a power cord for the PC itself, plus another for the monitor, and yet another for a printer. Then you need to connect the printer to the PC. You have a cord for the keyboard, and another for the mouse. The speakers require a connection to the audio jack; and if they’re decent speakers, they’ll also have a power cord. That’s at least eight different cables, and we haven’t even gotten into external USB drives, Webcams, headsets, and so many other gadgets. It doesn’t have to be that way. With only a few simple steps--and perhaps a cablemanagement aid or two--you can tame the rat’s nest and make your web of cables look nearly pristine.

Step

Unravel the mess

First, you need to untangle the jumble of cables. Start by completely powering down the computer, the monitor, and all attached peripherals. You’re going to have to disconnect and unplug everything anyway. Sifting through the mess can be frustrating, and you might be tempted to use the brute-force method and just start yanking. To avoid damaging any cables or breaking any devices, I recommend first disconnecting the cables from the PC side, or from both ends, if that is possible. Lay each cable out neatly next to the device to which it belongs. Now you’re back to square one, and you can begin connecting everything again--the right way.

Label the cables

Now that you’ve untangled the cables so that

Even an average PC setup has enough cables to drive you crazy. It doesn’t have to be that way. With only a few simple steps--and perhaps a cable-management aid or two-you can tame the rat’s nest and make your web of cables look nearly pristine.” they no longer resemble some sort of warped Rubik’s puzzle, you need to take the time to label them. Trust me: It will simplify life in the long run. Eventually you’ll need to replace or troubleshoot something, and you’ll be thanking me for prodding you to label your cables. Attach a label to each cord or cable describing which device or peripheral it connects. I recommend using a label maker to create nice, legible labels. You don’t need to be that fancy, though; writing a label on a piece of paper and using clear tape to attach it, or attaching strips of masking tape and writing directly on them, will do the trick just as nicely. But make sure that the labels are easy to read, or you will create a whole different kind of frustration.

Step

Connect the cables

Take your freshly labelled cables and begin the process of reconnecting everything. The difference is that this time you’ll have a system for keeping the cables in line and avoiding the rat’s-nest look. The idea is to tie the cables together to keep them neat and tidy. Remember, though, that you have different types of devices--audio peripherals such as speakers or headphones, input peripherals like the mouse and keyboard, and so on--and those devices are located in different areas, such as on the desktop, under the desk, or on a shelf. Think about the purpose and location of your devices, and come up with a plan for how to tie the cables together. There is no one right

www.computernewsme.com

answer, and the solution is the one that makes most sense to you. You can find a variety of cablemanagement aids for grouping the cords together. The Cable-It system from Monster gives cables a professional look, while still providing enough flexibility for you to easily split a cable out from the bunch once it reaches its destination. You can also get devices like Acoustigrips from Burton Technologies, or Legrand’s Cable Clips or Bungee Wraps. Of course, zip ties are a time-tested and cost-effective choice.

Step

The finishing touch

At this point, your cables are untangled, properly labelled, and routed from Point A to Point B. Although the cables look a thousand percent better than when you started, the simple fact that the cables are visible at all can be an eyesore--especially in an office. You can put the finishing touch on your cable-management project by concealing the cords so that they blend in for a more aesthetically pleasing environment. Legrand offers a complete line of products such as the CableMate Cord Organiser that lets you run cables along baseboards, or across the wall hidden within a molding. Don’t you feel better now? You can look at the back of your PC and the plethora of cables and cords with pride rather than having a panic attack at the thought of figuring out how to disconnect and replace your keyboard.

JUNE 2011

Computer News Middle East

What we’re reading

Little Bets

idea of what IT resources are required to use this method of knowledge sharing. Sharing Know-How: How Managers Solve Thorny Problems with the Knowledge Jam ( Wiley)

Peter Sims > Book Big ideas can change the world, but constantly refining smaller ideas can work just as well. Sims finds that pioneering companies such as HP, Amazon, Pixar and Apple can all attribute their success to an approach familiar to practitioners of agile development: Break a project down into small parts, apply real-world constraints to those parts, and have teams complete each piece individually, solving problems as they arise, with little top-down direction or long-term planning. Little Bets: How Breakthrough Ideas Emerge from Small Discoveries (Free Press)

Rescue the problem project Todd C. Williams > Book According to Williams, two-thirds of all projects blow deadlines, go over budget or don’t deliver as promised. This book aims to give you the tools you need to recognise a failing project and determine what you can do to salvage it, starting with deciding whether it’s worth saving and what goals are now realistic. Williams cites dozens of real-world examples with problems you know well, such as scope creep and troubles with subcontractors. Rescue the Problem Project: A Complete Guide to Identifying, Preventing, and Recovering from Project Failure (Amacom)

Sharing know-how Katrina B. Pugh > Book Effectively capturing and sharing knowledge remains a huge challenge. Pugh argues that companies can get over some of the hurdles by letting users drive how knowledge is captured and shared, and by having them impart what they know in collaborative jam sessions. These meetings bring out the necessary context and detail needed for the information to be useful. The book includes sample templates for jams and tips for conducting them. It also gives a good

Computer News Middle East

JUNE 2011

The power of convergence Faisal Hoque > Book Everyone’s trying to figure out how to get IT and the business working in harmony (See “IT Value Is Dead. Long Live Business Value.”), and Hoque, formerly a senior executive at GE (GE) and author of Sustained Innovation, charts out a path. He offers advice on leadership, innovation, enterprise architecture, agility and more, all illustrated with helpful diagrams. The Power of Convergence: Linking Business Strategies and Technology Decisions to Create Sustainable Success (Amacom)

About Business, Technology and People Paul Coby > Blog Everyone hates the airline industry lately, but this blog might soften your opinion. Coby, IT director of retailer John Lewis and previously CIO of British Airways, puts up a spirited defense of what IT has done and will do for airlines. Coby says in recent posts that IT has wrangled with the massive quantities of data required to sell tickets and keep planes in the air, enabled perks such as frequent flier programs and self-service kiosks, and figured out how social media will shape the industry. http://paulcoby.wordpress.com

www.computernewsme.com

ANALYTICS Stamp out fraud.

With SAS Analytics, you can score millions of transactions a day in real time – to detect fraud faster, reduce risk, streamline investigations and prevent losses. Decide with confidence. ®

Scan the QR code* with your mobile device to view a brief customer video or visit sas.com/bankfraud for the complete success story video.

Generated by BeQRious.com

*Requires reader app to be installed on your mobile device

SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. © 2011 SAS Institute Inc. All rights reserved. S71487US.0411

Complete your PC Complete your PC