The Data Centre: How it Should Be by ctof magazine

Technology for Growth and Governance

July | 21 | 2011 | Rs.50 Volume 06 | Issue 23

NO HOLDS BARRED

Adopt Cloud at

Own Risk, Pace PAGE 38

Shrikant Kulkarni

Sr VP & CIO, KPIT Cummins Infosystems

BEST OF BREED

Top 5 Mistakes on the CIOâ&#x20AC;&#x2122;s Resume PAGE 18

NEXT HORIZONS

IPv6 is Your

THE DATA CENTRE

AS IT SHOULD BE

Friend and Your Foe PAGE 35

An insight into how power, cooling, network and private cloud can best be managed inside the data centre. |

A 9.9 Media Publication

PAGE 24

editorial Pramath Raj sinha | pramath.sinha@9dot9.in

Back from the ashes Computer centres

are back in a new avatar -- the new-age data centres.

t was 30 years ago that I was first exposed to computers, when taught a course in programming at IIT Kanpur. Our computer centre was a veritable academic temple: new and centrally air-conditioned with racks of whirring mainframes and dozens of blinking CRT displays. Later, as mainframes shrank and processing became more distributed, physical facilities also shrank. There was no computer centre at the University of Pennsylvania, where I

editor’s pick 24

did my PhD in Robotics. It was the day of ‘ubiquitous computing’ within the enterprise and the Internet was being born. Working as an IT strategy consultant for a top Canadian bank, I remember walking into their computer centre. It looked eerie: the size of a football field, almost empty. As the computer centre was dying, today’s data centre – where distributed terminals access a central repository or hub – was just being born. With

The Data Centre: As it Should Be

An insight into how power, cooling, network and private cloud can best be managed inside the data centre.

PCs, laptops and the Internet, computing became a way of life and the online world came into its own. One started hearing of football fields of data centres, as Amazon, e-Bay, Yahoo and Google took off. Physical sizes of data centres expanded once more, as processing, networking and storage all moved to central hubs. The seeds of today’s cloud were being sown. We have chosen to focus on data centres in this issue since, for you, the CIO, it has become the central brain and nerve centre running your enterprise. While I am no expert, the articles in our cover story package suggest three major challenges: power supply and cooling; network management; and private cloud. The new avatar of data centres in the form of cloud computing – essentially, ‘data-centres-on-tap’ – adds a

whole new dimension to these challenges. In fact, it adds several more: What is the right pricing for services? How do you ensure availability, reliability and scale-up on tap? Especially, as we move to the public cloud, the biggest question will be: How comfortable are you in outsourcing your brain (and sharing control)?! I am sure, like with all technological discontinuities, the answers will emerge with time. For now, I feel inspired when I look back and see how far we have come and it’s exciting to imagine what the future might hold! I am sure you, too, have your own images of the past. But I look forward to feedback on your visions of the future.

The Chief Technology Officer Forum

cto forum 21 JUly 2011

july 11 thectoforum.com

Cov e r D e s i g n by S u n e e s h K | ph oto by j i t e n ga n d h i

Conte nts

24 Cover Story

24 | The Data Centre: As it Should Be An insight into how

Columns

04 | I believe: Public and Private Clouds Till the time Private cloud exists, one will need both public and private cloud.

power, cooling, network and private cloud can best be managed inside the data centre.

By Kadab L Mukesh

48 | View point: HP vs Cisco HP is forcing the networking giant to do things differently. By Steve Duplessie

Please Recycle This Magazine And Remove Inserts Before Recycling

Copyright, All rights reserved: Reproduction in whole or in part without written permission from Nine Dot Nine Interactive Pvt Ltd. is prohibited. Printed and published by Kanak Ghosh for Nine Dot Nine Interactive Pvt Ltd, C/o Kakson House, Plot Printed at Silverpoint Press Pvt. Ltd. D- 107, MIDC, TTC Industrial Area, Nerul, Navi Mumbai- 400706

cto forum 21 july 2011

Features

40 | Tech for Governance Winning the Critical infrastructure war By Chris Blask

The Chief Technology Officer Forum

www.thectoforum.com Managing Director: Dr Pramath Raj Sinha Printer & Publisher: Kanak Ghosh Publishing Director: Anuradha Das Mathur Editorial Executive Editor: Yashvendra Singh Senior Editor: Harichandan Arakali Assistant Editor: Varun Aggarwal DEsign Sr. Creative Director: Jayan K Narayanan Art Directors: Binesh Sreedharan & Anil VK Associate Art Director: PC Anoop Visualiser: Prasanth TR, Anil T Sr Designers: Joffy Jose, Anoop Verma NV Baiju, Chander Dange & Sristi Maurya Designers: Suneesh K, Shigil N & Charu Dwivedi Chief Photographer: Subhojit Paul Photographer: Jiten Gandhi

14 A question of answers

14 | Our Vision is People First

Arun Shetty, Head, Avaya Aura Sales and Consulting, Avaya India, discusses how Avaya is addressing the changing enterprise and its constituents. 35

RegulArs

01 | Editorial 10 | Enterprise Round-up

advertisers’ index

35 | next horizons: IPv6 is Your Friend and Your Foe CIOs need to do their research on IPv6 and its implications to their organisation. By Joe Yeager

38 | NO holds barred: Sunil chavan, Director, APAC, HDS on how HDS

HP SCHNEIDER CISCO TYCO RIVERBED IBM

is set to join the cloud computing bandwagon in India.

This index is provided as an additional service.The publisher does not assume any liabilities for errors or omissions.

IFC 05 07 08-09 IBC BC

advisory Panel Anil Garg, CIO, Dabur David Briskman, CIO, Ranbaxy Mani Mulki, CIO, Pidilite Manish Gupta, Director, Enterprise Solutions AMEA, PepsiCo India Foods & Beverages, PepsiCo Raghu Raman, CEO, National Intelligence Grid, Govt. of India S R Mallela, Former CTO, AFL Santrupt Misra, Director, Aditya Birla Group Sushil Prakash, Country Head, Emerging Technology-Business Innovation Group, Tata TeleServices Vijay Sethi, VP-IS, Hero Honda Vishal Salvi, CSO, HDFC Bank Deepak B Phatak, Subharao M Nilekani Chair Professor and Head, KReSIT, IIT - Bombay Vijay Mehra, CIO, Cairns Energy Sales & Marketing National Manager-Events and Special Projects: Mahantesh Godi (09880436623) Product Manager: Rachit Kinger (9818860797) GM South: Vinodh K (09740714817) Senior Manager Sales (South): Ashish Kumar Singh GM North: Lalit Arun (09582262959) GM West: Sachin Mhashilkar (09920348755) Kolkata: Jayanta Bhattacharya (09331829284) Production & Logistics Sr. GM. Operations: Shivshankar M Hiremath Production Executive: Vilas Mhatre Logistics: MP Singh, Mohd. Ansari, Shashi Shekhar Singh OFFICE ADDRESS Published, Printed and Owned by Nine Dot Nine Interactive Pvt Ltd. Published and printed on their behalf by Kanak Ghosh. Published at Bunglow No. 725, Sector - 1, Shirvane, Nerul Navi Mumbai - 400706. Printed at Tara Art Printers Pvt ltd. A-46-47, Sector-5, NOIDA (U.P.) 201301 Editor: Anuradha Das Mathur For any customer queries and assistance please contact help@9dot9.in This issue of CTO FORUM includes 12 pages of CSO Forum free with the magazine

The Chief Technology Officer Forum

cto forum 07 july 2011

The author brings over two decades of experience in technology, having worked with some of the top companies in India.

photo by S Radhakrishna

I Believe

By Kadab L Mukesh Chief Business Operations Officer-TataSky

Public and Private Clouds: Not an ‘Either Or’ Option Private cloud may not

exist a decade from now, but till then, one will need both private and public clouds. We started with a public cloud because we needed to deploy something very rapidly which also had the ability to scale very rapidly. This is much easier in a public cloud, whether it is adding capacity or the administrative task of giving purchase orders.

cto forum 21 JUly 2011

The Chief Technology Officer Forum

current challenge to deploy something very rapidly that also had the ability to scale very rapidly.

There is also a strong case for private cloud in our own DC as we have several servers. Ten years from now, if there are no private data centres at all, that will be a separate ball game, but in the intermediary stage, one will have both. Even with clouds, there will be enough people to ask questions such as ‘hey, should I really move my CRM data to the cloud’ or there will be people who will have concerns around security and wouldn’t want to move some of their applications and some of their data. In that case they will probably put together the private cloud infrastructure as well. Let’s take security, and look at Amazon’s business: It is a business that is completely dependent on the Internet, which to my mind means that it is highly unlikely that I will ever be able to put in the kind of security infrastructure in my business that can be comparable to Amazon’s. Therefore I’m fairly comfortable putting applications on the cloud. That said, if I’m a bank, I probably won’t do that because the size of the infrastructure might be big enough for it to make sense for me to own it, so while security might be one concern, the economics of the business is definitely another. Here’s one example, specific to our business, where we have to manage thousands of satellite TV subscribers. Managing the peaks in demand for certain programmes would make it un-viable to add capacity of processors or storage as and when needed in our own data centre. This is simply the nature of the business. On the other hand, consider a health care provider where one may not witness 70-80 percent kind of fluctuation in the volume of customers, the IT needs would be more steady and going to a public cloud may not necessarily be warranted just for that.

Now, align your data centre architecture to your business needs in just seconds 5 4

1 3

1 Cooling Rack-, row-, and room-based cooling options for greater efficiency

2 Management End-to-end monitoring and management software for greater efficiency and availability

3 Physical security A single-seat view for monitoring and surveillance

Only APC by Schneider Electric InfraStruxure adapts quickly to your specific business needs Introducing Next Generation InfraStruxure

Whether you just acquired a new company or must increase its ever-expanding customer or inventory database capacity, you’re most likely facing pressing demands on your company’s IT infrastructure. Your existing data centre infrastructure may not be able to handle these up-to-the-minute changes. That’s where APC by Schneider Electric™ steps in with its proven high-performance, scalable, data centre infrastructure. As the industry’s one-of-a-kind, truly modular, adaptable, and ‘on-demand’ data centre system, only InfraStruxure™ ensures that your data centre can adapt effectively, efficiently, and, perhaps most important, quickly, to business changes.

4 Power Modular power distribution and paralleling capabilities on UPS for loads from 10 kW to 2 MW

The flexibility of the InfraStruxure architecture:

InfraStruxure data centres mean business

We say that InfraStruxure data centres mean business. But what does that mean to you? The answer is simple. A data centre means business when it is always available, 24/7/365, and performs at the highest level at all times, is able to grow at the breakneck speed of business, lets you add capacity without waiting on logistical delays (e.g., work orders), enables IT and facilities to keep pace with the business in a synchronized way, continues to achieve greater and greater energy efficiency—from planning through operations, is able to grow with the business itself, and supports—instead of hinders—business.

The triple promise of InfraStruxure deployment

InfraStruxure fulfils our triple promise of superior quality, which ensures highest availability; speed, which ensures easy and quick alignment of IT to business needs; and cost savings based on energy efficiency. What better way to ‘mean business’ than to enable quality, speed, and cost savings—simultaneously?

Classification of Data Centre Operations Technology (OT) Management Tools

> Executive summary

Contents 1 2 7 7 9 10

5 Rack systems Any-IT vendor-compatible rack enclosures and accessories for high densities

Turn any room into a worldclass data centre. InfraStruxure can be deployed on its own as a modular, scalable, customized solution that’s easy to design, build, and install for small and first-time data centre environments.

Extend the life of your data centre. Existing data centres can add on InfraStruxure components to existing architecture and, for increased value, use our management software.

Scale up with step-and-repeat modular architecture for large data centres. Medium/large environments can deploy InfraStruxure as a zoned, pay-as-you-grow, scalable architecture solution.

Discover which physical infrastructure management tools you need to operate your data centre…download White Paper #104 today! Visit www.apc.com/promo Key Code 92626t Toll Free 1800 4254 877/272

©2011 Schneider Electric. All Rights Reserved. Schneider Electric, APC, and InfraStruxure are trademarks owned by Schneider Electric Industries SAS or its affiliated companies. email: esupport@apc.com • 132 Fairgrounds Road, West Kingston, RI 02892 USA • 998-5037_IN

LETTERS CTOForum LinkedIn Group CTO FOR UM

Techno logy for Growth and

Gover nance

DOES IT DES ERV

July | 07 | 2011 Volum e 06 | | Rs.50 Issue 22

E A SEAT

The CIO’s DiscSoevlf ery

AT THE TABLE? | HURRAY

www.linkedin.com/ groups?mostPopular=&gid=2580450

! IPV6 DAY IS HERE

| HOW TO MANAGE DEFA

CIOs real asreveal their pi beyondrations, care their re-in ers, of themseventing lve leaving s,and a legacy. lasting

Some of the hot discussions on the group are:

ULT ADM IN

A QUES TION

The FutOF ANSWERS

PASSWO RDS

DR Loure of Promisioks ng PAGE 18

| PAGE 32

BEST OF

Taking BREED Gues Out the

s Wor k

PAGE 22

e 02 | Issue 22

Volum

A 9.9

Media

Publicatio

A QUES TION OF

Join close to 700 CIOs on the CTO Forum LinkedIn group for latest news and hot enterprise technology discussions. Share your thoughts, participate in discussions and win prizes for the most valuable contribution. You can join The CTOForum group at:

ANSW ERS

Privateware of the Cloud Social Reining the Horses

NEXT HORI ZONS

PAGE XX

Striking Righ the DE t LIV BaER lanINce G PR

I BELIE VE I BELIE VE

The Cloud is all air and no substance Do you think cloud is going to die a quick death of SOA or is it going to make big headway into the enterprise? Is it old wine in a new bottle? What does it lack in making a convincing case?

OMISE PAGE 04 PAGE XX

What are the attributes of a good CTO? What are the prerequisites for a CTO role ?

I see the CTO's role as that of a technology leader bridging the gap between the commercial requirements of the enterprise and the technology support of those requirements. An effective CTO should be able to guide the efficient implementation of IT strategy of the business.

Its real and all about today and tomorrow. However, you have to bring it back to a realistic service that gives tangible benefits. There are a great deal of 'cowboy' stories and not many who really understand it.

—Ronald Kunneman, Director at Digitra

Opinion

Planning for Information Assurance

An effective Security management system should cover People, Technology and Operations.

“Information Assurance is the practice of managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes.” To read the full story go to:

WRITE TO US: The CTOForum values your feedback. We want to know what you think about the magazine and how to make it a better read for you. Our endeavour continues to be work in progress and your comments will go a long way in making it the preferred publication of the CIO Community.

cto forum 21 july 2011

The Chief Technology Officer Forum

ArcSight which was acquired by HP last year was started when the Dot Com bubble had burst. CTO Forum talks to Hugh Njemanze, ArcSight Founder and VP & CTO, HP Security Solutions about the company’s journey so far and how the company has been able to sustain a robust growth.

http://www.thectoforum.com/content/% E2%80%9 Cunderstandingcustomer-keysuccess% E2%80%9D

RIChard WArd, Head of Technical, WIN Plc

Send your comments, compliments, complaints or questions about the magazine to editor@thectoforum.com

CTOF Connect

Bhavanishankar Ramarao Senior Group Manager, iGate Patni

http://www.thectoforum.com/content/securitymanagement-and-planning-information-assurance

The Chief Technology Officer Forum

cto forum 21 JUly 2011

FEATURE Inside

Enterprise

Worldwide SaaS Revenue to Grow 21 Percent in 2011 Pg 12

photos by photos.com

Round-up

Indians Bullish On Video Conferencing 98 percent say face-to-face / VC meeting is more likely to lead to a business decision.

to a research conducted by Cable&Wireless Worldwide, Indians are most bullish on prospects of video conferencing (VC) becoming a ‘way of doing everyday business’ with more than 70 per cent saying it will become a regular practice at workplaces this year. Currently, video conferencing (57 per cent) is the third most preferred method for communicating with clients, after face-to-face meetings (82 per cent) and email conversations (60 per cent) at Indian workplaces. The emphasis on face-to-face communications appears stronger in Asia as compared to Europe. As According

cto forum 21 JUly 2011

The Chief Technology Officer Forum

high as 98 per cent respondents in India agreed that seeing a business contact is important while carrying out a significant business deal. Indians also believe that a face-to-face or a video conference with their bank manager, travel agent, or their insurance company, for instance, would be more impactful than an email or a telephone conversation. C&W Worldwide’s survey also revealed that a majority of Indians put in an extra effort into their appearance to make a good impression while taking part in a face-to-face or a video conference meeting with business associates.

Data Briefing

Billion Expected market for cloud computing by 2015

E nte rpri se Round -up

They mark Said it zuckerberg Facebook's latest feature is to integrate free video calls by teaming up with Skype. Personally introducing the service, Zuckerberg looked more self-assured than ever, evangelising about Facebook's domination of the wired world and with just a touch of humility about potential competition.

Social network for Infosys employees Disgruntled Infoscions can vent their frustrations on the Infy Bubble.

“Lots of companies that have not traditionally looked at social networking apps will be trying apps. I view a lot of this as validation of how the next five years will play out – every app will be social.”

Infosys seems to be making some serious efforts to win the tag of being the most employee-friendly IT company in the country. Recently, the company launched Infy Bubble, a social networking platform for their employees. The site mirrors Facebook in more ways than one and it is configured to allow the Infoscions to bicker about anything at all. The bickering in company’s internal social networking platform, Infosys hopes, will have the effect of boosting the employee morale. Personal attacks are not being encouraged out here, but negative feedback about bosses and colleagues are welcome. Other than the bickering, the site also allows 1,33,560 fellow Infoscions to share moods, blogs, videos, photographs and other stuff, in a manner that is quite similar to that in Facebook. Perhaps Infosys does not want its employees to be disgorging their bile, and also the details of their personal lives, on sites like Facebook and Google +, etc. and that is why Infy Bubble has been conceived. Lets not forget that Facebook too had a rather small beginning, so it is also possible India’s premier software maker might be contemplating an eventual foray into the social networking space.

Quick Byte on MOBILE PAYMENTS

— Mark Zuckerberg, Founder, Facebook

A KPMG survey of nearly 1,000 executives in primarily the financial services, technology, telecommunications, and retail industries globally found that 83 percent of the respondents believe that mobile payments will be mainstream within four years. —Source: KPMG

The Chief Technology Officer Forum

cto forum 21 JUly 2011

photo by photos.com

E nte rpri se Round -up

Worldwide SaaS Revenue to Grow 21 Percent in 2011 SaaS

revenue is forecast to reach $12.1 billion in 2011, a 20.7 percent increase.

Worldwide software as a service (SaaS) revenue is forecast to reach $12.1 billion in 2011, a 20.7 percent increase from 2010 revenue of $10 billion, according to Gartner, Inc. The SaaS-based delivery will experience healthy growth through 2015, when worldwide revenue is projected to reach $21.3 billion. Gartner defines SaaS as software that is owned, delivered and managed remotely by one or more providers. The provider delivers an application based on a single set of common code and data definitions, which is consumed in a one-to-many model by all contracted customers anytime

on a pay-for-use basis, or as a subscription based on use metrics. "After more than a decade of use, adoption of SaaS continues to grow and evolve within the enterprise application markets," said Tom Eid, research vice president at Gartner. "This is occurring as tighter capital budgets demand leaner alternatives, popularity and familiarity with the model increases, and interest in platform as a service (PaaS) and cloud computing grows." "Initial concerns about security, response time and service availability have diminished for many organisations as SaaS business and

Global Tracker

By the year 2015, Indians could be making transactions worth Rs. 15,75,000, which is equivalent to about $350 billion, through their mobile phones. 12

cto forum 21 JUly 2011

The Chief Technology Officer Forum

15,75,000

Source: Boston Consulting Group

Mobile Transactions

computing models have matured and adoption has become more widespread," Eid said. "Usage and vendors' on-demand ecosystems continue to evolve to provide additional business and technology services, more verticalspecific functionality, and stronger communities of partners and buyers." During the past two years, the significant industry buzz surrounding SaaS and other off-premises models has shifted to cloud computing. Cloud computing is a broad concept, of which SaaS is only one variation, representing the application layer of the overall cloud architectural stack. However, SaaS has been a lead indicator of the cloud concept for some time. Gartner estimates that 75 percent of current SaaS delivery, as measured by revenue, could be regarded as cloud services, and this could exceed 90 percent by 2015 as the SaaS model matures and converges with cloud service models. Customer relationship management (CRM) continues to be the largest market for SaaS. SaaS revenue within the CRM market is forecast to reach $3.8 billion in 2011, up from $3.2 billion in 2010.Gartner expects SaaS to represent nearly 32 percent of the CRM market's total software revenue in 2011. "The market landscape for on-demand CRM continues to evolve and mature as the availability and use of SaaS solutions become more pervasive," Mr. Eid said. "Greater market competition and increased focus on megavendors reinforce the legitimacy of ondemand solutions, mitigating initial objections about security and availability for many, as acceptance of SaaS as a viable model for enterprise computing services grows." SaaS revenue within the content, communications and collaboration (CCC) market is on pace to surpass $3.3 billion in 2011, up from $2.8 billionut in 2010. The CCC market continues to show the widest disparity of SaaS revenue generation, with SaaS representing just 5 percent of enterprise content management (ECM) in 2010 but approximately 83 percent of Web conferencing. The proportion of enterprise resource planning (ERP) revenue attributed to SaaS overall is still in the single digits, at approximately 7 percent of the overall ERP market. ERP SaaS offerings contributed approximately $1.5 billion to the SaaS market in 2010, and by year-end 2011, Gartner expects this to increase to $1.7 billion.

E nte rpri se Round -up

illustration by Shigil N

IBM Launches New Mainframe zEnterprise mainframe server costs 25 percent less than its predecessor.

IBM has announced a new server -- a powerful, version of the IBM zEnterprise System that's the most scalable mainframe ever -- to extend the mainframe's innovation and unique qualities to more organisations, especially companies and governments in emerging markets in Asia, Africa and elsewhere. The new IBM zEnterprise 114 mainframe server follows the introduction of the zEnterprise System in July 2010. The new server, which allows mid-sized organisations to enjoy the benefits of a

mainframe as the foundation for their data centers, costs 25 percent less and offers up to 25 percent more performance than its predecessor, the System z10 BC. Clients can consolidate workloads from 40 Oracle server cores on to a new z114 with just three processors running Linux. Compared to the Oracle servers the new z114 costs 80 percent less with similar dramatic savings on floor space and energy. IBM's lowest ever price for a mainframe server -- the zEnterprise 114 is an especially attractive option for emerging markets experiencing rapid growth in new services for banking, retail, mobile devices, government services and other areas. These organisations are faced with ever-increasing torrents of data and want smarter computing systems that help them operate efficiently, better understand customer behavior and needs, optimise decisions in real time and reduce risk. IBM also introduced new features that allow the zEnterprise System to integrate and manage workloads on additional platforms. New today is support for select System x blades within the zEnterprise System. These System x blades can run Linux x86 applications unchanged, and in the future will be able to run Windows applications. With these capabilities, the zEnterprise System including the new z114 can help simplify data centers with its ability to manage workloads across mainframe, POWER7 and System x servers as a single system. Using the zEnterprise Blade Center Extension (zBX), customers can also extend mainframe qualities, such as governance and manageability, to workloads running across multiple platforms. System z servers is making considerable inroads in India with clients including ELCOT, RBI, Global SMSC, HDFC Bank, Bajaj Allianz, NSDL.

Fact ticker

India IT Services To Reach $9.5 Billion in 2011To further

grow to $15 billion by the end of 2014.

The India IT services market is on pace to reach $9.5 billion in 2011, an 18 percent increase from 2010 revenue of $7.6 billion, according to Gartner, Inc. India’s domestic IT services market ranks third in Asia/Pacific. The market is forecast to grow to $15 billion by the end of 2014. “India’s domestic IT services is a large emerging market in high growth

mode, “said Arup Roy, principal research analyst. “Coupled with other factors such as openness to adopt technology, and a maturing sourcing approach, it represents an attractive target potential for providers of all sizes. The top 10 providers have a cumulative market share of just 42 percent, indicating a highly fragmented market served by many small

players with no large, dominant, wellentrenched player. However, this scenario varies widely by submarket such as by industry vertical.” India's IT services market is quite small as compared with large markets such as the U.S. or the U.K., but it does offer a growth opportunity to the service providers because of the buoyant market conditions. Gartner analysts said the market has a critical mass that is worth tapping and has the potential to expand further with “as a service”-type service offerings.

Convergence

nderlining the growing convergence of IT and telecommunications, Fujitsu India and Siemens Enterprise Communications, India are partnering to provide Indian customers with Unified IT & Communications solution. As a result of the new alliance, the two companies intend to jointly offer IT & Communications solutions leveraging Fujitsu’s IT competence andSiemens Enterprise Communications’ Unified Communication expertise. In India, there is a growing market demand for Unified communications – and companies are finding it increasingly important to be able to rely on open, standards-based architectures to support collaboration between partner organisations, and between customers and suppliers. The two companies predict that softwarebased unified communication and collaboration solutions that simplify integration into business processes will be in great demand and will add value through intelligent and flexible deployment approaches such as cloud-based and managed services. As a result, Fujitsu and Siemens Enterprise Communications are forming a partnership to address this growing convergence between Communications and the IT world, providing customers with a one-stop shop for all their IT and communications needs.

The Chief Technology Officer Forum

cto forum 21 JUly 2011

A Question of answers

Arun Shet ty

People First” Arun Shetty | Avaya

“Our Vision is

Consumerisation of IT is increasingly impacting enterprises. Arun Shetty, Head, Avaya Aura Sales and Consulting, Avaya India, discusses with Yashvendra Singh how Avaya is addressing the changing enterprise and its constituents. How is consumerisation in IT impacting enterprises? There is a clear trend of consumerisation of IT. There was a time when enterprises used to tell consumers which technology to adopt. Today it is the other way round. Consumers today tell which application they want on their iphone. Another trend is that patterns of work are changing. The 9-5 timings are no longer the rule. For businesses the challenge is of achieving growth and rapidly

cto forum 21 JUly 2011

The Chief Technology Officer Forum

responding to customers, and to do all this at reduced cost. So the challenge is to derive profitability, balance growth and cost and location independence. Any technology can be successful and useful only if there is a business collaboration in line with these challenges. An enterprise comprises of users, business and IT. What challenges do each one of these face?

The end users want simplicity. They want their job done irrespective of the technology being used. For businesses, there are two challenges. There is too much of data overload. They are unable to get the right information that they want. The processes and people are not integrated. The challenge with IT is that a CIO needs to integrate and interoperate different systems such as IBM, Oracle, and Microsoft. We understand these challenges, and enable businesses to make the right decision

Arun Shet ty

A Question of answers

Comprehensive Portfolio: Avaya's Shetty has something to offer to everyone in an enterprise, be it the user, business or IT.

at the right time. Our vision of ‘people first’ is in line with these challenges. We have a real time, business centric communication vision. So how does Avaya benefit users within an enterprise? From the users’ perspective, we offer them what they want -- the Avaya Flare Experience, for instance. Avaya Flare Experience is a groundbreaking software that offers a uniquely compelling multi-modal collabora-

tion experience. Delivered on the Avaya Desktop Video Device, it offers quick and easy access to real-time communications and collaboration tools. Its capabilities include desktop video, social media, audio/video/web conferencing, multiple directories, presence, instant messaging, and contextual history. It eliminates the need to use different interfaces and different directories to communicate across various types of tools. The Avaya Desktop Video Device is a fit-

for-purpose collaboration tool with high definition video and high quality audio combined with a capacitive touch screen interface. The Avaya Flare Experience and Desktop Video Device together enhance user productivity and enable easy collaboration. In future, this would be available to android devices also. How is Avaya addressing the emerging trend of remote workers?

The Chief Technology Officer Forum

cto forum 21 JUly 2011

A Question of answers

Arun Shet ty

To enable employees work away from office, we offer a solution called Home Agent. It lets contact center agents work from home, remote offices, or anyplace with an Internet connection. This unified communications (UC) solution supports both flexible work arrangements and virtual contact centers, giving businesses maximum freedom in the way they recruit and deploy their agents.The solution consists of an Avaya one-X Agent or IP Agent softphone at the employee’s desktop, driven by Call Center software running on the Avaya Aura Communication Manager system. When connected this way, home agents appear transparently to reporting software, wallboards, workforce management software, and other performance solutions. This high level of integration allows businesses to get the contact center capacity they need, while still having the flexibility to recruit agents as needed, from virtually anywhere, without paying for the cost of additional office space. What are your offerings on the infrastructure side that would help a CIO? On the infrastructure side, we offer the concept of Avaya Aura. This is an open standard architecture. It is interactive and connected to the customer’s infrastructure. Besides, it is multimodal and supports multiprotocols. Avaya Aura is the core communications platform supporting unified communications and contact center solutions for mid-size to large enterprises. It extends Communication Manager and enables SIP-based session management with innovative capabilities. Leveraging a revolutionary SIP architecture and virtualisation technology, Avaya Aura simplifies complex networks and reduces infrastructure costs. Employees at any location can be connected regardless of the infrastructure the endpoints reside on. Avaya Aura enables faster and easier deployment of commu-

cto forum 21 JUly 2011

The Chief Technology Officer Forum

nications capabilities such as voice, video, messaging, and presence. As a result, productivity and business agility can be increased. Branch, Standard, and Enterprise Editions offer simple per-user licensing. Additional software and hardware are offered to support various levels of scalability and redundancy. What are the major growth challenges for Avaya? According to third party vendors, the growth in the Indian market is 13.5 percent in the IT telephony space, while the video market is growing at 25 percent. There are however, a couple of challenges. First, the full suit of UC can’t be deployed in the country because of the law of the land. According to regulations of Department of Telecom (DoT), CUG users can’t be mixed or connected with PSTN. Another challenge is that of adoption of IP telephony. Lots of corporatess are saddled with TDM infrastructure, and it is a big challenge to manage TDM and IP infrastructures. If one looks at it, this is also an opportunity as eventually all these corporates will replace their old TDM infrastructure with the state-of-the-art IP infrastructure. Enterprises in India are still optimising their networks. They are still in the process of deploying UC. In the last two years, there has been a tremendous growth. What differentiates you from others? Avaya stated with basic telephony, then graduated to digital and now it is into IP telephony. Our biggest differentiator is that our product can be integrated into the customer’s existing infrastructure. So, an enterprise with TDM infrastructure can easily and seamlessly integrate Aura into it as it is based on open source. Once Aura is deployed, the customer can move any application he deems fit on to the top layer. This is a very critical piece for any enterprise. For instance, he can move messaging

“Our UC solution gives businesses maximum freedom in the way they recruit and deploy their agents.”

things I Believe in There is a clear trend towards consumerisation of IT. ogged down B by data overload, businesses are unable to get the right information. vaya offers A 'fit for purpose' solutions for different segments -small, mid-size and enterprise.

as an application to the top layer so that the users can access it. The user can wrap and embrace our product and slowly move towards IP infrastructure. We offer ‘fit for purpose’ solutions for different segments – small, mid-size and enterprise. We don’t have one solution for everyone. Businesses want to connect their communication network to business applications, and Avaya helps them in doing so. With all these developments happening, how would a CIO’s role change in the times to come? Going forward, the top priority for a CIO will be to enhance personal productivity. By 2015, if the CIO’s don’t add to personal productivity, he will not be able to retain his job. He will have to integrate iPhones, iPads, and social networking with the enterprise.

“I GOT PROMOTED…”

“My selection as a winner in NEXT 100 have given me great confidence and provided recognition in the IT Industry. The communication

between ITNEXT and my reporting authorities helped me get promoted.” NEXT100

AWARD RECIPIENT 2010

APPLY NOW at www.itnext.in/next 100 Principal Partners

MILIND RAJHANS Senior Manager IT The AP Mahesh Coop Urban bank Ltd.

WOULD YOU LIKE YOUR I.T. MANAGER TO BE NEXT? If your answer is “YES!”, then ask him/her to participate in NEXT100, an annual awards programme from IT NEXT. NEXT100 aims to identify India’s top 100 senior IT Managers who have the skills, talent and the spirit to become CIOs. The NEXT100 programme engages with thousands of aspiring CIOs like you, giving them an opportunity to demonstrate their techno-commercial, managerial and leadership skills--and engage with a prestigious committee of CIOs--to support their candidacy. NEXT100 awardees will be profiled in the NEXT100 book. Give your I.T. Manager a chance to BE THE NEXT100. Event By

Best of

Features Inside

Breed

Save Money and Cut Risk With SAM Pg 20 Top 5 Mistakes on the CIO's Resume Pg 22

fully operational and mature configuration management system (CMS) can be a tremendous help to your organisationâ&#x20AC;&#x2122;s support and service delivery departments. Among its many benefits, your organisation will be able to manage and assess risk; isolate the source and root cause of problems quicker; and gain a deeper understanding of the impact of service outages. However, there are many challenges in bringing a CMS to life. One of the first challenges lies with an understanding of where you should start. It is important to understand the pros and cons of each possible approach to building a CMS. By selecting the best approach, you can streamline your organisationâ&#x20AC;&#x2122;s adoption and help ensure the best return on investment.

photos by photos.com

There are many challenges in bringing a CMS to life.

Where to begin

Three Ways to Build Your CMS A well orchestrated CMS can help your organisation to make informed and wise decisions. By Mike Tainter and Martin Likier

cto forum 21 JUly 2011

The Chief Technology Officer Forum

There are three ways you can start a CMS project: The strategic value approachÂ - Organisations may choose to start with this way when they believe their business requirements and priorities are well understood, documented and have not changed over a long period of time. One way to use this approach is to document business and technical services that are delivered in a service catalog. With defined services, relationships and compositions can be determined and documented in the CMS. Once completed, this service information can be used to align with the business and set the foundation for the structure of the CMS.

S o f t wa r e

Some of the pros and cons of this approach include: Pros: Allows for defining critical and noncritical business, information technology (IT) and technical services to establish appropriate priorities; Starts to align IT with desired business outcomes; and Creates a mechanism to begin the process of managing customer expectations. Cons: This is a service approach that takes additional time to complete; It can't take advantage of any baseline data (undocumented applications and infrastructure information); This is a complex approach that requires due diligence to understand all the service relationships; and It can't take advantage of cascading relationships (no foundational information is available). The functionally focused approachÂ - Companies may choose to use this approach when they have already procured tools and technology that aid in application discovery and mapping of service and infrastructure relationships. These tools are used to collect and provide an inventory of applications and their relationships to use in the definition of services. Once the initial inventory is complete, applications can be mapped to services, including the composition of each service. This approach establishes the foundation for documenting and defining the services since the relationships are the key component collected during discovery. Similar to the strategic value approach, a technical service catalog can be created using the application relationship information. Some of the pros and cons of this approach include: Pros: Creates a comprehensive list of applications and their relationships; Allows for grouping of the applications for eventual creation of a technical service catalog; Provides detailed information on each application; and Foundational for enabling business alignment and the eventual definition

B E S T OF B R E E D

38%

and grouping into business Cons: services. Does not initially capture service relationships, but sets Complexity of the information the baseline; can be overwhelming if the estimated collection criteria is ill-defined; Requires a well thought out design plan to allow for eventual Requires a complex, growth in transition to service information; often expensive, tool to mobile payment systematically collect and Can be time consuming when users worldwide maintain the information; attempting to gather all infor mation across IT silos (server, Application focus is still very in 2011. network, storage, applicaIT-centric, may not lead to sertions, etc.); and vice transformation; and Tends to lead to over-architecting the Requires standard naming convention CMS, making it difficult to maintain. across IT domains. The tactical-technology-focused approachÂ Organisations will usually start with this Having trouble deciding? approach when they have access to and can If you are unsure of the best approach, it is utilise existing monitoring and managerecommended to start from the bottom and ment tools to collect physical and logical move your way up based on your organisainfrastructure configurations like existing tional strategy, needs as well as experience servers, routers and switches installed and maturity. You need to make sure your throughout the environment. CMS design enables you to scale to accomThis information is used as the starting modate future CMS needs. point for building the CMS and facilitates the Additionally, ensure you define, design and establishment of baseline configuration items implement your organisation's integration of (CIs) that can be used to cascade relationships the change and service asset and configurafor application and service definitions. tion management processes to support the Most organisations have various tools CMS and the underlying data stored within used to manage infrastructure information the CMDBs. Time spent on defining the and these databases are considered sepafoundational processes and procedures will rate configuration management databases pay huge dividends in your ability to select an (CMDBs) that can be used as foundational appropriate toolset for the CMS. information to integrate with the CMS. Without defining the foundational process activities in the beginning, you will limit Some of the pros and cons of this your ability to choose tools wisely. approach include: Utilising this approach can drastically Pros: narrow the scope of the project and allow for appropriate design and testing based on Leverages information that is most likely existing and commonly available informareadily available in existing toolsets; tion. In some cases, a parallel effort can be Less complex and builds a solid foundainitiated to define and document a baseline tional model; service catalog, as long as your organisation Requires nominal effort from IT resources; has the resources available to accomplish it Allows for cascading relationships for without disrupting the CMS project. application and service mappings; and Three additional things to consider Provides a baseline data model.

If you are unsure of the best approach, it is recommended to start from the bottom and move your way up based on your organisational strategy, needs as well as experience and maturity. The Chief Technology Officer Forum

cto forum 21 JUly 2011

B E S T OF B R E E D

s o f t wa r e

Additionally, organisations find it hard to Support and supported processes - To effectively leveraging the CMS with other conensure CMS integrity and accuracy, a sumer applications like the service desk suite mature and effective change management so incident and change records can be related capability must be integrated with a service to configuration information. These chalasset and configuration management prolenges are further compounded when diverse cess to guarantee the CMS data is controlled and disparate technologies and multi-vendor and verified whenever changes are made. applications are selected and used. To maximise CMS value, don't lose For that reason determining sight of integration with other the best tools solution based on processes that will be the conyour organisation's needs and sumers of the CMS data. For requirements is an essential step example, incident, problem and before selection or implementaservice continuity management growth in tion of the CMS. Failure to do so processes will gain immediate can seriously degrade any ability value from the CMS. However, worldwide pc to effectively integrate with or they have integration issues shipments in q2, enable the processes. regarding discovery of inac2011. One word: data - Another comcurate or incomplete data and mon set of challenges reside the ability to quickly respond with decisions made around data addressing it. planning and organisation. This Toolset integration - Some of includes data modeling and collection, as well the most common challenges companies as the method used for data population. Organface when implementing a CMS can be isations can find themselves solely focused on attributed to the difficulty of not being able identifying just the data they can capture, as to effectively integrate discovery and mapopposed to identifying the data required to supping tools with the CMS to help ensure port the CMS' primary purpose. automated maintenance.

2.3%

Plan ahead and keep it simple A CMS is only a supporting system that provides an integrated set of views to data and information deemed vital to your organisation. When properly orchestrated, its data can help lead your organisation into making informed and wise decisions. To position your organisation so that it has the best chance to succeed when it comes to building a CMS, it is important to start simple and plan ahead. It is also critical that the CMS toolset be implemented with the proper supporting processes to help maintain accurate and timely data that staff can rely on. This will help ensure your CMS project produces the desired outcomes and lives up to your expectations. —Michael Tainter is director of Forsythe’s IT Service Management practice. He can be reached at mtainter@forsythe.com. Marty Likier is a master consultant in Forsythe's IT Service Management practice. —This article was first published on www.cioupdate. com. It is reprinted here with the prior permission from CIO Update. To see more articles regarding IT management best practices, please visit www. cioupdate.com.

Save Money and Cut Risk With SAM The key to any good SAM programme is understanding your contracts. By Phara McLachlan

or every IT organisation, IT asset management (ITAM) is truly a “need to have” these days for reasons including compliance and cost containment. A fundamental part of ITAM is software asset management (SAM). SAM applies to everyone from your regional bank to a Fortune 500 global company. Every organisation is using some type of software, and they are also facing the headaches of managing those assets. Guaranteed! If this is you then here are some simple steps to begin a successful SAM programme for your organisation:

cto forum 21 JUly 2011

The Chief Technology Officer Forum

Discovery - First and foremost, for any SAM programme is performing an internal audit to discover what you have. In addition to searching and capturing your assets, you must also collect all copies of proofs of purchase. Sometimes this even means finding the shrink wrap, as these will have codes on them to validate your purchase. Additionally, you must find and track all receipts, purchase orders, invoices, etcetera, associated with software purchases. Once you are more aware of what you have, you must match it up with your contract terms and conditions to determine your level of compliance.

m a n ag e m e n t

B E S T OF B R E E D

Repository - Once you have gone through the arduous process of an internal audit you need to create a repository. This could be an advanced inventory system, or even an excel sheet -- whichever works best. The importance of this repository is for ongoing maintenance. Whenever a new piece of software or user changes or enters the organisation, it must be recorded in the repository. The repository should also include your inventory of proofs of purchase, certificates of authenticity and any other paperwork you have associated with your software. The repository must be reconciled once every six months at the very least. As changes occur with the organisation, they must be reflected within your repository. Otherwise, you may end up with improperly assigned or used assets. Very often, the organisation will end up paying for assets that aren’t being used.

Illustration By Shigil N

For ongoing discovery, many organisations choose to implement one of many available automated tools. Most will not be an out-ofthe-box solution, and will need to be customised to fit your needs, but there certainly are some great options for ongoing discovery, and automation will ease the overall process. Others choose to manually discover and track, which is less desirable, but depending on the scope of your software assets, may work for many types of organisations.

Once you are aware of what you have, match it up with your contract terms and conditions to determine your level of compliance. and also that your ongoing financial commitments aren’t outrageous. For example, you may get a great deal on your initial purchase, but support and maintenance are twice what they should be. The key to any good SAM programme is understanding your contracts, specifically the Terms and Conditions. And first and foremost is the fact that any enterprise should understand is that purchasing software from a software vendor does not mean you own the software. It means you are purchasing the rights to use the software within a certain set of conditions. Keeping this in mind will help keep compliance in mind as well. Do I have you convinced yet? SAM shouldn’t be an overwhelming task, and when executed correctly, it means cost savings, increased efficiencies and decreased risk both from a financial and security standpoint. With all of these benefits, convincing the c-suite that a successful SAM programme is a necessity shouldn’t be a challenge. At the end of the day everyone is looking to save and decrease risk. SAM is certainly the way to go from an IT perspective.

Lifecycle Management - Lifecycle management is an essential part of a successful SAM programme, yet is often the most overlooked. From procurement to retirement, every asset should be inventoried and evaluated to be sure the asset is living up to its potential (so to speak). If you know the current lifecycle state of an asset at any moment in time you can intelligently plan IT update/replacement, budget, IMAC (install, move, add, change), and procurement activities. For example, if you know that an asset is available but not assigned, you can manage internal stores and plan inventory levels or identify key assets that are not providing direct value. If you know an asset is ordered but not received, you may need to track a shipment status. If you know that an asset is retired, you can begin physical recovery and disposal activities. Lifecycle management includes everything from procurement to retirement, and the management inbetween. In order to get the most out of your assets, they net-new must be managed at every stage of the process.

85%

Contract Management - Contract management isn’t as simple as having your lawyer look it over to make sure you aren’t being taken for a ride. Sure, this is one piece of the puzzle, but you have to be sure that your contracts make sense for the alignment of your IT and business needs,

applications will be specifically designed for cloud by 2012.

—Phara McLachlan is the CEO of Animus Solutions , a management and IT consulting firm she founded in 2004. Phara has more than a decade of management and IT consulting experience with mid-sized to Fortune 500 organisations. —This article was first published on www.cioupdate.com. It is reprinted here with the prior permission from CIO Update. To see more articles regarding IT management best practices, please visit www.cioupdate.com.

The Chief Technology Officer Forum

cto forum 21 JUly 2011

B E S T OF B R E E D

marketing

Top 5 Mistakes on the CIO's Resume

Resume are marketing documents and while writing, one needs to try to think as much like a CMO as you do a CIO. By Howard Seidel

cto forum 21 JUly 2011

The Chief Technology Officer Forum

To that end, while there is no perfect resume, there are general principles that make it more likely you will successfully attract the attention of recruiters and employers, and conversely, the lack of adherence to which make it less likely your resume will stand out from the crowd. What follows are the five major mistakes I see in resumes that don’t follow these core principles:

No.1 Not presenting a "professional brand" - Good branding is probably the overarching principle of a good resume; to which everything else is a corollary. A good executive resume gives a full chronology of one’s career, but it doesn’t just give a chronology, it weaves that chronology into a coherent message about what you do

and illustrates that you are very good at what you do. Building a brand in a resume means stepping back to understand what you are selling to the market and making sure that is adequately expressed in the resume.

Illustration By Shigil N

he truth is, executives can go years without creating a polished resume. Much career development is based on internal promotions and/or being actively recruited by outside companies. When competing for roles internally, people generally know who you are, so the resume is less important. Although a good resume can be very helpful when responding to recruiter inquiries, someone chasing you typically already knows why you might be a good fit for a particular role. Resumes are most important when one is proactively seeking out opportunities, whether currently in a job or in transition. In these cases, you don’t have a self-selecting audience seeking your attention you are trying to get the attention of someone else. That is primarily the job of the resume, to get someone’s attention. I often joke that if you ask 20 different people for their thoughts on an executive resume you get 25 opinions. Everybody has their own idiosyncratic preferences in terms of the specifics they like or don’t like in an “ideal” resume. Nobody, however, hires an executive based on whether they think you’ve constructed the perfect resume. They hire an executive based on whether the resume adequately suggests enough of a potential fit for a job or a class of jobs that they think it’s worthwhile to at least talk to the person.

marketing

As a CIO, it is important that your brand speaks to information and technology, while not completely being consumed by it. At the end of the day, CEOs and boards aren’t looking for tech “geeks” but for business savvy CIOs that understand information needs as they are related to the whole of the enterprise. Branding yourself in a resume as a CIO means in part providing others with a sense of your business legacy as it relates to their likely business needs.

No. 2 No executive summary - One good vehicle for encapsulating a brand is to include an executive summary at the top of the first page. Executive summaries enable a professional to extrapolate from the resume to provide a succinct description to the reader of what he or she believes differentiates him or herself in the market. This is helpful in for proactively advancing what is unique about your candidacy. This is particularly true since most executive resumes should be two to three pages. Although it takes two to three pages to adequately tell an executive’s career story, the key messages of that story need to be included on the first page. Many executives still use the older style “Objective" statement, a blurb that tells people what kinds of job one is seeking. Most objective statements I read are either too narrow or trite. Yes, people get that you “want to be a CIO of a fast paced, highgrowth company,” however, what suggests that you are good in that environment? It's more powerful to tell them what you want through an executive summary but to do it by telling them what you do well. There are multiple ways to do an executive summary including a single paragraph or coupling it with a “career highlights” or “key qualifications." The right way depends on the major messages you are trying to send. The executive summary should also not dominate the first page: a quarter to a third of a page at the longest. Ultimately, you don’t want the summary to obfuscate the actual chronology (that is the problem with the old style “functional” resumes), but to tie together the key themes that are embedded within it.

job responsibilities and that you did them well. Getting accomplishments into the resume (the more concrete the better) provides punch to the resume and gives people a sense what you get done. Similarly for executives, general pronouncements within an executive summary about "good communication skills" aren't as powerful as specific areas of expertise and accomplishments in differentiating you as an executive. Everybody can claim strong communications skills (even if others would disagree).

Recruiters and employers look to categorise people. Conveying that you fit in multiple categories may work. Not enabling someone to understand what category you fit at all tends to get a resume ignored. The same thing holds for accomplishments. Readers can infer strong leadership from examples of results but they can't infer great results just from statements about strong leadership. That isn’t to say leadership style isn’t important, but employers look to make evaluations on that in the interviewing process and not the resume.

B E S T OF B R E E D

because your titles are ambiguous or because you've done many different things. Recruiters and employers look to categorise people. Conveying that you fit in multiple categories may work. Not enabling someone to understand what category you fit at all tends to get a resume ignored. For example, supposed your core experience is as a CIO but your most recent role was a short stint in a senior operations role. You don’t have to necessarily choose between the two, but you do have to find ways to directly convey information about both roles rather than leaving recruiters guessing about it.

No. 5 Visually difficult to read - People tend to form impressions on a resume in less than a 10 second read. If they can discern the major messages in that time and like what they see, only then are they likely to read the resume more in depth. If not, they usually move on. Resumes that are disorganised, too long, or too dense often get overlooked. An ideal resume should be well organised, deliver a coherent message and be aesthetically pleasing. All in all resume are marketing documents. As you write them you need to try to think as much like a chief marketing officer as you do a CIO: What about your experience and skills are going to generate the most interest in the market you are targeting? Accordingly, it’s usually worth “test marketing” a resume with a close friend or colleague, ideally someone who knows your function and market, if not your actual work. An executive resume is a little like an insurance policy in that most people don’t think about it until they need one, but when you need one you want an extremely good one. —Howard Seidel, Ed.D., J.D., is a partner at Essex Partners, a consultancy that specialises in senior executive and C-suite career transition. Seidel has over 15 years experience as a career and executive coach, guiding hundreds of senior executives in all aspects of career development and change. —This article was first published on www.

No. 3 Concrete accomplishments - Some executive resumes read like job descriptions: "My responsibilities for this job were a, b, c," etc. Readers want to know both your

No. 4 Unclear functional niche - Having an eclectic career isn't necessarily a bad thing, but it is to the detriment of a candidate if someone can't clearly understand what you do either

cioupdate.com. It is reprinted here with the prior permission from CIO Update. To see more articles regarding IT management best practices, please visit www.cioupdate.com.

The Chief Technology Officer Forum

cto forum 21 JUly 2011

cto forum 21 JULY 2011

The Chief Technology Officer Forum

CO V E R S TOR Y

D ATA C E N T R E

Data Centre

As it

Should

An insight into how power, cooling, network and private cloud can be best managed inside the data centre.

he data centre is the backbone of any enterprise today and is also a major contributor to the IT budget. The increased storage requirements, high power computing devices and technologies such as private cloud are pushing organisations to take a closer look at their current data centre infrastructure. Companies need to analyse if their data centre is capable of handling the increased bandwidth pressure, heat density and real estate requirements. Some of the key issues that organisations often face in the data centre space relate to power, cooling and network management. CTO Forum brings to you the best of breed case studies that give a keen insight into the crucial areas of power, cooling and network management. Also, as more and more of you try to find out how a private cloud can benefit your organisation, we feature here one of the largest private cloud deployments in the country, to give you an idea.

The Chief Technology Officer Forum

cto forum 21 JULY 2011

CO V E R S TOR Y

D ATA C E N T R E

Careful planning, proper measurement metrics and constant effort characterise Jubilant Life Sciences' power-efficient and cool new data centre By Sanjay Gupta

ubilant Life Sciences Ltd (formerly Jubilant Organosys Ltd) is an integrated pharma and life sciences company. It is the largest Custom Research and Manufacturing Services (CRAMS) player and a leading Drug Discovery and Development Solution (DDDS) provider out of India. With 10 world-class manufacturing facilities and a team of about 5,700 people across the globe, Jubilant provides a wide spectrum of life sciences services to customers in 60 countries.

Future Ready

A quick look at Jubliant's new data centre

Number of servers: 130 Total data stored: 30+ TB in 4 SANs and 2 tape libraries Business applications running: ERP (BaaN and SAP), Exchange, BlackBerry, PeopleSoft Power and Cooling Solutions: Highest efficiency UPS , digital scroll PACs, false floor and ceiling, virtualisation

cto forum 21 JULY 2011

The Chief Technology Officer Forum

The Challenges With rapid growth in both CRAMS and DDDS businesses, Jubilant wanted to have a robust, dynamically flexible, secured and high uptime data centre that would cater to changes required in IT. That's why Jubilant decided to build a new Tier 3 data centre that could not only host its present servers but also take care of growth for the next five years. According to Umesh Mehta, CIO, Jubilant, â&#x20AC;&#x153;As per the industry best practices, we decided to move all the servers to the new data centre and keep the existing data centre for hosting WAN and LAN devices along with EPABX. Moving all the applications to the new data centre was difficult as it involved different cabling infrastructures supported by different partners that do not support servers. Hence, it was decided to move the servers alone to the new data centre. This arrangement took better care of our security as well.â&#x20AC;? For any data centre today, power and cooling not only contribute significantly to the overall costs, they are also key factors in keeping the applications running smoothly and without too many glitches such as surges, outages, fire damage and other problems. As per a research study by Gartner, the heat density or the power consumed by a typical rack in the data centre has grown from less than 5 kW in the year 2000 to as much as 15-20 kW in 2009. And due to even denser and powerful blade servers being used today, this power consumption is only going to increase.

The solution was also implemented by Emerson in the course of about four months.

photo by Subhojit Paul

Learnings and Benefits

“The designs for various packages like electrical, CCTV, fire alarm systems, etc. were studied for ease of operations and maintenance.” Umesh Mehta CIO, Jubilant

For its power and cooling needs, Jubilant carefully drafted a vendor selection criteria, which included: the design proposed, past experience of the vendor, OPEX reduction, i.e., the green initiative, optimised CAPEX, and the local/national standards followed. “The designs for various packages like electrical, fire-rated civil and interior, CCTV,

fire alarm systems, etc., were studied from the points of view of ease of operations and maintenance,” says Mehta. The next step was to invite a couple of vendors to present their solutions and then create techno-commercial comparisons to finalise one. At the end of the selection process, Emerson Network Power was chosen.

One of the key learnings from Jubilant's implementation of power and cooling solutions, in the words of Mehta, was the need to study the completed solution from “ease of operations and maintenance points of view.” Thanks to the due diligence and provisioning for future growth undertaken by Jubilant, the power consumption in the data centre is less than what it estimated. This is because ample buffer capacity was planned right from the beginning. So, what measures or criteria were adopted by the company to identify its cooling requirements? Says Mehta, “We calculated the heat load against the number of servers and derived the cooling capacity required, i.e., BTUs (British Thermal Units) for individual servers.” As a result, Mehta says, the power and cooling solutions are geared to meet the organisation’s requirements for the next five years or so. Any forward-thinking data centre, says Mehta, should properly measure its cooling requirements using the formulae available with respect to the heat load. “Generally, rated power figures are used but one should use the running load ratings which are lesser than rated power figures on power supplies. Redundancy in cooling should be maintained and, if possible, variable compressor technology should be used,” he adds. Mehta advises, “For power, one source should be from the dedicated UPS unit and the other can be from the shared UPS bank. Both supplies should come from different routes and have independent circuits. Redundancy and contingency plans need to be in place in the event of a crisis.” However, despite achieving its initial goals in power and cooling, Jubilant doesn't seem in a mood to rest on its laurels. One ongoing challenge for the company is to keep a tab on power consumption on each rack and SNMP monitoring of PACs. “We are talking to vendors regarding both the issues. We are also talking to them regarding serverlevel real-time power consumption,” says Mehta. Evidently, Jubilant wants to ensure it remains as cool and power-efficient as technology would allow it. The Chief Technology Officer Forum

cto forum 21 JULY 2011

D ATA C E N T R E

photo by sanjay sonkar, imaging by Shigil N

CO V E R S TOR Y

NIC Lucknow delivers a multitude of citizen services, connecting close to 900 centres, with the help of CA Technologiesâ&#x20AC;&#x2122; network management solutions. By Varun Aggarwal

cto forum 21 JULY 2011

The Chief Technology Officer Forum

D ATA C E N T R E

CO V E R S TOR Y

Ensuring network availability

ttar Pradesh with 72 districts, nearly 700 cities and 100,000 villages is home to more than 190 million people. As part of its e-governance strategy, the UP Government has made many public services available to the state’s citizens via the internet. Projects, such as e-District, NREGA (National Rural Employment Guarantee Act), CSC (Citizen Service Centres), Lokvani and Tehsil Diwas have redefined the interaction between citizens and government departments with services now delivered in a more transparent and hassle-free manner. The state is also unique in ensuring that its e-governance initiatives reach farming and rural communities as well as urban centres. For example, as part of the e-District project, villagers can now access digitally-signed certificates and services through CSCs, which have revolutionised service delivery. Uttar Pradesh is one of the first states in the country to take this approach to improve its service delivery. More than 23 services are available under the e-District project. Citizens can visit a CSC of their choice to avail a required service, thereby eliminating the need for multiple visits to government offices. Many public services have also been made available to UP’s citizens via the internet. As SB Singh, Deputy Director General, National Informatics Centre (NIC), Government of India, explains, “We want to deliver public services quickly and cost-effectively.” “Eventually the state hopes to deliver more than 70 different services via the internet, which means we must have 24x7 connectivity for our IT systems and automated processes,” says Singh. The Government of Uttar Pradesh also has plans for a smartcard-based ration system and integrated commercial tax system that supports anywhere/anytime payments. Uttar Pradesh was one of the first states to embrace e-governance: with ser vices like land registration, issuance of various certificates like birth and death, driving SB Singh licence, scholarships and pension payment Deputy Director General, NIC, going online. Government of India

“Eventually the state hopes to deliver more than 70 different services via the internet, which means we must have 24x7 connectivity for our IT systems and automated processes.”

The state’s wide area network (SWAN) is the IT backbone for both current and future e-governance initiatives and is handled by NIC, Lucknow. It is already one of the largest SWANs in the country with 885 points of presence at departmental offices, and will grow even further when connectivity is extended to the more than 9,000 field offices across Uttar Pradesh. Monitoring and managing such a diverse and distributed network infrastructure was a major challenge for the state NIC and its 170 IT professionals. As Singh explains, “The size of the network made it difficult to guarantee service levels and bandwidth capacity. Early detection of possible faults was also not possible, which meant problem resolution took longer.” Although the state was already using a suite of network management tools, it needed a more integrated and automated approach that would enable it to: • Improve network availability • I ncrease visibility of bandwidth utilisation • Track network downtime against service level agreements (SLAs) “To support our e-governance ambitions, we needed a solution that could address our current issues and scale to support a growing network, which includes about 1,000 Cisco routers and switches,” informs Singh. “Also, it was difficult to monitor the performance of each CSC in the state due to the lack of transparency. Moreover, we didn’t know what all applications are consuming the bandwidth the most. Therefore, it was difficult to justify investment in higher bandwidth,” Singh added.

Proactive network management NIC tried a few open source products for network management but it couldn’t meet the requirements. “While we wanted to test the open source tools to save costs, it didn’t meet our expectation as it had very limited functionality,” Singh explains. NIC then did a proof of concept with CA eHealth Performance Manager (PM) and CA Spectrum Infrastructure Manager (IM). The solutions were implemented in April 2009 with CA Technology Education providing training on CA Spectrum IM to four members of the NIC team. Since the The Chief Technology Officer Forum

cto forum 21 JULY 2011

CO V E R S TOR Y

D ATA C E N T R E

implementation, CA Technologies Support Services has helped the state optimise its use of the two solutions and quickly resolve any issues to prevent business disruption. The solutions have enabled the state to automatically discover more than 1,000 Cisco routers and switches and create a hierarchal map of its network infrastructure. These devices are monitored 24x7 by the CA Technologies solutions and help the state’s Network Operations Centre to proactively detect problems. In particular, CA Spectrum IM enables the IT team to quickly establish the root cause of any problem, as Singh explains, “With CA Spectrum IM we can pinpoint if a specific link or device is causing an issue, and notify the concerned member of the team to ensure a rapid resolution. The speed of resolution is also enhanced by the automated alerts issued by CA Spectrum IM.”

Improved incident management is just one of the benefits of the CA Technologies solutions; they have also enabled remote configuration of devices and simplified asset management for network components. In addition, the state is using the solutions to generate reports that help anaylse network availability, bandwidth utilisation and the performance of external service providers. “The statistics provided by CA Spectrum IM and CA eHealth PM help us identify areas for continuous improvement and future capacity requirements,” comments Singh. “We can also impose financial penalties on service providers if they fail to meet agreed performance levels.”

Cost-effective and efficient Instead of worrying about the expenses incurred on the network management

Project snapshot BUSINESS: Uttar Pradesh is India’s fourth largest state with 190 million citizens, 72 districts, and nearly 700 cities and 100,000 villages. The state government delivers a range of public services, such as education and housing. CHALLENGE: The state is increasingly using the Internet to deliver public services. To ensure 24/7 connectivity for its IT systems, it needed to take a more proactive approach to network management. OLUTION: CA eHealth Performance Manager and CA Spectrum Infrastructure Manager S monitor network devices, performance levels and bandwidth utilisation. The solutions have simplified problem resolution and capacity planning. BENEFITS: By improving network availability, the state has increased the quality of online services. It will also be able to expand its egovernment programme to achieve greater efficiency, transparency and cost savings. Apart from improving the delivery of public services, the state has also made significant cost savings. For example by issuing scholarships online, the state saved Rs 700 crore through reduced administrative costs. Citizens can now quickly and easily complete the following processes online: • Submit taxes as part of VAT computerisation • Request UP-Public Service Commission • Apply for engineering, medical, management and many other courses at more than 300 colleges • View record-of-rights for land ownership

cto forum 21 JULY 2011

The Chief Technology Officer Forum

solution, NIC was able to save close to Rs 8 crore through penalties imposed by them on their service providers. “We pay BSNL Rs 10 crore a year for the bandwidth, but previously we didn’t have a mechanism to enforce stringent SLAs on our service providers. With CA Spectrum IM and CA eHealth PM we can generate a comprehensive report and impose penalties on the service provider in case SLAs are not met. Last year, we imposed penalties worth around Rs 8 crore on BSNL for not being able to meet our uptime requirements,” Singh informs. The state is now adeptly managing a growing network with fewer resources. As Singh confirms, “The automation enabled by the solutions deployed has reduced our reliance on human resources and made our IT team more productive.” The solutions have also helped maximise network availability, which means less downtime for state staff and citizens wanting to access online services. “The state’s network is fundamental to the efficient delivery of online services to citizens across a wide geographical area,” says Singh. “By preventing network problems and increasing performance, the solutions enable us to provide a better e-governance experience to millions of people.” For example citizens can now quickly and easily complete the following processes online: • Submit taxes as part of VAT computerisation • Request UP-Public Service Commission • Apply for engineering, medical, management and many other courses at more than 300 colleges • View record-of-rights for land ownership Apart from improving the delivery of public services, the state has also made significant cost savings. For example by issuing scholarships online, the state saved Rs 700 crore through reduced administrative costs. Thanks to the e-governance programme, public services in Uttar Pradesh are now more accessible, transparent, efficient and cost-effective. “We will continue to expand our online services to benefit both citizens and the state. This would now be possible with a robust network that offers excellent connectivity 24x7.”

CO V E R S TOR Y

photo by jiten gandhi

D ATA C E N T R E

T companies are not just followers but often leaders in global technologies. With all the excitement surrounding the latest buzzword – cloud computing – and despite the wary wait and watch policy of most peer companies, Pune based KPIT Cummins Infosystems Limited decided to lead the latest technology from the front. KPIT Cummins is a global IT consulting and product engineering partner focused on co-innovating domain intensive technology solutions for manufacturing companies (with special focus on automotive, hi-tech and industrial verticals). The

KPIT Cummins Infosystems Limited significantly reduced its carbon footprints while optimising the company’s data centre environment with the help of private cloud. By Varun Aggarwal

The Chief Technology Officer Forum

cto forum 21 JULY 2011

CO V E R S TOR Y

D ATA C E N T R E

“We have started migrating our corporate applications to the private cloud including SAP, Microsoft Exchange and Active Directory.” Shrikant Kulkarni

Sr VP & CIO, KPIT Cummins Infosystems

company currently partners with more than 100 global manufacturing corporations including over 50 original equipment manufacturers (OEMs), semiconductor and Tier I companies. It helps its partners globalise efficiently and bring complex technology products/ systems faster to their global markets. In order to set up a highly optimised data centre, KPIT decided to opt for private cloud deployment. After going through a rigorous proof of concepts (PoC), the company decided to go for the VBlock technology from VCE. VCE, the Virtual Computing Environment Company formed by Cisco and EMC with investments from VMware and Intel, accelerates the adoption of converged infrastructure and cloud-based computing models that aim to reduce the cost of IT. VCE, through the Vblock platform, delivers an integrated IT offering with end-to-end vendor accountability. “The PoC went on for three months with multiple vendors and we finally decided to go for VBlock, which includes servers from Cisco, storage from EMC and virtualisation from VMWare. The solution seemed as though it was preconfigured for our needs,” says Shrikant Kulkarni, Sr VP & CIO, KPIT Cummins Infosystems.

A Phased Approach KPIT Cummins wanted to take a phased approach and decided to first test the water with Virtual Desktop Infrastructure (VDI) for its support functions. “We were deploying VDI for the first time and wanted to find out how VBlock can support it. Since this was the first time that we were trying out the solution, we didn’t want our core functions to be the testing ground. We, therefore, started out with HR and Finance, and gradually expanded to include other departments,” Kulkarni added.

cto forum 21 JULY 2011

The Chief Technology Officer Forum

The company has till now deployed over 575 virtual desktops and will implement another 1200 by October. By November, the IT major expects to migrate even its SAP servers to the cloud. “Apart from these, we have also started migrating our corporate applications to the private cloud including Service Desk from CA Technologies for infrastructure management and console management tool — SVN, Microsoft Exchange and Active Directory. We’re also migrating other corporate applications like SAP to private cloud, in a phased manner, so that the business is not impacted and the process is completed as planned,” Kulkarni informed.

Multifaceted benefits According to Kulkarni there haven’t been any major challenges with the private cloud so far. “While, enterprises are concerned about security on the cloud; private cloud ensures that there are no such challenges like those faced with public cloud. The problem that we may face in the future could be with regard to finding experts to work on private cloud. There are not many professionals available currently who have the required expertise. However, this is a challenge with any new technology and can be taken care of through trainings,” Kulkarni says. The advantage of virtualisation is manifold. Firstly, with our virtual desktops, employees can work from anywhere in the office and we don’t need to assign workstations to each person. Moreover, you don’t need a one to one ratio of employees and desktops, with the same desktops available for use to employees working in different shifts. There are also no worries about sharing data or desktop settings. Even if an employee is travelling to a different

location, he can access his desktop from wherever he is. "Earlier we used to go for the best possible desktop hardware, whether required or not. Now we can optimise the memory and compute capacity and also curtail the storage space assigned to each employee. Moreover, it used to take at least one to two days to prepare a desktop for a new employee. Now it is done in just a few hours," Kulkarni said. "With VDI, we also have much better security, as it is a highly controlled and protected environment. The most important gain from VDI is the energy saving. Previously a desktop used to consume about 150 W of power, including the energy consumed by the monitor and the desktop. Now with VDI, it is down to 60 W since there is no CPU in the VDI," he added.

Lessons learnt Kulkarni feels CIOs need to ensure that they undertake a comprehensive PoC for private cloud. Also, he says, CIOs need to be sure of what they what to move to the private cloud and whether it is possible to move those applications to it at all; otherwise it may lead to disappointment. “You also need to carefully size the storage and compute for the private cloud so that you do not face any performance issues. Once all the applications are migrated to common servers and storage, there would be immense pressure on the network and therefore, it is also important to size the network requirements. And in case you’re not already using a network management tool, you would be required to do so once you deploy a private cloud. But beyond that, you don’t require anything additional for the private cloud,” Kulkarni advises. There is often a difference between what the customer wants and what the vendor delivers – maybe because of the expectation gap or a communication gap or because of the over-expectations set by the sales team. For a successful private cloud deployment, Kulkarni feels it is important to ensure that the consulting partner, the equipment vendor, and all other stakeholders are in sync with the customer’s requirement. “It is very important that the consultant and the implementation partner have a clear understanding of what is required, else it could lead to various problems,” cautions Kulkarni.

D ATA C E N T R E

CO V E R S TOR Y

high power equipment also dissipates more heat leading to better cooling requirements. An estimated 50 per cent of the DC power costs go into cooling the data centre. Most of the earlier data centres were not designed to handle so much of power and higher heat density and thus require a complete redesign.

“CIOs Must Look to the Cloud to Help Resolve Data Centre Woes”

Nareshchandra Singh, Principal Research Analyst, Gartner, talks to Varun Aggarwal about the key challenges in the data centre space and suggests some best practices that the CIOs must adopt to overcome them What according to you are the biggest challenges in the data centre space in India? I think the biggest challenge is the lack of real estate. With growing businesses, data centres are expanding at a rapid pace, but with increasing real estate costs, it is becoming expensive for enterprises to increase its footprints. The total data center (DC) space in India in 2009 was 3.5 million sq ft. Gartner expects this to grow to over 5 million sq ft by

2012. “There are opportunities in both greenfield DCs as well as upgrades. Therefore, enterprises are looking at hosted data centres as an extension of the in-house data centres. Moreover, the data centre power density has been rapidly growing with the increase in high power equipment within it. While, previously the average power density of a rack stood at 3 kW, it has now grown to 6 kW putting tremendous pressure on the power equipment of the data centre. The

How can cloud help in resolving such issues? Private and public clouds can offer a solution to all these problems. Private cloud can resolve the need for space through flexibility and also provide a better way to manage the infrastructure. With private cloud, you can enable charge back mechanism within the organisation, making each department accountable for the infrastructure they use and the IT team can easily offer IT as a service. While public cloud is still in infancy in India, even globally, very few users have moved their critical applications on the public cloud. But yes, public cloud can help you scale in and scale out with ease. However, before public cloud becomes pervasive, it needs to ensure better security and reliability for customers. Also, I feel the cost of public cloud needs to go down further, which can happen once the cloud vendors reach economies of scale. Please suggest some best practices for the data centre. CIOs need to look at the private cloud seriously as it offers a multitude of benefits. Hybrid clouds would soon be commonplace and therefore, CIOs must look at making the data centre cloud enabled. CIOs must also consider the public cloud for non-critical applications like email, CRM, sales force automation, etc. Next, energy issues need to be carefully addressed. Many CIOs don’t look at this as a serious issue, which is a big mistake. Revamping your power and cooling infrastructure for the data centre could be a big challenge. Therefore, CIOs must also consider co-location data centres and hosted data centre options. While, choosing a data centre partner, it is important to ensure that they are capable of scaling up. The infrastructure should be able to handle high density racks.

The Chief Technology Officer Forum

cto forum 21 JULY 2011

CO V E R S TOR Y

D ATA C E N T R E

4. Power and cooling - While a private cloud is responding to changing business demands on the front end, the back end of the cloud needs to be able to respond to changing demands for power and cooling. Servers that become virtualised require specific power and cooling needs. For example, as private cloud features like self provisioning are introduced, hot aisles may get hotter requiring more cooling in that region. Power consumption fluctuates when virtual machines are spun up and down and will require smart power distribution units (PDUs) that can monitor power and respond to changing demands. Data centre managers should use computational fluid dynamics (CFD) modeling to identify hot and cold spots in their data centres. By monitoring CFD results, data centre pros can see where airflow and cooling inefficiencies exist and model improvements.

Kevin Gruneisen

elivering IT as a service is perhaps the most important function of the cloud today. For companies that prefer to keep IT inside the security of their own data centres, a private cloud strategy offers the elasticity they need to respond to changing business needs quickly, cost effectively and in a way that can simplify IT management. The adoption of a cloud computing strategy can have far reaching effects on a company’s IT operations. This is why true collaboration between executives, business unit managers and the data centre operations team is an absolute necessity. The key is to start by identifying the business challenges to be met. Then examine the technology assets in place and the company’s financial goals and objectives. There will be pros and cons to every decision, and the effects on the data centre and its ability to deliver price-performance to the company must be taken into account at every turn. Here's a review of the five major changes a private cloud will bring to your data centre:

1. Lower cost Through an effective virtualisation strategy and a resultant reduction in servers, data centres can reduce the amount of cabling, floor space, and power they consume by record amounts. On the flip side, virtualisation is only

cto forum 21 JULY 2011

The Chief Technology Officer Forum

the beginning of a journey into the cloud; systems also need to be able to dynamically provision IT resources as needed on-the-fly.

2. Less control - Instead of having to over-provision to meet changing demands, the addition of a self service portal above the orchestration level provides on-demand consumption. This enables the IT team and designated end users to spin up capacity as needed thereby increasing business agility. The idea of giving end users easy access to resource control leaves CIOs and other IT professionals nervously pacing the floor.

3. Increased need for automation - Imagine that a functional cloud environment looks something like an onion with traditional infrastructure at the centre and a self service layer around the outside. Between the resources and the self service portal, there must be distinct layers for automation, monitoring and governance. Without automation, any savings gained through virtualisation and self provisioning is lost on the additional IT staff needed because there is no "staff-ondemand" option that will take effect just when you need it. Without monitoring and management tools in place, self service provisioning could seem like the Wild West all over again.

5. New visibility requirements - With virtualisation, self provisioning and other cloud enabled advances, it is now possible to develop applications that can 'right-size' themselves dynamically according to pre-determined criteria. That’s great for new applications, and great news for IT departments. But there are still decisions that need to be made by, dare I say it, a live person. So monitoring the data centre in a private cloud environment is key. Data centre infrastructure management tools should be deployed so the operations teams can actually see what is happening in the data centre with regards to these changing computing capacity, power and cooling dynamics. Automation and orchestration tools, properly implemented, are the key to moving from a virtualised environment to a private cloud. And knowing just what needs to be added or changed in the data centre can only come from a thorough assessment of both the company’s business needs and IT’s ability to meet those needs. —Kevin Gruneisen is vice president of data centre solutions for Logicalis, a provider of integrated ICT solutions and services. —This article was first published on cioupdate.com. It is reprinted here with the prior permission from CIO Update. To see more articles regarding IT management best practices, please visit cioupdate.com.

HORIZONS

Features Inside

Real-world Financial Services Cloud Pg 37

imaging by PC Anoop

IPv6 is Your Friend and Your Foe CIOs need to do their research on IPv6 and its implications to their organisation. By Joe Yeager

here has been much speculation over the years as to whether IPv6 will be a benefit or burden to businesses and Internet users. When I am asked this question, my answer is usually “both.” First and foremost, it is important to remember that the transition to IPv6 is inevitable. The last few IPv4 addresses are in the final stages of being allocated. Cisco has predicted that the Internet will quadruple in size over the next four years, and that there will be 15 billion Internet-connected devices by 2015. While IPv4 only allows for about four billion IP addresses, IPv6 will allow the world’s seven billion people to have 15 billion devices each, and still be infinitesimally utilised. Additionally, IPv6 is designed to be more effective in terms of security, reliability and ease of management. The best part of IPv6 in my opinion, however, is that it will negate the need for Network Address Translation (NAT). While NAT has been an effective fix for the address exhaustion problem that has occurred with IPv4, it is not beneficial from a security standpoint because it allows a single IP address to be used for a multitude of devices. The Chief Technology Officer Forum

cto forum 21 JUly 2011

N E X T H OR I Z O N s

n E t worki ng

This grouping of devices behind a single address enables cyber attackers to essentially hide behind it, preventing those tracking them from being able to pinpoint their identity. Because IPv6 offers virtually limitless amounts of IP addresses, every single user and device on the Internet can be uniquely identified, vastly improving security.

The downside The negative side to IPv6 comes not with the protocol itself, but with its slow adoption rate. Today, only a miniscule percentage of Internet traffic is IPv6, and many organisations are hesitant to migrate to the new protocol due to the technology upgrades involved in making the transition. While major technology vendors have long been preparing for the cutover to IPv6, many smaller application providers have not; forcing end-user organisations to replace some of their technology systems in order to make the transition. Still, waiting around for others to upgrade before you do is not the right approach. All organisations need to at least be developing strategies around when and how they will make the leap to IPv6. Overall, this is a classic case of “prepare now or scramble later,” and “later” is coming sooner than most people realise. Efforts such as World IPv6 Day have been instituted to help encourage the transition. On June 8, 2011, as part of World IPv6 Day, several high-profile organisations tested their websites on IPv6 in preparation for the impending cutover. Early adopters such as Google, Cisco, Facebook and Microsoft are paving the way, but for the Internet to continue functioning properly for everyone, all companies and government organisations need to be on board. Unfortunately, if the transition to IPv6 is not made in a timely fashion, alternative solutions will prevail, jeopardising the future security of the Internet. One proposed method, Large Scale NAT (LSN) a.k.a., Carrier-Grade NAT (CGN), allows for literally thousands of users to share a single IP address (versus a single household or business being allowed to share via traditional NAT). As you can imagine, the security implications would be dire if LSN/CGN experienced widespread adoption.

cto forum 21 JUly 2011

The Chief Technology Officer Forum

What to do

56%

ensure that hosts you are expecting to send IPv6 traffic are in So what should you do about it? fact doing so? End users themselves should In addition to having to not have to do much about this growth in upgrade some of their systems, if the world’s businesses handle many organisations also worry the situation appropriately. For Total disk about not knowing how their businesses, there is really no silver bullet for a smooth transi- storage systems infrastructure will behave once capacity the new protocol is in place. tion. The best advice I can give While this is a valid concern, it is to CIOs and IT administrators is shipped in 2010. still not a good reason to ignore to do your research and become the fact that IPv6 is coming and well-educated on IPv6 and its there are technologies out there that can implications to your organisation. Figure help alleviate this issue. out exactly what you need to do to transition For example, flow-based network monito the new protocol and begin enacting a toring and anomaly detection solutions plan to make it happen soon. that support both IPv4 and IPv6 can show IT administrators exactly what is going on Here are some specific things to consider inside their network at any given time. when planning the transition to IPv6: [Editor's Note: Lancope sells flow-based Do all your desktops and terminals pronetwork monitoring and anomaly vide IPv6 support? detection solutions.] If you have some systems that must These types of technologies can answer remain on older operating systems and questions surrounding how network devices run IPv4 stacks in the short term, will and applications are behaving before, durthey need to communicate to systems that ing and after the transition, helping to mitiwill transition to IPv6? If so, will you run a gate any anomalies that arise before they dual stack on these systems allowing IPv4 become a serious issue. and IPv6, or will you deploy gateways? For companies that have not yet been Do you intend to make your current deskconsidering their switch to IPv6, the bad top environment public, or will you retain a news is that it has to start happening now. NAT gateway to obscure your machines? The good news is that you are not alone, Will your current applications support and that this is something every company IPv6? Public-facing servers should likely around the world will need to undertake run a dual stack for IPv4 and IPv6 resoluin the very near future. Many companies tion to provide the best chance of makhave already begun laying the grounding sure that services are available to the work, and there are plenty of resources, broadest range of users. experts and technologies out there to help Will your current routing/switching/ ease the transition. wireless environment support IPv6? If not, do you simply need a code upgrade or is a hardware refresh involved? —As the leader of Lancope's product management team, Joe Yeager is responsible for

If you are planning to keep portions of your network infrastructure on IPv4: Will those systems need to communicate to the IPv6 systems and vice versa? Where will gateways/proxies/translators need to be employed? Do your existing network monitoring tools have IPv6 visibility? More and more vendors provide this, but not all do. Upgrading to IPv6 may require you to re-examine your monitoring strategies. For monitoring, do you have a way to separate IPv4 and IPv6 traffic statistics to

the innovation and advancement of the six StealthWatch product lines. Prior to Lancope, Yeager was a Product Manager for HP in its Application Security Center division where he oversaw WebInspect, an industry-leading Web application security solution. At HP, Yeager successfully brought large-scale product releases to a market. Yeager holds a B.S. in Computer Science from the Georgia Institute of Technology. — This article appears courtsey www. cioupdate.com. To see more articles regarding IT management best practices, please visit CIOUpdate.com.

c lo u d c o m p u t i n g

N E X T H OR I Z O N S

Real-World Financial Services Cloud

NYSE has set up a high-performance, low latency infrastructure.

s I subtly alludedto in March, The New York Stock Exchange (NYSE Euronext) has launched their Capital Markets Community Platform (CMCP) along with partners EMC and VMware. It's essentially a high-performance, low-latency, special-purpose cloud IaaS, replete with customers and roadmap. Register Coverage FIN Alternatives Coverage

Illustration by shigil N

This is a very notable event for a few reasons: Cloud is not a commodity: Unlike general-purpose public clouds, NYSE has constructed a high-performance, low-latency infrastructure to meet the specific needs of trading firms. From these perspectives alone, use of a public cloud (AMZN, RAX, etc.) would never meet the stringent performance requirements. My belief is that we'll see even more of these industry-specific clouds arise. Differentiators will likely vary based on needs for performance, privacy, security, scale, etc. Cloud is highly reliable: A lingering question has been whether the cloud - and associated automation controls - was reliable enough for mission-critical applications. NYSE is no stranger to Financial-Markets levels of reliability, and has clearly taken great pains to ensure that their experience carries-over to the CMCP. Cloud is highly secure: Ditto to above. the CMCP is accessible to customers only via a highly-secure network and only to pre-validated users. Cloud enables new forms of business: For me, this is the most exciting aspect. NYSE's cloud now allows small firms to take advantage of enterprise-grade hardware and data... say to test and run new trading algorithms. Access to resources such as this would have been far outside of the reaches of the small firm. The Cloud + Big Data story is real: What's also nifty about NYSE's implementation plan is that it allows users to create DB's on demand, and will allow users to access massive data in the form

By KEN OESTREICH

of market play-backs. This DBaaS will obviate the need for tenants to replicate TB or even PB of data as they test algorithms against historic market data. NYSE's partnered with EMC and VMware to construct the cloud, and VMW has also posted an excellent Blog on the topic. A few excerpts: "So, why is this better, and why is NYSE Technologies the right organisation to deliver? For hedge funds and other buy-side firms, their value isn't in integrating compute, storage, networks and security -- it's in analytics, trading strategies, algorithms, application strategies and other proprietary expertise. The NYSE service means those IT organisations no longer have to struggle with integrating data dumps and feeds into their infrastructure and operations. Trade execution speed can be critical, so physical location and proximity to the market matters. NYSE's experience in operating large scale, mission-critical VMware-based infrastructure -- the NYSE and Euronext exchanges -- is unquestionable.... "...NYSE represents an alternative cloud future: one that contains a vibrant ecosystem of clouds, both internal IT departments and external cloud service providers, with unique understanding and focus on customer needs, married with the ability to deliver through scalable, on-demand and trustworthy IT services. What internal IT organisations and cloud providers like NYSE share is a rejection of the concept of an inflexible cloud monoculture. Instead, they choose to build high performance, secure and scalable infrastructure because it meets critical business needs. They obsessively focus on value delivered to the customer and never confuse that with cost of service. And that's it. Cloud is now about Value, even more than it has ever been about cost reduction. — Ken Oestreich is a marketing and product management veteran in the enterprise IT and data center space.

The Chief Technology Officer Forum

cto forum 21 JUly 2011

NO HOLDS BARRE D

PERSON' S NAME

DOSSIER company: Hitachi Data Systems Established: 1989 headquarters: Santa Clara, California, U.S. Services: Information storage hardware and software, IT consulting and IT services

Adopt Cloud at

network: 4200 employees in 100 locations

Own Risk,Pace Hitachi Data Systems (HDS) is all set to join the cloud computing bandwagon in India. Sunil Chavan,Â Director, Software Group & Cloud Solutions, APAC, HDS, shares his strategy and challenges with Yashvendra Singh. 38

cto forum 21 JUly 2011

The Chief Technology Officer Forum

You are offering your cloud computing resources in the Indian market. How is the response from businesses? We are seeing strong momentum in cloud demand and increased adoption of our cloud offerings from businesses in India as we continue to execute our cloud development strategy. There is a growing demand for ERP as a service in APAC region. Companies are looking at putting their HR processes and leave processes on the cloud. There is still time before tier I applications are migrated to the cloud. I will have to take a step back 18-20 months when we really started talking about our cloud strategy. HDS comes from a storage perspective and is looking at infrastructure cloud. We have come out with specific offerings in the public, private and hybrid clouds. Our cloud strategy has received a good response from

S u n i l C h avan

the APAC market where some of the large telecom service providers have deployed our solution. Some large corporate groups have also gone in for our hybrid cloud. In India, we are looking at 5-6 large deployments within the current financial year. How is your cloud strategy different from others? Our strategy with respect to the cloud is different from others. We have a system integrator/ service provider centric cloud model. It is therefore a three party model. We will be rolling out our offering in the Indian market in the next two-three months, and there will be a lot of marketing information. There will be another roll out after two months of the first one. Wipro, Infosys and HCL are our partners. But the cloud model is yet to mature. Companies are apprehensive of migrating on to the cloud owing to security issues. Yes, I hear that companies are apprehensive about going on to the cloud, and I agree to some extent. There have been incidents of security breach on Amazon and Sony Play Station. This will continue for a while as this is the early phase of cloud. There will be hesitation on the part of businesses for some time to come. The same was the case with Internet banking when it was launched in the late 1990s. However, it had the backing from the regulator. Cloud computing is also being backed by its stakeholders. The cloud security alliance is working to address the issues of security. The problem is that customers knowingly get into agreements that don’t have any SLAs. That is what we are working at. There are some telcos that have inherent data protection needs. The service provider will see the level of SLAs that would be acceptable, depending on the vertical on which he has a focus. Our mode has an advantage as there is the local service provider that one can hold responsible in case of any problem unlike US vendors. How will you approach such apprehensive customers? Our approach to the customer is different. We try and become his consultant, and tell him to adopt cloud at his own pace and risk. We help define what the risk is for him. For

instance, for a banking customer, we suggest not to migrate the core banking application on to the cloud. Instead, he should look at tier II and III applications such as disaster recovery and backup to shift to the cloud. This comprises 60-80 percent of the IT budget. Hitachi Data Systems’ newly launched converged data center solutions combine storage, computing and networking with software management, automation and optimisation, allowing companies of all sizes to deploy an integrated portfolio of cloud solutions and services. Organisations that have been hesitant to transition to the cloud environment can now move at their own pace, and deploy the cloud easily with predictable results. A single, underlying platform deployment approach lets customers build and scale cloud solutions as quickly or as slowly as they want to — without the need to undo pre-existing IT systems, thus protecting their IT investments. There are not many organisations

“Just as today people are wary of migrating to the cloud, they were wary of Internet banking when it was launched in the late 1990s.”

NO HOLDS BARRE D

that have succeeded in putting their tier I, mission critical application on the cloud. The biggest challenge for a big corporate is how to migrate to the cloud. We help them in this migration. Our cloud ensures that the customer does not have to change his applications for migrating. We never tell our customers that they just have three months time to migrate. Instead show him the roadmap of a phase-wise migration, and also the RoI (Return on Investment). We are adopting a two pronged approach, going through the service provider and working with the cloud security alliance. Hitachi intends to develop the entire cloud ecosystem. Which verticals will be strong cloud adopters in India? There is a lot of movement is some of the verticals. For instance, the government and healthcare verticals in countries such as Singapore, Korea and Australia are increasingly looking at putting their tier I applications on the cloud. In India too, the government sector is very bullish. The UID project includes managed services put together. Its second phase could see cloud being used. The other area that has the potential of becoming very big in the next two years is in India is that of education. The usage of tablet for e-learning is changing the education vertical. Some service providers in education are already talking to us as to how they can develop cloud for tablets. Students can then carry e-learning applications and pay-per-use. It is just a matter of time before the Chinese and Taiwanese bring down the cost of tablets to 200-300 dollars. What should a CIO keep in mind before formulating a cloud strategy for his enterprise? A CIO need to know what they want to achieve. There are times when I get funny responses from CIOs such as “I am going for cloud because my board of directors wants it.” If this is the case, he should rather go in for a virtualised environment. Cloud is a business model that will change your business processes. A CIO should know which of his applications should go on to the cloud. CIOs are increasingly putting backup, disaster recovery and archive upfront on the cloud to reduce costs. Corporates are also looking at virtual desktops.

The Chief Technology Officer Forum

cto forum 21 JUly 2011

T E C H FOR G O V E R N A N C E

securit y

POINTS

Critical Infrastructure cybersecurity has caused a lot of people outside the space to have panic attacks. there is no way to guarantee that all of the critical systems will be safe from cyber attack. A successful cyber attack against one or more of these systems could bring hacking into the world of physical loss.

Illustration BY PC Anoop

Emulate the people who built the systems that we aim to secure. critical infrastructure will will have its Sony Moments, and it will survive.

Winning the Critical

Infrastructure War 40

cto forum 21 JUly 2011

We have secured the Internet so far, we will rise to the challenge of securing our physical infrastructure as well.

The Chief Technology Officer Forum

By Chris Blask

securit y

T E C H FOR G O V E R N A N C E

water out of the streets of New Orleans. The tsunami that hit the Fukushima nuclear reactors did not care that Masatoshi Toyota and hundreds of others made the safety and reliability of those systems their lives' works. This is the world those who have built the systems we all depend on live in. They build incredible structures that literally make the world a better place to be. The failure of these systems bears consequences most of us never have to face in our careers. When despite all the sweat and sleepless nights one of these systems suffers catastrophic failure the people who built it shoulder the responsibility and clean up the mess and move on without a word of protest already that make locusts particularly threatand few of appreciation. ening, you will end up down at Home Depot The reality is that there is no way to guarone day. If need be, you will tarp the whole antee that all of the critical systems underpinblasted place and bring in the big toys, then ning modern culture will be safe from cyber life will move on. attack. There will be more successful and You didn’t seriously think the more spectacular demonstrations of the fragillocusts could win, did you? ity of these amazing architectures that are conMost of the famous cyber attacks to date stantly and quietly being built for us behind have not destroyed companies. They have cost the scenes of our daily lives. them in various forms, but most of them have As the rising storm of attacks against our continued on without much more than a Lesinfrastructure continues to escalate we will son Learned. For all the fuss TJ Maxx ‘s loss lose some battles. We can no more prevent of millions of credit card numbers in 2007 that than civil engineers could have stopped caused, the company is worth twice today the waves coming on shore in Japan or Jakarwhat it was then. From a “security as busita. The impact of these losses may be more or ness insurance” perspective the event was just less destructive, though, and that is something another challenge of being a company that we can work to control. worked out in the end. TJ Maxx had its Katrina and today is Critical Infrastructure cybersecurity has a twenty billion dollar company: Albert caused a lot of people outside the space to Gonzalez went to jail for twenty years. The have panic attacks, though. “This isn’t like IT Internet and on average all of its tributaries where it is only zeros and ones, people’s lives is up and running from my desktop to yours are at risk!” A successful cyber attack against at this very minute, despite best efforts to one or more of these systems could bring the contrary. Our critical infrastructure will hacking into the world of physical loss, where experience a similar path: it will have its pipes burst and dams fail and people die. Sony Moments, and it will survive. When you are dealing with people who The processes of State more closely mirknow at a bone-deep and personal level what ror the process of industrial "Critical Infrastructure" means it engineering than they do the puts that sort of actuarial point of Internet entrepreneurialism view in a different light. Critical and enterprise IT that inforInfrastructure is what you give mation security people are your heart and soul and often companies will more used to. It will take an enough your life to build to the best of your ability, knowing that produce material incredible amount of time and effort to work through the there are forces out there capable from social complex issues associated with of tearing it all down. media sites for the cyber threat between your Hurricane Katrina didn't care that men and women gave e-discovery by 2013 house and the hydroelectric station electrons flow to it decades of their lives to keep

The National Electric Sector Cybersecurity Organisation Resource

(NESCOR) Summit in Washington, DC was a useful and productive session and seemed to achieve the goals laid out. Erfan Ibrahim from EPRI set the stage, we broke into working groups to dig deeper into three major subtopics and then came back to one room to tie it all together. My favorite part was an impromptu panel with Justin Searle of InGuardians, Andrew Wright from N-Dimension and myself at the end (“would I like a stage and a microphone?” are you kidding?). Very good discourse and it was definitely informed by the work of preceding days. The working groups are continuing and evolving to identify and dig into issues, outputting tangible deliverables to assist DoE and other organisations’ decision making. In May my colleague Guillermo Grande attended an ISA event in Madrid where CNPIC is following a similar path of engaging pertinent parties, setting up working groups and grinding through the problem of industrial control system security. Watching the various engines of civil society warm up and set to addressing the daunting task of critical infrastructure cybersecurity is very interesting, like an episode of Build it Bigger. Some would say it is also very depressing or even very frightening. I would disagree with those folks. We have managed to rise to the challenge of securing the Internet so far, I think we will rise to the challenge of securing our physical infrastructure as well. The shape of the war is well-known and we generally win it every day already. Winning the war does not mean winning every battle, as Sony keeps being reminded. Every day and sometimes in waves we hear of virtual entities ravaged by plagues of electronic locusts. Locusts can make your life miserable for a while. But unless you have other problems

50%

The Chief Technology Officer Forum

cto forum 21 JUly 2011

T E C H FOR G O V E R N A N C E

securit y

from. But it took years of digging and dynamite and concrete and conduit to build the dam and get the power flowing in the first place. The fact that you have the current to read this shows that the work got done. The cognitive and physical efforts of many people are being applied to industrial control system security today, and the workforce is expanding. The process will be flawed and the recommendations revised and the standards complained about. Public criticism of all or parts of the process will wax and wane. It will go on

forever and incidents will occur and, yes, due to unforeseen or unaddressed issues these will almost definitely include incidents that cost human lives. But the work will get done. The best attitude we as information security people can take into ICS is to emulate the people who built the systems we aim to secure. Do the work to build the dams and levees, with all the diligence we can manage and none of the drama we can avoid. Then be prepared to rebuild them. There is no need to add drama to the

issue. It comes with enough of its own. We simply need to keep doing the work. —Chris Blask authored the first book on SIEM, "Security Information and Event Management Implementation", published by McGraw Hill. Today he is Vice President of Industrial Control Systems Group at AlienVault, the producer of SIEM technology, and is on faculty at the Institute for Applied Network Security (IANS). —This article is printed with prior permission from www.infosecisland.com. For more features and opinions on information security and risk management, please refer to Infosec Island.

How’s Your Relationship with Internal Audit? The difference between security and internal audit is slight, but significant. By working together both teams can become better at what they do. By Robb Reck

PHOTO BY PHOTOS.COM

ant a quick and easy way to get an idea how well your organisation’s risk management program works? Take a look at how the technical staff reacts to and interacts with the internal audit team. The role of internal audit is to aggregate internal policies, regulatory requirements, and industry best practices and then observe the organisation to see how the operational reality stacks up with those goals. This is the chance for us to see if we’re walking the walk or if all our risk management policies and systems are just for show. When your team hears that the internal auditors are going to be coming, what is the response? No, not everyone will be thrilled to spend a day or week sitting with auditors discussing business practices, and showing proof of what they do. Schedules are tight, and fitting in audit work alongside a full schedule can be a challenge. But aside from scheduling, this should not be a gruesome task. If your employees are overly concerned about the audit process, it may be that they are not properly educated about the policies and procedures required to do their job. In a well-functioning team the opportunity for a different set of eyes to evaluate and offer feedback is invaluable. They can show us where our documentation is lacking (because the people who do it every day can naturally fill in those gaps), where our separation of duties is inadequate, or where cross-training is needed. Joe might

cto forum 21 JUly 2011

The Chief Technology Officer Forum

compliance

T E C H FOR G O V E R N A N C E

team can provide valuable assistance to audit and make the audit findbe the best firewall administrator in the world, but letting him do ings more detailed and impactful. all of the firewall work means that when he finally goes on vacation On the flip side, audit can be an important ally for security. How often or gets a new job, your organisation will be scrambling to fill in his does your security team find a risk, bring it up to technical leaders, and position. have that risk ignored because of time or money scarcity? It’s an ongoThe biggest key to creating a positive relationship with audit, and ing balance to figure out which risks need to be addressed. Security’s successfully undergoing audits, is remembering that internal audit concerns are usually heard, but often cannot be immediately impleand security risk management are on the same team. We are both mented. But when an item is made an audit finding it gains significant looking to handle risks. Our job in security is to identify and impleweight. Those audit findings will make their way up the chain, to the ment effective mitigating controls, and audit’s job is to flag those desk of the president and the board itself. Senior leaderrisks which have not yet been properly mitigated, so ship is directly responsible for addressing and implementthat management is well aware of them, and can make ing audit findings. Getting audit to include the risks that appropriate business decisions. If they identify a finding security identifies can be a great way that audit can assist in your area, it’s not the end of the world. It’s an opporsecurity. tunity for you to improve your environment and make users have For the most part, the difference between security and things better. internal audit is slight, but significant. We are both lookadopted the ing to address risk, but security is considered a part of the Security and Audit should make each other better organisation's business, and audit must be an impartial third party. By Information Security and Internal Audit can be extremely BI platform of working together both teams can become better at what effective partners. Chances are that the folks in the secuthey do. rity team are more technically savvy and more intricately choice. If you haven’t already, go take an auditor out to lunch. familiar with the details of the corporate information sysAsk about what they do, and how you can help. It’s a tems. As such, during an audit, security can provide assisrelationship that you both will enjoy. tance to internal audit in guiding through the technical-speak and confusing network diagrams to determine all kinds of great informa—This article is printed with prior permission from www.infosecisland.com. tion. Including what data is sitting where, what it’s doing, and what For more features and opinions on information security and risk management, protections are in place. By being a technical consultant, the security please refer to Infosec Island.

28%

The Chief Technology Officer Forum

cto forum 21 JUly 2011

Author: Anand Giridharadas

Hide time | BOOK REVIEW

“It is hard to see your own society from the outside.”

Rediscovering India! US-born Anand

Giridharadas takes up his first job in India and pens a book about a land full of hope, colour, opportunity, people!

Anand Giridharadas was not born in India. Nor did he study here. Like hundreds of thousands of second generation Indians, he was born and raised in the US. But his genes are Indian; roots Indian. So, when he finished college, he took up a job in Mumbai. That was an unusual thing to do. But 29-year old Giridharadas is no ordinary man. Soon, he was doing more writing than consulting, the job for which he had flown 17,000 miles across the Atlantic. By mid-2004, he had started reporting from India for The Times and the International Herald Tribune, jobs he did until 2009. His visit to India changed him in many ways, mostly in his attitude to India and things Indian. That was when the seeds of his first book were sown. Aptly, it is about India. “INDIA CALLING: An Intimate Portrait of a Nation’s Remaking” is his first book, a work of narrative nonfiction about his return to the India that his parents left. Now, Anand Giridharadas is a writer based

cto forum 21 JUly 2011

The Chief Technology Officer Forum

in Cambridge, Massachusetts, USA. In INDIA CALLING, Giridharadas brings to life the people and the dilemmas of India today, through the prism of his émigré family history and his childhood memories of India. He introduces us to entrepreneurs, radicals, industrialists, and religious seekers, but, most of all, to Indian families. He shows how parents and children, husbands and wives, cousins and siblings are reinventing relationships, bending the meaning of Indianness, and enduring the pangs of the old birthing the new. Through their stories, and his own, he paints an intimate portrait of a country becoming modern while striving to remain itself. It is a book that the New York Times Book Review called “… elegant, self-aware and unafraid of contradictions and complexity.” The Financial Times of London said the book was a “… finely observed portrait of the modern nation.” Giridharadas has received praise from a host of prominent writers and thought leaders. Nobel Laureate Amartya

ABOUT THE REVIEWER

Author of Prey By The Ganges (Wisdom Tree, 2011), Hemant Kumar is a veteran of wire service and television journalism.

Sen says: “Anand Giridharadas has… produced an engrossing and acutely observed appreciation of a country that is at once old and new…” Giridharadas was recently in India to promote his book. In an interview to India Now, he said his book has universal appeal, not just for Indians or those who have either lived here or work with Indians. “INDIA CALLING was certainly not written for one country or another. It was written from the point of view of someone who was estranged from India in childhood, and who then had occasion to see it afresh – both because the country had changed and because of my own growing up. What that perspective offers, I hope, is a multiplicity of ways into the book.” “For the American or Western reader, the idea is to whisk them from the world in which I grew up, which was perhaps not unlike their world, and then show them the India I found through my own eyes. For the Indian, though, there is a different but important way in. It is hard to see your own society from the outside," he said.

VIEWPOINT Steve Duplessie | steve.duplessie@sbcglobal.net

illustration by K Suresh

HP vs Cisco HP is

forcing the networking giant to do things differently. There was one thing that happened recently that hasn’t had much attention paid, but that I find intriguing. I’ve loved the possibilities of what could be ever since HP bought H3C(3Com/Huawei) in terms of presenting a legitimate, large-scale, global threat to Cisco. I spoke about it here in a blog way back when. I use the term “possibilities” because it is just that–not a fait accompli by any means. No one is going to make Cisco perish in any short time frame, HP included. But what intrigues me about the whole deal is that HP is at least big enough to pose a legitimate threat–something Cisco has not had to deal with. Sure Juniper and Extreme are great competitors–but only in a “slice” of the Cisco market. HP, on the other hand, COULD cause damage up and down the line. As I talked about earlier, the issues many of us saw then–and see occurring now–are around margin. HP can sell stuff much cheaper than Cisco–it has a company built on celebration when it hits 20 percent. Cisco lives on huge 70 percent

cto forum 21 JUly 2011

The Chief Technology Officer Forum

margins. All things being equal, if HP sells their competitive Cisco type gear at 50 percent of Cisco’s price, HP still makes north of 40 percent gross margins–twice its corporate average. Party time. Cisco either loses share (which is occurring), or loses margin by dropping price to compete. Either way, it’s bad. So, Cisco’s response to date has been “customers are more interested in performance than in price” (I’m paraphrasing). Which is a great argument if you are winning the performance game, and not the price game. This week, Dave Donatelli, who runs HP’s ESSN (Enterprise) group and who bought H3C stood up at Interop and made a few startling claims (at least to me). He basically told the world that HP’s competitive offering to Cisco’s bread and butter Catalyst 6509 was now 2.5X faster, has 75percent lower latency, and STILL costs a fraction of the price. Further, he said HP’s campus line cards are now 6X faster than what Cisco offers in the 4500–still at a lower cost.

About the author: Steve Duplessie is the founder of and Senior Analyst at the Enterprise Strategy Group. Recognised worldwide as the leading independent authority on enterprise storage, Steve has also consistently been ranked as one of the most influential IT analysts. You can track Steve’s blog at http://www. thebiggertruth.com

Now, we haven’t proven any of these claims yet, but I’m pretty comfortable that Dave isn’t standing up in public making such outlandish claims unless they really have something. Maybe it’s 6X faster going downhill on a Tuesday (read: special configuration), but regardless, it seems HP has SOME performance advantage they are putting out there. If that is indeed the case, the argument that customers only care about performance vs. price needs a mid-life kicker. Slower and more expensive is tough even for a monster brand like Cisco. I suspect that Cisco will react–they always do. But what this tells me is that HP isn’t going to let up. They aren’t going to just go away, and they are going to impact dramatic change in this market sooner or later. I am not willing to say they will come out on top but I am willing to say that they will affect big change–they will make Cisco do things differently, and ultimately, users will benefit. The networking giant has been awakened. Cool.

Run applications up to 50x faster.

What IT performance can be. With WAN optimization solutions from Riverbed®, you can increase application performance up to 50 times faster over the WAN, delivering LAN-like performance just about anywhere — from remote offices to the data center to the cloud. Learn more at riverbed.com/50x For any queries, please contact marketingindia@riverbed.com